Edit tour

Windows Analysis Report
https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwh

Overview

General Information

Sample URL:https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF
Analysis ID:1676355
Infos:

Detection

Score:0
Range:0 - 100
Confidence:100%

Signatures

Detected suspicious crossdomain redirect

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 692 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 4132 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2652 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 7028 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=3428 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6864 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 192.178.49.196:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.53.21:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.53.21:443 -> 192.168.2.4:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 45.148.96.13:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.40.18:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.64.147.238:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 45.148.96.13:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: aramarnorth.chaogaoyassl.com to https://ecopoolaquecedores.com.br/xcx-bky-lsa/
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 192.178.49.195
Source: unknownTCP traffic detected without corresponding DNS query: 192.178.49.195
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy HTTP/1.1Host: aramarnorth.chaogaoyassl.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /xcx-bky-lsa/ HTTP/1.1Host: ecopoolaquecedores.com.brConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-file-formats--office-365-pack-logos-icons-1174823.png?f=webp&w=512 HTTP/1.1Host: cdn.iconscout.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://ecopoolaquecedores.com.br/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-file-formats--office-365-pack-logos-icons-1174823.png?f=webp&w=512 HTTP/1.1Host: cdn.iconscout.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=ziWAjIRwoyzq58nypF2rFCWOm9y_s7txleCZoB93pd0-1745851500-1.0.1.1-G8w5QRNV2SaiUYBkjZV2pbtqPItpDwXLS8XKiLDdmbWirmsZM9lUNHUa9RRo4VfVXtU.Rn8XrLKWrftb5tk5qc6r0YQL2k8PUlncEkHe2Rs
Source: global trafficHTTP traffic detected: GET /xcx-bky-lsa/ HTTP/1.1Host: ecopoolaquecedores.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
Source: global trafficHTTP traffic detected: GET /xcx-bky-lsa/ HTTP/1.1Host: ecopoolaquecedores.com.brConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://ecopoolaquecedores.com.br/xcx-bky-lsa/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
Source: global trafficHTTP traffic detected: GET /xcx-bky-lsa/ HTTP/1.1Host: ecopoolaquecedores.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: aramarnorth.chaogaoyassl.com
Source: global trafficDNS traffic detected: DNS query: ecopoolaquecedores.com.br
Source: global trafficDNS traffic detected: DNS query: cdn.iconscout.com
Source: global trafficDNS traffic detected: DNS query: stun.l.google.com
Source: unknownHTTP traffic detected: POST /xcx-bky-lsa/ HTTP/1.1Host: ecopoolaquecedores.com.brConnection: keep-aliveContent-Length: 2857sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/jsonsec-ch-ua-mobile: ?0Accept: */*Origin: https://ecopoolaquecedores.com.brSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ecopoolaquecedores.com.br/xcx-bky-lsa/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownHTTPS traffic detected: 192.178.49.196:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.53.21:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.53.21:443 -> 192.168.2.4:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 45.148.96.13:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.40.18:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.64.147.238:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 45.148.96.13:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: classification engineClassification label: clean0.win@24/3@17/7
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2652 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=3428 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2652 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=3428 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Process Injection
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1676355 URL: https://aramarnorth.chaogao... Startdate: 28/04/2025 Architecture: WINDOWS Score: 0 16 stun.l.google.com 2->16 6 chrome.exe 2 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 18 192.168.2.4, 138, 19302, 443 unknown unknown 6->18 11 chrome.exe 6->11         started        14 chrome.exe 6->14         started        process5 dnsIp6 20 www.google.com 192.178.49.196, 443, 49725, 49746 GOOGLEUS United States 11->20 22 stun.l.google.com 74.125.250.129, 19302, 50716, 62197 GOOGLEUS United States 11->22 24 4 other IPs or domains 11->24

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
ecopoolaquecedores.com.br
45.148.96.13
truefalse
    unknown
    www.google.com
    192.178.49.196
    truefalse
      high
      aramarnorth.chaogaoyassl.com
      104.21.53.21
      truefalse
        unknown
        cdn.iconscout.com
        104.18.40.18
        truefalse
          high
          stun.l.google.com
          74.125.250.129
          truefalse
            high
            NameMaliciousAntivirus DetectionReputation
            https://ecopoolaquecedores.com.br/xcx-bky-lsa/false
              unknown
              https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciyfalse
                unknown
                https://cdn.iconscout.com/icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-file-formats--office-365-pack-logos-icons-1174823.png?f=webp&w=512false
                  high
                  • No. of IPs < 25%
                  • 25% < No. of IPs < 50%
                  • 50% < No. of IPs < 75%
                  • 75% < No. of IPs
                  IPDomainCountryFlagASNASN NameMalicious
                  45.148.96.13
                  ecopoolaquecedores.com.brNetherlands
                  207957A2-CUSA2-CustomerNLfalse
                  192.178.49.196
                  www.google.comUnited States
                  15169GOOGLEUSfalse
                  172.64.147.238
                  unknownUnited States
                  13335CLOUDFLARENETUSfalse
                  104.18.40.18
                  cdn.iconscout.comUnited States
                  13335CLOUDFLARENETUSfalse
                  74.125.250.129
                  stun.l.google.comUnited States
                  15169GOOGLEUSfalse
                  104.21.53.21
                  aramarnorth.chaogaoyassl.comUnited States
                  13335CLOUDFLARENETUSfalse
                  IP
                  192.168.2.4
                  Joe Sandbox version:42.0.0 Malachite
                  Analysis ID:1676355
                  Start date and time:2025-04-28 16:43:51 +02:00
                  Joe Sandbox product:CloudBasic
                  Overall analysis duration:0h 3m 15s
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:browseurl.jbs
                  Sample URL:https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy
                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                  Number of analysed new started processes analysed:21
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:0
                  Technologies:
                  • HCA enabled
                  • EGA enabled
                  • AMSI enabled
                  Analysis Mode:default
                  Analysis stop reason:Timeout
                  Detection:CLEAN
                  Classification:clean0.win@24/3@17/7
                  EGA Information:Failed
                  HCA Information:
                  • Successful, ratio: 100%
                  • Number of executed functions: 0
                  • Number of non-executed functions: 0
                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                  • Excluded IPs from analysis (whitelisted): 192.178.49.174, 142.250.69.3, 142.250.101.84, 192.178.49.206, 23.220.73.19, 142.250.68.227, 199.232.210.172, 184.29.183.29, 131.253.33.254, 172.202.163.200
                  • Excluded domains from analysis (whitelisted): a-ring-fallback.msedge.net, fs.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
                  • Not all processes where analyzed, report is missing behavior information
                  • Report size getting too big, too many NtOpenFile calls found.
                  • VT rate limit hit for: https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&amp;routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy
                  No simulations
                  No context
                  No context
                  No context
                  No context
                  No context
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:RIFF (little-endian) data, Web/P image
                  Category:downloaded
                  Size (bytes):11068
                  Entropy (8bit):7.95485001563947
                  Encrypted:false
                  SSDEEP:192:GGwnpYgu/Cp3F4nJKhD461WqvxfUAiU5Uo2ULVffyN3fBXgPdgUEGRT1zNXe:yNuqV4JKlnFFiGUoHa1BXsddT3e
                  MD5:C35B4B8AB507D3BBC96761B2E4E8B2CE
                  SHA1:481264A3B9EB7F95FE9C33BEAF04C87C560E139F
                  SHA-256:B5052BEEFD54FDC4BBC4085A16A9E0EF938A27008E5069446F15027890A8E962
                  SHA-512:24B489684802FBC40183693BD2F7E69B7FF5363DF52BA5CACF9F6317D0BE728C6DD5B2697901BBAC89678AE50354884042B5FBB483688D50C245A0F159773E6A
                  Malicious:false
                  Reputation:low
                  URL:https://cdn.iconscout.com/icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-file-formats--office-365-pack-logos-icons-1174823.png?f=webp&w=512
                  Preview:RIFF4+..WEBPVP8X..............ALPH.......m.0..............j.U......g.*..W...x.mK.$.. <................!........!93..3Cfv....3.d.L}."..l+a../ A.m..k[./..m.P...a..........7......!Ej(9.......3.g......~.!.....^...O.y...z&|......:.}.._Q.h....N...Y..wn:y..>V..-...4h"#!..().HA.....N.r..H.6W..]]..70..gp,R.mg>..&!..TB.................|z.r..[....^........s.....X...h.._.H....=.....c..y.'......d@H...C.....'....o..H......!$....C...yz.J...h.-.....\....W.}.@I@..u...m.`..;.(......Fa..d&..'...p..+..U..S..^.`.^D~E......Ly.9..O\..q.{...x<.l....4........p.9...}..a.2.V.n+!.1.a.*.V...H....U).0.S.Z.GSXY.~...:n.....O..;|.^I..|..e.9........Vs.WU...S..%....B....3...u(........E..j..9/B.aNr...9...W..9.T..O+'i.....0.....F.....;..s.R.".<.<)]1o..+..@..S.C*..itR=.P..I^.....9.R..A.&....@\E.sI$....f. ........&...N.}....m....?.....c..F5..d....s5.SU....._.y.=....^...5[..xnR..9...h....a..^..>..HD..~.t....\x......H.m...?>C,*.Jq}Q2.........s..u._..0...:..q.....&]...8/@.y
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:RIFF (little-endian) data, Web/P image
                  Category:dropped
                  Size (bytes):11068
                  Entropy (8bit):7.95485001563947
                  Encrypted:false
                  SSDEEP:192:GGwnpYgu/Cp3F4nJKhD461WqvxfUAiU5Uo2ULVffyN3fBXgPdgUEGRT1zNXe:yNuqV4JKlnFFiGUoHa1BXsddT3e
                  MD5:C35B4B8AB507D3BBC96761B2E4E8B2CE
                  SHA1:481264A3B9EB7F95FE9C33BEAF04C87C560E139F
                  SHA-256:B5052BEEFD54FDC4BBC4085A16A9E0EF938A27008E5069446F15027890A8E962
                  SHA-512:24B489684802FBC40183693BD2F7E69B7FF5363DF52BA5CACF9F6317D0BE728C6DD5B2697901BBAC89678AE50354884042B5FBB483688D50C245A0F159773E6A
                  Malicious:false
                  Reputation:low
                  Preview:RIFF4+..WEBPVP8X..............ALPH.......m.0..............j.U......g.*..W...x.mK.$.. <................!........!93..3Cfv....3.d.L}."..l+a../ A.m..k[./..m.P...a..........7......!Ej(9.......3.g......~.!.....^...O.y...z&|......:.}.._Q.h....N...Y..wn:y..>V..-...4h"#!..().HA.....N.r..H.6W..]]..70..gp,R.mg>..&!..TB.................|z.r..[....^........s.....X...h.._.H....=.....c..y.'......d@H...C.....'....o..H......!$....C...yz.J...h.-.....\....W.}.@I@..u...m.`..;.(......Fa..d&..'...p..+..U..S..^.`.^D~E......Ly.9..O\..q.{...x<.l....4........p.9...}..a.2.V.n+!.1.a.*.V...H....U).0.S.Z.GSXY.~...:n.....O..;|.^I..|..e.9........Vs.WU...S..%....B....3...u(........E..j..9/B.aNr...9...W..9.T..O+'i.....0.....F.....;..s.R.".<.<)]1o..+..@..S.C*..itR=.P..I^.....9.R..A.&....@\E.sI$....f. ........&...N.}....m....?.....c..F5..d....s5.SU....._.y.=....^...5[..xnR..9...h....a..^..>..HD..~.t....\x......H.m...?>C,*.Jq}Q2.........s..u._..0...:..q.....&]...8/@.y
                  No static file info

                  Download Network PCAP: filteredfull

                  • Total Packets: 152
                  • 19302 undefined
                  • 443 (HTTPS)
                  • 80 (HTTP)
                  • 53 (DNS)
                  TimestampSource PortDest PortSource IPDest IP
                  Apr 28, 2025 16:44:42.874021053 CEST4968180192.168.2.42.17.190.73
                  Apr 28, 2025 16:44:49.397547007 CEST49671443192.168.2.4204.79.197.203
                  Apr 28, 2025 16:44:49.749001980 CEST49671443192.168.2.4204.79.197.203
                  Apr 28, 2025 16:44:50.452101946 CEST49671443192.168.2.4204.79.197.203
                  Apr 28, 2025 16:44:51.655019999 CEST49671443192.168.2.4204.79.197.203
                  Apr 28, 2025 16:44:52.482486010 CEST4968180192.168.2.42.17.190.73
                  Apr 28, 2025 16:44:54.061923981 CEST49671443192.168.2.4204.79.197.203
                  Apr 28, 2025 16:44:55.125195980 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:44:55.125283957 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:44:55.125375986 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:44:55.125570059 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:44:55.125593901 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:44:55.443804979 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:44:55.444169044 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:44:55.445162058 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:44:55.445192099 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:44:55.445461988 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:44:55.498588085 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:44:56.534778118 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.534871101 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.534949064 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.535185099 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.535200119 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.535595894 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.535656929 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.535718918 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.535841942 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.535857916 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.845530033 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.845622063 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.848016977 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.848081112 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.850295067 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.850303888 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.850558043 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.850621939 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.850629091 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.850828886 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:56.851035118 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.890975952 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:56.892267942 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:57.202482939 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:57.202552080 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:57.202604055 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:57.204339027 CEST49728443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:44:57.204358101 CEST44349728104.21.53.21192.168.2.4
                  Apr 28, 2025 16:44:57.515544891 CEST49678443192.168.2.420.189.173.27
                  Apr 28, 2025 16:44:57.829730034 CEST49678443192.168.2.420.189.173.27
                  Apr 28, 2025 16:44:57.893167973 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:57.893207073 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:57.893374920 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:57.893996000 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:57.894006968 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:58.437896013 CEST49678443192.168.2.420.189.173.27
                  Apr 28, 2025 16:44:58.505407095 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:58.505472898 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:58.511646986 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:58.511660099 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:58.512017012 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:58.513238907 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:58.556265116 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:58.862123966 CEST49671443192.168.2.4204.79.197.203
                  Apr 28, 2025 16:44:59.154309034 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.194721937 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.194740057 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.236593008 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.454956055 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.454972982 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.454993010 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.455018044 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.455024958 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.455035925 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.455142021 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.455146074 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.455157995 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.455171108 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.455238104 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.455305099 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.455764055 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.455811977 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.455811977 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.455830097 CEST4434973045.148.96.13192.168.2.4
                  Apr 28, 2025 16:44:59.457930088 CEST49730443192.168.2.445.148.96.13
                  Apr 28, 2025 16:44:59.639367104 CEST49678443192.168.2.420.189.173.27
                  Apr 28, 2025 16:44:59.741029978 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:44:59.741071939 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:44:59.741250038 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:44:59.741447926 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:44:59.741462946 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.043257952 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.043339968 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.044431925 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.044444084 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.044723034 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.045028925 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.088269949 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.128741980 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:00.128791094 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:00.129133940 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:00.129133940 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:00.129168987 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:00.399823904 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.399873018 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.399898052 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.399902105 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.399913073 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.399949074 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.399951935 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.399966002 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.400008917 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.400013924 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.404782057 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.404824018 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.404828072 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.404835939 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.404867887 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.404872894 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.404889107 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.404938936 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.405416965 CEST49732443192.168.2.4104.18.40.18
                  Apr 28, 2025 16:45:00.405428886 CEST44349732104.18.40.18192.168.2.4
                  Apr 28, 2025 16:45:00.590141058 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:00.590190887 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:00.590248108 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:00.590459108 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:00.590476990 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:00.751458883 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:00.751779079 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:00.751794100 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:00.751979113 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:00.751982927 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:00.752012014 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:00.752017021 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:00.883785009 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:00.883871078 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:00.884435892 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:00.884450912 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:00.884682894 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:00.884942055 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:00.928277969 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.221496105 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.221546888 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.221585035 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:01.221611023 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.222457886 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.222493887 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.222517014 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:01.222527027 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.222569942 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:01.225110054 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.231734037 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.231781960 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:01.231789112 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.231801033 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.231842995 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:01.231853962 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.231868029 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.231908083 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:01.233764887 CEST49734443192.168.2.4172.64.147.238
                  Apr 28, 2025 16:45:01.233783960 CEST44349734172.64.147.238192.168.2.4
                  Apr 28, 2025 16:45:01.372811079 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:01.373043060 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:01.373159885 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:01.383479118 CEST49733443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:01.383501053 CEST4434973345.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:01.763190031 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:01.763241053 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:01.763334036 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:01.763547897 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:01.763562918 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:02.035903931 CEST49708443192.168.2.452.113.196.254
                  Apr 28, 2025 16:45:02.047260046 CEST49678443192.168.2.420.189.173.27
                  Apr 28, 2025 16:45:02.177736998 CEST4434970852.113.196.254192.168.2.4
                  Apr 28, 2025 16:45:02.371572971 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:02.371643066 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:02.372133970 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:02.372147083 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:02.372417927 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:02.372684956 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:02.416277885 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.023885965 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.077984095 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.078011036 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.125274897 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325432062 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325448036 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325495958 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325498104 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325541019 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325556040 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325565100 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325567007 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325567007 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325577021 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325593948 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325597048 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325606108 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325633049 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325726986 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:03.325772047 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.325998068 CEST49735443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:03.326010942 CEST4434973545.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:05.439529896 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:45:05.439591885 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:45:05.439650059 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:45:05.944417953 CEST49725443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:45:05.944459915 CEST44349725192.178.49.196192.168.2.4
                  Apr 28, 2025 16:45:06.862477064 CEST49678443192.168.2.420.189.173.27
                  Apr 28, 2025 16:45:08.468763113 CEST49671443192.168.2.4204.79.197.203
                  Apr 28, 2025 16:45:11.836579084 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:45:11.836659908 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:45:11.837268114 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:45:11.838371992 CEST49727443192.168.2.4104.21.53.21
                  Apr 28, 2025 16:45:11.838392019 CEST44349727104.21.53.21192.168.2.4
                  Apr 28, 2025 16:45:16.471543074 CEST49678443192.168.2.420.189.173.27
                  Apr 28, 2025 16:45:36.469868898 CEST4971280192.168.2.4192.178.49.195
                  Apr 28, 2025 16:45:36.618210077 CEST8049712192.178.49.195192.168.2.4
                  Apr 28, 2025 16:45:36.618335962 CEST4971280192.168.2.4192.178.49.195
                  Apr 28, 2025 16:45:48.686253071 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:48.686300993 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:48.686376095 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:48.688173056 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:48.688185930 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:48.690498114 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:48.690545082 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:48.690607071 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:48.691509008 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:48.691529989 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:49.293874979 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:49.294327021 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:49.294369936 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:49.294388056 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:49.294393063 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:49.300538063 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:49.300960064 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:49.301052094 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:49.948457003 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:49.991667032 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:49.991702080 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.047789097 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.249114037 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249133110 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249188900 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249212980 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249228001 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249336004 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.249336004 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.249336958 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.249413013 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249444962 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249468088 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.249519110 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.249519110 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.249519110 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.266431093 CEST49740443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.266491890 CEST4434974045.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.881899118 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.881942987 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:50.881966114 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:50.881980896 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:51.502923012 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:51.503026962 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:51.503163099 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:51.503810883 CEST49741443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:51.503853083 CEST4434974145.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:51.507699013 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:51.507733107 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:51.507817984 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:51.508009911 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:51.508023024 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:52.113373041 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:52.113673925 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:52.113696098 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:52.113848925 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:52.113853931 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:52.758894920 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:52.813050985 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:52.813070059 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:52.860398054 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:53.059473038 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059489012 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059545994 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059591055 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059617996 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059628010 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:53.059643030 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059653044 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059664011 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:53.059664011 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:53.059680939 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059698105 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:53.059777975 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:53.059828997 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:53.059992075 CEST49744443192.168.2.445.148.96.13
                  Apr 28, 2025 16:45:53.060004950 CEST4434974445.148.96.13192.168.2.4
                  Apr 28, 2025 16:45:55.042330027 CEST49746443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:45:55.042426109 CEST44349746192.178.49.196192.168.2.4
                  Apr 28, 2025 16:45:55.042520046 CEST49746443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:45:55.042707920 CEST49746443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:45:55.042726040 CEST44349746192.178.49.196192.168.2.4
                  Apr 28, 2025 16:45:55.359932899 CEST44349746192.178.49.196192.168.2.4
                  Apr 28, 2025 16:45:55.360559940 CEST49746443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:45:55.360610962 CEST44349746192.178.49.196192.168.2.4
                  Apr 28, 2025 16:46:05.372400045 CEST44349746192.178.49.196192.168.2.4
                  Apr 28, 2025 16:46:05.372456074 CEST44349746192.178.49.196192.168.2.4
                  Apr 28, 2025 16:46:05.373322010 CEST49746443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:46:05.924101114 CEST49746443192.168.2.4192.178.49.196
                  Apr 28, 2025 16:46:05.924135923 CEST44349746192.178.49.196192.168.2.4
                  TimestampSource PortDest PortSource IPDest IP
                  Apr 28, 2025 16:44:51.053421021 CEST53609311.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:51.055262089 CEST53506451.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:51.911216974 CEST53558661.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:52.200329065 CEST53624261.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:54.983861923 CEST6056553192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:54.983999014 CEST5536953192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:55.124216080 CEST53553691.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:55.124279976 CEST53605651.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:56.255184889 CEST5635953192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:56.255589008 CEST6084753192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:56.442337036 CEST53608471.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:56.533435106 CEST53563591.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:57.207298994 CEST5106453192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:57.207485914 CEST5286153192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:57.887927055 CEST53528611.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:57.892625093 CEST53510641.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:59.537429094 CEST5331253192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:59.537684917 CEST5264653192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:59.585205078 CEST5627653192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:59.585602999 CEST6478053192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:59.695724010 CEST53526461.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:59.701617002 CEST53533121.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:59.745987892 CEST53647801.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:59.747128010 CEST6040053192.168.2.41.1.1.1
                  Apr 28, 2025 16:44:59.749339104 CEST53562761.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:59.752676010 CEST5071619302192.168.2.474.125.250.129
                  Apr 28, 2025 16:44:59.888675928 CEST53604001.1.1.1192.168.2.4
                  Apr 28, 2025 16:44:59.901045084 CEST193025071674.125.250.129192.168.2.4
                  Apr 28, 2025 16:45:00.443564892 CEST4953353192.168.2.41.1.1.1
                  Apr 28, 2025 16:45:00.443564892 CEST5979153192.168.2.41.1.1.1
                  Apr 28, 2025 16:45:00.588475943 CEST53597911.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:00.589653015 CEST53495331.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:01.443058014 CEST5930453192.168.2.41.1.1.1
                  Apr 28, 2025 16:45:01.443249941 CEST6207153192.168.2.41.1.1.1
                  Apr 28, 2025 16:45:01.755021095 CEST53620711.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:01.762618065 CEST53593041.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:09.324702978 CEST53608451.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:28.288656950 CEST53566471.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:50.381485939 CEST5173653192.168.2.41.1.1.1
                  Apr 28, 2025 16:45:50.381648064 CEST6219719302192.168.2.474.125.250.129
                  Apr 28, 2025 16:45:50.414135933 CEST53582101.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:50.524944067 CEST53517361.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:50.526081085 CEST5915553192.168.2.41.1.1.1
                  Apr 28, 2025 16:45:50.529736996 CEST193026219774.125.250.129192.168.2.4
                  Apr 28, 2025 16:45:50.666570902 CEST53591551.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:51.385960102 CEST53530041.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:53.676103115 CEST53511431.1.1.1192.168.2.4
                  Apr 28, 2025 16:45:57.054193020 CEST138138192.168.2.4192.168.2.255
                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                  Apr 28, 2025 16:44:54.983861923 CEST192.168.2.41.1.1.10xfa49Standard query (0)www.google.comA (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:54.983999014 CEST192.168.2.41.1.1.10x7b23Standard query (0)www.google.com65IN (0x0001)false
                  Apr 28, 2025 16:44:56.255184889 CEST192.168.2.41.1.1.10x6c2cStandard query (0)aramarnorth.chaogaoyassl.comA (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:56.255589008 CEST192.168.2.41.1.1.10xf515Standard query (0)aramarnorth.chaogaoyassl.com65IN (0x0001)false
                  Apr 28, 2025 16:44:57.207298994 CEST192.168.2.41.1.1.10x47bStandard query (0)ecopoolaquecedores.com.brA (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:57.207485914 CEST192.168.2.41.1.1.10x4c82Standard query (0)ecopoolaquecedores.com.br65IN (0x0001)false
                  Apr 28, 2025 16:44:59.537429094 CEST192.168.2.41.1.1.10x203fStandard query (0)cdn.iconscout.comA (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:59.537684917 CEST192.168.2.41.1.1.10x212cStandard query (0)cdn.iconscout.com65IN (0x0001)false
                  Apr 28, 2025 16:44:59.585205078 CEST192.168.2.41.1.1.10x616aStandard query (0)stun.l.google.comA (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:59.585602999 CEST192.168.2.41.1.1.10xfbdfStandard query (0)stun.l.google.com28IN (0x0001)false
                  Apr 28, 2025 16:44:59.747128010 CEST192.168.2.41.1.1.10xdf74Standard query (0)stun.l.google.com28IN (0x0001)false
                  Apr 28, 2025 16:45:00.443564892 CEST192.168.2.41.1.1.10x885fStandard query (0)cdn.iconscout.comA (IP address)IN (0x0001)false
                  Apr 28, 2025 16:45:00.443564892 CEST192.168.2.41.1.1.10x6a01Standard query (0)cdn.iconscout.com65IN (0x0001)false
                  Apr 28, 2025 16:45:01.443058014 CEST192.168.2.41.1.1.10x4596Standard query (0)ecopoolaquecedores.com.brA (IP address)IN (0x0001)false
                  Apr 28, 2025 16:45:01.443249941 CEST192.168.2.41.1.1.10x70b0Standard query (0)ecopoolaquecedores.com.br65IN (0x0001)false
                  Apr 28, 2025 16:45:50.381485939 CEST192.168.2.41.1.1.10x2df9Standard query (0)stun.l.google.com28IN (0x0001)false
                  Apr 28, 2025 16:45:50.526081085 CEST192.168.2.41.1.1.10x324cStandard query (0)stun.l.google.com28IN (0x0001)false
                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                  Apr 28, 2025 16:44:55.124216080 CEST1.1.1.1192.168.2.40x7b23No error (0)www.google.com65IN (0x0001)false
                  Apr 28, 2025 16:44:55.124279976 CEST1.1.1.1192.168.2.40xfa49No error (0)www.google.com192.178.49.196A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:56.442337036 CEST1.1.1.1192.168.2.40xf515No error (0)aramarnorth.chaogaoyassl.com65IN (0x0001)false
                  Apr 28, 2025 16:44:56.533435106 CEST1.1.1.1192.168.2.40x6c2cNo error (0)aramarnorth.chaogaoyassl.com104.21.53.21A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:56.533435106 CEST1.1.1.1192.168.2.40x6c2cNo error (0)aramarnorth.chaogaoyassl.com172.67.207.200A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:57.892625093 CEST1.1.1.1192.168.2.40x47bNo error (0)ecopoolaquecedores.com.br45.148.96.13A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:59.695724010 CEST1.1.1.1192.168.2.40x212cNo error (0)cdn.iconscout.com65IN (0x0001)false
                  Apr 28, 2025 16:44:59.701617002 CEST1.1.1.1192.168.2.40x203fNo error (0)cdn.iconscout.com104.18.40.18A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:59.701617002 CEST1.1.1.1192.168.2.40x203fNo error (0)cdn.iconscout.com172.64.147.238A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:59.745987892 CEST1.1.1.1192.168.2.40xfbdfNo error (0)stun.l.google.com28IN (0x0001)false
                  Apr 28, 2025 16:44:59.749339104 CEST1.1.1.1192.168.2.40x616aNo error (0)stun.l.google.com74.125.250.129A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:44:59.888675928 CEST1.1.1.1192.168.2.40xdf74No error (0)stun.l.google.com28IN (0x0001)false
                  Apr 28, 2025 16:45:00.588475943 CEST1.1.1.1192.168.2.40x6a01No error (0)cdn.iconscout.com65IN (0x0001)false
                  Apr 28, 2025 16:45:00.589653015 CEST1.1.1.1192.168.2.40x885fNo error (0)cdn.iconscout.com172.64.147.238A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:45:00.589653015 CEST1.1.1.1192.168.2.40x885fNo error (0)cdn.iconscout.com104.18.40.18A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:45:01.762618065 CEST1.1.1.1192.168.2.40x4596No error (0)ecopoolaquecedores.com.br45.148.96.13A (IP address)IN (0x0001)false
                  Apr 28, 2025 16:45:50.524944067 CEST1.1.1.1192.168.2.40x2df9No error (0)stun.l.google.com28IN (0x0001)false
                  Apr 28, 2025 16:45:50.666570902 CEST1.1.1.1192.168.2.40x324cNo error (0)stun.l.google.com28IN (0x0001)false
                  • aramarnorth.chaogaoyassl.com
                  • ecopoolaquecedores.com.br
                    • cdn.iconscout.com
                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  0192.168.2.449728104.21.53.214434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:44:56 UTC946OUTGET /go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy HTTP/1.1
                  Host: aramarnorth.chaogaoyassl.com
                  Connection: keep-alive
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  sec-ch-ua-platform: "Windows"
                  Upgrade-Insecure-Requests: 1
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: navigate
                  Sec-Fetch-User: ?1
                  Sec-Fetch-Dest: document
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-28 14:44:57 UTC918INHTTP/1.1 302 Found
                  Date: Mon, 28 Apr 2025 14:44:57 GMT
                  Content-Length: 0
                  Connection: close
                  Server: cloudflare
                  Nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  Cf-Ray: 93775730ea20cb83-LAX
                  Location: https://ecopoolaquecedores.com.br/xcx-bky-lsa/
                  Cache-Control: public, max-age=3600
                  Referrer-Policy: strict-origin-when-cross-origin
                  X-Content-Type-Options: nosniff
                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPyug95UKOkKyRvJKPgsmyB%2BX7fWg2tRR%2BGLGpHQQiwwXGNVmnU6KU3YDOQ2DTIOvhd%2BPs8VX%2F2sZ%2FedyWa1D6dBkyGrrFNMe3MmmfAQfjvvcFtBJ%2FOqOkS0BHT4XOl6HQDZtQoHEYBJ8Ofaf2nj"}],"group":"cf-nel","max_age":604800}
                  alt-svc: h3=":443"; ma=86400
                  server-timing: cfL4;desc="?proto=TCP&rtt=149246&min_rtt=149008&rtt_var=31795&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2840&recv_bytes=1518&delivery_rate=26963&cwnd=252&unsent_bytes=0&cid=e86937906d937d9f&ts=368&x=0"


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  1192.168.2.44973045.148.96.134434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:44:58 UTC687OUTGET /xcx-bky-lsa/ HTTP/1.1
                  Host: ecopoolaquecedores.com.br
                  Connection: keep-alive
                  Upgrade-Insecure-Requests: 1
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: navigate
                  Sec-Fetch-User: ?1
                  Sec-Fetch-Dest: document
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  sec-ch-ua-platform: "Windows"
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-28 14:44:59 UTC537INHTTP/1.1 200 OK
                  Connection: close
                  x-powered-by: PHP/8.1.32
                  set-cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e; path=/; secure
                  expires: Thu, 19 Nov 1981 08:52:00 GMT
                  cache-control: no-store, no-cache, must-revalidate
                  pragma: no-cache
                  content-type: text/html; charset=UTF-8
                  content-length: 22012
                  date: Mon, 28 Apr 2025 14:44:59 GMT
                  server: LiteSpeed
                  alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                  2025-04-28 14:44:59 UTC831INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 48 69 67 68 2d 45 6e 64 20 4b 69 74 63 68 65 6e 20 41 70 70 6c 69 61 6e 63 65 73 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 69 63 6f 6e 73 63 6f 75 74 2e 63 6f 6d 2f 69 63 6f 6e 2f 66 72 65 65 2f 70 6e 67 2d 35 31 32 2f 66 72 65 65 2d 74 65 61 6d 73 2d 6c 6f 67 6f 2d 69 63 6f 6e 2d 64 6f 77 6e 6c 6f 61 64 2d 69 6e 2d 73 76 67 2d 70 6e 67 2d 67 69 66 2d 66 69 6c
                  Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <title>High-End Kitchen Appliances</title> <link rel="icon" type="image/png" href="https://cdn.iconscout.com/icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-fil
                  2025-04-28 14:44:59 UTC14994INData Raw: 69 75 6d 20 70 72 6f 64 75 63 74 73 20 77 6f 72 6c 64 77 69 64 65 20 77 69 74 68 20 66 61 73 74 20 64 65 6c 69 76 65 72 79 20 61 6e 64 20 73 65 63 75 72 65 20 63 68 65 63 6b 6f 75 74 2e 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 77 65 62 73 69 74 65 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 75 72 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 69 6d 61 67 65 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 70 2e 6a 70 67 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65
                  Data Ascii: ium products worldwide with fast delivery and secure checkout."><meta property="og:type" content="website"><meta property="og:url" content="https://your-domain.com"><meta property="og:image" content="https://your-domain.com/images/shop.jpg"><meta name
                  2025-04-28 14:44:59 UTC6187INData Raw: 20 72 65 63 74 2e 6c 65 66 74 20 2d 20 61 72 65 61 4f 66 66 73 65 74 2e 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 79 20 3d 20 28 65 76 65 6e 74 2e 63 6c 69 65 6e 74 59 20 7c 7c 20 28 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 20 26 26 20 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 5b 30 5d 2e 63 6c 69 65 6e 74 59 29 29 20 2d 20 72 65 63 74 2e 74 6f 70 20 2d 20 61 72 65 61 4f 66 66 73 65 74 2e 79 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 27 54 61 70 20 61 74 20 78 3a 27 2c 20 78 2c 20 27 79 3a 27 2c 20 79 2c 20 27 74 69 6d 65 3a 27 2c 20 63 75 72 72 65 6e 74 54 69 6d 65 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 78
                  Data Ascii: rect.left - areaOffset.x; var y = (event.clientY || (event.touches && event.touches[0].clientY)) - rect.top - areaOffset.y; console.log('Tap at x:', x, 'y:', y, 'time:', currentTime); if (x


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  2192.168.2.449732104.18.40.184434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:45:00 UTC756OUTGET /icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-file-formats--office-365-pack-logos-icons-1174823.png?f=webp&w=512 HTTP/1.1
                  Host: cdn.iconscout.com
                  Connection: keep-alive
                  sec-ch-ua-platform: "Windows"
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                  Sec-Fetch-Site: cross-site
                  Sec-Fetch-Mode: no-cors
                  Sec-Fetch-Dest: image
                  Sec-Fetch-Storage-Access: active
                  Referer: https://ecopoolaquecedores.com.br/
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-28 14:45:00 UTC1153INHTTP/1.1 200 OK
                  Date: Mon, 28 Apr 2025 14:45:00 GMT
                  Content-Type: image/webp
                  Content-Length: 11068
                  Connection: close
                  cache-control: public, max-age=31536000
                  content-disposition: inline; filename="1174823.webp"
                  content-security-policy: script-src 'none'
                  via: 1.1 google, 1.1 google
                  x-request-id: ruog_CUqeQ2F2Zbt_ZdP_
                  Access-Control-Allow-Origin: *
                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                  Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,X-CSRF-TOKEN,Authorization,Client-ID
                  Access-Control-Expose-Headers: Content-Length,Content-Range
                  Last-Modified: Mon, 28 Apr 2025 13:22:03 GMT
                  CF-Cache-Status: HIT
                  Expires: Tue, 28 Apr 2026 14:45:00 GMT
                  Accept-Ranges: bytes
                  Set-Cookie: __cf_bm=ziWAjIRwoyzq58nypF2rFCWOm9y_s7txleCZoB93pd0-1745851500-1.0.1.1-G8w5QRNV2SaiUYBkjZV2pbtqPItpDwXLS8XKiLDdmbWirmsZM9lUNHUa9RRo4VfVXtU.Rn8XrLKWrftb5tk5qc6r0YQL2k8PUlncEkHe2Rs; path=/; expires=Mon, 28-Apr-25 15:15:00 GMT; domain=.iconscout.com; HttpOnly; Secure; SameSite=None
                  Server: cloudflare
                  CF-RAY: 93775744cc145a87-PHX
                  alt-svc: h3=":443"; ma=86400
                  2025-04-28 14:45:00 UTC216INData Raw: 52 49 46 46 34 2b 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 ff 01 00 ff 01 00 41 4c 50 48 99 18 00 00 01 1c 05 6d db 30 09 7f d8 ed 0e 84 88 98 00 bf 19 07 b6 01 6a 13 55 96 8e 17 c0 dd 92 b3 67 e4 2a e8 2e 57 dc fe ad 78 a0 6d 4b 8d 24 d9 da 8e 20 3c 18 92 a9 98 ab b2 98 99 99 9a bb 98 99 99 19 9a 21 ab 8b 99 99 99 99 99 99 21 39 33 a2 92 33 43 66 76 f6 18 92 c9 33 c2 64 92 4c 7d a1 22 02 16 6c 2b 61 a3 07 2f 20 41 92 6d 93 b4 6b 5b f3 2f d9 b6 ed b6 6d 08 50 8d 04 e8 61 f2 ff 93 9e af c4 bb ef c1 f5 12 37 0d 11 e1 c8 91 dc b8 e9 21 45 6a 28 39 d7 f5 05 8b fc 9a fe 33 fd 67 fa cf f4 9f e9 10 7e a0 21 18 b1 d1 1e a7 5e f1 c0 cb
                  Data Ascii: RIFF4+WEBPVP8XALPHm0jUg*.WxmK$ <!!933Cfv3dL}"l+a/ Amk[/mPa7!Ej(93g~!^
                  2025-04-28 14:45:00 UTC1369INData Raw: 9f 4f fa 79 b6 12 b3 7a 26 7c fc c2 bd 17 1f bf f3 3a 83 7d 0d a1 5f 51 11 68 87 d3 e0 cd 4e bb eb e3 59 e8 9b f0 b4 77 6e 3a 79 f3 81 fa 3e 56 d3 fe 2d eb 9f f3 e2 34 68 22 23 21 a5 e2 94 28 29 a3 48 41 93 a9 8f 9d bc 4e ad 72 06 92 48 eb 36 57 fe a0 5d 5d 84 d0 8e 37 30 d7 cd 67 70 2c 52 08 6d 67 3e ff d7 26 21 91 17 54 42 a4 0e 9f d5 c6 fc a0 ad 93 f3 ef 0b cc b7 ab 12 02 b1 7c 7a ee 72 c9 01 5b 11 bd c6 dd 5e 00 a0 92 eb 0d ea e5 f6 73 15 03 bd 0f ec 58 05 9d 80 68 e0 f1 5f 00 48 bd d8 18 12 3d 00 e0 dd fd 1a 63 a7 e2 79 1d 27 8c 05 a4 ac d7 df 64 40 48 e0 8b 03 43 f2 fc ca d6 cb 27 ef d0 9f fa 91 6f e4 05 48 0a e0 a3 9d 88 02 af 92 21 24 da fa ed c4 43 ca cb ce 79 7a ad 4a d6 c9 f3 68 f8 2d f5 bd 0c 1d 09 5c d0 1a 07 ab 57 cd 7d a7 40 49 40 f7 b2 75
                  Data Ascii: Oyz&|:}_QhNYwn:y>V-4h"#!()HANrH6W]]70gp,Rmg>&!TB|zr[^sXh_H=cy'd@HC'oH!$CyzJh-\W}@I@u
                  2025-04-28 14:45:00 UTC1369INData Raw: f8 5d 91 34 56 30 84 eb f4 1f 49 58 69 80 d5 c8 2f 5f ec 50 20 29 bd 4b 9b 38 ed 3d 1a d1 03 c5 b0 14 02 ff 2e df a6 4f 5b 15 08 e6 2e 6a 02 01 1d 68 f3 6f a4 14 be 6b a1 f2 c5 3a 8c c2 c0 cc 41 66 16 8f 42 00 b0 d5 28 6c 53 ba c6 a3 65 7a 8b 63 dc 79 62 8b 91 87 69 81 99 36 5f 27 39 c2 45 25 8c a1 b3 8a 03 5f d4 c8 44 7b 77 48 9b a1 f0 69 48 a5 2b 2d e3 8b e3 73 e7 d7 cc bc 4c 5e 09 01 58 dc 84 5a b9 7c 3b 7b 6f 40 72 21 40 e0 0e f2 4c 98 8f a1 d8 ee 3f fe 60 0a 4b b7 79 37 44 31 20 c2 5f 0c 3c e5 1e 2d 66 fb fc 68 02 57 97 ee 22 a0 31 88 50 10 8b c3 29 34 34 4a 66 ff af 1f 4a 16 21 1d 52 14 0b c6 b6 e4 1b 78 90 4e 41 64 37 14 7a 06 96 ed d8 b3 4f 1b 03 5c 0c 9c bd 20 79 f9 ff 92 34 83 d7 22 bf 6c c3 c3 e3 52 5c 00 50 f8 aa 66 ea 33 47 bb 1f a3 f4 fc 17
                  Data Ascii: ]4V0IXi/_P )K8=.O[.jhok:AfB(lSezcybi6_'9E%_D{wHiH+-sL^XZ|;{o@r!@L?`Ky7D1 _<-fhW"1P)44JfJ!RxNAd7zO\ y4"lR\Pf3G
                  2025-04-28 14:45:00 UTC1369INData Raw: 86 51 e0 11 59 a5 23 df 82 50 b1 66 f8 2f d0 69 c9 5a e3 36 c7 9e 4d 2d 1d e3 d2 09 60 dc 2e f3 4b b3 a4 58 e3 ad d0 4a 64 75 26 cc fe 9d f6 1f b0 e9 85 af c1 d3 9b 4a ad f5 f1 b9 31 2a 9d 94 c0 c5 03 c8 8f a3 f6 29 1d 07 3d 2b 93 f7 c0 ef 8d a6 80 28 03 0b f3 76 28 7a 42 cb 52 37 63 5c ba 27 56 37 19 35 fe 36 60 ad 4f e2 a0 61 87 19 2a 02 c6 04 14 66 c0 25 a5 67 1c 6a 94 7a ec 23 02 33 b3 50 c0 6b db 53 dd 9a 16 66 fd 85 21 65 e2 98 7d 19 fc 74 73 fd 4c c8 70 bd f3 a0 1a b0 0c 87 a3 04 80 97 7f 47 e4 f9 44 64 af d2 ea 4f c7 41 cd 31 75 2a 00 33 cf 6c cc e2 4c 48 fe 29 97 cb c5 55 a0 b6 c6 31 1a 8e 02 e4 7d 5b 50 dc cb fa 7b 27 d0 4e ef 01 4a 70 12 e8 77 be 8a 3d 79 dd a2 d9 3c 16 69 e9 d5 f0 d0 71 8c 04 cc 48 45 f0 f5 5f 56 d4 3c eb c5 f7 c8 db f3 3d 24
                  Data Ascii: QY#Pf/iZ6M-`.KXJdu&J1*)=+(v(zBR7c\'V756`Oa*f%gjz#3PkSf!e}tsLpGDdOA1u*3lLH)U1}[P{'NJpw=y<iqHE_V<=$
                  2025-04-28 14:45:00 UTC1369INData Raw: bf a1 be a3 7e a0 7e 46 fa 85 ba 47 93 7b ef bd eb 99 78 e1 82 b1 6f 3a c8 33 8c be 38 9d 2d c9 91 eb 07 7e 06 b2 3e 57 97 97 a9 41 97 1a 8d 9c 01 66 d7 23 33 36 8e ad 61 f4 c9 69 ef ec 1a d0 d5 99 b1 3c bd be 3a db 3b df 85 74 3b 70 12 3b 37 a6 79 f4 71 55 0e a5 d3 bf 19 c2 fd f8 3c 11 99 06 11 0d a0 d3 20 d8 f5 92 26 8c 24 bf b0 d1 d6 e9 6d 17 87 9d 8e 0a 5a 92 01 dc 1f db 16 c0 24 3a 9a 16 ec 86 62 97 ab 20 70 34 85 fd 6b b4 b8 f6 ca 41 c6 6a 79 1e d2 ed 92 2e 8b d7 f6 0f f9 19 e5 e0 12 5d f4 af 78 85 cb f1 91 e4 10 eb a3 36 2c 32 14 a0 45 29 05 a2 38 4a b6 75 d1 ee 71 c3 e1 f8 5e 73 62 fb 6e 9e c5 0e d1 9a c2 90 8e c6 65 67 c7 c9 8e 46 81 6f 47 c6 15 fa 8d 78 60 0b 3c a0 50 8a b4 bc 0a e9 6c 1c bf 58 1d f6 b3 73 af 54 1b f1 50 bc e2 2f f1 0a 47 e3 d4
                  Data Ascii: ~~FG{xo:38-~>WAf#36ai<:;t;p;7yqU< &$mZ$:b p4kAjy.]x6,2E)8Juq^sbnegFoGx`<PlXsTP/G
                  2025-04-28 14:45:00 UTC1369INData Raw: b8 8e 12 3a af d2 55 60 19 6b 01 fd bf 89 73 89 7c 72 5f f1 89 4e 85 b6 c5 c2 a9 2f f7 24 f2 c8 85 c5 f3 68 fb 1e ad 04 17 49 8d 78 93 6b d4 4b 73 e0 ac 85 df 84 54 b1 16 06 25 e3 e1 2e 0a c9 9d 25 a4 f0 da 24 0b 5c 1c b7 81 39 3f 55 df a1 5d da 6b 06 44 11 64 31 43 09 8c df 26 a9 ef d6 e2 f9 b4 f8 f3 fa c6 f2 ee 41 00 f7 0c ae 17 75 ea 2c 3a 13 fa 10 44 de a3 73 0f 25 27 a7 76 a1 5f ef 3d bd 24 e7 79 a4 11 cf 2e 93 5c 04 1d 5d 02 f2 4f 8f 72 1b 64 fd ee 8f d3 0e d1 a3 ee ae b4 fc 73 d0 c7 20 f2 d9 0b 77 2d a4 6f cd ed 9d 83 c6 02 22 71 72 d8 eb cb df 12 85 e4 fa e2 13 0d fc 67 2f 94 e6 e4 ec de 9f d3 4f 6b 26 df a7 0a 20 21 d1 b2 f7 01 52 26 4e 6e 3c 05 5c b7 50 52 b3 1a 88 17 10 6d f5 5c 5e 1c 66 d6 bc 07 d7 24 0a 3d aa 0a a2 5d fe b7 7f 05 49 19 66 b6
                  Data Ascii: :U`ks|r_N/$hIxkKsT%.%$\9?U]kDd1C&Au,:Ds%'v_=$y.\]Ords w-o"qrg/Ok& !R&Nn<\PRm\^f$=]If
                  2025-04-28 14:45:00 UTC1369INData Raw: f7 da c4 ac 61 cf e4 cc e2 41 dd 5c 22 1e 04 78 70 4b 3f 8a 2f 1f 29 02 df 9b 52 ad 6e ce e9 c5 21 31 33 9b 58 37 3e e0 e4 e2 36 64 25 37 a5 cd b6 27 1e 0f 9c fc 55 42 22 d1 f1 79 0b 3f 21 57 82 ad 5b b2 4a e1 b5 75 d5 8a e4 53 42 0b 6f 04 7e d9 c2 23 ea 9d 55 21 44 a4 67 c5 18 a9 ba d8 8f 4a 2a ff 37 aa a0 c4 1a 69 1a 66 a2 d0 aa c8 68 89 59 ae bf c3 2c 28 35 c7 e2 29 7e c8 01 47 59 ef ad fc a9 5f 8f 2e 27 6c 00 cb 63 1d b2 10 78 c6 52 6c d5 0c 89 18 1c 03 37 c1 fb 30 c5 6d dd 1a 9a 50 0f b3 77 a4 8f b3 30 cb 07 93 41 3f 8a 95 7c e4 47 97 13 ac 0a 7e e6 42 6a ac 26 29 52 1d 87 85 30 13 07 1c 2c b0 5a 22 6a ab 80 63 64 04 c5 f8 e7 13 bf 7b 93 58 23 11 9c 0f 62 63 6e 56 0b e5 c6 e4 dc fa a9 52 0f 26 78 15 be 85 8f 44 c1 43 8a 3f 65 fd e2 8f c8 d2 aa 92 42
                  Data Ascii: aA\"xpK?/)Rn!13X7>6d%7'UB"y?!W[JuSBo~#U!DgJ*7ifhY,(5)~GY_.'lcxRl70mPw0A?|G~Bj&)R0,Z"jcd{X#bcnVR&xDC?eB
                  2025-04-28 14:45:00 UTC1369INData Raw: e9 17 38 4c 52 33 9b da 5a 45 3b 44 c4 0f 69 33 bb 4f 30 f7 06 f0 ef 6a e7 5e 3f 69 1e 04 e2 c2 5e ed 15 6d a6 b5 09 68 08 20 69 a7 e0 06 f3 d8 0c 84 f9 86 d8 3a e6 f4 ba 70 e2 e4 cd 3f d4 72 45 43 3c 04 87 f6 71 e6 87 88 93 00 26 8c 77 87 ca b6 f8 2f 96 63 b7 8d c6 a6 96 f5 76 1c 5b 16 c9 52 f9 69 0e 64 89 28 7d 28 48 f0 66 5c 05 3a ed fa ff ec 1f be d8 1f 27 10 99 95 a5 81 05 21 f3 46 1c ab 92 ff b3 61 53 4e 49 fd 5c b8 c9 a7 ed ee b1 f4 da 17 38 c8 ef 08 fe 82 03 72 69 ab 12 b0 21 a3 4e 48 d4 f8 15 46 91 0e bb da 73 97 de b6 fe e9 23 83 10 cc 55 c0 85 e3 f0 2e c4 67 52 66 0b 76 fd 29 1b 43 85 94 c6 ee 2f 37 93 53 89 3a dc 84 4f 30 72 11 c5 b0 ee b3 36 fa 1e d1 4e 25 77 83 dc 5b 99 99 7d ff e5 87 3f ff e0 ed 7c ec 2a 74 6f 63 19 26 ab ea 12 ae e3 fd ac
                  Data Ascii: 8LR3ZE;Di3O0j^?i^mh i:p?rEC<q&w/cv[Rid(}(Hf\:'!FaSNI\8ri!NHFs#U.gRfv)C/7S:O0r6N%w[}?|*toc&
                  2025-04-28 14:45:00 UTC1269INData Raw: bb 41 34 17 00 13 76 98 4f a9 e7 49 a5 a2 d7 c5 41 47 99 4e 0d 54 10 f6 17 9a d3 82 d8 e6 76 51 1e dd 03 0c 8c 95 13 d3 f4 d3 f1 7f 4d 86 94 cd 9c 7e fa 76 c8 47 06 ce db a9 29 cc 7d 2a be 99 06 6d d1 8b 1a b9 7e d4 9a bd de a9 ef 62 07 c9 9a 2a cb c7 d1 0a 6b 89 83 78 b5 dd da 05 55 fc a7 5c e1 49 a8 33 80 58 09 b9 a4 61 2d c5 64 76 b0 c5 b9 06 d7 f7 5c 7d 96 76 10 03 7b 63 21 0a bc 5b 20 95 17 7b fe b2 4f 54 8c ad 0f 30 ce 97 97 7e d6 19 e0 80 96 a0 21 d6 6a c8 e5 76 30 1e e8 3d fb 24 b8 88 be 02 e8 4d 59 7a 29 14 c4 13 0b c6 ba 47 b7 15 03 a7 86 d4 1b be 87 8d 84 2d 68 6f 54 c9 c0 a4 5d 2a 09 16 6a be eb f8 fe a6 0c e0 db 11 09 ba 5a e8 dc 0e ce 5a 37 21 0e fa e7 f2 f8 c7 8b 6f da b1 d7 ac 8a 53 56 de 4c 41 04 3a 8f 21 2f 45 ac 56 0a 6e 15 b7 e5 0e 83
                  Data Ascii: A4vOIAGNTvQM~vG)}*m~b*kxU\I3Xa-dv\}v{c![ {OT0~!jv0=$MYz)G-hoT]*jZZ7!oSVLA:!/EVn


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  3192.168.2.44973345.148.96.134434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:45:00 UTC706OUTPOST /xcx-bky-lsa/ HTTP/1.1
                  Host: ecopoolaquecedores.com.br
                  Connection: keep-alive
                  Content-Length: 2857
                  sec-ch-ua-platform: "Windows"
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  Content-Type: application/json
                  sec-ch-ua-mobile: ?0
                  Accept: */*
                  Origin: https://ecopoolaquecedores.com.br
                  Sec-Fetch-Site: same-origin
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Referer: https://ecopoolaquecedores.com.br/xcx-bky-lsa/
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
                  2025-04-28 14:45:00 UTC2857OUTData Raw: 7b 22 74 79 70 65 22 3a 22 66 69 6e 67 65 72 70 72 69 6e 74 22 2c 22 64 61 74 61 22 3a 7b 22 75 73 65 72 41 67 65 6e 74 22 3a 22 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36 34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35 33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69 6b 65 20 47 65 63 6b 6f 29 20 43 68 72 6f 6d 65 2f 31 33 34 2e 30 2e 30 2e 30 20 53 61 66 61 72 69 2f 35 33 37 2e 33 36 22 2c 22 73 63 72 65 65 6e 22 3a 22 31 32 38 30 78 31 30 32 34 22 2c 22 70 6c 75 67 69 6e 73 22 3a 35 2c 22 74 69 6d 65 5a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 4e 65 77 5f 59 6f 72 6b 22 2c 22 77 65 62 67 6c 22 3a 74 72 75 65 2c 22 6a 73 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 63 61 6e 76 61
                  Data Ascii: {"type":"fingerprint","data":{"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36","screen":"1280x1024","plugins":5,"timeZone":"America/New_York","webgl":true,"jsEnabled":true,"canva
                  2025-04-28 14:45:01 UTC580INHTTP/1.1 200 OK
                  Connection: close
                  x-powered-by: PHP/8.1.32
                  expires: Thu, 19 Nov 1981 08:52:00 GMT
                  cache-control: no-store, no-cache, must-revalidate
                  pragma: no-cache
                  content-type: text/html; charset=UTF-8
                  access-control-allow-origin: *
                  access-control-allow-methods: POST
                  access-control-allow-headers: Content-Type
                  content-length: 83
                  date: Mon, 28 Apr 2025 14:45:01 GMT
                  server: LiteSpeed
                  alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                  2025-04-28 14:45:01 UTC83INData Raw: 7b 22 73 74 61 74 75 73 22 3a 22 62 6f 74 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 56 65 72 69 66 69 63 61 74 69 6f 6e 20 66 61 69 6c 65 64 2e 20 54 61 70 20 77 69 74 68 69 6e 20 74 68 65 20 61 72 65 61 20 6f 72 20 74 72 79 20 61 67 61 69 6e 2e 22 7d
                  Data Ascii: {"status":"bot","message":"Verification failed. Tap within the area or try again."}


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  4192.168.2.449734172.64.147.2384434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:45:00 UTC698OUTGET /icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-file-formats--office-365-pack-logos-icons-1174823.png?f=webp&w=512 HTTP/1.1
                  Host: cdn.iconscout.com
                  Connection: keep-alive
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: */*
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Sec-Fetch-Storage-Access: active
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  Cookie: __cf_bm=ziWAjIRwoyzq58nypF2rFCWOm9y_s7txleCZoB93pd0-1745851500-1.0.1.1-G8w5QRNV2SaiUYBkjZV2pbtqPItpDwXLS8XKiLDdmbWirmsZM9lUNHUa9RRo4VfVXtU.Rn8XrLKWrftb5tk5qc6r0YQL2k8PUlncEkHe2Rs
                  2025-04-28 14:45:01 UTC868INHTTP/1.1 200 OK
                  Date: Mon, 28 Apr 2025 14:45:01 GMT
                  Content-Type: image/webp
                  Content-Length: 11068
                  Connection: close
                  cache-control: public, max-age=31536000
                  content-disposition: inline; filename="1174823.webp"
                  content-security-policy: script-src 'none'
                  via: 1.1 google, 1.1 google
                  x-request-id: ruog_CUqeQ2F2Zbt_ZdP_
                  Access-Control-Allow-Origin: *
                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                  Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,X-CSRF-TOKEN,Authorization,Client-ID
                  Access-Control-Expose-Headers: Content-Length,Content-Range
                  Last-Modified: Mon, 28 Apr 2025 13:22:03 GMT
                  CF-Cache-Status: HIT
                  Age: 1
                  Expires: Tue, 28 Apr 2026 14:45:01 GMT
                  Accept-Ranges: bytes
                  Server: cloudflare
                  CF-RAY: 9377574a1900f00f-PHX
                  alt-svc: h3=":443"; ma=86400
                  2025-04-28 14:45:01 UTC501INData Raw: 52 49 46 46 34 2b 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 ff 01 00 ff 01 00 41 4c 50 48 99 18 00 00 01 1c 05 6d db 30 09 7f d8 ed 0e 84 88 98 00 bf 19 07 b6 01 6a 13 55 96 8e 17 c0 dd 92 b3 67 e4 2a e8 2e 57 dc fe ad 78 a0 6d 4b 8d 24 d9 da 8e 20 3c 18 92 a9 98 ab b2 98 99 99 9a bb 98 99 99 19 9a 21 ab 8b 99 99 99 99 99 99 21 39 33 a2 92 33 43 66 76 f6 18 92 c9 33 c2 64 92 4c 7d a1 22 02 16 6c 2b 61 a3 07 2f 20 41 92 6d 93 b4 6b 5b f3 2f d9 b6 ed b6 6d 08 50 8d 04 e8 61 f2 ff 93 9e af c4 bb ef c1 f5 12 37 0d 11 e1 c8 91 dc b8 e9 21 45 6a 28 39 d7 f5 05 8b fc 9a fe 33 fd 67 fa cf f4 9f e9 10 7e a0 21 18 b1 d1 1e a7 5e f1 c0 cb 9f 4f fa 79 b6 12 b3 7a 26 7c fc c2 bd 17 1f bf f3 3a 83 7d 0d a1 5f 51 11 68 87 d3 e0 cd 4e bb eb e3 59 e8 9b f0 b4
                  Data Ascii: RIFF4+WEBPVP8XALPHm0jUg*.WxmK$ <!!933Cfv3dL}"l+a/ Amk[/mPa7!Ej(93g~!^Oyz&|:}_QhNY
                  2025-04-28 14:45:01 UTC1369INData Raw: f2 ac 70 a4 c2 87 2b 91 ef 55 a7 b4 53 80 a8 5e d4 96 60 ef 5e 44 7e 45 fa 7f a3 e5 1e b0 4c 79 16 39 02 f8 4f 5c a2 12 71 d4 7b e9 9a 96 a9 92 78 3c de 6c 05 e2 1a e3 b5 34 a4 c5 ae ac 0f 16 a0 b0 f2 70 d3 39 88 f4 a8 7d 0e 10 61 ec 32 14 56 1c 6e 2b 21 d2 b4 31 18 61 ca 2a 14 56 1a ee 08 48 8d d6 aa c0 f4 55 29 ac 30 dc 82 53 b4 5a bb 47 53 58 59 b8 7e 94 a2 e5 3a 6e e1 8a b2 9d 80 96 ea 99 4f 0f 8b 3b 7c dc 5e 49 06 a0 7c 1a f0 65 8a 39 d0 a7 89 bc ca 01 8f e8 99 d4 56 73 a1 57 55 10 e3 d3 bf 53 cc 81 82 25 0e a9 1c 05 42 da 1d 8a 11 33 1f aa 80 75 28 a8 18 fe 92 b3 a0 12 e6 45 05 be 6a ab 1a 39 2f 42 d4 61 4e 72 ae af 14 39 01 9d a5 57 cf 91 c6 39 bb 54 88 90 4f 2b 27 69 1a f3 13 92 98 30 98 bc ca 11 cb 97 46 b8 96 fc ca 10 3b bc 0e 73 15 52 d8 b2 22
                  Data Ascii: p+US^`^D~ELy9O\q{x<l4p9}a2Vn+!1a*VHU)0SZGSXY~:nO;|^I|e9VsWUS%B3u(Ej9/BaNr9W9TO+'i0F;sR"
                  2025-04-28 14:45:01 UTC1369INData Raw: 3c e1 ed 3d d6 0f 92 44 f8 93 8d 48 dc d4 40 07 15 c1 82 99 b1 85 81 17 7c 8f 16 9a 03 b6 fe f0 bf 94 02 fb fa 7e d8 83 86 bf c5 4d 60 32 75 80 91 cc 95 44 0e 70 2b 79 56 ad 63 b8 f8 d4 f0 09 54 fe 8d 30 f3 c3 2f 9f d6 54 b6 03 02 77 db 82 94 fa c7 32 2d 35 d0 c5 88 f8 c3 ef 05 8e a6 d0 04 d6 47 0e f0 90 35 5e 82 d4 e1 a6 93 18 da 60 1e 17 c2 b4 53 05 81 07 ad a0 e6 e9 47 5b 5c af f0 24 a0 c1 13 73 df 4c fd e8 a3 38 1a 76 f4 9a cf ba a0 e0 a4 46 37 42 70 ee db a7 53 60 04 2b e6 21 e5 16 f2 2c e8 95 f2 fa 92 7b 59 2f 84 14 34 ea cd 9c b7 d5 4a e4 9b f9 d6 91 fd 85 22 5c 9c 71 21 fd a0 d5 bc 54 24 2c 40 69 f0 ba be 87 ca 7b fb 45 32 24 6d 79 18 77 3a 8f c2 ac 6b ea 1b 49 22 0d 8d 4d 8d b5 5a 63 f1 49 53 2b 8d 81 c8 7b fb 00 53 67 7b ed cb 1c 8c 3b 1f 45 61
                  Data Ascii: <=DH@|~M`2uDp+yVcT0/Tw2-5G5^`SG[\$sL8vF7BpS`+!,{Y/4J"\q!T$,@i{E2$myw:kI"MZcIS+{Sg{;Ea
                  2025-04-28 14:45:01 UTC1369INData Raw: c4 32 e9 86 1d 9b 88 fc fa 9e dd 9d 68 fb 87 7a 93 80 50 7d 79 48 18 e9 08 7e f8 db 92 da 81 9a 05 9f 37 87 3b 90 27 8c 10 52 f1 fc 44 29 19 09 ed b1 97 9f 5f fe 9b ae e4 78 d0 de 6f e4 c7 59 e6 f4 37 14 d0 97 87 44 29 11 25 eb d0 7d e7 1f 5a 63 2f 9b 07 23 3d b3 16 88 e3 8c 37 5c 67 07 94 94 42 48 a9 18 29 99 fb e9 0d 87 ad 1c 52 9d fc 1c 39 1e 11 ad 7a c2 a3 53 ea 3e 22 75 1f 90 de cf 2e db 69 68 fa 54 c8 d6 ae 7e ee a8 a0 b3 45 e2 91 c3 ae 7f f6 8b 9f e7 31 ea 88 9a 3b f5 e3 c7 2f 39 e6 57 0b 87 a4 45 72 7a 17 ad 58 3a 37 3e e6 ca 97 7f 9c ad 90 16 d1 f3 e9 83 7f de 63 e9 f4 a9 90 25 9f 45 b1 3b 67 bc 89 f0 37 a2 b0 75 f0 d2 eb 6e bf db 3e 07 1e 76 e8 01 7b ed bc f5 1a 8b b4 a7 c6 71 fc d0 cf f1 7d 94 52 7f 7a d3 a8 b5 b6 da 69 af 03 0e de 77 8f df 6c
                  Data Ascii: 2hzP}yH~7;'RD)_xoY7D)%}Zc/#=7\gBH)R9zS>"u.ihT~E1;/9WErzX:7>c%E;g7un>v{q}Rziwl
                  2025-04-28 14:45:01 UTC1369INData Raw: 88 84 da 9a 87 fe 14 27 bb 58 b5 89 a3 13 f6 57 e3 e2 c2 72 c7 4a a3 78 b7 43 38 d7 70 53 cc ef 96 ec 37 cd 09 af 44 81 cd 5e 68 a8 93 f6 83 64 76 ab 28 47 f8 68 54 42 03 0a 65 6d 56 14 fe 54 d9 59 a8 ad b6 70 77 dc 74 2a 2a 81 27 db eb 6d a8 df 1d b2 8f 1b 04 36 54 d4 da 4e 77 41 38 15 25 e3 5a 32 c5 c5 95 6c 05 c2 37 54 8e b6 d3 5e 49 d3 a5 36 89 53 48 1b 6d 34 67 82 b8 62 58 43 45 2d 0d 0b 4c 89 9b 0e 55 a3 7b 1b f2 3c 32 88 d0 0a cc 40 24 a2 95 6e 83 60 76 a4 34 85 37 16 d5 d3 4c 1a 1f 70 0a 1a 1b 31 51 2b fd 1a 8a d9 91 a2 18 e3 53 48 86 81 ad 33 5d 43 46 4d b5 d6 4f 21 9d 28 2a 31 7e bb 3a 35 0c 87 ac 75 a6 19 5e 34 a2 85 ce 4a 9a 2e 14 bd 7d 28 05 1e 19 47 f2 c3 1c 34 70 94 89 9a 68 d9 39 60 76 1c 4f 30 c6 fe 9e f4 1a e6 4d f4 17 14 6b cc 60 a3 5a
                  Data Ascii: 'XWrJxC8pS7D^hdv(GhTBemVTYpwt**'m6TNwA8%Z2l7T^I6SHm4gbXCE-LU{<2@$n`v47Lp1Q+SH3]CFMO!(*1~:5u^4J.}(G4ph9`vO0Mk`Z
                  2025-04-28 14:45:01 UTC1369INData Raw: 70 e2 f8 36 0f 02 10 32 49 b7 f7 d6 9f e2 8e f5 29 35 d0 54 4d 9c d5 af 9e a5 97 06 b3 7d f9 0a e8 b9 68 b4 f6 3e a7 b2 48 e0 13 2d 71 c6 c7 5a ba 16 b0 27 c2 42 bb f5 e7 d1 23 b4 3a 95 46 fc 80 28 dc e6 8e 59 f5 02 f6 44 a6 5e bb 99 7e 13 b0 8a 23 a9 57 85 45 8e 79 ae 17 e9 3b 7d 66 18 48 d6 29 21 01 cc 7e e2 80 a1 fa bb db 0a 24 e9 8b c3 52 c7 3e 1f 01 e0 48 72 b2 2a 9b 75 2c 23 d6 22 87 2e 32 df 5b 7f 56 a4 74 5a ee f0 3b 26 42 5b a5 6f 86 8d e6 2a a1 ad c3 4f b7 ef 9f 44 bc 54 7e f5 0a 74 6c f1 8f b7 66 22 11 59 e7 6e af fd 7c 93 a1 e7 4a 24 32 ed c5 73 37 6f 4b 8d 6a 54 33 f1 b4 91 61 6f d8 b6 67 3d 5c f7 6e af f3 b9 d9 2b ea df f7 55 ca 74 5f a8 09 8f 9e b1 fd 50 4a f5 af 74 12 04 a4 6d 66 ed 03 2e 78 ea bb b9 7d 7a 8d e9 83 cc fa f2 e1 bf ee b5 4a
                  Data Ascii: p62I)5TM}h>H-qZ'B#:F(YD^~#WEy;}fH)!~$R>Hr*u,#".2[VtZ;&B[o*ODT~tlf"Yn|J$2s7oKjT3aog=\n+Ut_PJtmf.x}zJ
                  2025-04-28 14:45:01 UTC1369INData Raw: eb 9d 79 43 3f 73 78 3f c9 89 9c 1d 43 e4 99 15 20 f2 67 c1 f3 f4 2f 9e e2 97 4f f3 36 58 7f d9 b9 69 71 12 20 fc 25 4f ae d1 2a 69 c1 d4 3e 49 35 a5 56 f6 0c ef 2a 41 e4 bb 1b 36 03 05 6a 23 78 1d 16 c1 35 c8 e1 fb b4 c6 9b 73 00 99 54 b5 49 18 8b a9 54 f2 0e cf d6 fa 95 4f 7b ac ce f2 a4 1e 4b 73 79 85 45 a0 29 ec 79 a9 58 ae ce 9e 68 57 ce bf b7 ec 43 4b 93 2c 19 75 d3 48 c3 2c 19 75 d3 94 0a 98 67 8a 15 30 cf 39 a5 00 50 a9 86 78 a1 53 0c f1 42 a6 19 e2 85 4c 33 c5 0a 98 67 8a 02 00 00 fe f1 73 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 a9 de 75 5c fd 36 1c 72 4a 73 f9 f2 14 e1 ed 70 fb 15 2b 55 ca a7 68 2f 85 4a b9 8c 86 83 ba de 71 ce 51 e6 9b 0f 69 42 af 6d 00 a2 bb 23 72 c6 e4 73 e9 23 5f 70 1a 79 21 6a 7b e9 aa cc 9d 5a 3d 24 b0 a3 45 6e 72
                  Data Ascii: yC?sx?C g/O6Xiq %O*i>I5V*A6j#x5sTITO{KsyE)yXhWCK,uH,ug09PxSBL3gs@u\6rJsp+Uh/JqQiBm#rs#_py!j{Z=$Enr
                  2025-04-28 14:45:01 UTC1369INData Raw: f6 f1 79 8b bf 1f 09 ba 8b c8 67 ae fa bb a7 c0 79 f7 65 e2 75 ad c7 f6 bf de 22 cd 60 01 e7 2b ee 0a 0f 91 54 5d a1 3f c7 c0 d3 fc b6 b2 f5 d4 3f 0d e5 17 1d ea 6c 14 0b d5 eb fd 0f 17 1d 7e e2 16 95 7a 09 f3 02 de 55 0f 16 96 9a 0c 46 2d 82 05 84 fd 81 71 35 3c 6a 1a dd 83 d5 5c 2c 34 9b 86 3b a7 da 36 4e 96 31 a0 bc 34 2a c4 7f 54 10 fd 6e 73 e6 2b b9 00 b4 10 33 b3 d0 fa ec ce f1 b1 91 be af 7a cb 11 dd e9 f3 21 64 56 d0 da bb fb ac 8a 5c 67 1c c5 44 68 8e 8f 8b 09 da a7 fe 31 e8 19 b4 f7 8a 18 1b a1 ee 9d 7a 64 76 dc c1 c7 b7 a9 07 01 d4 e0 10 0e 7b 98 28 ca 18 7f 65 aa 4d d0 a2 83 20 d4 d9 a6 04 16 29 d3 e7 f8 2c 7c e2 81 a6 54 55 66 d3 91 bf b2 90 fa ee fa 4b 90 bc 70 d6 c9 37 cb 64 c4 73 66 27 7f 1f 06 84 dd fd ae 12 dc 24 d1 46 06 68 9e 96 cc 1f
                  Data Ascii: ygyeu"`+T]??l~zUF-q5<j\,4;6N14*Tns+3z!dV\gDh1zdv{(eM ),|TUfKp7dsf'$Fh
                  2025-04-28 14:45:01 UTC984INData Raw: 4d 63 a8 65 c7 1a 7f b2 1a 8e 84 63 ec 7a 58 c0 ee 3b 3a ea a6 a1 b3 28 d6 2f fa 9a 53 0a ae 9c 98 3d 9a 21 4e 4b 8d f7 26 b9 e6 cc 6d 4c d3 dd ce 8a 62 7d a8 9d cf 69 c3 5f d4 78 42 b9 d7 b1 6a 5d da 70 72 cc 59 cf 46 05 e6 1c df dc b2 9a 79 55 37 68 ed 2b d3 9b 3a 03 b0 c5 b4 33 70 43 f7 7f fe b9 00 6b 25 e2 62 e1 c3 d7 ba 56 51 20 32 ea 3d 2c 61 0f ce ea 5a 0b 06 54 e6 74 c3 5f 5a 5d cd 18 80 f9 69 47 da 8c 4f d9 f0 00 08 0b 6c 01 46 6c c6 cd 1f e1 6f 5f cb 9c 7d 81 31 59 42 75 f6 d2 e1 0d 14 94 9d 15 53 a1 68 52 86 3d ba 3b 3c 7d e1 05 1c 63 f2 0f 62 20 cf c8 08 c0 a4 05 05 bf b1 9c 96 4e 51 62 d2 94 3b bc 28 2d ff 37 78 0b 1e eb 1d de 2a 26 d6 98 a3 92 e1 d4 a8 a5 69 cf 18 cf f0 6b 0b ea 04 3c 8f ea 3f 9f dd f2 86 b6 e9 2f a5 80 29 0f f4 a4 b2 0d 1f
                  Data Ascii: MceczX;:(/S=!NK&mLb}i_xBj]prYFyU7h+:3pCk%bVQ 2=,aZTt_Z]iGOlFlo_}1YBuShR=;<}cb NQb;(-7x*&ik<?/)


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  5192.168.2.44973545.148.96.134434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:45:02 UTC447OUTGET /xcx-bky-lsa/ HTTP/1.1
                  Host: ecopoolaquecedores.com.br
                  Connection: keep-alive
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: */*
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Sec-Fetch-Storage-Access: active
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
                  2025-04-28 14:45:03 UTC476INHTTP/1.1 200 OK
                  Connection: close
                  x-powered-by: PHP/8.1.32
                  expires: Thu, 19 Nov 1981 08:52:00 GMT
                  cache-control: no-store, no-cache, must-revalidate
                  pragma: no-cache
                  content-type: text/html; charset=UTF-8
                  transfer-encoding: chunked
                  date: Mon, 28 Apr 2025 14:45:02 GMT
                  server: LiteSpeed
                  alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                  2025-04-28 14:45:03 UTC892INData Raw: 35 36 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 78 63 6c 75 73 69 76 65 20 46 72 61 67 72 61 6e 63 65 20 43 6f 6c 6c 65 63 74 69 6f 6e 73 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 69 63 6f 6e 73 63 6f 75 74 2e 63 6f 6d 2f 69 63 6f 6e 2f 66 72 65 65 2f 70 6e 67 2d 35 31 32 2f 66 72 65 65 2d 74 65 61 6d 73 2d 6c 6f 67 6f 2d 69 63 6f 6e 2d 64 6f 77 6e 6c 6f 61 64 2d 69 6e 2d 73 76 67 2d 70
                  Data Ascii: 5608<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <title>Exclusive Fragrance Collections</title> <link rel="icon" type="image/png" href="https://cdn.iconscout.com/icon/free/png-512/free-teams-logo-icon-download-in-svg-p
                  2025-04-28 14:45:03 UTC14994INData Raw: 65 63 75 72 65 20 63 68 65 63 6b 6f 75 74 2e 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 77 65 62 73 69 74 65 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 75 72 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 69 6d 61 67 65 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 70 2e 6a 70 67 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 3e 0a
                  Data Ascii: ecure checkout."><meta property="og:type" content="website"><meta property="og:url" content="https://your-domain.com"><meta property="og:image" content="https://your-domain.com/images/shop.jpg"><meta name="twitter:card" content="summary_large_image">
                  2025-04-28 14:45:03 UTC6146INData Raw: 20 20 20 20 20 76 61 72 20 79 20 3d 20 28 65 76 65 6e 74 2e 63 6c 69 65 6e 74 59 20 7c 7c 20 28 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 20 26 26 20 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 5b 30 5d 2e 63 6c 69 65 6e 74 59 29 29 20 2d 20 72 65 63 74 2e 74 6f 70 20 2d 20 61 72 65 61 4f 66 66 73 65 74 2e 79 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 27 54 61 70 20 61 74 20 78 3a 27 2c 20 78 2c 20 27 79 3a 27 2c 20 79 2c 20 27 74 69 6d 65 3a 27 2c 20 63 75 72 72 65 6e 74 54 69 6d 65 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 78 20 3c 20 30 20 7c 7c 20 78 20 3e 20 72 65 63 74 2e 77 69 64 74 68 20 7c 7c 20 79 20 3c 20 30 20 7c 7c 20 79 20 3e 20 72 65 63 74
                  Data Ascii: var y = (event.clientY || (event.touches && event.touches[0].clientY)) - rect.top - areaOffset.y; console.log('Tap at x:', x, 'y:', y, 'time:', currentTime); if (x < 0 || x > rect.width || y < 0 || y > rect
                  2025-04-28 14:45:03 UTC5INData Raw: 30 0d 0a 0d 0a
                  Data Ascii: 0


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  6192.168.2.44974045.148.96.134434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:45:49 UTC823OUTGET /xcx-bky-lsa/ HTTP/1.1
                  Host: ecopoolaquecedores.com.br
                  Connection: keep-alive
                  Cache-Control: max-age=0
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  sec-ch-ua-platform: "Windows"
                  Upgrade-Insecure-Requests: 1
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                  Sec-Fetch-Site: same-origin
                  Sec-Fetch-Mode: navigate
                  Sec-Fetch-User: ?1
                  Sec-Fetch-Dest: document
                  Referer: https://ecopoolaquecedores.com.br/xcx-bky-lsa/
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
                  2025-04-28 14:45:49 UTC476INHTTP/1.1 200 OK
                  Connection: close
                  x-powered-by: PHP/8.1.32
                  expires: Thu, 19 Nov 1981 08:52:00 GMT
                  cache-control: no-store, no-cache, must-revalidate
                  pragma: no-cache
                  content-type: text/html; charset=UTF-8
                  transfer-encoding: chunked
                  date: Mon, 28 Apr 2025 14:45:49 GMT
                  server: LiteSpeed
                  alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                  2025-04-28 14:45:49 UTC892INData Raw: 35 36 30 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4c 75 78 75 72 79 20 57 61 74 63 68 65 73 20 61 74 20 44 69 73 63 6f 75 6e 74 20 50 72 69 63 65 73 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 69 63 6f 6e 73 63 6f 75 74 2e 63 6f 6d 2f 69 63 6f 6e 2f 66 72 65 65 2f 70 6e 67 2d 35 31 32 2f 66 72 65 65 2d 74 65 61 6d 73 2d 6c 6f 67 6f 2d 69 63 6f 6e 2d 64 6f 77 6e 6c 6f 61 64 2d 69 6e 2d 73 76 67
                  Data Ascii: 560e<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <title>Luxury Watches at Discount Prices</title> <link rel="icon" type="image/png" href="https://cdn.iconscout.com/icon/free/png-512/free-teams-logo-icon-download-in-svg
                  2025-04-28 14:45:50 UTC14994INData Raw: 6e 64 20 73 65 63 75 72 65 20 63 68 65 63 6b 6f 75 74 2e 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 77 65 62 73 69 74 65 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 75 72 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 69 6d 61 67 65 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 70 2e 6a 70 67 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67
                  Data Ascii: nd secure checkout."><meta property="og:type" content="website"><meta property="og:url" content="https://your-domain.com"><meta property="og:image" content="https://your-domain.com/images/shop.jpg"><meta name="twitter:card" content="summary_large_imag
                  2025-04-28 14:45:50 UTC6152INData Raw: 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 79 20 3d 20 28 65 76 65 6e 74 2e 63 6c 69 65 6e 74 59 20 7c 7c 20 28 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 20 26 26 20 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 5b 30 5d 2e 63 6c 69 65 6e 74 59 29 29 20 2d 20 72 65 63 74 2e 74 6f 70 20 2d 20 61 72 65 61 4f 66 66 73 65 74 2e 79 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 27 54 61 70 20 61 74 20 78 3a 27 2c 20 78 2c 20 27 79 3a 27 2c 20 79 2c 20 27 74 69 6d 65 3a 27 2c 20 63 75 72 72 65 6e 74 54 69 6d 65 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 78 20 3c 20 30 20 7c 7c 20 78 20 3e 20 72 65 63 74 2e 77 69 64 74 68 20 7c 7c 20 79 20 3c 20 30 20 7c 7c 20 79 20
                  Data Ascii: var y = (event.clientY || (event.touches && event.touches[0].clientY)) - rect.top - areaOffset.y; console.log('Tap at x:', x, 'y:', y, 'time:', currentTime); if (x < 0 || x > rect.width || y < 0 || y
                  2025-04-28 14:45:50 UTC5INData Raw: 30 0d 0a 0d 0a
                  Data Ascii: 0


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  7192.168.2.44974145.148.96.134434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:45:50 UTC706OUTPOST /xcx-bky-lsa/ HTTP/1.1
                  Host: ecopoolaquecedores.com.br
                  Connection: keep-alive
                  Content-Length: 2858
                  sec-ch-ua-platform: "Windows"
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  Content-Type: application/json
                  sec-ch-ua-mobile: ?0
                  Accept: */*
                  Origin: https://ecopoolaquecedores.com.br
                  Sec-Fetch-Site: same-origin
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Referer: https://ecopoolaquecedores.com.br/xcx-bky-lsa/
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
                  2025-04-28 14:45:50 UTC2858OUTData Raw: 7b 22 74 79 70 65 22 3a 22 66 69 6e 67 65 72 70 72 69 6e 74 22 2c 22 64 61 74 61 22 3a 7b 22 75 73 65 72 41 67 65 6e 74 22 3a 22 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36 34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35 33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69 6b 65 20 47 65 63 6b 6f 29 20 43 68 72 6f 6d 65 2f 31 33 34 2e 30 2e 30 2e 30 20 53 61 66 61 72 69 2f 35 33 37 2e 33 36 22 2c 22 73 63 72 65 65 6e 22 3a 22 31 32 38 30 78 31 30 32 34 22 2c 22 70 6c 75 67 69 6e 73 22 3a 35 2c 22 74 69 6d 65 5a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 4e 65 77 5f 59 6f 72 6b 22 2c 22 77 65 62 67 6c 22 3a 74 72 75 65 2c 22 6a 73 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 63 61 6e 76 61
                  Data Ascii: {"type":"fingerprint","data":{"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36","screen":"1280x1024","plugins":5,"timeZone":"America/New_York","webgl":true,"jsEnabled":true,"canva
                  2025-04-28 14:45:51 UTC580INHTTP/1.1 200 OK
                  Connection: close
                  x-powered-by: PHP/8.1.32
                  expires: Thu, 19 Nov 1981 08:52:00 GMT
                  cache-control: no-store, no-cache, must-revalidate
                  pragma: no-cache
                  content-type: text/html; charset=UTF-8
                  access-control-allow-origin: *
                  access-control-allow-methods: POST
                  access-control-allow-headers: Content-Type
                  content-length: 83
                  date: Mon, 28 Apr 2025 14:45:51 GMT
                  server: LiteSpeed
                  alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                  2025-04-28 14:45:51 UTC83INData Raw: 7b 22 73 74 61 74 75 73 22 3a 22 62 6f 74 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 56 65 72 69 66 69 63 61 74 69 6f 6e 20 66 61 69 6c 65 64 2e 20 54 61 70 20 77 69 74 68 69 6e 20 74 68 65 20 61 72 65 61 20 6f 72 20 74 72 79 20 61 67 61 69 6e 2e 22 7d
                  Data Ascii: {"status":"bot","message":"Verification failed. Tap within the area or try again."}


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  8192.168.2.44974445.148.96.134434132C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-28 14:45:52 UTC447OUTGET /xcx-bky-lsa/ HTTP/1.1
                  Host: ecopoolaquecedores.com.br
                  Connection: keep-alive
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: */*
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Sec-Fetch-Storage-Access: active
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  Cookie: PHPSESSID=lj53ql0953i3f0vth0sdv1jh7e
                  2025-04-28 14:45:52 UTC476INHTTP/1.1 200 OK
                  Connection: close
                  x-powered-by: PHP/8.1.32
                  expires: Thu, 19 Nov 1981 08:52:00 GMT
                  cache-control: no-store, no-cache, must-revalidate
                  pragma: no-cache
                  content-type: text/html; charset=UTF-8
                  transfer-encoding: chunked
                  date: Mon, 28 Apr 2025 14:45:52 GMT
                  server: LiteSpeed
                  alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                  2025-04-28 14:45:52 UTC892INData Raw: 35 35 66 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 53 74 79 6c 69 73 68 20 4b 69 64 73 27 20 41 70 70 61 72 65 6c 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 69 63 6f 6e 73 63 6f 75 74 2e 63 6f 6d 2f 69 63 6f 6e 2f 66 72 65 65 2f 70 6e 67 2d 35 31 32 2f 66 72 65 65 2d 74 65 61 6d 73 2d 6c 6f 67 6f 2d 69 63 6f 6e 2d 64 6f 77 6e 6c 6f 61 64 2d 69 6e 2d 73 76 67 2d 70 6e 67 2d 67 69 66 2d 66 69 6c
                  Data Ascii: 55f4<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <title>Stylish Kids' Apparel</title> <link rel="icon" type="image/png" href="https://cdn.iconscout.com/icon/free/png-512/free-teams-logo-icon-download-in-svg-png-gif-fil
                  2025-04-28 14:45:53 UTC14994INData Raw: 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 77 65 62 73 69 74 65 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 75 72 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 22 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 69 6d 61 67 65 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 72 2d 64 6f 6d 61 69 6e 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 70 2e 6a 70 67 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69
                  Data Ascii: "><meta property="og:type" content="website"><meta property="og:url" content="https://your-domain.com"><meta property="og:image" content="https://your-domain.com/images/shop.jpg"><meta name="twitter:card" content="summary_large_image"><meta name="twi
                  2025-04-28 14:45:53 UTC6126INData Raw: 63 6c 69 65 6e 74 59 20 7c 7c 20 28 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 20 26 26 20 65 76 65 6e 74 2e 74 6f 75 63 68 65 73 5b 30 5d 2e 63 6c 69 65 6e 74 59 29 29 20 2d 20 72 65 63 74 2e 74 6f 70 20 2d 20 61 72 65 61 4f 66 66 73 65 74 2e 79 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 27 54 61 70 20 61 74 20 78 3a 27 2c 20 78 2c 20 27 79 3a 27 2c 20 79 2c 20 27 74 69 6d 65 3a 27 2c 20 63 75 72 72 65 6e 74 54 69 6d 65 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 78 20 3c 20 30 20 7c 7c 20 78 20 3e 20 72 65 63 74 2e 77 69 64 74 68 20 7c 7c 20 79 20 3c 20 30 20 7c 7c 20 79 20 3e 20 72 65 63 74 2e 68 65 69 67 68 74 29 20 7b 0d 0a 20 20 20 20 20 20 20 20
                  Data Ascii: clientY || (event.touches && event.touches[0].clientY)) - rect.top - areaOffset.y; console.log('Tap at x:', x, 'y:', y, 'time:', currentTime); if (x < 0 || x > rect.width || y < 0 || y > rect.height) {
                  2025-04-28 14:45:53 UTC5INData Raw: 30 0d 0a 0d 0a
                  Data Ascii: 0


                  020406080s020406080100

                  Click to jump to process

                  020406080s0.0050100MB

                  Click to jump to process

                  Target ID:1
                  Start time:10:44:46
                  Start date:28/04/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                  Imagebase:0x7ff786830000
                  File size:3'388'000 bytes
                  MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:false

                  Target ID:2
                  Start time:10:44:49
                  Start date:28/04/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2652 /prefetch:3
                  Imagebase:0x7ff786830000
                  File size:3'388'000 bytes
                  MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:false

                  Target ID:4
                  Start time:10:44:55
                  Start date:28/04/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aramarnorth.chaogaoyassl.com/go?id=01a005fe-5d22-4bd2-a6f2-8bb440b744ef-GmNI0K&routennuS=Ys%2BJNAwd%2B%2BZ4hQ4gY3FNL6%2Fw2OgmbfqNCCnqVe3EU5O52p%2BybReHfmowOFXnDvwbkAcAYXMO6Ls7rsOLrU6OTHNl%2BkF2PDWl5v4kHoRJ0lvj5PwRw9my5uyO6iZ10quyLFJleMB8MRjrOWVOkMD9%2BGeeUUKgbLsMYT4W%2Fg8CbSgDMqsCoC7LynNnuwhpqciy"
                  Imagebase:0x7ff786830000
                  File size:3'388'000 bytes
                  MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:true
                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                  Target ID:18
                  Start time:10:45:11
                  Start date:28/04/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2612,i,303386300941080441,9232485258838462922,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=3428 /prefetch:8
                  Imagebase:0x7ff786830000
                  File size:3'388'000 bytes
                  MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                  Has elevated privileges:false
                  Has administrator privileges:false
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:false

                  No disassembly