Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://www.card.xn--6qq986b3xl/higgs-domino/

Overview

General Information

Sample URL:	http://www.card.xn--6qq986b3xl/higgs-domino/
Analysis ID:	1520927
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Detected suspicious crossdomain redirect

Found iframes

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

None HTTPS page querying sensitive user data (password, username or email)

Suspicious form URL found

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 432 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 6704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 --field-trial-handle=2336,i,10133034961393377045,834136538600171457,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 7152 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.card.xn--6qq986b3xl/higgs-domino/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://www.card.xn--6qq986b3xl/higgs-domino/

SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering

Phishing

AI detected phishing page

Source: http://www.card.xn--6qq986b3xl/higgs-domino/

LLM: Score: 9 Reasons: The brand 'CODA SHOP' is known and associated with the domain 'codashop.com'., The provided URL 'www.card.xn--6qq986b3xl' uses a Punycode domain, which is often used in phishing attempts to mimic legitimate domains., The URL does not match the legitimate domain 'codashop.com'., The use of Punycode (xn--6qq986b3xl) is suspicious and can be used to deceive users., The input fields 'Masukkan User Id, Pilih Nominal Top Up, Pilih pembayaran' are typical for a site that handles transactions, which is a common target for phishing. DOM: 0.0.pages.csv

Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-PF7TJ9
Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-PF7TJ9

Source: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0

HTTP Parser: Number of links: 0

Source: http://www.card.xn--6qq986b3xl/higgs-domino/

HTTP Parser: Base64 decoded: http://www.card.xn--6qq986b3xl:80

Source: http://www.card.xn--6qq986b3xl/higgs-domino/

HTTP Parser: Title: Higgs Domino - Codashop does not match URL

Source: http://www.card.xn--6qq986b3xl/higgs-domino/

HTTP Parser: Has password / email / username input fields

Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: Form action: checkAccount.php
Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: Form action: checkAccount.php
Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: Form action: checkAccount.php
Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: Form action: checkAccount.php

Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: <input type="password" .../> found
Source: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0	HTTP Parser: <input type="password" .../> found

Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: No favicon
Source: http://www.card.xn--6qq986b3xl/	HTTP Parser: No favicon
Source: http://www.card.xn--6qq986b3xl/international	HTTP Parser: No favicon

Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: No <meta name="author".. found
Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: No <meta name="author".. found
Source: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0	HTTP Parser: No <meta name="author".. found
Source: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0	HTTP Parser: No <meta name="author".. found

Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.card.xn--6qq986b3xl/higgs-domino/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0	HTTP Parser: No <meta name="copyright".. found
Source: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49709 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49721 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: m.me to https://www.facebook.com/msg/1206667942815399/?show_interstitial=0&mdotme_uri=https%3a%2f%2fm.me%2fcodashop.idofficial&source_id=1441792&handler=m.me&referer
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: www.facebook.com to https://www.messenger.com/t/1206667942815399/?messaging_source=source%3apages%3amessage_shortlink&source_id=1441792&recurring_notification=0

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 27 Sep 2024 23:47:58 GMTServer: ApacheAccept-Ranges: noneVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 237Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html;charset=ISO-8859-1Data Raw: 1f 8b 08 00 00 00 00 00 00 03 75 90 b1 4e c3 30 10 86 f7 3c c5 91 3d 3d 41 d7 c3 03 49 11 95 0a 74 08 42 8c 4e 7c 8d 4f 72 ec 8a b8 12 7d 7b 9c 14 a4 64 c8 e2 f3 7f f7 7d cb 4f 77 d5 7b 59 7f 1d 77 f0 52 bf 1e e0 f8 f1 74 d8 97 90 17 88 9f db 12 b1 aa ab db 61 bb 79 80 67 f1 da 21 ee de 72 95 91 8d bd 53 19 90 65 6d d2 04 8a 12 1d ab bd 37 fc 03 e1 04 48 78 db 24 06 ff 20 6a 82 b9 8e ee fd 82 4b 31 a3 8b 53 e4 44 91 06 fb cd a7 c7 bc 0d de 73 1b 37 67 7b ce 15 cc 12 a1 56 84 09 cd 16 bc 95 ae 1b 0a 13 7a f1 01 93 b1 c8 2b 8e f4 dd 88 8e 63 85 e8 b5 f8 c8 5e fb 96 47 72 1e d7 0c 31 7a 68 2e d7 09 ff ff af b1 a1 11 c7 85 e3 8e bd 19 26 63 b9 99 79 98 0a 4a ef d4 60 aa 6c 6a ff 17 2a de 25 51 bd 01 00 00 Data Ascii: uN0<==AItBN|Or}{d}Ow{YwRtayg!rSem7Hx$ jK1SDs7g{Vz+c^Gr1zh.&cyJ`lj*%Q

Source: global traffic	HTTP traffic detected: GET /v2/image1/Y29tLm5lcHR1bmUuZG9taW5vX2ljb25fMTU1OTA0NjkyOV8wODc/icon.png?w=170&fakeurl=1 HTTP/1.1Host: image.winudf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/js/xss.min.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tapfiliate.js HTTP/1.1Host: script.tapfiliate.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/shop-topnav2.7e1fed6bdf.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/mobile/images/codashop-logo.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v2/image1/Y29tLm5lcHR1bmUuZG9taW5vX2ljb25fMTU1OTA0NjkyOV8wODc/icon.png?w=170&fakeurl=1 HTTP/1.1Host: image.winudf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tapfiliate.js HTTP/1.1Host: script.tapfiliate.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/images/grab.29dad06670f873936002ddb910253a4b.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/js/jquery.mask.min.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/mobile/js/freefire.4a7a9740bc.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/third_party_common.0859f0e010.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/mobile/images/google_play_coda.png HTTP/1.1Host: d1qgcmfii0ptfa.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/css/jquery-ui-1.12.1.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/js/xss.min.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/mobile/images/codashop-logo.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/css/shared-topnav2.5566e671b1.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/shop-topnav2.7e1fed6bdf.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signals/config/916139058437464?v=2.9.169&r=stable&domain=www.card.xn--6qq986b3xl&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/mobile/images/google_play_coda.png HTTP/1.1Host: d1qgcmfii0ptfa.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/mobile/css/productPage/responsive-product-page2.7ec2b81ede.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/mobile/css/infoBar.662b8f1b5f.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/third_party_common.0859f0e010.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/mobile/js/freefire.4a7a9740bc.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/js/jquery.mask.min.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/css/shared-shop-content.e6202b83de.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/css/shared-fontfaces.b6c83d3582.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/images/grab.29dad06670f873936002ddb910253a4b.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signals/config/916139058437464?v=2.9.169&r=stable&domain=www.card.xn--6qq986b3xl&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/css/shared-footer2.2ce4d6e299.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/css/flags.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/images/mno/higgs_domino640x241.jpg HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /P/airtime/w/css/airtime_v1.0a.css HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/infoBar.38acc407b3.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/faq.7a04e34b3d.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/fonts/Lato/Lato-Light.woff2 HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/fonts/Lato/Lato-Bold.woff2 HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/fonts/Lato/Lato-Regular.woff2 HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/fonts/Lato/Lato-Semibold.woff2 HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/fonts/Lato/Lato-Italic.woff2 HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/payment-channel-suggestion.535f3c6f70.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/fonts/Lato/Lato-Semibold.woff HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/mobile/images/error-icon.20986d3fe0.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-facebook-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-youtube-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-instagram-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-facebook-msg-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/faq.7a04e34b3d.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/infoBar.38acc407b3.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/common/js/payment-channel-suggestion.535f3c6f70.js HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/images/mno/higgs_domino640x241.jpg HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/css/flags32.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cdn1.codashop.com/S/content/common/css/flags.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-facebook-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S2/content/mobile/images/error-icon.20986d3fe0.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-instagram-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: http://www.card.xn--6qq986b3xlsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-youtube-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/social-media-logo/36/socmed-facebook-msg-H36.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Lc8br0ZAAAAAOAZHpdE1Fm9RA9tK85W3ano_l0-&co=aHR0cDovL3d3dy5jYXJkLnhuLS02cXE5ODZiM3hsOjgw&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=52g2s9q59kln HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/css/flags32.png HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/images/favicon.ico HTTP/1.1Host: cdn1.codashop.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /S/content/common/images/favicon.ico HTTP/1.1Host: cdn1.codashop.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /store/apps/details?id=com.neptune.domino&hl=en HTTP/1.1Host: play.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Fx0NDO3ZlqxtwW9QpsiSOTNGpFrX3tQXnmrDfIbwKPWPl0uUUJUDvlkZiQg-_AXl4d8_=w240-h480-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /we0bhS3JiHZckLoz-x8MZ7OBO162eznUU-hdS-a3tfoKR8-fsQjQOBkGhEc-YP8zaine=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2jOMA2O_MgQc7r2hA6koqBLZg42SeH6MWJhghpjLxsp_hHomGqsNKx9tygGitPJwp1Dv=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w48-h16-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /M5V_64F5d7H1jjSpR1rQCHDffGpl0PgyM1bfgSz4n4FzKxXvf4PJKEq2MkiJgeCEFIM=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /FmQqtyc4yebncKY9K97-_fmJJl2jIq82kXB5nJY_xFEcTSHXjmZf1choL9-04ic2aVlx=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mqmlU6mUH3kD4vLaikeVQOC8gmOCc0kf9YRgnVVw7vLG4oNQ-OQH7vAOaNOzacBbUYE=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5cp90J10ZQlw83zdlFAZSfBbjkN5XAsTpaRIbiRPfY5AnOgeU8fBI-_Ce_ekXlfVTJ55=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /metlPQbcsgsGldn5bJXm86AwhehBEosXGFuF_Yb5m9ub2M3Hp5-1Kc72ISMCKnCIS44=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xFT8o4tZjHkrDeLOh3fJsAQ5y0ZD7JJz6tWa_bOU-kU9H_D_iKILb4XAvMfhmSYWXV0F=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-NOBBNOtTJ2HI7t9Sy-lx2z9qXaGUI1vCxvB_F737ygDv16b4UY7UqRic0KUwBRy9CA=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mvFrMMdovquq71B-ta-JVKBdw4Zbs2RmPxe8EVFyGiXAtHAm_p0x3940NqDmFGk6vg=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w48-h16-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /FmQqtyc4yebncKY9K97-_fmJJl2jIq82kXB5nJY_xFEcTSHXjmZf1choL9-04ic2aVlx=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /we0bhS3JiHZckLoz-x8MZ7OBO162eznUU-hdS-a3tfoKR8-fsQjQOBkGhEc-YP8zaine=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /M5V_64F5d7H1jjSpR1rQCHDffGpl0PgyM1bfgSz4n4FzKxXvf4PJKEq2MkiJgeCEFIM=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2jOMA2O_MgQc7r2hA6koqBLZg42SeH6MWJhghpjLxsp_hHomGqsNKx9tygGitPJwp1Dv=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Fx0NDO3ZlqxtwW9QpsiSOTNGpFrX3tQXnmrDfIbwKPWPl0uUUJUDvlkZiQg-_AXl4d8_=w240-h480-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a/ACg8ocIPB8pm4h1EOZRGem3PoDcn21eL8kG9xLS87mgUSKpvN87oxA=s32-rw-mo HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a/ACg8ocJeUEY0r1lY88LZXQ4hyNO_-eGwKnex-CZfiNYD0aLUxQI0Uw=s32-rw-mo HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xFT8o4tZjHkrDeLOh3fJsAQ5y0ZD7JJz6tWa_bOU-kU9H_D_iKILb4XAvMfhmSYWXV0F=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-NOBBNOtTJ2HI7t9Sy-lx2z9qXaGUI1vCxvB_F737ygDv16b4UY7UqRic0KUwBRy9CA=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mvFrMMdovquq71B-ta-JVKBdw4Zbs2RmPxe8EVFyGiXAtHAm_p0x3940NqDmFGk6vg=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5cp90J10ZQlw83zdlFAZSfBbjkN5XAsTpaRIbiRPfY5AnOgeU8fBI-_Ce_ekXlfVTJ55=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mqmlU6mUH3kD4vLaikeVQOC8gmOCc0kf9YRgnVVw7vLG4oNQ-OQH7vAOaNOzacBbUYE=w526-h296-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a-/ALV-UjVbNKa5i-zyQ7NrOn8KScByDGAhArAquxNNHFKgHw-SQakm6dM=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /VZKGiuCEP2knhIKJYR4emUBuUra84gib_oDLocmdEcf1NYwf7hmo3Yv0OkzasOCQ2A=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /54_553vN5-CRQBSmcbg54izHeT-KyBC2iEooeY90pcU7jpFWSgSsZYhKRBob74zRkNE=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xqUAS7ybTTu-O2dBQp2ZeoDTPvszt7NC5o-7ugw-TWkrUGpYiQSofQQDfNDPHPYueOo=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ldkXMQV3VO28rcqoeW8wN-5SxFZ8PcDrwM1EGxxTPv4cSrPPawrwzB28M1uQq5Ll3lTq=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4-UAwBqazrTOzXLc32ZtW6RjPbcwm-AsWiZuyQGR-fFZpnGKGDOsvBVK1Tew-pdyqtQ1=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /metlPQbcsgsGldn5bJXm86AwhehBEosXGFuF_Yb5m9ub2M3Hp5-1Kc72ISMCKnCIS44=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /zP7opc5mRojd_Hmq_COpDBXf_QbspUi9UYBBYacXiIgmM7_s-g2UqXjHpsFSCATOJnE=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a/ACg8ocIPB8pm4h1EOZRGem3PoDcn21eL8kG9xLS87mgUSKpvN87oxA=s32-rw-mo HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /MjrhJApdcYG1D2vtDZFqcc6UebJ-eMLT_M5omELV_39EbQkiDigolM_XFgQ-aKZHdz0a=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yUx5IRbWt1gaidaZIU4Ts5jePA40MnAU88T25jABDQuoL9KBgbbYnHxBAGWTzb51C9Gb=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a/ACg8ocJeUEY0r1lY88LZXQ4hyNO_-eGwKnex-CZfiNYD0aLUxQI0Uw=s32-rw-mo HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a-/ALV-UjVbNKa5i-zyQ7NrOn8KScByDGAhArAquxNNHFKgHw-SQakm6dM=s32-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /VZKGiuCEP2knhIKJYR4emUBuUra84gib_oDLocmdEcf1NYwf7hmo3Yv0OkzasOCQ2A=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4-UAwBqazrTOzXLc32ZtW6RjPbcwm-AsWiZuyQGR-fFZpnGKGDOsvBVK1Tew-pdyqtQ1=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /54_553vN5-CRQBSmcbg54izHeT-KyBC2iEooeY90pcU7jpFWSgSsZYhKRBob74zRkNE=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xqUAS7ybTTu-O2dBQp2ZeoDTPvszt7NC5o-7ugw-TWkrUGpYiQSofQQDfNDPHPYueOo=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ldkXMQV3VO28rcqoeW8wN-5SxFZ8PcDrwM1EGxxTPv4cSrPPawrwzB28M1uQq5Ll3lTq=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?trustedtypes=true&render=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
Source: global traffic	HTTP traffic detected: GET /MjrhJApdcYG1D2vtDZFqcc6UebJ-eMLT_M5omELV_39EbQkiDigolM_XFgQ-aKZHdz0a=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /zP7opc5mRojd_Hmq_COpDBXf_QbspUi9UYBBYacXiIgmM7_s-g2UqXjHpsFSCATOJnE=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yUx5IRbWt1gaidaZIU4Ts5jePA40MnAU88T25jABDQuoL9KBgbbYnHxBAGWTzb51C9Gb=s64-rw HTTP/1.1Host: play-lh.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?trustedtypes=true&render=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
Source: global traffic	HTTP traffic detected: GET /tools/feedback/chat_load.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
Source: global traffic	HTTP traffic detected: GET /hc/en-us/categories/360000012223-Indonesia HTTP/1.1Host: support.codapay.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/theming_assets/592660/165805/style.css?digest=33371583435033 HTTP/1.1Host: support.codapay.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://support.codapay.com/hc/en-us/categories/360000012223-IndonesiaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /hc/assets/application-a42a464885a505c24ac3b0ab35047489.css HTTP/1.1Host: static.zdassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css HTTP/1.1Host: static.zdassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js HTTP/1.1Host: static.zdassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/theming_assets/592660/165805/script.js?digest=33371583435033 HTTP/1.1Host: support.codapay.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.codapay.com/hc/en-us/categories/360000012223-IndonesiaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /hc/assets/en-us.99b0131b1f198c72c323.js HTTP/1.1Host: static.zdassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/theming_assets/01HZKT0CF0E8BFEJ2QCVF3XY2M HTTP/1.1Host: support.codapay.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://support.codapay.com/hc/en-us/categories/360000012223-IndonesiaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js HTTP/1.1Host: static.zdassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/assets/hc_enduser-860d7ece999603256af395ffcccc86d7.js HTTP/1.1Host: static.zdassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /auth/v2/host/without_iframe.js HTTP/1.1Host: codapay.zendesk.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js HTTP/1.1Host: static.zdassets.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /auth/8aef649c7f65aed5d506b8bdce18780ab400dcd2/v2/host-without-iframe.js HTTP/1.1Host: static.zdassets.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.codapay.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/theming_assets/592660/165805/script.js?digest=33371583435033 HTTP/1.1Host: support.codapay.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /hc/theming_assets/01HZKT0CK8RWHBA4ST3BXG0XTZ HTTP/1.1Host: support.codapay.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://support.codapay.com/hc/en-us/categories/360000012223-IndonesiaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: support.codapay.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js HTTP/1.1Host: static.zdassets.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /auth/8aef649c7f65aed5d506b8bdce18780ab400dcd2/v2/host-without-iframe.js HTTP/1.1Host: static.zdassets.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hc/assets/hc_enduser-860d7ece999603256af395ffcccc86d7.js HTTP/1.1Host: static.zdassets.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/1.1Host: support.codapay.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/1.1Host: support.codapay.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
Source: global traffic	HTTP traffic detected: GET /Codashop.IDofficial HTTP/1.1Host: m.meConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /msg/1206667942815399/?show_interstitial=0&mdotme_uri=https%3A%2F%2Fm.me%2FCodashop.IDofficial&source_id=1441792&handler=m.me&referer HTTP/1.1Host: www.facebook.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t/1206667942815399/?messaging_source=source%3Apages%3Amessage_shortlink&source_id=1441792&recurring_notification=0 HTTP/1.1Host: www.messenger.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0 HTTP/1.1Host: www.messenger.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sb=NUT3ZnoWxiE9YFVB1Za8nOwZ
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yy/l/0,cross/LxKwurBefMP.css HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yH/l/0,cross/2ApW1F2Eu_c.css HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yL/l/0,cross/IDg3gcRzowT.css HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yn/l/0,cross/KRWR7ahxEYA.css HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yC/r/iM5C1okGJtU.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y7/r/xf_tFhj8DfF.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/yd/r/hlvibnBVrEb.svg HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yS/r/ui2DkP-wt_7.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yU/r/bPLNq2NKn_W.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ye/r/k8FLSg14O7c.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ivps4/yg/l/en_GB/KT7_0H0wZQa.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yK/r/lNInKxOqejp.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yh/r/3Ep-a1p_5T8.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ij9m4/y2/l/en_GB/xfNj8lAwm9X.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i7C_4/yF/l/en_GB/bHdWeYlnPYC.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i_Ou4/y9/l/en_GB/HQk3O9bBiV8.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yE/r/4XHx378TeEo.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yB/r/H13roW9YnBf.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/LxKwurBefMP.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yU/r/O7nelmd9XSI.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/LxKwurBefMP.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yC/r/iM5C1okGJtU.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/yd/r/hlvibnBVrEb.svg HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y7/r/xf_tFhj8DfF.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bootloader-endpoint/?modules=MWForgotPasswordDialog.react&__user=0&__a=1&__req=2&__hs=19993.BP%3Amessengerdotcom_pkg.2.0..0.0&dpr=1&__ccg=GOOD&__rev=1016873630&__s=8wybrj%3Ag8qr2v%3A2nuh16&__hsi=7419473911570128199&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU6C7UW1DxW0SU1nEhwem0nCq1ewcG0KE33wooa87i0n24o5-16wf50Fw4Hw9O0M82TwVw9O220z82ewnE3fw5rwSyE1582ZwrU1w86O0ue1TwmU&__csr=&__spin_r=1016873630&__spin_b=trunk&__spin_t=1727480886&__jssesw=1 HTTP/1.1Host: www.messenger.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sb=NUT3ZnoWxiE9YFVB1Za8nOwZ; _js_datr=NkT3ZkNBCSl0CR2ricBgUbU_; wd=1280x907
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yA/r/r_8qOGcNEAf.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iZ0n4/yA/l/en_GB/QJcq4F5sLsw.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iYHw4/yt/l/en_GB/aS7FKFhOKTc.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iFpk4/yA/l/en_GB/wQJhXeVVcMB.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i-yL4/yT/l/en_GB/QKEC-rD8FqA.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iomK4/yu/l/en_GB/iFYg6CGS6U0.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yS/r/ui2DkP-wt_7.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yU/r/bPLNq2NKn_W.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /login/async_sso/messenger_dot_com/?__a=1 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yK/r/lNInKxOqejp.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yh/r/3Ep-a1p_5T8.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ivps4/yg/l/en_GB/KT7_0H0wZQa.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y-/r/gXkOP75CM14.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ye/r/k8FLSg14O7c.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yp/r/y6adcQCOfPz.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yi/r/1mwUNpO6Gzi.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3idxF4/yD/l/en_GB/XCfeZ1agvrY.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yM/r/6CJP_CvVGl4.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ij9m4/y2/l/en_GB/xfNj8lAwm9X.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yB/r/H13roW9YnBf.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yE/r/4XHx378TeEo.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i_Ou4/y9/l/en_GB/HQk3O9bBiV8.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i7C_4/yF/l/en_GB/bHdWeYlnPYC.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yj/r/pMcaHJlLs5z.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bootloader-endpoint/?modules=MWForgotPasswordDialog.react&__user=0&__a=1&__req=2&__hs=19993.BP%3Amessengerdotcom_pkg.2.0..0.0&dpr=1&__ccg=GOOD&__rev=1016873630&__s=8wybrj%3Ag8qr2v%3A2nuh16&__hsi=7419473911570128199&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU6C7UW1DxW0SU1nEhwem0nCq1ewcG0KE33wooa87i0n24o5-16wf50Fw4Hw9O0M82TwVw9O220z82ewnE3fw5rwSyE1582ZwrU1w86O0ue1TwmU&__csr=&__spin_r=1016873630&__spin_b=trunk&__spin_t=1727480886&__jssesw=1 HTTP/1.1Host: www.messenger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sb=NUT3ZnoWxiE9YFVB1Za8nOwZ; wd=1280x907; datr=NkT3ZkNBCSl0CR2ricBgUbU_
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ibuB4/yi/l/en_GB/bF_FsAIIm3V.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=GOOD&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU6C7UW1DxW0SU1nEhwem0nCq1ewcG0KE33wooa87i0n24o5-16wf50Fw4Hw9O0M82TwVw9O220z82ewnE3fw5rwSyE1582ZwrU1w86O0ue1TwmU&__hs=19993.BP%3Amessengerdotcom_pkg.2.0..0.0&__hsi=7419473911570128199&__jssesw=1&__req=3&__rev=1016873630&__s=8wybrj%3Ag8qr2v%3A2nuh16&__spin_b=trunk&__spin_r=1016873630&__spin_t=1727480886&__user=0&dpr=1&jazoest=2882&lsd=AVoUj9Sd2FE HTTP/1.1Host: www.messenger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sb=NUT3ZnoWxiE9YFVB1Za8nOwZ; wd=1280x907; datr=NkT3ZkNBCSl0CR2ricBgUbU_
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ihXI4/yl/l/en_GB/SkLKXu9kown.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yU/r/O7nelmd9XSI.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yA/r/r_8qOGcNEAf.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i00E4/yW/l/en_GB/SHFsDr_1Zg9.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yE/r/Mke0TqvRbAM.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yv/r/M4irg7K3pmC.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iomK4/yu/l/en_GB/iFYg6CGS6U0.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iFpk4/yA/l/en_GB/wQJhXeVVcMB.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i-yL4/yT/l/en_GB/QKEC-rD8FqA.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ye/r/oDCktW1TTvG.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iYHw4/yt/l/en_GB/aS7FKFhOKTc.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iZ0n4/yA/l/en_GB/QJcq4F5sLsw.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iy4i4/y5/l/en_GB/du3gSBma26r.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/y-/r/gXkOP75CM14.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yi/r/1mwUNpO6Gzi.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3idxF4/yD/l/en_GB/XCfeZ1agvrY.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yp/r/y6adcQCOfPz.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ibuB4/yi/l/en_GB/bF_FsAIIm3V.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=159964-159964If-Range: Mon, 01 Jan 2001 08:00:00 GMT
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yM/r/6CJP_CvVGl4.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yj/r/pMcaHJlLs5z.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ibuB4/yi/l/en_GB/bF_FsAIIm3V.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.messenger.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=159964-165427If-Range: Mon, 01 Jan 2001 08:00:00 GMT
Source: global traffic	HTTP traffic detected: GET /rsrc.php/ym/r/YQbyhl59TWY.ico HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.messenger.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ihXI4/yl/l/en_GB/SkLKXu9kown.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yv/r/M4irg7K3pmC.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yE/r/Mke0TqvRbAM.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3i00E4/yW/l/en_GB/SHFsDr_1Zg9.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3iy4i4/y5/l/en_GB/du3gSBma26r.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3ibuB4/yi/l/en_GB/bF_FsAIIm3V.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/ye/r/oDCktW1TTvG.js HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/ym/r/YQbyhl59TWY.ico HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/bz?__a=1&__ccg=GOOD&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU6C7UW1DxW0SU1nEhwem0nCq1ewcG0KE33wooa87i0n24o5-16wf50Fw4Hw9O0M82TwVw9O220z82ewnE3fw5rwSyE1582ZwrU1w86O0ue1TwmU&__hs=19993.BP%3Amessengerdotcom_pkg.2.0..0.0&__hsi=7419473911570128199&__jssesw=1&__req=4&__rev=1016873630&__s=8wybrj%3Ag8qr2v%3A2nuh16&__spin_b=trunk&__spin_r=1016873630&__spin_t=1727480886&__user=0&dpr=1&jazoest=2882&lsd=AVoUj9Sd2FE HTTP/1.1Host: www.messenger.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sb=NUT3ZnoWxiE9YFVB1Za8nOwZ; wd=1280x907; datr=NkT3ZkNBCSl0CR2ricBgUbU_
Source: global traffic	HTTP traffic detected: GET /higgs-domino/ HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/popupLogin.css HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.card.xn--6qq986b3xl/higgs-domino/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/facebook.css HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.card.xn--6qq986b3xl/higgs-domino/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/twitter.css HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.card.xn--6qq986b3xl/higgs-domino/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/facebook_text.png HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.card.xn--6qq986b3xl/higgs-domino/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/facebook_text.png HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/codapay.png HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.card.xn--6qq986b3xl/higgs-domino/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/codapay.png HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2HPopnP HTTP/1.1Host: bit.lyConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /CodaHelpIDN HTTP/1.1Host: bit.lyConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _bit=o8rnLy-fbcf8a3cfe5451c0a6-00T
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.card.xn--6qq986b3xl/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /international HTTP/1.1Host: www.card.xn--6qq986b3xlConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Codashop.IDofficial HTTP/1.1Host: m.meConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_405.2.dr	String found in binary or memory: @twitter: https://www.twitter.com/_uloga equals www.twitter.com (Twitter)
Source: chromecache_380.2.dr, chromecache_320.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/A4tfXiHOGrs/ equals www.facebook.com (Facebook)
Source: chromecache_383.2.dr, chromecache_441.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/CCT5pM3qiNk/ equals www.facebook.com (Facebook)
Source: chromecache_380.2.dr, chromecache_320.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/Ga6vBwdwgUx/ equals www.facebook.com (Facebook)
Source: chromecache_383.2.dr, chromecache_441.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/MDzNl_j9yvg/ equals www.facebook.com (Facebook)
Source: chromecache_198.2.dr, chromecache_271.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/OKBVmODmb-W/ equals www.facebook.com (Facebook)
Source: chromecache_372.2.dr, chromecache_302.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/V9vdYColc4k/ equals www.facebook.com (Facebook)
Source: chromecache_470.2.dr, chromecache_203.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/WRsJ32R7YJG/ equals www.facebook.com (Facebook)
Source: chromecache_383.2.dr, chromecache_441.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/aJoeSHn7XcN/ equals www.facebook.com (Facebook)
Source: chromecache_372.2.dr, chromecache_302.2.dr	String found in binary or memory: * License: https://www.facebook.com/legal/license/t3hOLs8wlXy/ equals www.facebook.com (Facebook)
Source: chromecache_385.2.dr	String found in binary or memory: L.getElementsByTagName("iframe"),la=S.length,na=0;na<la;na++)if(!u&&c(S[na],H.Ge)){hJ("https://www.youtube.com/iframe_api");u=!0;break}})}}else F(v.vtp_gtmOnSuccess)}var q=["www.youtube.com","www.youtube-nocookie.com"],r={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},t,u=!1;Z.__ytl=n;Z.__ytl.o="ytl";Z.__ytl.isVendorTemplate=!0;Z.__ytl.priorityOverride=0;Z.__ytl.isInfrastructure=!1; equals www.youtube.com (Youtube)
Source: chromecache_201.2.dr, chromecache_385.2.dr	String found in binary or memory: Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Yj:function(){e=zb()},nd:function(){d()}}};var gc=ja(["data-gtm-yt-inspected-"]),FC=["www.youtube.com","www.youtube-nocookie.com"],GC,HC=!1; equals www.youtube.com (Youtube)
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: Mf=w(["https://sandbox.google.com/tools/feedback/"]),Nf=w(["https://www.google.cn/tools/feedback/"]),Of=w(["https://help.youtube.com/tools/feedback/"]),Pf=w(["https://asx-frontend-staging.corp.google.com/inapp/"]),Qf=w(["https://asx-frontend-staging.corp.google.com/tools/feedback/"]),Rf=w(["https://localhost.corp.google.com/inapp/"]),Sf=w(["https://localhost.proxy.googlers.com/inapp/"]),Tf=V(vf),Uf=[V(wf),V(xf)],Vf=[V(yf),V(zf),V(Af),V(Bf),V(Cf),V(Df),V(Ef),V(Ff),V(Gf),V(Hf)],Wf=[V(If),V(Jf)],Xf= equals www.youtube.com (Youtube)
Source: chromecache_279.2.dr	String found in binary or memory: __d("Chromedome",["fbt"],(function(a,b,c,d,e,f,g,h){function i(){if(document.domain==null)return null;var a=document.domain,b=/^intern\./.test(a);if(b)return null;b=/(^\|\.)facebook\.(com\|sg)$/.test(a);if(b)return"facebook";b=/(^\|\.)instagram\.com$/.test(a);if(b)return"instagram";b=/(^\|\.)threads\.net$/.test(a);if(b)return"threads";b=/(^\|\.)messenger\.com$/.test(a);return b?"messenger":null}function j(a){if(a==="instagram")return h._("This is a browser feature intended for developers. If someone told you to copy-paste something here to enable an Instagram feature or \"hack\" someone's account, it is a scam and will give them access to your Instagram account.");return a==="threads"?h._("This is a browser feature intended for developers. If someone told you to copy-paste something here to enable a Threads feature or \"hack\" someone's account, it is a scam and will give them access to your Threads account."):h._("This is a browser feature intended for developers. If someone told you to copy and paste something here to enable a Facebook feature or \"hack\" someone's account, it is a scam and will give them access to your Facebook account.")}function a(a){if(top!==window)return;a=i();if(a==null)return;var b=h._("Stop!");a=j(a);var c=h._("See {url} for more information.",[h._param("url","https://www.facebook.com/selfxss")]),d="font-family:helvetica; font-size:20px; ";[[b,d+"font-size:50px; font-weight:bold; color:red; -webkit-text-stroke:1px black;"],[a,d],[c,d],["",""]].map(function(a){window.setTimeout(console.log.bind(console,"\n%c"+a[0].toString(),a[1]))})}g.start=a}),226); equals www.facebook.com (Facebook)
Source: chromecache_265.2.dr, chromecache_417.2.dr	String found in binary or memory: __d("MeetupCookiePolicyBanner.react",["fbt","MeetupAccountOrGuestLoginRouteReducer","ZenonDialogCloseButton.react","ZenonLink.react","gkx","react","useCookieConsentHandler"],(function(a,b,c,d,e,f,g,h){"use strict";var i,j=i\|\|(i=d("react")),k=i.useState;function a(){var a=d("MeetupAccountOrGuestLoginRouteReducer").useRouter();a=a[0];var b=k(!1),e=b[0],f=b[1];b=c("useCookieConsentHandler")();var g=b[0],i=b[1];return!e&&(!g\|\|c("gkx")("25080")&&a===d("MeetupAccountOrGuestLoginRouteReducer").State.GuestLogin)?j.jsxs("div",{className:"x6s0dn4 x1c25uh8 x1x4tb0q x78zum5 xg7h5cd xl56j7k x2b8uid xh8yej3 x1ou6pc5 x1cqu3v9","data-cookiebanner":"banner",children:[j.jsx("div",{className:"x1lliihq x1j560b0 xz9dl7a xsag5q8 xyxze6z x525zg8 x1f9tj09 xgkacyp xi0357m x8s6l3r x9vpjlm xwwd95z xovq9ck",children:h._("To help personalise content, tailor and measure ads and provide a safer experience, we use cookies. By clicking on or navigating the site, you agree to allow our collection of information on and off Messenger through cookies. Learn more, including about available controls: {=m2}.",[h._implicitParam("=m2",j.jsx(c("ZenonLink.react"),{href:"https://www.facebook.com/policies/cookies/",target:"_blank",children:h._("Cookies Policy")}))])}),j.jsx("div",{className:"x1fgtraw xgd8bvy x1th0r0j x1mu2bfz xw4w97u","data-cookiebanner":"close_button",children:j.jsx(c("ZenonDialogCloseButton.react"),{onClick:function(){i(),f(!0)}})})]}):null}a.displayName=a.name+" [from "+f.id+"]";g["default"]=a}),226); equals www.facebook.com (Facebook)
Source: chromecache_309.2.dr, chromecache_359.2.dr	String found in binary or memory: __d("RealtimeGraphQLRequest",["invariant","RequestStreamCommonRequestStreamCommonTypes","TransportSelectingClientSingleton","nullthrows","regeneratorRuntime"],(function(a,b,c,d,e,f,g,h){"use strict";a=function(){function a(a){var b=this,e=a.method,f=a.doc_id,g=a.is_intern,i=a.extra_headers,j=a.body,k=a.instrumentation_data;a=a.sandbox;this.$12=function(a){switch(a){case d("RequestStreamCommonRequestStreamCommonTypes").FlowStatus.Started:if(b.$10){b.$9!=null\|\|h(0,13576);a=Date.now()-c("nullthrows")(b.$9);b.$7!=null&&b.$7(a)}else b.$10=!0,b.$5!=null&&b.$5();break;case d("RequestStreamCommonRequestStreamCommonTypes").FlowStatus.Stopped:b.$9=Date.now();b.$6!=null&&b.$6(!1,!1);break;default:break}};this.$10=!1;e={method:e,doc_id:f};g===!0&&(e=babelHelpers["extends"]({},e,{www_tier:"intern"}));a!=null&&(e=babelHelpers["extends"]({},e,{www_sandbox:a.replace(/^not-www\.(\d+\|\w+)\.(od\|sb)\.internalfb\.com$/,"www.$1.$2.facebook.com")}));i!=null&&(e=babelHelpers["extends"]({},e,i));this.$1=e;this.$2=JSON.stringify(j);this.$11=k}var e=a.prototype;e.onResponse=function(a){this.$3=a;return this};e.onError=function(a){this.$4=a;return this};e.onActive=function(a){this.$5=a;return this};e.onPause=function(a){this.$6=a;return this};e.onResume=function(a){this.$7=a;return this};e.onRetryUpdateRequestBody=function(a){this.$8=a;this.$1=babelHelpers["extends"]({},this.$1,{request_stream_retry:"false"});return this};e.send=function(){var a,d;return b("regeneratorRuntime").async(function(e){while(1)switch(e.prev=e.next){case 0:this.$3!=null\|\|h(0,33593);a={onData:c("nullthrows")(this.$3)};this.$4!=null&&(a=babelHelpers["extends"]({},a,{onTermination:this.$4}));a=babelHelpers["extends"]({},a,{onFlowStatus:this.$12});this.$8!=null&&(a=babelHelpers["extends"]({},a,{onRetryUpdateRequestBody:this.$8}));e.next=7;return b("regeneratorRuntime").awrap(c("TransportSelectingClientSingleton").requestStream(this.$1,this.$2,a,this.$11));case 7:d=e.sent;return e.abrupt("return",{cancel:function(){d.cancel()},amendExperimental:function(a){try{d.amendWithoutAck(JSON.stringify(a));return!0}catch(a){return!1}}});case 9:case"end":return e.stop()}},null,this)};return a}();g["default"]=a}),98); equals www.facebook.com (Facebook)
Source: chromecache_234.2.dr, chromecache_371.2.dr	String found in binary or memory: return b}DC.H="internal.enableAutoEventOnTimer";var gc=ja(["data-gtm-yt-inspected-"]),FC=["www.youtube.com","www.youtube-nocookie.com"],GC,HC=!1; equals www.youtube.com (Youtube)
Source: chromecache_314.2.dr	String found in binary or memory: return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(a){var b=new URL(a);b=b.hostname.endsWith(".facebook.com")&&b.pathname=="/signals/iwl.js";if(!b)throw new Error("Disallowed script URL");return a}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_314.2.dr	String found in binary or memory: return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)
Source: chromecache_314.2.dr	String found in binary or memory: return function(f,g,h,i){var j={exports:{}};j.exports;(function(){"use strict";var a={ENDPOINT:"https://www.facebook.com/tr/",INSTAGRAM_TRIGGER_ATTRIBUTION:"https://www.instagram.com/tr/",AEM_ENDPOINT:"https://www.facebook.com/.well-known/aggregated-event-measurement/",GPS_ENDPOINT:"https://www.facebook.com/privacy_sandbox/pixel/register/trigger/",TOPICS_API_ENDPOINT:"https://www.facebook.com/privacy_sandbox/topics/registration/"};j.exports=a})();return j.exports}(a,b,c,d)}); equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: www.card.xn--6qq986b3xl
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: cdn1.codashop.com
Source: global traffic	DNS traffic detected: DNS query: cdn.onesignal.com
Source: global traffic	DNS traffic detected: DNS query: script.tapfiliate.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: image.winudf.com
Source: global traffic	DNS traffic detected: DNS query: d1qgcmfii0ptfa.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: bit.ly
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: play-lh.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: support.codapay.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: static.zdassets.com
Source: global traffic	DNS traffic detected: DNS query: codapay.zendesk.com
Source: global traffic	DNS traffic detected: DNS query: m.me
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: www.messenger.com
Source: global traffic	DNS traffic detected: DNS query: static.xx.fbcdn.net

Source: unknown

HTTP traffic detected: POST /_/PlayStoreUi/cspreport/fine-allowlist HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 2771sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.134"Content-Type: application/csp-reportsec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*Origin: https://play.google.comX-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: reportReferer: https://play.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:47:51 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 8c9f6193eaa44234-EWRCF-Cache-Status: EXPIREDCache-Control: max-age=0, publicContent-Language: en-usStrict-Transport-Security: max-age=259200; includeSubDomainsVary: Accept-Encodingx-frame-options: SAMEORIGINX-Request-ID: 8c9f619427094234-IADx-runtime: 0.109290x-ua-compatible: IE=edgex-xss-protection: 1; mode=blockx-zendesk-origin-server: app-server-89c54b797-thznfx-zendesk-processed-host-header: support.codapay.comX-Zendesk-Zorg: yesReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NIKWRz%2BMSr2GLls2dpMrtsIsW2CuueKbRJKFHQC6Tzm5cUVxOcIeaGwAtddOFlUvBMnDhBkXDeu0q01Fl28FRQohXc8Mr6RD3PwgbQy5fVS1vQbwzaIkwTn1KexA%2Beanc2tYzvg%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}Set-Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; path=/; domain=.support.codapay.com; HttpOnly; Secure; SameSite=NoneSet-Cookie: _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000; path=/; domain=.support.codapay.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 27 Sep 2024 23:47:52 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Content-Options: nosniffX-Frame-Options: SAMEORIGINcf-mitigated: challenge
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 27 Sep 2024 23:47:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Content-Options: nosniffX-Frame-Options: SAMEORIGINcf-mitigated: challenge
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 27 Sep 2024 23:47:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Content-Options: nosniffX-Frame-Options: SAMEORIGINcf-mitigated: challenge
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:47:09 GMTServer: ApacheContent-Length: 315Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:47:09 GMTServer: ApacheContent-Length: 315Keep-Alive: timeout=5, max=99Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:47:09 GMTServer: ApacheContent-Length: 315Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:47:09 GMTServer: ApacheContent-Length: 315Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:47:09 GMTServer: ApacheContent-Length: 315Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:47:58 GMTServer: ApacheContent-Length: 315Keep-Alive: timeout=5, max=99Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Sep 2024 23:48:00 GMTServer: ApacheContent-Length: 315Keep-Alive: timeout=5, max=98Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

Source: chromecache_333.2.dr	String found in binary or memory: http://dbushell.com/
Source: chromecache_239.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_239.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_469.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_469.2.dr	String found in binary or memory: http://jqueryui.com/themeroller/?ffDefault=Arial%2CHelvetica%2Csans-serif&fsDefault=1em&fwDefault=no
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: http://localhost.corp.google.com/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: http://localhost.proxy.googlers.com/inapp/
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: http://support.google.com/googleplay?p=report_review_computer
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_405.2.dr	String found in binary or memory: http://www.decorator.io/worldflags
Source: chromecache_465.2.dr	String found in binary or memory: http://zavoloklom.github.io/material-design-iconic-font/
Source: chromecache_465.2.dr	String found in binary or memory: http://zavoloklom.github.io/material-design-iconic-font/license
Source: chromecache_385.2.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_201.2.dr, chromecache_385.2.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_371.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_432.2.dr, chromecache_295.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_311.2.dr, chromecache_433.2.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_213.2.dr	String found in binary or memory: https://assets.zendesk.com/hc/assets/default_avatar.png
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/tools/feedback/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/tools/feedback/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/inapp/
Source: chromecache_369.2.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/tools/feedback/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_201.2.dr, chromecache_385.2.dr, chromecache_234.2.dr, chromecache_371.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_388.2.dr	String found in binary or memory: https://cdn1.codapayments.com/W/pub/mobile-web/font-sanchez/Sanchez-Regular.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Italic.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Italic.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Light.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Light.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Medium.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Medium.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Regular.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Regular.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Semibold.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Semibold.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Bold.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Bold.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Italic.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Italic.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Light.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Light.woff2)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Regular.woff)
Source: chromecache_297.2.dr	String found in binary or memory: https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Regular.woff2)
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/auth/v2/host/without_iframe.js
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/arrange?brand_id=165805
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/community_badges?brand_id=165805
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/community_settings?brand_id=165805
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/content_tags?brand_id=165805
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/import_articles?brand_id=165805
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/search_settings?brand_id=165805
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/user_segments?brand_id=165805
Source: chromecache_213.2.dr	String found in binary or memory: https://codapay.zendesk.com/knowledge/verification?brand_id=165805
Source: chromecache_447.2.dr, chromecache_314.2.dr	String found in binary or memory: https://connect.facebook.net/
Source: chromecache_447.2.dr, chromecache_314.2.dr	String found in binary or memory: https://connect.facebook.net/log/fbevents_telemetry/
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_309.2.dr, chromecache_359.2.dr	String found in binary or memory: https://fburl.com/comet_preloading
Source: chromecache_470.2.dr, chromecache_203.2.dr	String found in binary or memory: https://fburl.com/dialog-provider).
Source: chromecache_369.2.dr	String found in binary or memory: https://feedback-pa.clients6.google.com
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/annotator.css
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/render_frame2.html
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://feedback2-test.corp.google.com/inapp/%
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://feedback2-test.corp.google.com/tools/feedback/%
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/inapp/%
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
Source: chromecache_247.2.dr, chromecache_438.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_247.2.dr, chromecache_438.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.25.0/LICENSE
Source: chromecache_385.2.dr	String found in binary or memory: https://google.com
Source: chromecache_385.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_369.2.dr	String found in binary or memory: https://gstatic.com/uservoice/surveys/resources/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://help.youtube.com/tools/feedback/
Source: chromecache_349.2.dr, chromecache_327.2.dr	String found in binary or memory: https://lexical.dev/docs/error?
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://localhost.corp.google.com/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://localhost.proxy.googlers.com/inapp/
Source: chromecache_413.2.dr, chromecache_392.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	String found in binary or memory: https://maps.google.com/?q=
Source: chromecache_361.2.dr, chromecache_340.2.dr	String found in binary or memory: https://myaccount.google.com/termsofservice
Source: chromecache_440.2.dr, chromecache_378.2.dr	String found in binary or memory: https://optout.aboutads.info/
Source: chromecache_371.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_201.2.dr, chromecache_385.2.dr, chromecache_234.2.dr, chromecache_371.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://play.google.com
Source: chromecache_358.2.dr, chromecache_308.2.dr	String found in binary or memory: https://play.google.com/
Source: chromecache_298.2.dr	String found in binary or memory: https://play.google.com/about/comment-posting-policy/
Source: chromecache_413.2.dr, chromecache_392.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	String found in binary or memory: https://play.google.com/about/comment-posting-policy?hl=
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://play.google.com/about/play-terms/index.html
Source: chromecache_458.2.dr	String found in binary or memory: https://play.google.com/about/play-terms/index.html;target;_blank;class;cOP9Jc
Source: chromecache_413.2.dr, chromecache_392.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	String found in binary or memory: https://play.google.com/googleplaygames
Source: chromecache_458.2.dr	String found in binary or memory: https://play.google.com/googleplaygames;target;_blank;class;cOP9Jc
Source: chromecache_413.2.dr, chromecache_392.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	String found in binary or memory: https://play.google.com/intl/all_
Source: chromecache_298.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_413.2.dr, chromecache_392.2.dr, chromecache_361.2.dr, chromecache_340.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://policies.google.com/terms
Source: chromecache_458.2.dr	String found in binary or memory: https://policies.google.com/terms;target;_blank;class;cOP9Jc
Source: chromecache_462.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://sandbox.google.com/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://sandbox.google.com/inapp/%
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/%
Source: chromecache_392.2.dr, chromecache_458.2.dr	String found in binary or memory: https://schema.org
Source: chromecache_392.2.dr, chromecache_458.2.dr	String found in binary or memory: https://schema.org/InStock
Source: chromecache_413.2.dr, chromecache_392.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	String found in binary or memory: https://schema.org/Offer
Source: chromecache_392.2.dr, chromecache_458.2.dr	String found in binary or memory: https://schema.org/PreOrder
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://scone-pa.clients6.google.com
Source: chromecache_207.2.dr, chromecache_214.2.dr	String found in binary or memory: https://ssl.gstatic.com/support/realtime/operator/
Source: chromecache_404.2.dr, chromecache_343.2.dr	String found in binary or memory: https://ssl.gstatic.com/support/realtime/operator/1726819261182/operatordeferred_bin_base.js
Source: chromecache_369.2.dr	String found in binary or memory: https://stagingqual-feedback-pa-googleapis.sandbox.google.com
Source: chromecache_213.2.dr	String found in binary or memory: https://static.zdassets.com/ekr/snippet.js
Source: chromecache_234.2.dr, chromecache_371.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_295.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_213.2.dr	String found in binary or memory: https://support.codapay.com/hc/admin/arrange_contents?locale=en-us
Source: chromecache_213.2.dr	String found in binary or memory: https://support.codapay.com/hc/admin/general_settings?locale=en-us
Source: chromecache_213.2.dr	String found in binary or memory: https://support.codapay.com/hc/admin/language_settings?locale=en-us
Source: chromecache_213.2.dr	String found in binary or memory: https://support.codapay.com/hc/en-us
Source: chromecache_213.2.dr	String found in binary or memory: https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia
Source: chromecache_213.2.dr	String found in binary or memory: https://support.codapay.com/hc/en-us/requests/new
Source: chromecache_213.2.dr	String found in binary or memory: https://support.global.codapayments.com/hc/en-us/articles/360001939295-How-to-contact-Codashop-Custo
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://support.google.com
Source: chromecache_369.2.dr	String found in binary or memory: https://support.google.com/
Source: chromecache_440.2.dr, chromecache_378.2.dr	String found in binary or memory: https://support.google.com/chrome/answer/95647
Source: chromecache_392.2.dr, chromecache_458.2.dr	String found in binary or memory: https://support.google.com/googleplay/?p=report_content
Source: chromecache_413.2.dr, chromecache_392.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	String found in binary or memory: https://support.google.com/googleplay/answer/10066529
Source: chromecache_358.2.dr, chromecache_308.2.dr	String found in binary or memory: https://support.google.com/googleplay/answer/6014972
Source: chromecache_392.2.dr, chromecache_458.2.dr	String found in binary or memory: https://support.google.com/googleplay?p=eligibility_requirements
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://support.google.com/inapp/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://support.google.com/inapp/%
Source: chromecache_462.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_213.2.dr	String found in binary or memory: https://support.np.codapayments.com
Source: chromecache_432.2.dr, chromecache_295.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_201.2.dr, chromecache_385.2.dr, chromecache_234.2.dr, chromecache_371.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://test-scone-pa-googleapis.sandbox.google.com
Source: chromecache_311.2.dr, chromecache_433.2.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_213.2.dr	String found in binary or memory: https://www.codashop.com
Source: chromecache_213.2.dr	String found in binary or memory: https://www.codashop.com/en-np
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_432.2.dr, chromecache_295.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_432.2.dr, chromecache_295.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_432.2.dr, chromecache_295.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://www.google.cn/tools/feedback/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://www.google.cn/tools/feedback/%
Source: chromecache_371.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_213.2.dr	String found in binary or memory: https://www.google.com/
Source: chromecache_432.2.dr, chromecache_295.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_311.2.dr, chromecache_433.2.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=$
Source: chromecache_223.2.dr, chromecache_272.2.dr, chromecache_228.2.dr, chromecache_467.2.dr, chromecache_326.2.dr, chromecache_301.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_369.2.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://www.google.com/tools/feedback/
Source: chromecache_387.2.dr, chromecache_369.2.dr	String found in binary or memory: https://www.google.com/tools/feedback/%
Source: chromecache_369.2.dr	String found in binary or memory: https://www.google.com/tools/feedback/help_panel_binary.js
Source: chromecache_385.2.dr, chromecache_234.2.dr, chromecache_371.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_371.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_201.2.dr, chromecache_385.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_201.2.dr, chromecache_385.2.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_432.2.dr, chromecache_295.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=$
Source: chromecache_201.2.dr, chromecache_385.2.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_358.2.dr, chromecache_308.2.dr	String found in binary or memory: https://www.gstatic.com/android/market_images/web/reviews_not_found.png
Source: chromecache_413.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Source: chromecache_272.2.dr, chromecache_467.2.dr, chromecache_326.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Source: chromecache_369.2.dr	String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: chromecache_369.2.dr	String found in binary or memory: https://www.gstatic.com/uservoice/surveys/resources/
Source: chromecache_380.2.dr, chromecache_320.2.dr	String found in binary or memory: https://www.internalfb.com/intern/invariant/
Source: chromecache_234.2.dr, chromecache_371.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_405.2.dr	String found in binary or memory: https://www.twitter.com/_uloga
Source: chromecache_440.2.dr, chromecache_378.2.dr	String found in binary or memory: https://www.youronlinechoices.com/
Source: chromecache_201.2.dr, chromecache_385.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: chromecache_445.2.dr	String found in binary or memory: https://www.zendesk.com/answer-bot/
Source: chromecache_445.2.dr	String found in binary or memory: https://www.zendesk.com/embeddables/
Source: chromecache_445.2.dr	String found in binary or memory: https://www.zendesk.com/guide/#gallery
Source: chromecache_445.2.dr	String found in binary or memory: https://www.zendesk.com/guide/features/knowledge-capture-app/
Source: chromecache_213.2.dr	String found in binary or memory: https://www.zendesk.com/service/help-center/?utm_source=helpcenter&utm_medium=poweredbyzendesk&utm_c
Source: chromecache_440.2.dr, chromecache_378.2.dr	String found in binary or memory: https://youradchoices.ca/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49709 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49721 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@26/440@78/33

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 --field-trial-handle=2336,i,10133034961393377045,834136538600171457,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.card.xn--6qq986b3xl/higgs-domino/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 --field-trial-handle=2336,i,10133034961393377045,834136538600171457,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Obfuscated Files or Information	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	5 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	6 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	4 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://www.card.xn--6qq986b3xl/higgs-domino/	100%	SlashNext	Fraudulent Website type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://stats.g.doubleclick.net/g/collect	0%	URL Reputation	safe
https://feedback.googleusercontent.com/resources/annotator.css	0%	URL Reputation	safe
https://developers.google.com/recaptcha/docs/faq#localhost_support	0%	URL Reputation	safe
https://apis.google.com/js/client.js	0%	URL Reputation	safe
https://support.google.com	0%	URL Reputation	safe
http://localhost.proxy.googlers.com/inapp/	0%	URL Reputation	safe
https://stagingqual-feedback-pa-googleapis.sandbox.google.com	0%	URL Reputation	safe
https://ampcid.google.com/v1/publisher:getClientId	0%	URL Reputation	safe
https://www.internalfb.com/intern/invariant/	0%	URL Reputation	safe
https://support.google.com/recaptcha/#6175971	0%	URL Reputation	safe
https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/	0%	URL Reputation	safe
https://stats.g.doubleclick.net/j/collect	0%	URL Reputation	safe
https://support.google.com/recaptcha	0%	URL Reputation	safe
https://sandbox.google.com/inapp/%	0%	URL Reputation	safe
https://apis.google.com/js/api.js	0%	URL Reputation	safe
https://schema.org	0%	URL Reputation	safe
https://feedback2-test.corp.google.com/tools/feedback/%	0%	URL Reputation	safe
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	0%	URL Reputation	safe
https://asx-frontend-autopush.corp.google.de/tools/feedback/	0%	URL Reputation	safe
https://connect.facebook.net/	0%	URL Reputation	safe
https://asx-frontend-autopush.corp.google.com/inapp/	0%	URL Reputation	safe
https://feedback.googleusercontent.com/resources/render_frame2.html	0%	URL Reputation	safe
https://sandbox.google.com/tools/feedback/%	0%	URL Reputation	safe
https://policies.google.com/privacy	0%	URL Reputation	safe
https://support.google.com/inapp/%	0%	URL Reputation	safe
https://cloud.google.com/contact	0%	URL Reputation	safe
https://support.google.com/inapp/	0%	URL Reputation	safe
https://asx-frontend-autopush.corp.google.co.uk/inapp/	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
stackpath.bootstrapcdn.com	104.18.11.207	true	false		unknown
star-mini.c10r.facebook.com	157.240.253.35	true	false		unknown
star.c10r.facebook.com	157.240.0.13	true	false		unknown
a.nel.cloudflare.com	35.190.80.1	true	false		unknown
script.tapfiliate.com	13.32.121.127	true	false		unknown
codapay.zendesk.com	216.198.53.1	true	false		unknown
d1qgcmfii0ptfa.cloudfront.net	52.222.206.175	true	false		unknown
m.me	157.240.0.13	true	false		unknown
d94kc4f8ihaz6.cloudfront.net	18.66.102.6	true	false		unknown
cdn.onesignal.com	104.16.160.145	true	false		unknown
bg.microsoft.map.fastly.net	199.232.214.172	true	false		unknown
scontent.xx.fbcdn.net	157.240.251.9	true	false		unknown
static.zdassets.com	104.18.70.113	true	false		unknown
play.google.com	172.217.16.206	true	false		unknown
cdnjs.cloudflare.com	104.17.24.14	true	false		unknown
image.winudf.com	172.67.68.182	true	false		unknown
bit.ly	67.199.248.10	true	false		unknown
play-lh.googleusercontent.com	142.250.185.118	true	false		unknown
www.google.com	142.250.185.132	true	false		unknown
www.card.xn--6qq986b3xl	162.210.102.233	true	true		unknown
www.facebook.com	unknown	unknown	false		unknown
connect.facebook.net	unknown	unknown	false		unknown
static.xx.fbcdn.net	unknown	unknown	false		unknown
support.codapay.com	unknown	unknown	false		unknown
cdn1.codashop.com	unknown	unknown	false		unknown
www.messenger.com	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn1.codashop.com/S2/content/common/js/infoBar.38acc407b3.js	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/gXkOP75CM14.js	false		unknown
https://play-lh.googleusercontent.com/a-/ALV-UjVbNKa5i-zyQ7NrOn8KScByDGAhArAquxNNHFKgHw-SQakm6dM=s32-rw	false		unknown
https://a.nel.cloudflare.com/report/v4?s=NIKWRz%2BMSr2GLls2dpMrtsIsW2CuueKbRJKFHQC6Tzm5cUVxOcIeaGwAtddOFlUvBMnDhBkXDeu0q01Fl28FRQohXc8Mr6RD3PwgbQy5fVS1vQbwzaIkwTn1KexA%2Beanc2tYzvg%3D	false		unknown
https://cdn1.codashop.com/S2/content/common/css/shared-topnav2.5566e671b1.css	false		unknown
https://cdn1.codashop.com/S2/content/mobile/css/infoBar.662b8f1b5f.css	false		unknown
https://cdn1.codashop.com/S2/content/common/css/shared-footer2.2ce4d6e299.css	false		unknown
https://play.google.com/_/PlayStoreUi/jserror?script=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.neptune.domino%26hl%3Den&error=Ia%60Hydration%20source%20in%20dom%3B%60El%20source%20in%20dom%60null&line=Not%20available	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/pMcaHJlLs5z.js	false		unknown
https://play-lh.googleusercontent.com/Fx0NDO3ZlqxtwW9QpsiSOTNGpFrX3tQXnmrDfIbwKPWPl0uUUJUDvlkZiQg-_AXl4d8_=w240-h480-rw	false		unknown
https://cdn1.codashop.com/S/content/social-media-logo/36/socmed-instagram-H36.png	false		unknown
https://play-lh.googleusercontent.com/5cp90J10ZQlw83zdlFAZSfBbjkN5XAsTpaRIbiRPfY5AnOgeU8fBI-_Ce_ekXlfVTJ55=w526-h296-rw	false		unknown
https://cdn1.codashop.com/S2/content/mobile/css/productPage/responsive-product-page2.7ec2b81ede.css	false		unknown
https://cdn1.codashop.com/S/content/common/css/flags32.png	false		unknown
https://play-lh.googleusercontent.com/M5V_64F5d7H1jjSpR1rQCHDffGpl0PgyM1bfgSz4n4FzKxXvf4PJKEq2MkiJgeCEFIM=w526-h296-rw	false		unknown
https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw	false		unknown
https://cdn1.codashop.com/S/content/common/css/flags.css	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3ivps4/yg/l/en_GB/KT7_0H0wZQa.js	false		unknown
https://play-lh.googleusercontent.com/mqmlU6mUH3kD4vLaikeVQOC8gmOCc0kf9YRgnVVw7vLG4oNQ-OQH7vAOaNOzacBbUYE=w526-h296-rw	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/3Ep-a1p_5T8.js	false		unknown
https://play-lh.googleusercontent.com/-NOBBNOtTJ2HI7t9Sy-lx2z9qXaGUI1vCxvB_F737ygDv16b4UY7UqRic0KUwBRy9CA=s64-rw	false		unknown
https://cdn1.codashop.com/S/content/mobile/images/codashop-logo.png	false		unknown
https://play-lh.googleusercontent.com/FmQqtyc4yebncKY9K97-_fmJJl2jIq82kXB5nJY_xFEcTSHXjmZf1choL9-04ic2aVlx=w526-h296-rw	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/iM5C1okGJtU.js	false		unknown
https://www.facebook.com/login/async_sso/messenger_dot_com/?__a=1	false		unknown
https://script.tapfiliate.com/tapfiliate.js	false		unknown
https://www.facebook.com/msg/1206667942815399/?show_interstitial=0&mdotme_uri=https%3A%2F%2Fm.me%2FCodashop.IDofficial&source_id=1441792&handler=m.me&referer	false		unknown
https://cdn1.codashop.com/S/content/common/images/grab.29dad06670f873936002ddb910253a4b.png	false		unknown
https://cdn1.codashop.com/S/content/social-media-logo/36/socmed-youtube-H36.png	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3iYHw4/yt/l/en_GB/aS7FKFhOKTc.js	false		unknown
https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/xf_tFhj8DfF.js	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3i-yL4/yT/l/en_GB/QKEC-rD8FqA.js	false		unknown
http://www.card.xn--6qq986b3xl/	false		unknown
https://connect.facebook.net/signals/config/916139058437464?v=2.9.169&r=stable&domain=www.card.xn--6qq986b3xl&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112	false		unknown
https://play-lh.googleusercontent.com/ldkXMQV3VO28rcqoeW8wN-5SxFZ8PcDrwM1EGxxTPv4cSrPPawrwzB28M1uQq5Ll3lTq=s64-rw	false		unknown
http://www.card.xn--6qq986b3xl/css/twitter.css	false		unknown
https://static.zdassets.com/hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js	false		unknown
https://cdn1.codashop.com/S2/content/mobile/images/error-icon.20986d3fe0.png	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/lNInKxOqejp.js	false		unknown
https://codapay.zendesk.com/auth/v2/host/without_iframe.js	false		unknown
https://play.google.com/_/PlayStoreUi/cspreport/fine-allowlist	false		unknown
https://www.messenger.com/ajax/bz?__a=1&__ccg=GOOD&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU6C7UW1DxW0SU1nEhwem0nCq1ewcG0KE33wooa87i0n24o5-16wf50Fw4Hw9O0M82TwVw9O220z82ewnE3fw5rwSyE1582ZwrU1w86O0ue1TwmU&__hs=19993.BP%3Amessengerdotcom_pkg.2.0..0.0&__hsi=7419473911570128199&__jssesw=1&__req=3&__rev=1016873630&__s=8wybrj%3Ag8qr2v%3A2nuh16&__spin_b=trunk&__spin_r=1016873630&__spin_t=1727480886&__user=0&dpr=1&jazoest=2882&lsd=AVoUj9Sd2FE	false		unknown
https://www.google.com/tools/feedback/chat_load.js	false		unknown
https://www.google.com/recaptcha/api.js	false		unknown
https://static.xx.fbcdn.net/rsrc.php/v3iomK4/yu/l/en_GB/iFYg6CGS6U0.js	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_234.2.dr, chromecache_371.2.dr	false	URL Reputation: safe	unknown
https://feedback.googleusercontent.com/resources/annotator.css	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff2)	chromecache_297.2.dr	false		unknown
https://developers.google.com/recaptcha/docs/faq#localhost_support	chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	false	URL Reputation: safe	unknown
https://apis.google.com/js/client.js	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://support.google.com	chromecache_413.2.dr, chromecache_298.2.dr	false	URL Reputation: safe	unknown
https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Regular.woff2)	chromecache_297.2.dr	false		unknown
https://github.com/zloirock/core-js	chromecache_247.2.dr, chromecache_438.2.dr	false		unknown
http://localhost.proxy.googlers.com/inapp/	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://stagingqual-feedback-pa-googleapis.sandbox.google.com	chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://www.codashop.com	chromecache_213.2.dr	false		unknown
https://ampcid.google.com/v1/publisher:getClientId	chromecache_432.2.dr, chromecache_295.2.dr	false	URL Reputation: safe	unknown
http://dbushell.com/	chromecache_333.2.dr	false		unknown
https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Regular.woff)	chromecache_297.2.dr	false		unknown
https://www.internalfb.com/intern/invariant/	chromecache_380.2.dr, chromecache_320.2.dr	false	URL Reputation: safe	unknown
https://youradchoices.ca/	chromecache_440.2.dr, chromecache_378.2.dr	false		unknown
https://support.google.com/recaptcha/#6175971	chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	false	URL Reputation: safe	unknown
https://policies.google.com/terms;target;_blank;class;cOP9Jc	chromecache_458.2.dr	false		unknown
https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://stats.g.doubleclick.net/j/collect	chromecache_295.2.dr	false	URL Reputation: safe	unknown
https://support.google.com/googleplay/?p=report_content	chromecache_392.2.dr, chromecache_458.2.dr	false		unknown
https://www.zendesk.com/service/help-center/?utm_source=helpcenter&utm_medium=poweredbyzendesk&utm_c	chromecache_213.2.dr	false		unknown
https://support.google.com/recaptcha	chromecache_462.2.dr	false	URL Reputation: safe	unknown
https://www.google.com/tools/feedback	chromecache_369.2.dr	false		unknown
https://codapay.zendesk.com/knowledge/content_tags?brand_id=165805	chromecache_213.2.dr	false		unknown
https://sandbox.google.com/inapp/%	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://apis.google.com/js/api.js	chromecache_311.2.dr, chromecache_433.2.dr	false	URL Reputation: safe	unknown
https://www.google.com/tools/feedback/	chromecache_387.2.dr, chromecache_369.2.dr	false		unknown
https://schema.org	chromecache_392.2.dr, chromecache_458.2.dr	false	URL Reputation: safe	unknown
https://feedback2-test.corp.google.com/tools/feedback/%	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Bold.woff2)	chromecache_297.2.dr	false		unknown
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	false	URL Reputation: safe	unknown
https://asx-frontend-autopush.corp.google.de/tools/feedback/	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://connect.facebook.net/	chromecache_447.2.dr, chromecache_314.2.dr	false	URL Reputation: safe	unknown
https://asx-frontend-autopush.corp.google.com/inapp/	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://feedback.googleusercontent.com/resources/render_frame2.html	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://sandbox.google.com/tools/feedback/%	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://lexical.dev/docs/error?	chromecache_349.2.dr, chromecache_327.2.dr	false		unknown
https://support.codapay.com/hc/admin/arrange_contents?locale=en-us	chromecache_213.2.dr	false		unknown
https://support.codapay.com/hc/en-us/requests/new	chromecache_213.2.dr	false		unknown
https://cdn1.codashop.com/S/content/fonts/Noto/NotoSans-Italic.woff2)	chromecache_297.2.dr	false		unknown
https://policies.google.com/privacy	chromecache_413.2.dr, chromecache_392.2.dr, chromecache_361.2.dr, chromecache_340.2.dr, chromecache_458.2.dr, chromecache_298.2.dr	false	URL Reputation: safe	unknown
https://cdn1.codapayments.com/W/pub/mobile-web/font-sanchez/Sanchez-Regular.woff)	chromecache_388.2.dr	false		unknown
https://optout.aboutads.info/	chromecache_440.2.dr, chromecache_378.2.dr	false		unknown
https://www.zendesk.com/guide/features/knowledge-capture-app/	chromecache_445.2.dr	false		unknown
https://codapay.zendesk.com/knowledge/search_settings?brand_id=165805	chromecache_213.2.dr	false		unknown
https://play.google.com	chromecache_413.2.dr, chromecache_298.2.dr	false		unknown
https://www.google.com/log?format=json&hasfast=true	chromecache_311.2.dr, chromecache_433.2.dr	false		unknown
https://support.google.com/inapp/%	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://cloud.google.com/contact	chromecache_223.2.dr, chromecache_228.2.dr, chromecache_454.2.dr, chromecache_462.2.dr	false	URL Reputation: safe	unknown
https://support.codapay.com/hc/admin/language_settings?locale=en-us	chromecache_213.2.dr	false		unknown
https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Medium.woff2)	chromecache_297.2.dr	false		unknown
https://support.google.com/inapp/	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown
https://asx-frontend-autopush.corp.google.co.uk/inapp/	chromecache_387.2.dr, chromecache_369.2.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
13.32.121.127	script.tapfiliate.com	United States		16509	AMAZON-02US	false
35.190.80.1	a.nel.cloudflare.com	United States		15169	GOOGLEUS	false
104.18.72.113	unknown	United States		13335	CLOUDFLARENETUS	false
157.240.252.13	unknown	United States		32934	FACEBOOKUS	false
142.250.184.196	unknown	United States		15169	GOOGLEUS	false
142.250.185.118	play-lh.googleusercontent.com	United States		15169	GOOGLEUS	false
162.210.102.233	www.card.xn--6qq986b3xl	United States		32748	STEADFASTUS	true
104.26.9.22	unknown	United States		13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
104.18.70.113	static.zdassets.com	United States		13335	CLOUDFLARENETUS	false
172.217.23.100	unknown	United States		15169	GOOGLEUS	false
157.240.253.35	star-mini.c10r.facebook.com	United States		32934	FACEBOOKUS	false
52.222.206.228	unknown	United States		16509	AMAZON-02US	false
18.66.102.4	unknown	United States		3	MIT-GATEWAYSUS	false
18.66.102.6	d94kc4f8ihaz6.cloudfront.net	United States		3	MIT-GATEWAYSUS	false
157.240.0.6	unknown	United States		32934	FACEBOOKUS	false
67.199.248.10	bit.ly	United States		396982	GOOGLE-PRIVATE-CLOUDUS	false
142.250.184.246	unknown	United States		15169	GOOGLEUS	false
104.17.24.14	cdnjs.cloudflare.com	United States		13335	CLOUDFLARENETUS	false
172.217.16.206	play.google.com	United States		15169	GOOGLEUS	false
104.16.160.145	cdn.onesignal.com	United States		13335	CLOUDFLARENETUS	false
157.240.0.13	star.c10r.facebook.com	United States		32934	FACEBOOKUS	false
142.250.185.132	www.google.com	United States		15169	GOOGLEUS	false
157.240.251.9	scontent.xx.fbcdn.net	United States		32934	FACEBOOKUS	false
104.18.11.207	stackpath.bootstrapcdn.com	United States		13335	CLOUDFLARENETUS	false
172.67.68.182	image.winudf.com	United States		13335	CLOUDFLARENETUS	false
157.240.251.6	unknown	United States		32934	FACEBOOKUS	false
157.240.253.1	unknown	United States		32934	FACEBOOKUS	false
216.198.53.1	codapay.zendesk.com	United States		7321	LNET-ASNUS	false
157.240.251.35	unknown	United States		32934	FACEBOOKUS	false
52.222.206.175	d1qgcmfii0ptfa.cloudfront.net	United States		16509	AMAZON-02US	false

Private

IP
192.168.2.7
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1520927
Start date and time:	2024-09-28 01:46:08 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 49s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://www.card.xn--6qq986b3xl/higgs-domino/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	17
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.phis.win@26/440@78/33
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: http://bit.ly/2HPopnP Browse: http://bit.ly/CodaHelpIDN Browse: http://www.card.xn--6qq986b3xl/ Browse: http://www.card.xn--6qq986b3xl/international Browse: http://m.me/Codashop.IDofficial

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, sppsvc.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.18.3, 142.250.185.174, 74.125.71.84, 34.104.35.123, 142.250.181.238, 142.250.186.104, 172.217.16.202, 216.58.212.170, 142.250.186.42, 142.250.186.106, 216.58.206.74, 142.250.181.234, 142.250.185.234, 142.250.185.138, 172.217.18.10, 142.250.185.170, 216.58.206.42, 142.250.184.202, 172.217.16.138, 142.250.185.106, 142.250.185.202, 142.250.186.170, 142.250.184.234, 4.245.163.56, 142.250.185.227, 88.221.110.91, 2.16.100.168, 142.250.185.195, 142.250.186.35, 20.3.187.198, 142.250.185.163, 142.250.184.195, 93.184.221.240, 52.165.164.15, 142.250.186.67, 216.58.206.67, 142.250.184.227, 142.250.185.206, 172.217.16.200, 216.239.36.178, 216.239.38.178, 216.239.32.178, 216.239.34.178, 142.250.185.232, 142.250.186.138, 142.250.74.202, 142.250.186.74, 172.217.18.106, 142.250.184.206
Excluded domains from analysis (whitelisted): ssl.gstatic.com, slscr.update.microsoft.com, clientservices.googleapis.com, time.windows.com, a767.dspw65.akamai.net, wu.azureedge.net, clients2.google.com, www.googletagmanager.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, www.gstatic.com, wu-b-net.trafficmanager.net, www.google-analytics.com, glb.sls.prod.dcat.dsp.trafficmanager.net, clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ajax.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, fonts.gstatic.com, wu.ec.azureedge.net, www-alv.google-analytics.com, ctldl.windowsupdate.com, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://www.card.xn--6qq986b3xl/higgs-domino/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: http://www.card.xn--6qq986b3xl/higgs-domino/ Model: jbxai	{ "brand":["CODA SHOP"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Beli sekarang", "text_input_field_labels":["Masukkan User Id", "Pilih Nominal Top Up", "Pilih pembayaran"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: http://www.card.xn--6qq986b3xl/higgs-domino/ Model: jbxai	{ "phishing_score":9, "brands":"CODA SHOP", "legit_domain":"codashop.com", "classification":"known", "reasons":["The brand 'CODA SHOP' is known and associated with the domain 'codashop.com'.", "The provided URL 'www.card.xn--6qq986b3xl' uses a Punycode domain, which is often used in phishing attempts to mimic legitimate domains.", "The URL does not match the legitimate domain 'codashop.com'.", "The use of Punycode (xn--6qq986b3xl) is suspicious and can be used to deceive users.", "The input fields 'Masukkan User Id, Pilih Nominal Top Up, Pilih pembayaran' are typical for a site that handles transactions, which is a common target for phishing."], "brand_matches":[false], "url_match":false, "brand_input":"CODA SHOP", "input_fields":"Masukkan User Id, Pilih Nominal Top Up, Pilih pembayaran"}

URL: http://www.card.xn--6qq986b3xl/ Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":null, "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: http://www.card.xn--6qq986b3xl/international Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0 Model: jbxai	{ "brand":["Facebook"], "contains_trigger_text":true, "trigger_text":"Connect with your favourite people", "prominent_button_name":"Continue", "text_input_field_labels":["Email address or phone number", "Password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0 Model: jbxai	{ "phishing_score":1, "brands":"Facebook", "legit_domain":"www.messenger.com", "classification":"wellknown", "reasons":["The URL www.messenger.com is the legitimate domain for Facebook's Messenger service.", "Facebook is a well-known brand.", "The input fields (Email address or phone number, Password) are typical for a login page for a messaging service."], "brand_matches":[true], "url_match":true, "brand_input":"Facebook", "input_fields":"Email address or phone number, Password"}

URL: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0 Model: jbxai	{ "brand":["Meta"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Continue", "text_input_field_labels":["Email address or phone number", "Password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F1206667942815399%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0 Model: jbxai	{ "phishing_score":1, "brands":"Meta", "legit_domain":"www.messenger.com", "classification":"wellknown", "reasons":["The URL www.messenger.com is the legitimate domain for Facebook Messenger, which is a service provided by Meta.", "Meta is a well-known brand.", "The URL does not contain any suspicious elements such as misspellings, extra characters, or unusual domain extensions.", "The input fields (Email address or phone number, Password) are typical for a login page for a messaging service."], "brand_matches":[false], "url_match":true, "brand_input":"Meta", "input_fields":"Email address or phone number, Password"}

URL: https://play.google.com/store/apps/details?id=com.neptune.domino&hl=en Model: jbxai	{ "brand":["Google Play"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":null, "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://play.google.com/store/apps/details?id=com.neptune.domino&hl=en Model: jbxai	{ "brand":["google_logo_Play"], "contains_trigger_text":true, "trigger_text":"Higgs Games Island", "prominent_button_name":"arrow_forward", "text_input_field_labels":["arrow_forward"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 193

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	9702
Entropy (8bit):	7.9598726753478575
Encrypted:	false
SSDEEP:	192:WN39q73ViP6LACockS/yc45kx6qGkwoT+cN0x3JrCpSvb0DjjyDy8i29ijqFmD45:UqTYP6cCockS/+5kUl1oT+cN0zARRFW1
MD5:	D2ED7D82AC1256A01CF4370E322CDEF2
SHA1:	9FA5A965D428CF3EB04EC179B98375436CBEF62D
SHA-256:	6A4374452827830D20ADE0BCDAC183389C5FC860E2F46B9F942984E2B47AD401
SHA-512:	7DD826C90DBBE2B5A6288654EA7A2DFA12672036AFB4D317B200072D7292FC8F4B20012C9B72F7F514C568915C4E836A51ACDE9BCAE7909C34A3F5B4971BB5CF
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/ldkXMQV3VO28rcqoeW8wN-5SxFZ8PcDrwM1EGxxTPv4cSrPPawrwzB28M1uQq5Ll3lTq=s64-rw
Preview:	RIFF.%..WEBPVP8X........?..?..VP8L.%../?...M0l.6.,.....n...O@.;~v.).x...[.x.."3..F.$).=&........mm.J.q..(..cJ`.....b..V..O..6w.!h..... ....ssV.....\.u..W...6>..0....P <..t...5l..b.C.Z.'\|.<..h.....>....c.~...2...y.U.R.G.......1A.7.\..(n.g..3s.Yo6.Mwc...k.m.m..^.v..i.n.I6..y...S....s.....:..5.L.N.4[/o..X.m.v...m....U.?.n.m4.dx..zy..$i..8.....,W.8l.}..m.m..{l{...mTvMf%#"#..<....$.LC.{..Y;Z.3.J..N..v....G.m..S.......-...Nld.XB#.>@.. ....#)......b....<...+./.h.)p....w........Q...1@...#!.C.zj.......n:..;y.DrjFq ..........y....T. ...p......<.P:....Q@...Ip...u........+"....%...L..Z.....bc.........t.J......z...K...k....f..O....&~... ..........L` ....`..@R<2./..7uQh...P.......Q.....;~E.[.....0..#.d@..\|...=..{W...8E....7.;.A...(...K..n....&.w.q\...# ND.8'..A.h.g..A.!.X&aH.4P8o^x<.5[K....(........r?....n......%..9....[.}c.:.....J.@..tT...')...x.C!.oH..l...w.GS.xC.."....w%. ...Iodr.3,:..I.f8:P...QA...-x...:Q...h....^...1..n.f..kV....G.....z.

Chrome Cache Entry: 194

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	8458
Entropy (8bit):	7.936237880471812
Encrypted:	false
SSDEEP:	192:HjmaoRlRlveVs7prowYPGRQCCR/dCWp57cjSvmIMsNnwucLdErH:HCaclneyNshGmzCW3QjsrRH
MD5:	B9015B21978B460514E2D0CA25E383E0
SHA1:	DAFA570719E0525D896C0C95F5B0E7ABD598DF7B
SHA-256:	51DA9F26B3488A53F846A848747D3C4D1F47FA54C14951668E94531EB1AAFD0E
SHA-512:	7E545807030075E3C96737EA4BA8D131CFA0CC52EAC5BCAB431C3D06797C35F0BF4671FD05DB5372B399D2CF4C830228B8CB3030C81F941A3D3365E08722F10D
Malicious:	false
Reputation:	low
Preview:	RIFF.!..WEBPVP8X........?..?..VP8L. ../?...M8j.I......G\| "..x..;K...T.#.=......H..U..D..A.bffj.l#Ir.P6qP...[(KS.$I24......l...I. .W.P.E.LI....!Bt.......d..o....d..v.a.+..E.vF.-~b>...&.4....#.....(.9..I....{.D.p.P../.5m."9r./3+...I.-f..............yd.\..K..j...7.....2......^..GlE.O...g.....e/..a...Le.e.33{....}....1...._.D.~...I....p..p...........b.Z..BI)If....,..vH.....GddVV..L...m.m.m..c...v..]U.....n.m.+..#0C.6 .U.f.Z.H."CPSE[w}3..t.t..0.......0.@......$..B.b..H.BHh0..$.. ..".8.....&.....[.Z.4..........$..D..qD.(.....h...i.a.QGN....d...@........).8..GD.k@l.p3c..o......D.@.....3.N...4.E..Q'.Y...4.h...B..O .q..V.....l.?..2....E..$Q...J"..0.D.4t.QG.(>.4.Q7...F@..'...".......W%@...i..v..>.p.y.K.:.......K...y.a"&..Y&.:..qd..I!.2P.b.DZ..IJ.D:;M"A.W[....^..%..z..q..D(r..p..]).....H.\|.......f..'.$...'.,G#i&C.*.DDd.j.5.Y..W..,.........T{.{e..t...pd......R..5x..e.gM..s..T3...r.2...\|.......}....9."Q.&b.....f.M.9..v.d.....Cz..K.d...T..qo\|/A..#n\|.".F..FO.

Chrome Cache Entry: 195

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 207880, version 1.0
Category:	downloaded
Size (bytes):	207880
Entropy (8bit):	7.99725908782066
Encrypted:	true
SSDEEP:	3072:eThWqRph/IhsIYDQprvMItnHf2aukyfWPLDMTPAO+p+23NCI:IWqZIhlpoUnHffuxfWPXMUg29CI
MD5:	01B5DCC68AFF09201F8E83A5E1C568EE
SHA1:	59F494BD2DF4AD954D32B8CAE8B5800D4834D716
SHA-256:	3D2B4DEB945A2E8B4A4FD551BD5C41CE8719D34FA4CAEFB7385829CF85CB7590
SHA-512:	700DCD751616E081F1AF9C3D71C5D932946A1F8C750C3D5A76014422B39E452B0DEEEA1F921263CC2282984B616E70F31CC7765128F20ECA05E8C6DD407BF423
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Light.woff2
Preview:	wOF2......,...........+............................@..l.`..&..f........0..S..@..6.$..<. ..}. ..9[..............].;....wW.<5.....I4..........b?.L............0.qJg.S.)...?.......k...K..g...rsW.:..[..Y.................................,.y.6............3..,..+...p.1.........Z.i.4..4..K...u.<..+%.4....8rE..<y^N]...I..}....M.as.........\k+.6R .]UU...2e..D..I.C....\|W.+.Q...Gz2.G..RU..R...kG;...A4$0?<...+.1.P@B....... u.X.$..X.:.q..$.......d....4e.h&..$HH.. !AB...)..>4wr.......?3..B......=.....i....Y>}.Z.X.4....&l..7......@C......D..(..4P=.<9r..<..b..c....Z"A...]j..<...2...`..+.sgZ.&6..W.W......$h.;0.k.....Aa.h.M.2O1.c.bG.rLI..]....2kg.D..X...9.R....D..u...m.wU8..E.$H....c....[+.......-.hU=.t.m..S2...\.\...... 8gp.(.i.W-..A.....0UH.s....t...!w...X..Ps../:.UFI...+..^.w....z.].w....S....\|vu..M..HH...!A.$.j).L..8.;x....>...-....j..-.o.mt?...+E=.......Y43...............I..%.d..U...[....c....rd....~..a.q..<...L..!Z...i........K!<{....I.b.-..".@.......g..]..

Chrome Cache Entry: 196

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9892)
Category:	dropped
Size (bytes):	48652
Entropy (8bit):	5.418612690445062
Encrypted:	false
SSDEEP:	768:JSEpwmTpALYAsC0AOXFzjI1S+ukcZ5SJSaLG+h9/tAsiWo8:JS2wH3l0VXFzjI1Sv5SJSw3hvAsO8
MD5:	50B1C929EEA0F91A532C73C112447150
SHA1:	9569F7C9637210BB84AA210EE116755341B1D5B6
SHA-256:	7951E1009212DC9ACD8D2528748A0659D0265EC7A1ABD1434F1FEFC7C4B9101F
SHA-512:	59DCE0E2461DE07A1D79D909ED5768E422883CC19B45CCEAB704977ABB36BFDF48EBBED6743EE6A5B09F05574CF134186EECBFF45C8BC6DCD26E2774C9D336DA
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("BaseContextualLayerAvailableHeightContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(null);g["default"]=b}),98);.__d("BaseContextualLayerContextSizeContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(null);g["default"]=b}),98);.__d("BaseContextualLayerDefaultContainer.react",["LegacyHidden","react","stylex","testID"],(function(a,b,c,d,e,f,g){"use strict";var h,i,j=i\|\|d("react");b=j.forwardRef(a);function a(a,b){var d=a.children,e=a.hidden;a.presencePayload;var f=a.stopClickPropagation,g=a.testid;a=a.xstyle;return j.jsx(c("LegacyHidden"),{htmlAttributes:babelHelpers["extends"]({},c("testID")(g),{className:(h\|\|(h=c("stylex")))(a),onClick:f===!0?function(a){return a.stopPropagation()}:void 0}),mode:e?"hidden":"visible",ref:b,children:d})}a.displayName=a.name+" [from "+f.id+"]";e=b;g["default"]=e}),98);.__d("BaseContextualLayerLayerAdjustmentContext",["react"],(function(a,b,c,

Chrome Cache Entry: 197

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	200
Entropy (8bit):	6.878063612294382
Encrypted:	false
SSDEEP:	6:wAi1Z6iB1toFkCoH+GN2jQPRwS9gJY5derhz6:wd1Eqt8qNN2jaRxgJY5Ec
MD5:	26AE874F3B7051BC5B112960C251080F
SHA1:	1D6B38F7FE58DC79CC66CC0A3EE42CAAA096B686
SHA-256:	8C66B3CB207515328AC21BDBBDA1B90A74D7CAC66267352048BFD7E4E1EFE627
SHA-512:	88DBFE63B9A7374528308BD4AC891535C310FFC2277C3A44004772ACCEA7115D8A1DF77ECB56EDF573000DF4AFC79E7E9524B4FB8C8E8DBAC2384860306F0C31
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../....58l.F....._..2.. .p[[..L.nx.......!V.....R..A...........x....>b.z[..j{....%~.{..~+N.sUy.G.....D...x.poN...,`....>....o...Z.*....u...,}...^..W...v..Z.u..^.`dg`j.\|...q....

Chrome Cache Entry: 198

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32588)
Category:	downloaded
Size (bytes):	35713
Entropy (8bit):	5.748945229879846
Encrypted:	false
SSDEEP:	384:7xOVzojduTK4lAsAlBz/+QV62XczensLR/pKgZXhrxfZLpnWLR/pKgZXhrxfZLpU:l6woTnHAPIZe/SGiQhCbsG
MD5:	67C4412171DBFA6626CBBB9BAD54324F
SHA1:	9C1DFD70B4191BD55A49B5E8A7AFF764300781BF
SHA-256:	FD19B8572E54B56AA0E11159BC14104C1567C340B6006CF26E32E21D7E85EADE
SHA-512:	7885557DAF3B9BE367B62342853A6F366C4C1DA807A5ADBB9FEEC7726D641BF79B36AFC71E0A7BF1E02E276BFB8B83E609ECAFFEAE1CC409411C5A20B342C506
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/bPLNq2NKn_W.js
Preview:	;/FB_PKG_DELIM/../*. License: https://www.facebook.com/legal/license/OKBVmODmb-W/. */.__d("tweetnacl-1.0.1",[],(function(a,b,c,d,e,f){"use strict";b={};var g={exports:b};function h(){(function(a){var b=function(a){var b,c=new Float64Array(16);if(a)for(b=0;b<a.length;b++)c[b]=a[b];return c},c=function(){throw new Error("no PRNG")},d=new Uint8Array(16),e=new Uint8Array(32);e[0]=9;var f=b(),g=b([1]),h=b([56129,1]),i=b([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),j=b([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),k=b([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),l=b([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),m=b([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function n(a,b,c,d){a[b]=c>>24&255,a[b+1]=c>>16&255,a[b+2]=c>>8&255,a[b+3]=c&255,

Chrome Cache Entry: 199

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2000 x 800, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	61755
Entropy (8bit):	7.748502484425811
Encrypted:	false
SSDEEP:	1536:wNNqP22JPMaHqiN6C0IhErwE7gMAXLp0ppIN3Ilkyp:wNNqPpCJPCnUtut4lZ
MD5:	29DAD06670F873936002DDB910253A4B
SHA1:	523EE4ADF550DF78348CF7528580171F0828F2B4
SHA-256:	8871194DC3AE9035B5BB04C84AA7B82AFA7442DAF2BAB5F1393A5751E6082A10
SHA-512:	AA1A38DE98C14B454715CC2240B752EAEC6824237BF1A6C760CCDC9859AEC7AC2E8827DC6D635820631EB0C5A56003770F0DA7C423E95CAAD0D1672CBDDA0268
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/images/grab.29dad06670f873936002ddb910253a4b.png
Preview:	.PNG........IHDR....... .....{..s....IDATx....u.H.......7..D0p.CE.t.CE0R..#...8....8.......6....4%[.)..........3...%........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................L..:............^..:..\|..W...R.}....g.A.................. .$..............t...........$.@...........@..t...........$.@...........@..t...........$.@...........@..t....

Chrome Cache Entry: 200

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (29520)
Category:	downloaded
Size (bytes):	105068
Entropy (8bit):	5.423284412656987
Encrypted:	false
SSDEEP:	1536:+stiKbFlxRRrPAYf7rWf+YC7wEcSoLC3aXm7U:/6yr81C/KLCKXmA
MD5:	57DE1470BB81AD3BA3DAE7794EE6E30F
SHA1:	7B58BBE8CA71540FB36054DD16A5AF4FB2D770AC
SHA-256:	ED8C7AE9AD47D72E75497FDDCFBBCB0DF511DB0E42CDA9792122C9240E1B95DE
SHA-512:	67398088EAEDC23DB4719D98C37988A18DB96E1498985B0DBE48FB73C6F476305DC3DE9807EE256B27C93DE9D68265807E9691069DBEBF53CEE46BBB0A44BE00
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/y2/l/en_GB/xfNj8lAwm9X.js
Preview:	;/FB_PKG_DELIM/..__d("ArbiterMixin",["Arbiter","guid"],(function(a,b,c,d,e,f,g){var h="arbiter$"+c("guid")(),i=Object.prototype.hasOwnProperty;a={_getArbiterInstance:function(){return i.call(this,h)?this[h]:this[h]=new(c("Arbiter"))()},inform:function(a,b,c){return this._getArbiterInstance().inform(a,b,c)},subscribe:function(a,b,c){return this._getArbiterInstance().subscribe(a,b,c)},subscribeOnce:function(a,b,c){return this._getArbiterInstance().subscribeOnce(a,b,c)},unsubscribe:function(a){this._getArbiterInstance().unsubscribe(a)},unsubscribeCurrentSubscription:function(){this._getArbiterInstance().unsubscribeCurrentSubscription()},releaseCurrentPersistentEvent:function(){this._getArbiterInstance().releaseCurrentPersistentEvent()},registerCallback:function(a,b){return this._getArbiterInstance().registerCallback(a,b)},query:function(a){return this._getArbiterInstance().query(a)}};b=a;g["default"]=b}),98);.__d("TrustedTypesIEFixDOMPolicy",["TrustedTypes"],(function(a,b,c,d,e,f,g){"us

Chrome Cache Entry: 201

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12046)
Category:	dropped
Size (bytes):	315758
Entropy (8bit):	5.5488443130798775
Encrypted:	false
SSDEEP:	6144:IT0dmGFpmFujlq0kd7+hJsEsEemve4s+2L:28jQ/h4JsOQ
MD5:	C3FA948838B6D79E30C8EFC0F676641C
SHA1:	36E64CA113B1C7AA074F48828080FA0690DD1C87
SHA-256:	DA4C6367FD8CD5CE1573C2B944A6FFE7773DC574435D4CE75B5A44C4ABA697BE
SHA-512:	3B0052B86BF74B62CBA5480A6CB66AA466A8A9D2B05A4035185323D309E358860422BF44E35E9E347030ABB4A3D523639FE5A339944C6732D11F0F94F5D99AB3
Malicious:	false
Reputation:	low
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"18",. . "macros":[{"function":"__e"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__j","vtp_name":"navigator.userAgent"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":["macro",3],"vtp_name":"originalLocation"},{"function":"__u","convert_case_to":1,"vtp_component":"QUERY","vtp_queryKey":"utm_source","vtp_customUrlSource":["macro",4],"vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__c","vtp_value":["template",["macro",2],":",["macro",5]]},{"function":"__dbg"},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__c","vtp_value":"G-LL

Chrome Cache Entry: 202

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	8406
Entropy (8bit):	7.960163056558925
Encrypted:	false
SSDEEP:	192:dSMwU6k9c503PEfWXekXIaw1zR+f16GKnKEC8R1:dS6X7cfjFFRo6BnKzk1
MD5:	354AED25167899A2202BC595D41AB660
SHA1:	BFE51641BA07724CE0C9E0C9665481C7CCE328C1
SHA-256:	DE857883CE4FCD40ACCC8D68FCDDAF27E52ABA855DC9A856D2162C4F18F5CF09
SHA-512:	CDFEA4620EEC70CC34C7A15A81BC75A9549D5D66755EA332701C4CB3105305AEC563D18DA7F11ED4C6F13C6A001968A1B6755F987709D64AC202ADAB52868D2F
Malicious:	false
Reputation:	low
Preview:	RIFF. ..WEBPVP8X........?..?..VP8L. ../?...M(l.M.V..7........j......q..8..c`..$}...H..X...0d2.q0.m;.M......*...%..#I.M......_Y.m...2.l.M;P.\....\|..-.K.....@.2'....g......J.D....1.....H...._.X..`......I@..p....T.}.0.../.9.]k..9....'..Y...........{ D..P..D.k.....m.:.u?/.8)m.;.X.Ie.v:....6_=..._~...~$.Vm...r.m.b..y-m.d.K_A@m...f...Pdf.[.<.\}..j.#.j..k...~.................?L.C1...gA...qr.J,.m!.PU...v.C5.>&..\..zQQt..(r...........I....T....L...xm...m.m.wc...hw.33"~....e...C.........zPc.}_..7..G.6N...g.]..9.......m.!.....u.U.].M&N...c.m.m..g....&.d.....:Ca.6...[.D,w....n..t..t."&P.d...HRZ j......!...eA...{.]?.N.....X`7v:...C?..8..^Km....Q..c..Mos.\.V.O..ON.p......."........Y......T0J......)jj..:....YH.\|...f...}Nh.c.&.y..n......I.u....\.B8.Ma....R...9.....S...VLe.R.K.(..$. .$.$.Q.m....Ro..81.M...2S.m8..U+.:...~s..=.....p.......D3..2.....'lY\|..D..=......0Q..U...H[k.?T^A:..tK...<.... ..X$!... ...\..L..W.2.}...I...R...O...Q.%VpfF.........

Chrome Cache Entry: 203

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21258)
Category:	dropped
Size (bytes):	684469
Entropy (8bit):	5.54260065489702
Encrypted:	false
SSDEEP:	6144:iHX4S/U/lpNXhQ5WOZiA2tb3+ojzsteGR6UJCFGz6CiEZqQ65P9/6D:7SUdHy5WOZAZBu6dYjir6D
MD5:	640947626C7AA8FA1FE5B0F2375A672C
SHA1:	1233FDFA767DF50E0750D8A7661C7162EED60E8F
SHA-256:	85A807B883A241217A83824610E7DA6B8AF08B317F59E3CBE34A45684B5157A9
SHA-512:	FFE63DAF2DC8B86A783D1F3C24F64E6DE16136B68105118514A48A1602C96BCAFCFFFDA6510142CE60123021E61DBA36C1B637374FA3986AA547E60DC77CF169
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("ActiveFocusRegionUtilsContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(null);c=b;g["default"]=c}),98);.__d("BanzaiAdapter",["cr:5866"],(function(a,b,c,d,e,f,g){g["default"]=b("cr:5866")}),98);.__d("BanzaiConsts",[],(function(a,b,c,d,e,f){a={SEND:"Banzai:SEND",OK:"Banzai:OK",ERROR:"Banzai:ERROR",SHUTDOWN:"Banzai:SHUTDOWN",BASIC:"basic",VITAL:"vital",BASIC_WAIT:6e4,BASIC_WAIT_COMET:2e3,VITAL_WAIT:1e3,BATCH_SIZE_LIMIT:64e3,EXPIRY:864e5,BATCH_TIMEOUT:1e4,LAST_STORAGE_FLUSH:"banzai:last_storage_flush",STORAGE_FLUSH_INTERVAL:12606e4,POST_READY:0,POST_INFLIGHT:1,POST_SENT:2};b=a;f["default"]=b}),66);.__d("BanzaiUtils",["BanzaiConsts","FBLogger","cr:1172","cr:9985","cr:9986"],(function(a,b,c,d,e,f){"use strict";var g,h={canSend:function(a){return a[2]>=b("cr:9985")()-(g\|\|(g=b("BanzaiConsts"))).EXPIRY},filterPost:function(a,c,d,e){if(e.overlimit)return!0;if(!e.sendMinimumOnePost&&a[4]+e.currentSize>(g\|\|(g=b("BanzaiConsts"

Chrome Cache Entry: 204

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	28380
Entropy (8bit):	7.991834639898943
Encrypted:	true
SSDEEP:	768:E+VzwBbQXwsB2XtcujwdHH9BJhp17hM8uOiZpo4vrg:DzyYb6edTNm8uRpo4vs
MD5:	BA0A6C906A71BE67D7F6C5281869ADA5
SHA1:	E411A0CFB0A300F82E08149E702DB759D3383543
SHA-256:	C465EDFA5CE4437CFA77DCD33118293FD67C38532B706172FCF752FFDB3EB33C
SHA-512:	027EE8F5245819086D0D24A7DB83B203330D57C66D4C5C762C40656603D721FF3DCA7A489ABDF30B4A9162B16D48F425A4ECDAA216B05E19CD8F9FD32D922976
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/5cp90J10ZQlw83zdlFAZSfBbjkN5XAsTpaRIbiRPfY5AnOgeU8fBI-_Ce_ekXlfVTJ55=w526-h296-rw
Preview:	RIFF.n..WEBPVP8 .n.........(.>Y&.E..!.j>\8...6...(.]3..WY.s.........g.hZ3"\|E...6=....~.~b\|..l........?..............?+.c.............>..?..n........................o.................../../.?...z.{).......+.....^.?.?u?....o...y.3.....p......?....G..\|...7....?..4>..../..._v.....;._._.?3..........S.....{.~/..K...5.3.........^..,.........O......P.....o.y.S.?...~........G......._.>.?._........\|G.2....k.:6t.;.o..=&..fb.L.R.la^.....?...0..D+T....8.^.%..R.@./8....F....%K.p..9.B..7.e.NP,..A&w.\|j.a,w.y<..d..M....<.?.+.idA... M..1.......{..YJ....He.[.0+8.+...u.<..V....<.p......n....jH).W..T..^...3.$.Z......0H.C`.....,.'.4..xh.....QvH......n.....-s.tS../;......cw~B..c..v.._......j....j3.....)..@.^.Bo=XH.un-.%..........-;..;.!CP...ys.I.............i..AW...x.6p.%.w.._..B.M...e!....:g....../.Dc.\|.@.X.z..IUJ.O..V...%.\|...}}?.....bV..?.s.-..h.....Vqo.."p(UF.8.c..4....&.TAE.e... ...3I.w...L......E..C.yuH.L..w.8vu...{.g..;..D.B.CqZ..... B8^....q.<....K3....\.

Chrome Cache Entry: 205

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 233240, version 1.0
Category:	downloaded
Size (bytes):	233240
Entropy (8bit):	7.998929579369334
Encrypted:	true
SSDEEP:	6144:RFtUp8TP0YyjsuhShhu0bAlZYs/UAkHgX4gf1G:RXUBNshhu0bA7YscgX4gfU
MD5:	86A24C421A052D323E49A952D88805B5
SHA1:	814A9DAF46A34AD6BC4F5BC0DE4940B166A85870
SHA-256:	A359121948E08165E21894786EE4E4E3C3F1AA55BB44DBAAD470D4ADF1B7DB9B
SHA-512:	0993B3670D42D9032831122D0E43D1843DA2361D8781B0CD75AA080A57F9DA273AC8A54414F8598EE12B2878787245B564A07F7E401C0282A47B5A0F57A825B3
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/googlematerialicons/v142/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
Preview:	wOF2OTTO..............................................X.`..`.6.$..d....~. [......<.....* .d..K..A...&@..\....n..!.N...(.G.../.v.y.....................n..n...l%.H.U..r.xp..Q....z.A..G.Q...4R.@NZ7...5..^.RE.MjY.l.....v.{#.T.J...J........2.h"&.l.+Se.UI..J(A......9j.4.j.hjaq.\|i.1`.p,..S.W..,..:F.k..w.H.t............ ...(........t{5...r.5#"....].>..Z.}...l5"".XDH.5T..M....;9sw.c.!....Q.}.........8d1....QH......I .%72..s.......fQ.V;.SH...V.W...q..2-...Y#+.6..m..D@..?.g!5TSZ...R....D 7=...v.K6..p.." ...v..j....F4...?.....<.s..Z...._rw.......4.B..... u&4.'4l........@~..E@X..,y..].$..]f-..$i.o...\9..2.`.6.#...W.j...7".o..V....%3..........!..?U.J.V...V..Mvz.....>...A........Z.D..3..s...!W].TUR.nUed.B.[.IK7.`.5...*..DJ.<.ME.\X.h.wJ..\0s....z+.EAF..4..hr....;...zE......9..d.Z.I["2...2c.'..:.v..3%C..2.S.9.s..h.m..Qk..J.....'c...Y.G.........&m..........v.R..].z~..4.ZC.s.......0]`[......./..O.)Ri..f.H...d.I....<#\|...C.../.Y.~e.vN.u....Sl.\|

Chrome Cache Entry: 206

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	34894
Entropy (8bit):	7.994423410428234
Encrypted:	true
SSDEEP:	768:EPYJOesx5XdbpTd6p0YJe7/1b3S0tVBiPUp:EPReuXdbpp8Je7/BZYPUp
MD5:	D24A12C8A91E0E01E218539081EABFD7
SHA1:	7C58DEEE87037B7D12DED30E6A38050368C92A1B
SHA-256:	43F1DB2A50CD3A785E07C7D30749FFF7E3B2BE961564B6146B47CA3C48267C8C
SHA-512:	0427DDBF59950AF960ABD2B29E1B479C943B70026D78404B3B03D8DCADBBDEC5DBB98B7FE48C93715C37B7D1EDF1A66A12C3EC0DD6DE52DAD45C746B6066EB83
Malicious:	false
Reputation:	low
Preview:	RIFFF...WEBPVP8 :...0......(.>](.E....:.d8..6.V.D#.(../..n..V.....G...7#.w.?.~......^.~_...'....+..././.?.}..\.I.S...#.'.....}.....................#.G.O._x?.?....G.....g...^...?.?..........W./i?...........g.C............f~I~g....3...#...g..o........z#...?..t..~.}........?/.........'.......d...E..............................W.......?..{.....#.........a.-......._..?i>.................U...../...?...................._...??.O.}.y..W.a.REn.M.L....O..Hq...Z.k.&...T..uA..#5.....a..e...u....e....s....;`.C.G.Lj>l..ov.u..5.+..E...mi[..C.\|....l.qs.I.+.?C.v\..9D.:....]........G.+..{ot./.n.@.,.a....Adq=R...L0`.K..7...o9..o..Q.Y=.....;.l.}....\|{)..ri2HA.......j...Q.<..4..7....!b...7:....\.D$..q.6.45..............+.,.8[.q..;q..T..#?..5E..Y.....w\|.{..Z..d..c....~...w.<j.y..94q.\...I.4.d5....3).S. =...w.uF.1,.{...m[-..7.-..&....n....l...@^]:hm.^K.....Ew...Z...Y.mP...X..U..S..`.R$.......t..y...4.F......d...G=..$...\3c.^..h....(...Z.........<N....^P....ie=G....'sJ

Chrome Cache Entry: 207

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3089)
Category:	dropped
Size (bytes):	69640
Entropy (8bit):	5.428026405432715
Encrypted:	false
SSDEEP:	768:8Rx5xxd9L0ngo2qQmDVeClRhw7d5i8q7nXxaFuYPdZIJVNfOT/BhqxlWZ:8j1dF6goxVe8vwiUFrdC2T/TwkZ
MD5:	F713EEB3B0A890A92D79B1B20AB97B0B
SHA1:	0262AD1062E4FC48562B58619FF2259F337D118F
SHA-256:	34747B2688FD1736007211CCCA2276A7C23F05228D1C4B5C2D4D239DDDBDFD14
SHA-512:	2B99EA22E50A6AF7988C5670411795A093A8CA25352BD881CC44FF141985C521FDFEA104F64F57B9A5C5572404516780D31CFC0D411B61DB1566020AA924068F
Malicious:	false
Reputation:	low
Preview:	(function(){'use strict';var n;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var p=ca(this);function t(a,b){if(b)a:{var c=p;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.t("Symbol",function(a){function b(h){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(h\|\|"")+"_"+e++,h)}function c(h,f){this.g=h;ba(this,"description",{configurable:!0,writable:!0,value:f

Chrome Cache Entry: 208

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	84
Entropy (8bit):	5.194658387848667
Encrypted:	false
SSDEEP:	3:bunSURQin6dScTRp0Dj7KumjKArY:bunSUR6dbRaD31mjKAM
MD5:	FAECC97392BC97059321A414110C1B09
SHA1:	9EC96C5D3CA3E83E6C65F231103F53AF786BEFCE
SHA-256:	AD5EC3228AA4248B83744A7FFF76148CA3ECA1CE178682B2FD1064F7A28C986A
SHA-512:	E38AD7B4560A0006D55A08FB4FA3EC2F2C1C831DDA2F3AC18DDDDFEC755724D53AEE3694AE37924C197F9A46C9CAA22AEA6E85B449F93678A9FC1DAF8F31D217
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSFwnYHFpBEiFdGRIFDXhvEhkSBQ3Fk8Qk?alt=proto
Preview:	CjsKBw14bxIZGgAKMA3Fk8QkGgQISxgCKiMIClIfChVAIS5fIyQqLS8rPzomJT0sKTxeKCcQARj/////Dw==

Chrome Cache Entry: 209

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	244
Entropy (8bit):	7.052798134603722
Encrypted:	false
SSDEEP:	6:c3ZFl0RTz7vgmXhsKroc6rRnPj5P1e32/XGyw7njUvp:c32Tnoz9P432/unjq
MD5:	81226FE56259FE6976BC69271844349A
SHA1:	2798D1D805F0B48140FABF2A95A925C5CF240AA5
SHA-256:	6CD9FDD3B8FDB2DF17D4D09FB17006C8EB39A3DF753D04D541472A4C8E708284
SHA-512:	AF656EC82FC287D897A2C227DAF621F593A56FD333BAB0C7E5664A24736683480CB73CBF91515CEA777FD4B9EA309AD6B42EF261D835E8060FC98DA7BD65E3E0
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
Preview:	RIFF....WEBPVP8L..../.....@.$.4P.k.,..V.r.d.+......7.....n..]...fU...ms..../b@_x.W..?)q.Rm.$.6.p.Q-....`..a..._B_.SB..dX.2.....5..97n6....;N...]..{....~.P.N[....j$.!.....$..`W.(q..r.7.G.....lM...........b,....$...aS...3j..A9..<9

Chrome Cache Entry: 210

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2433)
Category:	downloaded
Size (bytes):	19657
Entropy (8bit):	5.611018546594219
Encrypted:	false
SSDEEP:	384:B0/0My1CYC0+OsPVajwyBdiYU3iVFx7ec9ZTVWsYa:Nn1n7wyTvvN
MD5:	95ACF294757AD2F8A5D5831535C082C2
SHA1:	AE086C711C3526E3E51BABF28902807DB33BCCD8
SHA-256:	01B52F3F09764B36AFB17B8F2417254B6DF014C43B7BE73D2ACD64EB42F984F4
SHA-512:	E6FDD790802BA4AFD772F49845B94725099957DEAEA610B9DFFBDAA9835C6F79349C5183D2419D695E854A9D575FB0F1B30F81BB024A9565B8D12CDE2771C769
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3iomK4/yu/l/en_GB/iFYg6CGS6U0.js
Preview:	;/FB_PKG_DELIM/..__d("BaseDivider.react",["react","react-strict-dom"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|d("react"),j={divider:{backgroundColor:"x14nfmen",boxSizing:"x9f619",height:"xjm9jq1",$$css:!0},reset:{backgroundColor:"xjbqb8w",borderTopWidth:"x972fbf",borderEndWidth:"xcfux6l",borderBottomWidth:"x1qhh985",borderStartWidth:"xm0m39n",marginTop:"xdj266r",marginEnd:"x11i5rnm",marginBottom:"xat24cr",marginStart:"x1mh8g0r",$$css:!0}};function a(a){var b=a.ariaHidden;a=a.xstyle;return i.jsx(d("react-strict-dom").html.hr,{"aria-hidden":b,style:[j.reset,j.divider,[a]]})}a.displayName=a.name+" [from "+f.id+"]";g["default"]=a}),98);.__d("CometSSRViewportHints",[],(function(a,b,c,d,e,f){"use strict";e={max:function(a,b){return a<=b},min:function(a,b){return a>=b}};var g=null,h=[];function a(a){return a==="width"?(a=g)==null?void 0:a.width_px:(a=g)==null?void 0:a.height_px}function b(){return g}function c(a){g=a}function d(a,b,c,d){var e=h.findIndex(function(b){return b.dimens

Chrome Cache Entry: 211

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (785)
Category:	dropped
Size (bytes):	1371
Entropy (8bit):	5.305923384262515
Encrypted:	false
SSDEEP:	24:kzTT2JWvwfRFoQB/hQXoAmG2SUGbRhGbZ4ml2KoWSutCoQlrl:kf9vwb9n82SUGbRhGbKmA6YLlrl
MD5:	F6E6AB8006F78EB17A38EC236DDDEB3A
SHA1:	63B45182C78BC88CE0677B5F1F2EE8175F8DB611
SHA-256:	A56EF7BD00F9A5265E1A49CD19A46AF88CD93074B30E287598EC541193808491
SHA-512:	3D1E99180556C5E45396D0E58D436EE4DDBDD655E062A6CD587C227A7342F020F045B8CA101C47AFEFFF957EF928A5D158E070905F0DB1C5342DCA3931742A27
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("P6sQOc");.var dab=!!(_.xf[3]&8);var fab=function(a){const b={};_.wa(a.ua(),e=>{b[e]=!0});const c=a.N(),d=a.na();return new eab(a.V(),_.jh(c,1)1E3,a.H(),_.jh(d,1)1E3,b)},gab=function(a){return Math.random()Math.min(a.naMath.pow(a.ka,a.H),a.ua)},QK=function(a,b){return a.H>=a.V?!1:b!=null?!!a.wa[b]:!0},eab=class{constructor(a,b,c,d,e){this.V=a;this.na=b;this.ka=c;this.ua=d;this.wa=e;this.H=0;this.N=gab(this)}};var hab=function(a,b,c,d){return c.then(e=>e,e=>{if(dab)if(e instanceof _.Xd){if(!e.status\|\|!QK(d,e.status.H()))throw e;}else{if("function"==typeof _.dq&&e instanceof _.dq&&e.N!==103&&e.N!==7)throw e;}else if(!e.status\|\|!QK(d,e.status.H()))throw e;return _.Sd(d.N).then(()=>{if(!QK(d))throw Error("Cc`"+d.V);++d.H;d.N=gab(d);b=_.gj(b,_.Via,d.H);return hab(a,b,a.fetch(b),d)})})};._.Eq(_.BLa,class extends _.Dq{static Ia(){return{service:{nO:_.bab,metadata:_.cab,f0:_.aab}}}cons

Chrome Cache Entry: 212

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	4286
Entropy (8bit):	4.639719888612948
Encrypted:	false
SSDEEP:	96:EdAdhzUooooRoooT0oooooHooooooovqxoooooooooA:EkLL
MD5:	A217F758EFDFFF14053678DBE58FA4D0
SHA1:	6E0EB512C2F386D645712D7ECBE339EA85CFCA68
SHA-256:	F343B3015D0545A7D5B719A434135BCAE2AC766ED459AEEA671E3688B79D1875
SHA-512:	9BCF90FED875FFAF3170EF3425949642EB23B4E750CD42BA546D30E1A58C4FEE1A14CCDBD31455A6A442D09372CCB3873BD7477A59853608BC87660FB578119F
Malicious:	false
Reputation:	low
Preview:	...... .... .........(... ...@..... .................................................................................................................................................................5C..5C..5C.]5C.5C.5C.`5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..=/..$l.................................................. <../A.8D..5C..5C..5C..5C..5C.:5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..=/..$l..................................................TN.(?..'>..8D..5C..5C..5C..5C..5C.5C..5C..5C..5C..5C..5C..5C..5C..5C..=/..$l....................................................2..l...8..&>..8D..5C..5C..5C..5C..5C..5C.5C..5C..5C..5C..5C..5C..5C..=/..$l..................................................../... ..m...8..&>..8D..5C..5C..5C..5C..5C..5C..5C.g5C..5C..5C..5C..5C..=/..$l...................................................E...>......m...8..%>..8D..5C..5C..5C..5C..5C..5C..5C..5C.?5C..5C..5C..=/..$l...................................................B..C...>......m...8..$=..8D..5C

Chrome Cache Entry: 213

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (4482)
Category:	downloaded
Size (bytes):	11977
Entropy (8bit):	5.314227414795787
Encrypted:	false
SSDEEP:	192:P5bjHfpPKTe4eSe3ehKtTi0ihTinif9TiEirTiPiJCS6YTyKA6cPPk8iQ1QXSuSp:1j/FKqr1uqi0i9inihiEi3iPisSXTkPn
MD5:	3C84F6430C06E2FC4F2F9956F7190E8B
SHA1:	05C14C5DFEA5850EE282FCC3038D03129A31EA95
SHA-256:	CE830F864FAE27E5BB3BDC71CDB5062CCF9F0C0F8BB3D2642C265D93C92C3E3B
SHA-512:	F4E2817E89C7E566BE0503748152DDE663E47738F4E24D313C35AF6517AAAAED8D462A7D2B0DF938C0829EBF27E9A6379F14E2D9B0D152CA96D685C636F98143
Malicious:	false
Reputation:	low
URL:	https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia
Preview:	<!DOCTYPE html>.<html dir="ltr" lang="en-US">.<head>. <meta charset="utf-8" />. v25133 -->... <title>The page you were looking for doesn't exist – Coda Payments Support</title>.. <meta name="csrf-param" content="authenticity_token">.<meta name="csrf-token" content="hc:meta:server:R1utn25rRfkz0hRd_K2GvJaL7gn3tWnogVVYnJnAqSh5J39z4r_ZBrP9tH7Ymb8f32hs8YopAdsc3Xpc2aP3fw">.. <meta name="robots" content="noindex, nofollow, noarchive, nosnippet">.. <link rel="stylesheet" href="//static.zdassets.com/hc/assets/application-a42a464885a505c24ac3b0ab35047489.css" media="all" id="stylesheet" />. Entypo pictograms by Daniel Bruce . www.entypo.com -->. <link rel="stylesheet" href="//static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css" media="all" />. <link rel="stylesheet" type="text/css" href="/hc/theming_assets/592660/165805/style.css?digest=33371583435033">.. <link rel="icon" type="image/x-icon" href="/hc/theming_assets/01HZKT0CK8RWHB

Chrome Cache Entry: 214

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3089)
Category:	downloaded
Size (bytes):	69640
Entropy (8bit):	5.428026405432715
Encrypted:	false
SSDEEP:	768:8Rx5xxd9L0ngo2qQmDVeClRhw7d5i8q7nXxaFuYPdZIJVNfOT/BhqxlWZ:8j1dF6goxVe8vwiUFrdC2T/TwkZ
MD5:	F713EEB3B0A890A92D79B1B20AB97B0B
SHA1:	0262AD1062E4FC48562B58619FF2259F337D118F
SHA-256:	34747B2688FD1736007211CCCA2276A7C23F05228D1C4B5C2D4D239DDDBDFD14
SHA-512:	2B99EA22E50A6AF7988C5670411795A093A8CA25352BD881CC44FF141985C521FDFEA104F64F57B9A5C5572404516780D31CFC0D411B61DB1566020AA924068F
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/feedback/js/ghelp/16uafg9rapvyz/chat_load.js
Preview:	(function(){'use strict';var n;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var p=ca(this);function t(a,b){if(b)a:{var c=p;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.t("Symbol",function(a){function b(h){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(h\|\|"")+"_"+e++,h)}function c(h,f){this.g=h;ba(this,"description",{configurable:!0,writable:!0,value:f

Chrome Cache Entry: 215

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (785)
Category:	downloaded
Size (bytes):	1371
Entropy (8bit):	5.305923384262515
Encrypted:	false
SSDEEP:	24:kzTT2JWvwfRFoQB/hQXoAmG2SUGbRhGbZ4ml2KoWSutCoQlrl:kf9vwb9n82SUGbRhGbKmA6YLlrl
MD5:	F6E6AB8006F78EB17A38EC236DDDEB3A
SHA1:	63B45182C78BC88CE0677B5F1F2EE8175F8DB611
SHA-256:	A56EF7BD00F9A5265E1A49CD19A46AF88CD93074B30E287598EC541193808491
SHA-512:	3D1E99180556C5E45396D0E58D436EE4DDBDD655E062A6CD587C227A7342F020F045B8CA101C47AFEFFF957EF928A5D158E070905F0DB1C5342DCA3931742A27
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,EEDORb,EFQ78c,GkRiKb,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,RqjULd,SWD8cc,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,qfGEyb,rpbmN,s39S4,sJhETb,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("P6sQOc");.var dab=!!(_.xf[3]&8);var fab=function(a){const b={};_.wa(a.ua(),e=>{b[e]=!0});const c=a.N(),d=a.na();return new eab(a.V(),_.jh(c,1)1E3,a.H(),_.jh(d,1)1E3,b)},gab=function(a){return Math.random()Math.min(a.naMath.pow(a.ka,a.H),a.ua)},QK=function(a,b){return a.H>=a.V?!1:b!=null?!!a.wa[b]:!0},eab=class{constructor(a,b,c,d,e){this.V=a;this.na=b;this.ka=c;this.ua=d;this.wa=e;this.H=0;this.N=gab(this)}};var hab=function(a,b,c,d){return c.then(e=>e,e=>{if(dab)if(e instanceof _.Xd){if(!e.status\|\|!QK(d,e.status.H()))throw e;}else{if("function"==typeof _.dq&&e instanceof _.dq&&e.N!==103&&e.N!==7)throw e;}else if(!e.status\|\|!QK(d,e.status.H()))throw e;return _.Sd(d.N).then(()=>{if(!QK(d))throw Error("Cc`"+d.V);++d.H;d.N=gab(d);b=_.gj(b,_.Via,d.H);return hab(a,b,a.fetch(b),d)})})};._.Eq(_.BLa,class extends _.Dq{static Ia(){return{service:{nO:_.bab,metadata:_.cab,f0:_.aab}}}cons

Chrome Cache Entry: 216

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (9369)
Category:	downloaded
Size (bytes):	9380
Entropy (8bit):	5.246192322737003
Encrypted:	false
SSDEEP:	192:MBkGhABoM9fu9nQ9I9dy9XdLdXsoMWq/RmJLbb:MhyBFf2wYdwtVYW/
MD5:	359C3FCE9769020F14763E4E3615597D
SHA1:	A286AE2741ADCF0274D0129F8704C382B8E47E81
SHA-256:	836316444E9CEDE5CE83CFE98734B9C8AB27192A9634A59B82C118A8E6792037
SHA-512:	4E24FE8D51EA331F73157791CD98361A65C0AAC7C1B2751E792C797D0C4F196E2B200AF11CAF5A8195894819A98DF7AA3559C95C76DB9BB8280A8CCF84E45454
Malicious:	false
Reputation:	low
URL:	https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
Preview:	/! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css /html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:bold}dfn{font-style:italic}h1{font-size:2em;margin:.67em 0}mark{background:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-0.5em}sub{bottom:-0.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr{box-sizing:content-box;height:0}pre{overflow:auto}code,kbd,pre,samp{font-family:monospace,monospace;font-size:1em}button,input,optgroup,select,textarea{color:inheri

Chrome Cache Entry: 217

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 51 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2216
Entropy (8bit):	6.6961302583271225
Encrypted:	false
SSDEEP:	48:B/6BMYL4knA9WIM81/c0SkUL3T9HAq3SHAU4O6iufN+dgDrzRTM:BS+YkknmWIM81/ckE9HAPHAU4OPDGDrG
MD5:	123C968B7D12FCF714B9D2AF208D666A
SHA1:	E81C6311BE251AC7A4174D6A16C772E8AC78528E
SHA-256:	DCF5DC23BFCA5D9B4B2A36C9DB76F5375F51417BDE2B33F1C60E3925C814D361
SHA-512:	1C6E238E571C04F7564D6A382BE2141C4F7D4AE7632FB6923771F6E5EDBFA424D26431438B8CCFA96BF271A114C48984FC2FBD48FA6BFF68D23E3117990EA716
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...3...$.....$r......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:52+07:00" xmp:ModifyDate="2020-04-24T11:32:50+07:00" xmp:MetadataDate="2020-04-24T11:32:50+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:2ae217ec-6f1b-4610-8d8a-7b6c7caf0ff7" xmpMM:DocumentID="adobe:docid:photoshop:99720a90-8db4-0b45-9d3f-0d132e926

Chrome Cache Entry: 218

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 7904, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	26399
Entropy (8bit):	7.959673570604936
Encrypted:	false
SSDEEP:	768:1+H34A32asvhRo6sCNsKFeEotLUpbQBu82zd:1Id32npRojfKYtLUsq
MD5:	EE905AEEA99AA287B3F5B569FEDBD91E
SHA1:	0FD8E62C7B5240B5496DC1F2AF99D45766C30B86
SHA-256:	5AD678791B5D4839F74A625C1FF6D3F4A6BBFCA6417ECB0133F1A60DE77B415D
SHA-512:	D45ECFDBED27106D9A608998B7BDED221E9AE192D0F3C28F99B4E98B4B0C7D9555E8155FE89F2D78C66D1E39B3F1A5E1A63FA422D0294FD9E4A4BE29D3370F59
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... .........b.s.....PLTELiq.8..8..8..8..8..8......f..~.....................?..".i.'g.$~......#'&.-b.}.).k.....2z.5..3..6..7..8..7..I/.@.p.>984....=..f.....`4.."H0q...PC."B..M..R.....G..S...'(Lj.Q..j@.P.!]6..(.jMv+`.r).]....$K..o.iB2..&........#..+..4....{<.e.NTI..5.x_.W.. &....h.....08....l......8.(/..$...:Z...Q.!=....$..&(H]..).sZ!.s..&.:v(..$...../..A.!N=_...C.L.........I..g0.-....8...I.A%.)5.(7[{.-....walb.....`.So.9G$\|...8Km..o..=(:u.>..A.5.....+).=..l;.{.?5.S...fy..WW........Z..:..^...X......MX.n.A.....}.{6.3..A.[.d.F%..s...ssg...q.I._.......hk;..H....Y...\|.J....~.....6..C...y\|Q..t..r..{.r..&...r...K..........g..2........:c.......,........d...........$.......................................X.....A.......J.....B......................................].o....tRNS...+P..v....c.IDATx...L[W...?V..&..@H'm...n@..Q.....l'[.)3.t...c..N.l7.$E[F..*[G..H.+!..0`...Gce..C.A..0....:I.A..c.~{..u.w.&.d.....~...{.K.........=.........f..x..d=j..

Chrome Cache Entry: 219

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 138 x 41, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	2631
Entropy (8bit):	7.847895333366294
Encrypted:	false
SSDEEP:	48:NjPb2/U5P3PgXXXSWNrCFO0UGjTO7OWucmdKRNMhK64fGDCNTV:1T2/IIXXC4CR/eqKwGn
MD5:	E7EBC6C74EC20EA3614970E178217C10
SHA1:	F667FBC525F046F8C6D7617541884C4D6ED52478
SHA-256:	19C2B75FE23AE2238ADBD7F34901396D4120605D9028C2FCC7BD3C010E27EF9A
SHA-512:	919503E8BB602EA51AD0D92B3AFD7DD5701B5F2D3E28D8ECBF90D632AFDB7C14FCFDBA99F60F2BB6796DB536D3461882318B7DC0136E40B3D93556774BC30677
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......).......A.....PLTE.........pppBBB...LLLccc...XXXooo...jjjggg{{{........................{{{.........qqqssswwwxxxccc\|\|\|qqq222......................................u..................+++......222666.....................""".........**...............]]]hhg...............LLLaaa..................... &&&(((///>>>.5Grrryyy~~~.....................;;;BBBQQQRRRpppuuu.............................333999HHHSSSVVVkkknnn.2H....................................EEEOOO...........w................-L.7E...\|\|{..m....#.ZZZ.,<.....................W...!I.%?.N./N.o..m..o...o.~"..}..z.........!..w.%../.d<UM..#7hZ...J..Deeefff.1F..f.o...........p..p..z...........<............?..@..+$./..H.I+..E<..[6KD.. D.'@..O...dcc....,J.3C..[..].x...l.x...r...\......................}..9.....=.........-.k....#tRNS..!"$1<CVZ^aeht.....................0......IDATx...w\|.U........../......f.I..&A3$M.6..Ym.-m..t/.j............{.............#yy....~...qJ...M.6....a}.G....cNe@..S,b...V..N...

Chrome Cache Entry: 220

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 36, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	185
Entropy (8bit):	5.9780303893393345
Encrypted:	false
SSDEEP:	3:yionv//thPlSYLl+1IHCRsHrXLRa+dn/23rIIGU5thNnkncm3w4qtmkW7PXl0VMa:6v/lhP0YLkyymvVGtjnUnRq0kW7N0xVp
MD5:	07505E9DAC6DD922116F038EB58C9B88
SHA1:	4DAB9005E4603F76A6FAD92FE78FB9C92D05B62F
SHA-256:	C4DB75F643BB4DD47E39A9601FCC0A14621B588D5E4EBE987EE4828120BDE791
SHA-512:	5A94B97148037E9A25AF768AF67A1AD5D4959E5D5C216DC5353FB159630302A74A990CCA20F787C024C6B7229A12920B287A88A4063514FBA534E7D1DB094C11
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...0...$.....=k.9....PLTE"u.#t."s..OO.PP.OO.........o.......tRNSJ....J..J.j.\...DIDATx.c`T..ec$.. .].A...1..Z..!..%p.A....H...0......*.....]...Qp...al.....IEND.B`.

Chrome Cache Entry: 221

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2910)
Category:	downloaded
Size (bytes):	7261
Entropy (8bit):	5.352630427909264
Encrypted:	false
SSDEEP:	192:RAT2b3SC9Vq0uLv3hVOvNLiavbXHmmXgrLz97tED+umL9+Nat361sN7/:o2zSmuLi1A
MD5:	5103E5EF73C599F8B6076B7A75FF0DCC
SHA1:	1A9EF3E6C8B7B63CFEBFB1F1550CBF81F95A5630
SHA-256:	BD2FD1CB30BD418C6BB40AA3BA72352E1FF44A667CA35C6A69B91E2000C2F007
SHA-512:	ABC002B9A0F9CE6A07C26A4345527C6E257DB4593BE152BA3C5A1A8331ED8AF68B113CE546B6068E6EFD114AB3E01AD4A5CDFDCE1346E035E9C0D8B1AD19C1AC
Malicious:	false
Reputation:	low
URL:	"https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/IDg3gcRzowT.css"
Preview:	._aq6o{position:-webkit-sticky!important;position:sticky!important}._apvn{align-items:center;background-color:#fff;border-radius:12px;box-shadow:0 0 8px rgba(0,0,0,.05);display:flex;flex-direction:column;font-size:15px;font-weight:400;justify-content:center;margin-bottom:100px;max-height:600px;max-width:420px;overflow-x:hidden;overflow-y:auto;padding:16px 16px 18px 16px;position:relative}._apvo{height:48px;margin:40px;width:48px}._apvp{background-position:50% 50%;background-repeat:no-repeat;background-size:cover;border-radius:6px;height:240px;width:420px}._apvq{margin-top:16px}._apvr{margin-top:6px}._apw0{margin-bottom:8px;margin-top:12px}._aq1i{color:rgba(0, 0, 0, .50);text-align:center}._6aup ._9g9c._aq1j{border-radius:6px;font-size:15px;margin-bottom:16px;margin-top:14px;transition:background .2s ease-in}._aq1k{font-weight:600}._aq1j{height:36px;width:402px}._apvn ._aq1j:hover,._apvn ._aq3k:hover,._apvn ._aq23:hover,._apvn ._aq3o:hover{background:#4d4dff}._aq1l{color:#0a7cff;font-si

Chrome Cache Entry: 222

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	92
Entropy (8bit):	4.8344603641700665
Encrypted:	false
SSDEEP:	3:3OXzDKthjkETZkqbAMaCOj9/:3OXzqqEaNj5
MD5:	C74BA66679C9B2640C46FA8D60AB7F14
SHA1:	834F79361329A0C6ACCC848A253ED0B2A6388009
SHA-256:	20F8B53283E918FA990FE3644B13087233F5BC886D31A4F6172E047DBC548F69
SHA-512:	B755727FCAD76DA0E190F3E8DE141767D439661E315571034C659CDAF95D16A665CBC0645F122C188A57A4FD26EC80B8F51DB9CDC07547A5D79E6C45D6DD6FCD
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSFwkJtUkQdch0mxIFDaaRX5QSBQ3OQUx6EhAJkU0GUCOrgdESBQ3HQJJzEiUJFSRdPPJz6AYSBQ0804TeEgUN47whKhIFDR_ZlmQSBQ3qQM9G?alt=proto
Preview:	ChIKBw2mkV+UGgAKBw3OQUx6GgAKCQoHDcdAknMaAAokCgcNPNOE3hoACgcN47whKhoACgcNH9mWZBoACgcN6kDPRhoA

Chrome Cache Entry: 223

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (724)
Category:	downloaded
Size (bytes):	525472
Entropy (8bit):	5.648914151738771
Encrypted:	false
SSDEEP:	6144:ytxIUYTteVvs0E8gSdoxS4MLYw1tZnAzsz1I9VBojCdzNDC2vP:ybYTZMgGopkAzsz1ciEU23
MD5:	4CCA7CB697D77FDCBE652B8306B8C73C
SHA1:	343C4D7D27763F49EB5AA74C56B035D3B9CAE9CE
SHA-256:	1613CAF21654A69E967F3CCDF14FCEE3F653A49483BA0E9386EC768B3B64CB5F
SHA-512:	03EAFFCEDC130370D0617CE39C65A2A1FC0951CCCFEB77B9B690379A59352BA4FD0ACF9CF5F893BC66E47D3E396DA84A15CC715354C4CE5148DEBD15CE7F3305
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var z=function(){return[function(v,p,K,u,W,n){if(!((v>>2&(n=[6,"Unknown format requested type for int64",9],n[0])\|\|!U[22](11,this.U(),p)&&this.dispatchEvent("enter")&&this.isEnabled()&&R[23](n[2],this,2)&&R[3](n[0],2,!0,this),v-1)<20&&(v>>1&7)>=4&&(u=new vf,W=R[41](1,p,u,kV,K==p?K:P[8](37,K),5)),v<<1&11))throw Error(n[1]);return W},function(v,p,K,u,W){return((W=[17,7,46],v)<<2&W[1]\|\|(p=function(n){return K.call(p.src,p.listener,n)},K=UJ,u=p),(v-1\|12)<v&&(v-9\|59)>=v)&&(u=M[W[2]](15,p)&&!M[W[2]](13,."iPod")&&!M[W[2]](W[0],K)),((v\|8)&W[1])==1&&(u=p.Y?p.Y:p.I?"application/x-protobuffer":""),u},function(v,p,K,u,W){retu

Chrome Cache Entry: 224

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8053), with no line terminators
Category:	downloaded
Size (bytes):	8053
Entropy (8bit):	5.793513291607279
Encrypted:	false
SSDEEP:	96:hdYbaWonBBXOyK6w5Z4/4o/WMt+U9QxBasByvdlnmzQ9MFGvhFR/:7QMBhrK6w5y/42WNU9Qxf+dxCQ9Me/l
MD5:	4E311D174110F22B5D308702448D541A
SHA1:	FF0D044A781D454535BFA352FA5935566979C06A
SHA-256:	12BBD2699E01D6445DA418C94DABE89BBF8C0A6915F53646BC4A1049B32FEECE
SHA-512:	DBAB86083D16DE26AAB1B277F92F9A4C649B551BF241820107E3E0BA6DC817E6FDC99FC53A7A1201E4E28B74E8421A176666F666057D411560F6A8F0AEDA2B45
Malicious:	false
Reputation:	low
URL:	https://support.codapay.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Preview:	window._cf_chl_opt={cFPWv:'g'};~function(V,f,g,l,m,n,x,y){V=b,function(c,d,U,B,C){for(U=b,B=c();!![];)try{if(C=parseInt(U(470))/1(parseInt(U(414))/2)+-parseInt(U(465))/3(-parseInt(U(467))/4)+parseInt(U(375))/5+-parseInt(U(419))/6+-parseInt(U(439))/7(parseInt(U(406))/8)+parseInt(U(398))/9(-parseInt(U(379))/10)+parseInt(U(403))/11*(parseInt(U(418))/12),C===d)break;else B.push(B.shift())}catch(D){B.push(B.shift())}}(a,875822),f=this\|\|self,g=f[V(365)],l=function(a0,d,B,C){return a0=V,d=String[a0(423)],B={'h':function(D){return null==D?'':B.g(D,6,function(E,a1){return a1=b,a1(460)[a1(396)](E)})},'g':function(D,E,F,a2,G,H,I,J,K,L,M,N,O,P,Q,R,S,T){if(a2=a0,D==null)return'';for(H={},I={},J='',K=2,L=3,M=2,N=[],O=0,P=0,Q=0;Q<D[a2(454)];Q+=1)if(R=D[a2(396)](Q),Object[a2(450)][a2(417)][a2(382)](H,R)\|\|(H[R]=L++,I[R]=!0),S=J+R,Object[a2(450)][a2(417)][a2(382)](H,S))J=S;else{if(Object[a2(450)][a2(417)][a2(382)](I,J)){if(256>J[a2(393)](0)){for(G=0;G<M;O<<=1,E-1==P?(P=0,N[a2(372)](F(O)),O=0):P++,G+

Chrome Cache Entry: 225

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	200
Entropy (8bit):	6.8089822048404605
Encrypted:	false
SSDEEP:	3:wl/yi1ZrRl/Kiwi7/Q+x85mmZ4df7UVksyqUjLp/nwoZ9kqqVC03pjpolqeOo:wAi1Z6iP3q/4Uw7fDDkqq40Zjpolqs
MD5:	DF61C422ECAE7409B8697262192A44FC
SHA1:	D402D28A126D995638A2F434DDBD2B276887B599
SHA-256:	329AD3C7AC436F964C7A8CFCC6A74C859B51CDABD8974A65F0836410B11F2DC5
SHA-512:	32B50246FF38917D79C18C2750FDDDAFD991EBB72F9B1EADF0FF928FA0F083EE1C6BA74F697549E50743E89E1E9FB547E666A895801669C7AC65219691492562
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../.....@.m..a...6..}....$../..H..\.O.,.^.C\|}lX.\|l..<8Dl4<.\,.c....!.H..0..D.....8.D._..6.....4./.a..\.v......._...}.p.\|..._.5......SLasI.R...<ODg..Qf...u.-......9..\|.6.

Chrome Cache Entry: 226

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	8394
Entropy (8bit):	7.956399033870182
Encrypted:	false
SSDEEP:	192:kDTyjqG0PSRUbj6+e3Uz0b8dt41a2pQS/WkJbTFz:kHyt0EC6+eEQO41f/W6bTN
MD5:	F76ADDB1F81193EE46A149D74DF65884
SHA1:	798875532687A5F153E0B7051A7D071E2AEF805C
SHA-256:	52D17CEDDF265FA928C33AD316EEF8B056C5B6195B2C06F5E07B0F564473F38B
SHA-512:	C11E9E310F6F7791C9E47D9040D0F103F080882E42C222532FE06EEBE73FF03EA4525EC814F777E28C12A92E8646271D87FCA3072FEE526E5F99B773A36C442E
Malicious:	false
Reputation:	low
Preview:	RIFF. ..WEBPVP8X........?..?..VP8Lz ../?...M(h#I..=..W..".?..mc....l.. [0.$...?.o..g....I.L..y....{.`$I..Y..n'.._rww..<......".&!......<.f....~....3..gAjl..04j....O.......".t..S..".&.......N..\.....}"..18u..zh2....e..)[E.<2w.....l..C...ztd....-S...q..5>.@..N...........io...[.^.n$.@.....:.....p.B.%r.......e.G.r[no...m.m...qH.,;q.,7..t...........~2333333..e...4...t...m;.F.}?...}7w.4o.^^.m.m.m..wl.Og..w....8..........2....q..@.y...:%.\|...9y.`..:2[..t...l..b..&E_/....Q..Gl.6.ls..O....M...v.o..~ ....Cf.a....ae.KRn.....E.HH<....h4........t<o..+P....H.ams...V0.....I.....4sa.E...0B.......Z.4F...[.r..@\|..$..0f.........i..$.6#P...q.....W...C......M..u@IE..e...I~?..R....}.....k..3......l.k.&.(.^&P(.@...".....7........J........h......<..o\2.......j...I......`...u......@......`f.$.)+5.s......kK.. ...x.5.........{H....g=v....w2m.(...W.-.fr.MB.B].5?s.Q....i.^Ms...wZI/.M._.....*.....{.P.3..g......_.Z..h.]. ..9WS.Q....w..._.7..5...ER^...q-2Q.oW..$.1

Chrome Cache Entry: 227

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2106), with no line terminators
Category:	dropped
Size (bytes):	2106
Entropy (8bit):	5.174718212509389
Encrypted:	false
SSDEEP:	48:sosBSoGvQgz4VgvlsSr07a1PZaJk9mVpkZ:sTwEgz4nSr07a1se96pkZ
MD5:	38ACC407B31DAA48FAFD99A877C64B5D
SHA1:	2D4FF63B5C01682308051B7C70C4D97861BE9BC6
SHA-256:	FD9E295B54BDDBDA076CB3B98F340699091FA8D67907462A3924B37EF061DEB1
SHA-512:	A38FEA2CB99B5CF9EEBC985AC2AD21FE17FD702C5FCC6201D5CC9730C3F857E4FC71B17025818856E782583C89748B5B5809D9E57459DC6453A3BB4C06DC9EBA
Malicious:	false
Reputation:	low
Preview:	"use strict";function _slicedToArray(t,n){return _arrayWithHoles(t)\|\|_iterableToArrayLimit(t,n)\|\|_nonIterableRest()}function _nonIterableRest(){throw new TypeError("Invalid attempt to destructure non-iterable instance")}function _iterableToArrayLimit(t,n){if(Symbol.iterator in Object(t)\|\|"[object Arguments]"===Object.prototype.toString.call(t)){var r=[],e=!0,i=!1,o=void 0;try{for(var a,c=t[Symbol.iterator]();!(e=(a=c.next()).done)&&(r.push(a.value),!n\|\|r.length!==n);e=!0);}catch(t){i=!0,o=t}finally{try{e\|\|null==c.return\|\|c.return()}finally{if(i)throw o}}return r}}function _arrayWithHoles(t){if(Array.isArray(t))return t}!function(t){t(document).ready(function(){function n(){var t=new Date;return t.getHours()>5?t.setDate(t.getDate()+1):t.setDate(t.getDate()),t.setHours(5),t.setMinutes(0),t.setMilliseconds(0),t}var r=t(".notification-wrapper"),e=[];if("null"!==CODA.Shop.infoBar&&"[]"!==CODA.Shop.infoBar&&void 0!==CODA.Shop.infoBar&&(e=JSON.parse(CODA.Shop.infoBar)),t(".notification-wrappe

Chrome Cache Entry: 228

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (724)
Category:	dropped
Size (bytes):	551834
Entropy (8bit):	5.646059185430787
Encrypted:	false
SSDEEP:	6144:ytxIUYTteVvs0E8gSdoxS4MLYw1tZnAzsz1I9VBojCdzNDC2vPpD:ybYTZMgGopkAzsz1ciEU2d
MD5:	33AFF52B82A1DF246136E75500D93220
SHA1:	4675754451AF81F996EAB925923C31EF5115A9F4
SHA-256:	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
SHA-512:	2E1BAAE95052737BDB3613A6165589643516A1F4811D19C2F037D426265AA5ADF3C70334C1106B1B0EEF779244389F0D7C8C52B4CD55FCE9BAB2E4FCB0642720
Malicious:	false
Reputation:	low
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var z=function(){return[function(v,p,K,u,W,n){if(!((v>>2&(n=[6,"Unknown format requested type for int64",9],n[0])\|\|!U[22](11,this.U(),p)&&this.dispatchEvent("enter")&&this.isEnabled()&&R[23](n[2],this,2)&&R[3](n[0],2,!0,this),v-1)<20&&(v>>1&7)>=4&&(u=new vf,W=R[41](1,p,u,kV,K==p?K:P[8](37,K),5)),v<<1&11))throw Error(n[1]);return W},function(v,p,K,u,W){return((W=[17,7,46],v)<<2&W[1]\|\|(p=function(n){return K.call(p.src,p.listener,n)},K=UJ,u=p),(v-1\|12)<v&&(v-9\|59)>=v)&&(u=M[W[2]](15,p)&&!M[W[2]](13,."iPod")&&!M[W[2]](W[0],K)),((v\|8)&W[1])==1&&(u=p.Y?p.Y:p.I?"application/x-protobuffer":""),u},function(v,p,K,u,W){retu

Chrome Cache Entry: 229

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	7840
Entropy (8bit):	7.935250751574642
Encrypted:	false
SSDEEP:	192:r6dPjxox9HyZcV7bHhgsZFsjXy3+aFU9eA7XOErOat6vjBi:2dPGx9HyZcV7LurPa8CiEi
MD5:	6290D6D480765D1491BA35078F3D6435
SHA1:	35686B9379151DF7A5B4FF4FC9553932DD52591D
SHA-256:	B9C92FC47FB93D104E9EF850B98EFF81817B8448671E787659D19CCBFF99D155
SHA-512:	7F35A27279905DF3211F173D91AE611624BFB7B61BE8B9870830DA1C74A4B50C62DAB5E162D93F09C54E154F74B325E7598C9E9F02E4525BC1D70EF6940ECE6A
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/54_553vN5-CRQBSmcbg54izHeT-KyBC2iEooeY90pcU7jpFWSgSsZYhKRBob74zRkNE=s64-rw
Preview:	RIFF....WEBPVP8X........?..?..VP8LP.../?.....m.I.w...'\|."..Qu`.U..YF../B..~.`..#]..........uW@n.u$.J...Q..@..v.6.$5.,...b........]... .....8..c..`..HDn..n!Dx...2J.g....x..g..._#.}r"..._.}..\..K..a....#.$.q.pM......D.JR.[.L..0................-..T.....K.......3Le8s....}jR.qy....e....CGfR.........&..m.$I....y1X.vf.9SF..6^.....l{^.u..]...,wv$.22"...y....3$..~....,u..3k...m.6......}.m{=s.h..........Yr.....U...\b.....9.....aI.J.l.........M..w....@A....%...T.(...@..9...X.0.......J.../...........+...L.u...@.....W..D.. b.4....P..y0..c-..4.<.. .@.. ...Hm.+..Q2...Pa.[.B\.+.I(.~..6....Ng....O...".D.Q..{e...f.P.....].uR..B.;..^.tB...F..<../......l....w_A...`...S.....'...)kpT?.b.r\|..9...Z..u.z_..0%..\"..`}JY.x.5....~..v.V....5..k..7.iw...%..T.\|.f.....H....wj.7.\|..o...J.0.^o......>...1....=0.q..~...O.h..G..;#3.[QFK.l._P.do.f.U...[.../$.;huL..@...31..e......d.-.:pY.6.}:.C...54.FO.~'..K.C....D.-..%M....+r@@Y.e.]-.#.N.v...(Oh.aB...=.i..5:.. .9PF..<.....P'.\.AZ.@.

Chrome Cache Entry: 230

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	downloaded
Size (bytes):	89476
Entropy (8bit):	5.2896589255084425
Encrypted:	false
SSDEEP:	1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
MD5:	DC5E7F18C8D36AC1D3D4753A87C98D0A
SHA1:	C8E1C8B386DC5B7A9184C763C88D19A346EB3342
SHA-256:	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
SHA-512:	6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
Malicious:	false
Reputation:	low
URL:	https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

Chrome Cache Entry: 231

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 183 x 40, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6365
Entropy (8bit):	7.7625347975885335
Encrypted:	false
SSDEEP:	96:CSLYkknmWIYF7/5R2HnmHcwqOJYUmxQAqb54pKu2EMcgQCMzhdtCy3udPZQ+NZ2E:CSMkknSHmL1JYOLbKpZ211MzlY6QUsq6
MD5:	4AE08527924D769BD7EA410D6B7CF5AD
SHA1:	D1299F11F42FE3415EEAFD0EC1918765BC94DEE2
SHA-256:	2C1194B41DFCF822692A3A5BC896BA312978FE228C3C5563106AE947B7CED3FA
SHA-512:	38E0ACD3905A18C057CA27E9339EA3DF75D7A5702A81F1979B153ABEDD9823131FEEA1FC76F67EE3C74D1C8B3DF55F04095A41BBD0CEBFD656226BB29BFFC989
Malicious:	false
Reputation:	low
URL:	http://www.card.xn--6qq986b3xl/img/codapay.png
Preview:	.PNG........IHDR.......(......^k.....pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Windows)" xmp:CreateDate="2020-09-02T22:03:24+07:00" xmp:ModifyDate="2020-09-02T22:09:21+07:00" xmp:MetadataDate="2020-09-02T22:09:21+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:5710cb0d-6920-7a4d-9aad-0efb7b1bb61e" xmpMM:DocumentID="adobe:docid:photoshop:8e165072-0d9e-6a44-96c6-e1554209536

Chrome Cache Entry: 232

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	548
Entropy (8bit):	7.327759164493212
Encrypted:	false
SSDEEP:	12:slPS8P+coL7FKl07V+cvbTPN+NYBM2kjeeoOilwtszyCaUT+KXTt2:sdDoXu07JDTV+NYsoOiqCmJI5XQ
MD5:	22549929E42B7A35BE8D71682A084617
SHA1:	E103A892F50646B447C5F4008691645F011FBAA2
SHA-256:	5263FC71E49ED5B768B6770B3844BC11B0EC52330B98C6AFA207AFD6309F40F3
SHA-512:	0F3A023167C564D1CE8FA2CD1C394FAAB99FC645429A3A3D623D7D014D38570C62B6284B662DAB1B93DF4A2AA6A82FEA843ED14200A772D87F743629FCA5444F
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/a-/ALV-UjVbNKa5i-zyQ7NrOn8KScByDGAhArAquxNNHFKgHw-SQakm6dM=s32-rw
Preview:	RIFF....WEBPVP8X..............VP8 .........* . .>.6.G%#"!0......l..2.\|?.^.h ...._...:.7..R..].W...p....Q"...v...^._....Z....8.t..8BZ...ps~\|c...G`../]qg1..-S.[..or.R..{..f..>.I...\|....{.'.9.E..<@X.P2...../4w5.%.f?...T<.-.Y.%....8......+.................`g.:..W....5...L....x.9..]....R[...jy.e.{KN .'.X....\|.#A8...U.D.s...(N.>.`.)'..x..Y.....J........L.{P.0.VRs........00........w..&...ZB5...j...{C(u?zn.........B.y.'.j..BJq...wA.\|.+R.R...<.<.=.......2q.......3.....{.4WT..._..B;@_3.......EXIF"...II*.......1...............Picasa..

Chrome Cache Entry: 233

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2357)
Category:	dropped
Size (bytes):	19725
Entropy (8bit):	5.407222733892465
Encrypted:	false
SSDEEP:	384:SkoYkDkdvI8+RWt4rB+7iItavwbnBpHkFj3bfirlDt7wNNJPHXmpGSZgtkMbb1w:EYk8+OLtavwbnabbKrWNJPHXmkSZghw
MD5:	B97C28B965793E8FA6B815FBE3D1C8D9
SHA1:	3ABE4309331194257108B7C0AD38A4FE74B5F243
SHA-256:	25C0F82E0B381BD4FA9677564941698421E5525C5C0B8E6498A46CE4B3D90852
SHA-512:	A5D8794EC6FF0AF722EC8ED0EB35E0262E8CDEDDB57A9C663B79559AFAF8A623A39A3523F020B918279DD26ADE8064D11967995A287F6CBA6288A03BF47C7C5E
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("CometDarkModeRootClass",["ExecutionEnvironment","StyleXSheet"],(function(a,b,c,d,e,f,g){"use strict";var h;function i(a,b,c){c?a.classList.add(b):a.classList.remove(b)}function a(a){j(a?"ENABLED":"DISABLED")}function j(a){if(!(h\|\|(h=c("ExecutionEnvironment"))).canUseDOM)return;var b=window.document.documentElement;i(b,c("StyleXSheet").DARK_MODE_CLASS_NAME,a==="ENABLED");i(b,c("StyleXSheet").LIGHT_MODE_CLASS_NAME,a==="DISABLED"\|\|a==="UNDECLARED")}g.toggleDarkModeRootClass=a;g.updateDarkModeRootClass=j}),98);.__d("CometSetDarkModeSettingMutation_facebookRelayOperation",[],(function(a,b,c,d,e,f){e.exports="5657317347705261"}),null);.__d("CometSetDarkModeSettingMutation.graphql",["CometSetDarkModeSettingMutation_facebookRelayOperation"],(function(a,b,c,d,e,f){"use strict";a=function(){var a={defaultValue:null,kind:"LocalArgument",name:"input"},c={defaultValue:null,kind:"LocalArgument",name:"setting"},d=[{alias:null,args:[{kind:"Variable",name:"input",variableName:"i

Chrome Cache Entry: 234

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5945)
Category:	downloaded
Size (bytes):	265794
Entropy (8bit):	5.572719893143777
Encrypted:	false
SSDEEP:	6144:KjJpmFU7Nli04d7G3BsEemvevNnH0fxnQ6:YyW7N4nhiZ7
MD5:	AD69F7561EC713BE70AE65D7002545B3
SHA1:	C9AFDF33BAFD54790C86666136D53E3D27F69E52
SHA-256:	246DCB444EA297A253C608B507800A4F3F9834EA53A6CFCFB99C94CD1F3D4992
SHA-512:	EE789157766DA4B46ECFBE6742D7EA3AFB66B78CC2EBAB4B5DC6B6E123375A9BCA2D01A5C339DD33A5BB78542C425FF29F02A4D5DE2564F6877549E8B17382F6
Malicious:	false
Reputation:	low
URL:	https://www.googletagmanager.com/gtag/js?id=G-6VGGZHMLM2&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"6",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cross_domain","priority":16,"vtp_rules":["list","play\\.google\\.com"],"tag_id":10},{"function":"__ogt_referral_exclusion","priority":6,"vtp_includeConditions":["list","play\\.google\\.com"],"tag_id":12},{"function":"__ogt_dma","priority":6,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":13},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":

Chrome Cache Entry: 235

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
Category:	dropped
Size (bytes):	69694
Entropy (8bit):	4.2921245810153446
Encrypted:	false
SSDEEP:	768:xqH2KWbWcJNoSIKXBHPrkQS5ptA65yFUvz+0bSuqYp/pTQ8fTJD9aej:xM2PbtNoSIKRHzFipp5yFUXNjJDse
MD5:	2ED3BCA42B04A2F5424389B4783F1B02
SHA1:	8EA37A5FC91DF9503FF28CDF443827057DC3B304
SHA-256:	ACE07AF67895A64072C91508F5908659C7B573BBAFAAA1F22AD05208FA563492
SHA-512:	72C573400A2F5BC8CFFF5C8B5A4B598B3B9BF029555E01D98FB2E1D43B94699D8F4DB98BA3EFB03DFA1299E579A5E87006F06E623DF8C671C304CCA8844DDA43
Malicious:	false
Reputation:	low
Preview:	............ .(.......(............. ...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 236

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6336)
Category:	downloaded
Size (bytes):	117484
Entropy (8bit):	5.391178242149092
Encrypted:	false
SSDEEP:	768:sRgE/kfchhTC9Epewpo9nXEBkDWYcxsRdf6lXCcSPLTY7AvVx+ThVzFzDA5:sRn/kk5txpYFx6FC/KxY5
MD5:	08191B7EA540420E19C3125123A0A931
SHA1:	3C43E56EBD731A2FA9A0EFCEFB0F8D557EDD9E6B
SHA-256:	4C721ACD0C22234273C6BDABDB769585E8BCDF731A0C003724ACDA7ACDCE3CE5
SHA-512:	E62662155D47ED18D686F577C4822835E967D6794C94381E59E5C2AA80311EC13EFA226FBE78B94113BE792AE0FC823481E9072CF5B7570711DEF18DF7D2D137
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3iYHw4/yt/l/en_GB/aS7FKFhOKTc.js
Preview:	;/FB_PKG_DELIM/..__d("CometRouterDispatcherContextFactory.react",["CometRouterDispatcherContext","react","useStable"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react"));b=h;var j=b.useContext,k=b.useInsertionEffect,l=b.useMemo,m=b.useRef;function n(a){var b=a.actorID,d=a.children,e=a.from,f=a.parentDispatcher,g=a.tracePolicy,h=a.url,j=l(function(){var a={actorID:b,from:e,tracePolicy:g,url:h};return f.withContext(a)},[b,f,e,g,h]),n=m(j);k(function(){n.current=j},[j]);a=c("useStable")(function(){return{componentHistoryState:{popState:function(){var a;for(var b=arguments.length,c=new Array(b),d=0;d<b;d++)c[d]=arguments[d];return(a=n.current.componentHistoryState)==null?void 0:a.popState.apply(a,c)},pushState:function(){var a;for(var b=arguments.length,c=new Array(b),d=0;d<b;d++)c[d]=arguments[d];return(a=n.current.componentHistoryState)==null?void 0:a.pushState.apply(a,c)}},go:function(){var a;return(a=n.current).go.apply(a,arguments)},goBack:function(){return n.current.goB

Chrome Cache Entry: 237

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	4678
Entropy (8bit):	7.625796542792964
Encrypted:	false
SSDEEP:	96:2S+YkknmWIM8DAQ/4K5HA52HAUmVg+Sb/gVtuUoshVlKj/WV56aQgZKxQ9XNcy4+:2SvkkndEAs5g52gOD2BhVlKTWV56aQTO
MD5:	A91BE2E400B7F0DC66247427DFAFFCF3
SHA1:	900E87486AA051659E114EB5B7A2980D75E7889A
SHA-256:	62437412556A804293516DF99C0970427549B1A50258462035410072F96DD093
SHA-512:	02EBFD5194BAE38C8004CBF0979623AD507C51D89503BDD8A0C6F1CD2017F78DE09FFF347AD0FBDA4EC5675ED85737635E2C1ED6654DD31FE9743BAE74721070
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/social-media-logo/36/socmed-instagram-H36.png
Preview:	.PNG........IHDR...$...$.............pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:52+07:00" xmp:ModifyDate="2020-04-24T11:34:50+07:00" xmp:MetadataDate="2020-04-24T11:34:50+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:5b6140fd-7afe-4ff5-b896-3897658f047b" xmpMM:DocumentID="adobe:docid:photoshop:041b76a2-5872-7047-bec1-0c7762148

Chrome Cache Entry: 238

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	67568
Entropy (8bit):	7.995223827827181
Encrypted:	true
SSDEEP:	1536:Sr9FBdWwO30fCHi7d4WS8I2FLpssaCYOse5p31EL9sD2bSA:Sr7BdUXs829vP5pFo9gul
MD5:	F6CB5C74910A1F66FBCE7FA7EFA9A5F7
SHA1:	58C5B8D3BAEECA8EF315CAB2B54D93834B92491E
SHA-256:	B35686D67403F8942C749CDDA2B8CE3C4E98FFE48DA8964E541AF8E45567F927
SHA-512:	753A0D4AC7EEF2495E328B29E091BACF5CC05E539A3E0EAFDDA543F3D193D22676767E80A2DCFBA9283489337D369D2F88349E8568B3CEDB798E055C83150527
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X..............VP8L..../..;....$......{./.$5D....o7.@..M.}..k$..&..t#......7.... .......12.9-.;....U9F..H.Q]..Jl.:t.@....~/......\..........>....1.$~V.ox......n`. ...}..I...n)d.zC....l......{c..T?....5.O.:...5.\|..]......U....1.1V7.N6.......s.:...~..<g..../..k..e ...F....0n........>.;......^].R?(....P.$.* R..ad@_t........I.O....f!I.6.r..Q.....B.Q..Mt..c...9g..@.g..5HT..i....H.... ...{/.....].S$H...lm{.y..f..X`...,A]..VI...JVYz.^.?.p=Z.;.....8.....{QQ.C'I..c....n..m...h.;......<..5.......... ....>..2...:....b.+@B.....y)..C.A}?k...........7....@.:.W.}...1[.6.)..I?..%W.......9.."V....$.....H...Y.P.p..........2<...."..X.)..>.G..[X..{]H..........)9J.;f]U.R...7..u=..l0..4..d.$..A..k.......U}....E.....%X...#)xZ".aL.&o...?..V......... "V.1..`.R...-.....%..k(5,.............7q}.a.....o..<.<..zn....m..+.q.y..F+..~....z..e..Zx..Zu.....`.....&53.aQl.a....~.T......{....7...n3.p.Cg..;....8.nG#.......,.1J.1...a.._.......9.

Chrome Cache Entry: 239

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (30837)
Category:	downloaded
Size (bytes):	31000
Entropy (8bit):	4.746143404849733
Encrypted:	false
SSDEEP:	384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf
MD5:	269550530CC127B6AA5A35925A7DE6CE
SHA1:	512C7D79033E3028A9BE61B540CF1A6870C896F8
SHA-256:	799AEB25CC0373FDEE0E1B1DB7AD6C2F6A0E058DFADAA3379689F583213190BD
SHA-512:	49F4E24E55FA924FAA8AD7DEBE5FFB2E26D439E25696DF6B6F20E7F766B50EA58EC3DBD61B6305A1ACACD2C80E6E659ACCEE4140F885B9C9E71008E9001FBF4B
Malicious:	false
Reputation:	low
URL:	https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Preview:	/!. Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.7.0');src:url('../fonts/fontawesome-webfont.eot?#iefix&v=4.7.0') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2?v=4.7.0') format('woff2'),url('../fonts/fontawesome-webfont.woff?v=4.7.0') format('woff'),url('../fonts/fontawesome-webfont.ttf?v=4.7.0') format('truetype'),url('../fonts/fontawesome-webfont.svg?v=4.7.0#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.

Chrome Cache Entry: 240

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2720)
Category:	downloaded
Size (bytes):	10972
Entropy (8bit):	5.468696557847035
Encrypted:	false
SSDEEP:	192:TyrCSDDt60cN/jite9JaJk2gH6RfVZfrELEQDZa0YQdf:TyFDJ6BjzH6GV5f
MD5:	C56913DBE48D685560708FAF019FBB2D
SHA1:	270C4D44FB014A9E108455588CD0E19839066994
SHA-256:	B5EA2C3E08D4CE47C0186F9CEADFB47642C93897488301D318D1B97477CD0D1D
SHA-512:	41AD4C69B293C7F03DD3F25FDEED8859653917B9B977843496D24C0E7F1B2A7603DFA9B9B5B1ED3F16984B5CCB3A08F7E6919DD343DF8D7AAEF1B4BBA7428157
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/r_8qOGcNEAf.js
Preview:	;/FB_PKG_DELIM/..__d("FDSLazyTooltip.react",["BaseTooltip.react","FDSTooltipImpl.react","lazyLoadComponent","react"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react"));b=h;var j=b.useCallback,k=b.useMemo;function a(a){var b=a.children,d=a.delayContentMs;d=d===void 0?0:d;var e=a.delayTooltipMs;e=e===void 0?300:e;var f=a.forceInlineDisplay,g=a.onVisibilityChange,h=a.tooltipProps,l=a.tooltipResource;a=babelHelpers.objectWithoutPropertiesLoose(a,["children","delayContentMs","delayTooltipMs","forceInlineDisplay","onVisibilityChange","tooltipProps","tooltipResource"]);var m=j(function(a){a&&l.preload(),g==null?void 0:g(a)},[g,l]),n=k(function(){return c("lazyLoadComponent")(l)},[l]);return i.jsx(c("BaseTooltip.react"),babelHelpers["extends"]({delayContentMs:d,delayTooltipMs:e,forceInlineDisplay:f,onVisibilityChange:m,tooltip:i.jsx(n,babelHelpers["extends"]({},h)),tooltipImpl:c("FDSTooltipImpl.react")},a,{children:b}))}a.displayName=a.name+" [from "+f.id+"]";g["default"]=a}),98

Chrome Cache Entry: 241

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 369144, version 2.15
Category:	downloaded
Size (bytes):	369144
Entropy (8bit):	7.996996558953239
Encrypted:	true
SSDEEP:	6144:MrdGJh88ycGS/oRz6MS0jMJ1FovEebhS91ZcRwhGR9hGO:MrI5HfARGM+J1HetSdcRmGbh
MD5:	C44434D881D9D9C7C21B109B23D7777C
SHA1:	9725106075A492834DF7158FD77062D58F966DE3
SHA-256:	E7ADE7E704A6E65A30A5B42D3B6730D7BF40FB2ABDEDF6AEC8A73EC4AEB2838D
SHA-512:	7EFD7B71DB282B58BB1A91CA27F7A8475473BC0ABB69F8991628CE2CC11EFA1A25E31F5604AB7DBFF4DD31564844CAF551829F28ABE39F517D8D23014EF88F5F
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Semibold.woff
Preview:	wOFF..............$.........................FFTM............}..GDEF...0.......d#..GPOS...............GSUB..........!.=]..OS/2.......`...`k...cmap...........@..]9cvt ..(....p....;..9fpgm.."D............gasp...(............glyf..F.......A.6B..head.......6...6....hhea.......!...$....hmtx...p...N../@...Vloca..)......./D']..maxp....... ... ....name..P...........post..Y...6...y..[prep..'.........o.i:........#.B_.<...........y......7.....................x.c`d``../...k......".......`....................P.`.w...............X.....x.......x.......`..................P......!....tyPL.@. ...J.z...... .............. ..x..Zyx..~g.........d...#.....$.@.$l..;...I.....-J.D.DT..j.BU.^-u)K.zy.. ..,9......6.....{...f....\|...3.;.?....eK,.5f..hM.xy.q.!...vc.!z:9.......1.....".~.fY7.D..A......qD>1.:.ja>...+...=..Va.;R.s..M@.{.ej!1...b..Qf.A.3.u..,.FY$....K.0...\.....<.....V.j.gZ.*..>.v..=.[..=......wb1.....Q.A......].S..^.J.c.h../...>.e.<.J.....(...).....~...?S...uA=....s.U.f..

Chrome Cache Entry: 242

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	33844
Entropy (8bit):	7.99308267669055
Encrypted:	true
SSDEEP:	768:ROc9BiYgoyfM3SP89m1yiHInHIYaFg3CphA5bnitBYphI:om74fMu8m18oYH0hAFigpu
MD5:	F68ECD7B9440EE1DCFEAF75521A336DB
SHA1:	20ADBCBDF08FF40322149AC6F6018D04878C1B8C
SHA-256:	B4294275F40039DAD4AFABA680D466F706CA19BF408A4E60070F04E6DB95BAE7
SHA-512:	AFAE4D6CC2303ED490017D2DA87A9368E125907EEBC79187F813BDBF480BADED99F36FDF6991F96666FB4498B97AB62140BBC6F97884576383689ECB00286E35
Malicious:	false
Reputation:	low
Preview:	RIFF,...WEBPVP8 ..........(.>](.E....+......jm1 O.D.y....`.. .3.[..~Z.]...m.....o....z?{.o......+........+.Y.7..............7.....O.......~.}......+.G...........].#...........................s....?...........w.........p~..k...............xg.O.....s.+.w...\|.\|...f.7.i.O._...........}B?'...[.....o.O........z..1./._..{~...................~.........._.>.?..^............5=.}I...O.o......{k...%.........3.i.'........\|.P....d5(.cAn..............3....^...(.....\......o.W.m.u..b.\.,1...o..r,A.k.B..O...~......^\..U....:&n.~...9.._Is.j..K.<..1.EfdB......<."}.......)....pE.Vc..VM.?4?Q.2.2..NE..."'mM...zp5..em.n..cMl.q...p(...u...<K.y..Q.s^.s..K.......<n..n.._....A... .F.X.k5`./.....8...!MW~...sW...M.D.y.t.Y....s>#4N%..NgC._W...).W.....`".^.....u..f.k$S......-.$.V.G.\....).."....j..Z..hT...5....x....u...n.c.aQ-..]...m.~.]...~2_.b.F.ls2..C.JD.Ox.p.S;.d.....i..........M.y.F...6...i..)Pr.ry.ck.6..b`..?...f?^~.....<..-.1o..!.?e.(#.d..q...h.5i.N.....

Chrome Cache Entry: 243

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11341)
Category:	dropped
Size (bytes):	36897
Entropy (8bit):	5.420585042130978
Encrypted:	false
SSDEEP:	384:kG/cNHiLQ/+MzmB8ln+NBioD2AnrcGi37QNPrRQmleOvnzqZlfGhqg/u+c:zUBirNBioD2Gro37QNP1CDj4W+c
MD5:	3C18A5266395BD7E41E3F47066E8CD3C
SHA1:	1BC42FE72967EAF08BCD951B32B41A58C4B638A0
SHA-256:	6C9B5A513B8BD89640850A847F661D6093E804445AE178A45F11BEB15047EEE5
SHA-512:	80B88EDE4EE4784EA4A9BD2652D3234FD2E634DEF8B25E90E85690BD16847049E33FB05C805B7DBDCFE5FB077A969F34153D346ABB4F93EB653F0BE7627F85D6
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("ActorURIConfig",[],(function(a,b,c,d,e,f){a=Object.freeze({PARAMETER_ACTOR:"av",ENCRYPTED_PARAMETER_ACTOR:"eav"});f["default"]=a}),66);.__d("usePrevious",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;b=h\|\|d("react");var i=b.useEffect,j=b.useRef;function a(a){var b=j(null);i(function(){b.current=a});return b.current}g["default"]=a}),98);.__d("BaseDocumentScrollView.react",["BaseView.react","HiddenSubtreeContext","HiddenSubtreeContextProvider.react","react","usePrevious","useStable"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react"));e=h;var j=e.useCallback,k=e.useContext,l=e.useLayoutEffect,m=e.useRef,n=e.useState,o={detached:{MsOverflowStyle:"x1pq812k",height:"x5yr21d",start:"x17qophe",left:null,right:null,overflowX:"xw2csxc",overflowY:"x1odjw0f",position:"xixxii4",scrollbarWidth:"x1rohswg",top:"x13vifvy",width:"xh8yej3","::-webkit-scrollbar_display":"xfk6m8","::-webkit-scrollbar_height":"x1yqm8si","::-webkit-scrollbar_width":"xjx87ck",$$css

Chrome Cache Entry: 244

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	170
Entropy (8bit):	6.443527277911885
Encrypted:	false
SSDEEP:	3:0ZHJdzhFaZBHE+TFiW8orb59LCSO6OEEsQ+4s6qNAuEPAOmswLLBnYuDJn:0ZxFaZB3wWtbySVOtf+4s6miALRZ
MD5:	8EF9811910330596237B01F84D3A4F6F
SHA1:	6676681D37CB0020B38CC56FCDCC3C8B0C4583EA
SHA-256:	782F71BBC8CAAB0C77108C4E62A47A21064BE76B37BFD65297E36E2882E554F0
SHA-512:	B833D280AA95B24A0947B0A8CB6BB0BB37D56DD8AF4FD2536C2C568C6579E41145F3E30B3BCECC77C617D4280C9F3B035CB820112AB45277C2491EF87697B0DF
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/a/ACg8ocIPB8pm4h1EOZRGem3PoDcn21eL8kG9xLS87mgUSKpvN87oxA=s32-rw-mo
Preview:	RIFF....WEBPVP8 ....0....* . .>m(.E."!....@......m...r.D...0,...X......fr......I..7k......x..7?>.]......?Q.hX.....j\n7]...k....k...x..c...................;.Am...

Chrome Cache Entry: 245

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	8422
Entropy (8bit):	7.957610591307103
Encrypted:	false
SSDEEP:	192:AJUodg72/QDT40DJRHg8koK9i5xALHQTFPVvSY7X:AJnkgQP40H6oei0QTF9vSYr
MD5:	39DEECA0A2153295C9ACEBC59AA214AC
SHA1:	E5D3FDEC2B9B10AD80A1E238943C40960840A12A
SHA-256:	987226383173E6C949576F3CE1BA464D3FCF58884A1642A935C893B94393B984
SHA-512:	23AC081A6C4321824BFB4F95A5360CCB2B40513D19E776CA8B157C9EFA249DA6C221E01321E974246520FB3604DCFCBDE6157930DD81F1B2712D2305D620D81D
Malicious:	false
Reputation:	low
Preview:	RIFF. ..WEBPVP8X........?..?..VP8L. ../?...M0h.H...{......LE05.XX.J..>.ar1.^..=.F.$)...^.w...$IN......q&8y...$I2.3..6......FUDs.....N.....IO...F.)x..d...._....._y.........J...9..I..[..%X....P."S.b.....?h......9.w..dt..+.3.b........6`:..........p.#Ir$.c......R@....}.)...Q#..mU......!....v...22..]..H..I....>....f(r.H.Z....<......U.3...."Hxpwx...........x.9..CB....n.Y....z...m.a...~....6).m[.m.m.m[.V.O.6eV.he.f...m.....u?x.U.)..hF.}t.>l..?.m...Y.......3............9.}....w....@..H....V.-..\.,Z.Fq...N..g...0[.d3RH. ..,&..bA..... .V....@..a..B......yu.L/).A.0.H4.1!....B.i.H....X..^..F..1\|....]H.=.w.T.Q..h.,.......C..'.X@..."...XD(.H...[$...`.uH.5..%..0.:&O.0.`.Z..2....fQ....lK...x..u......y.ohNI........$qIB\....!..p.1.:..>...P(.C"F.B.r9x..B..wY..&...BSa.Zzi"...^.......V..`.]..}Q.M..~v... .?.{..\|.Y...G..ASx N.0.cHD.$!..P...F...=...u....m..8Q....c.g5......H.Uqoo891}....7.......+.!.}.'N..6.2..-si!..P....M.C.~W.....>1..U.7.S.w.W.z....@...4..q.

Chrome Cache Entry: 246

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	200
Entropy (8bit):	6.878063612294382
Encrypted:	false
SSDEEP:	6:wAi1Z6iB1toFkCoH+GN2jQPRwS9gJY5derhz6:wd1Eqt8qNN2jaRxgJY5Ec
MD5:	26AE874F3B7051BC5B112960C251080F
SHA1:	1D6B38F7FE58DC79CC66CC0A3EE42CAAA096B686
SHA-256:	8C66B3CB207515328AC21BDBBDA1B90A74D7CAC66267352048BFD7E4E1EFE627
SHA-512:	88DBFE63B9A7374528308BD4AC891535C310FFC2277C3A44004772ACCEA7115D8A1DF77ECB56EDF573000DF4AFC79E7E9524B4FB8C8E8DBAC2384860306F0C31
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
Preview:	RIFF....WEBPVP8L..../....58l.F....._..2.. .p[[..L.nx.......!V.....R..A...........x....>b.z[..j{....%~.{..~+N.sUy.G.....D...x.poN...,`....>....o...Z.*....u...,}...^..W...v..Z.u..^.`dg`j.\|...q....

Chrome Cache Entry: 247

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65435)
Category:	dropped
Size (bytes):	743814
Entropy (8bit):	5.563084141746411
Encrypted:	false
SSDEEP:	6144:5NEzH/mv1zi+vSji+vSn+C7MYCycZrbGPHIWW/COBcNtztd9lKndc3k:5NEzf21z4IJMecZrjQd9Unp
MD5:	C918D2070E4E24BA39ACE5DF456FEC9D
SHA1:	9620492DB40CDE41E72B6CCAD46D76392B9DE4AC
SHA-256:	0893840809D3CC68B5FC54C52BEC3E2DFC6A2FD3E24C8F8C722A6E7C06EB689A
SHA-512:	1645C3B2B39252938E77759CDACCF71E77AA9E6FF3DB4185326319F9802D2A740B83FC359AD25178D888CA6DE0F8B6243146FE3820742164832C7C2D784F2EA5
Malicious:	false
Reputation:	low
Preview:	/! For license information please see hc_enduser-860d7ece999603256af395ffcccc86d7.js.LICENSE.txt /.!function(){var e,t,n,r,a={38016:function(e,t,n){e.exports=n(66341)},89682:function(e,t){"use strict";function n(e){return JSON.stringify(e.map((function(e){return e&&"object"==typeof e?(t=e,Object.keys(t).sort().map((function(e){var n;return(n={})[e]=t[e],n}))):e;var t})))}t.default=function(e,t){return void 0===t&&(t={}),function(){for(var r,a=[],o=0;o<arguments.length;o++)a[o]=arguments[o];var i=n(a),c=i&&t[i];return c\|\|(c=new((r=e).bind.apply(r,[void 0].concat(a))),i&&(t[i]=c)),c}}},97070:function(e,t,n){"use strict";(t=e.exports=n(89682).default).default=t},78701:function(e,t,n){const r=n(73216),a=n(37566);function o(){if(!(this instanceof o))return new o}function i(e,t){!function(e){const t=a.get().files.intl;t&&!window.Intl?r(t,(function(t){t\|\|Intl.Collator\|\|(Intl.Collator=o),e(t)})):e()}((function(){const n=a.get().files,o=e.split("-")[0],i=n["relative."+("no"===o?"nn":o)]\|\|n["r

Chrome Cache Entry: 248

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6336)
Category:	dropped
Size (bytes):	117484
Entropy (8bit):	5.391178242149092
Encrypted:	false
SSDEEP:	768:sRgE/kfchhTC9Epewpo9nXEBkDWYcxsRdf6lXCcSPLTY7AvVx+ThVzFzDA5:sRn/kk5txpYFx6FC/KxY5
MD5:	08191B7EA540420E19C3125123A0A931
SHA1:	3C43E56EBD731A2FA9A0EFCEFB0F8D557EDD9E6B
SHA-256:	4C721ACD0C22234273C6BDABDB769585E8BCDF731A0C003724ACDA7ACDCE3CE5
SHA-512:	E62662155D47ED18D686F577C4822835E967D6794C94381E59E5C2AA80311EC13EFA226FBE78B94113BE792AE0FC823481E9072CF5B7570711DEF18DF7D2D137
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("CometRouterDispatcherContextFactory.react",["CometRouterDispatcherContext","react","useStable"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react"));b=h;var j=b.useContext,k=b.useInsertionEffect,l=b.useMemo,m=b.useRef;function n(a){var b=a.actorID,d=a.children,e=a.from,f=a.parentDispatcher,g=a.tracePolicy,h=a.url,j=l(function(){var a={actorID:b,from:e,tracePolicy:g,url:h};return f.withContext(a)},[b,f,e,g,h]),n=m(j);k(function(){n.current=j},[j]);a=c("useStable")(function(){return{componentHistoryState:{popState:function(){var a;for(var b=arguments.length,c=new Array(b),d=0;d<b;d++)c[d]=arguments[d];return(a=n.current.componentHistoryState)==null?void 0:a.popState.apply(a,c)},pushState:function(){var a;for(var b=arguments.length,c=new Array(b),d=0;d<b;d++)c[d]=arguments[d];return(a=n.current.componentHistoryState)==null?void 0:a.pushState.apply(a,c)}},go:function(){var a;return(a=n.current).go.apply(a,arguments)},goBack:function(){return n.current.goB

Chrome Cache Entry: 249

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	170
Entropy (8bit):	6.443527277911885
Encrypted:	false
SSDEEP:	3:0ZHJdzhFaZBHE+TFiW8orb59LCSO6OEEsQ+4s6qNAuEPAOmswLLBnYuDJn:0ZxFaZB3wWtbySVOtf+4s6miALRZ
MD5:	8EF9811910330596237B01F84D3A4F6F
SHA1:	6676681D37CB0020B38CC56FCDCC3C8B0C4583EA
SHA-256:	782F71BBC8CAAB0C77108C4E62A47A21064BE76B37BFD65297E36E2882E554F0
SHA-512:	B833D280AA95B24A0947B0A8CB6BB0BB37D56DD8AF4FD2536C2C568C6579E41145F3E30B3BCECC77C617D4280C9F3B035CB820112AB45277C2491EF87697B0DF
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 ....0....* . .>m(.E."!....@......m...r.D...0,...X......fr......I..7k......x..7?>.]......?Q.hX.....j\n7]...k....k...x..c...................;.Am...

Chrome Cache Entry: 250

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1 x 1, 1-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	95
Entropy (8bit):	4.381705050636977
Encrypted:	false
SSDEEP:	3:yionv//thPlE+kSI+Dtmy/Y+sR3sdsXxqtQAltjp:6v/lhPfkCDtmywFWsXxWVXjp
MD5:	39C11D656220EFD52F4965400D14900A
SHA1:	327050099CEE8D1AD81E7BFBE5CA2EA057780A87
SHA-256:	C0F9968D0FA5F4DEFF86BABCCD6DF52306138314607A6F3F0ACD2E7AFC783D1C
SHA-512:	B64595AD189620EA7A10715B0F84C30134CAA4BAB0F7FBA8E53438577BD33310939F2B4FACCC4D7152A3B279B641436E84211DB06FA9DB50FC0E9A1E83760B63
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............%.V.....PLTE....z=.....tRNS..31x....IDAT..c`........5.....IEND.B`.

Chrome Cache Entry: 251

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	337
Entropy (8bit):	5.146083636237067
Encrypted:	false
SSDEEP:	6:kRZzRxVvnQYZopAuGNG/QVI32TKhiRANMwQRaNw6JpyxZRNlad0:kRZTFfZxI/AIGoiukbRN20
MD5:	9EA867987F5E11760B119B114916EAC6
SHA1:	5CB3CB6765A162D85ABC11AEA9AD20FD0EDC2971
SHA-256:	6C18B2A92280EF3E67E08B7657C2DEBE004BA1EF953233B11B2578C4F705D970
SHA-512:	4E80A40DC43BC20F025DE220A6411406DDABE7BF6D0F36E4E320C0BB9BA3767F006A4CBCDF9000671FE2F0FCCD8FC4E25A00878B22735FED03393D8E9F657584
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("UZStuc");._.qr(_.sAa,class extends _.rr{constructor(a){super(a.ta)}H(){return"UZStuc"}N(){return!0}Xa(){return _.q5}});_.$q.UZStuc=_.zz;._.w();.}catch(e){_._DumpException(e)}.}).call(this,this.default_PlayStoreUi);.// Google Inc..

Chrome Cache Entry: 252

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1 x 1, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	95
Entropy (8bit):	4.381705050636977
Encrypted:	false
SSDEEP:	3:yionv//thPlE+kSI+Dtmy/Y+sR3sdsXxqtQAltjp:6v/lhPfkCDtmywFWsXxWVXjp
MD5:	39C11D656220EFD52F4965400D14900A
SHA1:	327050099CEE8D1AD81E7BFBE5CA2EA057780A87
SHA-256:	C0F9968D0FA5F4DEFF86BABCCD6DF52306138314607A6F3F0ACD2E7AFC783D1C
SHA-512:	B64595AD189620EA7A10715B0F84C30134CAA4BAB0F7FBA8E53438577BD33310939F2B4FACCC4D7152A3B279B641436E84211DB06FA9DB50FC0E9A1E83760B63
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/O7nelmd9XSI.png
Preview:	.PNG........IHDR.............%.V.....PLTE....z=.....tRNS..31x....IDAT..c`........5.....IEND.B`.

Chrome Cache Entry: 253

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Category:	dropped
Size (bytes):	16958
Entropy (8bit):	3.7894912728920813
Encrypted:	false
SSDEEP:	384:QU4LdnMHZX+os6tWhFVSknSXLRiew7LYx2oRBVABafIs0PPbmXRj3FIDdl:QaGDf
MD5:	CAD7601F1F8C2C359780F4F874276A1A
SHA1:	E829E5E11613A6F433E4C3A86FFFD27C33415340
SHA-256:	CDB10ACC3D96D44468F0BD10E020BBEEE6106C9C23E553CD8B6188F3ADCA54CE
SHA-512:	964BC8477E55B7B21185399607A3C79B54EF4C892C85A3116046D6F4E935F3C5D0F5195DD7FDF65B651186EBA75B75571D97E0C20E70662559F0353AA18BD771
Malicious:	false
Reputation:	low
Preview:	......@@.... .(B......(...@......... ...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 254

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2890
Entropy (8bit):	7.192134477647289
Encrypted:	false
SSDEEP:	48:2/6BMYL4knA9WIM8j/c05ibl3PfHAq3DlHAU02hl607wBnJgnAD4Vtq8Ha+H:2S+YkknmWIM8j/rKHAAHAUxYJie4Vtqe
MD5:	CF9659FA3891ADD490CB7D0D099D72AC
SHA1:	85581945FF05F48B3A652BA3E90AE44D97B18CF1
SHA-256:	76DB9987BB4F902E6D4A6702577717A6D6AFFF1BEF8EB6DFCE62C5C69E8D707D
SHA-512:	D0DFED00B29718DEDDB2FCFD0926D6234FE2E6AD6AC8A2D029747A01747B55CA5EFDD05D2694CF63D807D06FD46ED296D105C40169EF976E50FA81853D60EF14
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...$...$.............pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:52+07:00" xmp:ModifyDate="2020-04-24T11:35:36+07:00" xmp:MetadataDate="2020-04-24T11:35:36+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:f2f79ae0-3b29-4334-b916-3b0a0edf17e9" xmpMM:DocumentID="adobe:docid:photoshop:5db56676-51d6-d84d-af27-2a604b659

Chrome Cache Entry: 255

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (824), with no line terminators
Category:	dropped
Size (bytes):	824
Entropy (8bit):	4.880866331098017
Encrypted:	false
SSDEEP:	12:5Q94+f9/pi6L+HUkq81RHU8PpYKCj6pVopJEvQB2JkRvJWn:5c4+fJE6L4Uk7RHURjHp8kRhWn
MD5:	7A04E34B3D63DEF624AF82BA6DF461BA
SHA1:	023F366B89C8F008AC2BDE6246DD9774A21BCCD4
SHA-256:	0AF099B192033202033BB4999EC904031C72F05ED158816144CB898423A3EB72
SHA-512:	F115FDA1DD43E5FB726AD470124EB9B43FE063437F6DF57708EF43946A4C8A22D5E0CC76246B5D098406592B5A8B8887354D874AEF7E6321B8B59D546FC5E00D
Malicious:	false
Reputation:	low
Preview:	"use strict";function renderFAQSection(){var a=$(".accordion-container"),n=CODA.Shop.faqData.faq,e="";Object.keys(n).forEach(function(a,c){var t=n[a].question,o=n[a].answer;e+="<section class='accordion-section'>\n <input class='faq-switcher' type=\"checkbox\" id='faq-"+(c+1)+"'>\n <label class='faq-switcher-area' for='faq-"+(c+1)+"'>\n <h3 class='faq-element__question'>"+t+"</h3>\n <span class='faq-element__arrow'></span>\n </label>\n <article class='faq-element__answer'>"+o+"</article> \n </section>"}),a.append(e)}!function(a){a(document).ready(function(){"faq"in CODA.Shop.faqData&&CODA.Shop.faqData.faq.length?renderFAQSection():a(".faq-accordion-container").hide()})}(jQuery);

Chrome Cache Entry: 256

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7283)
Category:	dropped
Size (bytes):	22014
Entropy (8bit):	5.373845925748574
Encrypted:	false
SSDEEP:	384:KZ5Lm8h8SZ5wm8yZ5wm8gHsrIHpABEMaLltCFiNit:KZ59h8SZ5CyZ5CgHs0HpABSltCd
MD5:	DE4AC9EDBD2D6F182743AA413F0F4409
SHA1:	952B9E99521F1398FCE18F8579090E49E1FFA85A
SHA-256:	78B2DD607705792E2E47BCC48335D97C2A61B1C379D7A8E70EC7B1053D135ECF
SHA-512:	7380AD3CCA91A817DEE09DDBC2D8730C7BE5BABE7EACF058656612C60548D4D2F29E42566ED5CEFC0840544A97C81CB7AED47169724F0B5AF054FA3F8988D706
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("LSAppendDataTraceAddon",[],(function(a,b,c,d,e,f){function a(){var a=arguments,b=a[a.length-1],c=[],d=[];return b.sequence([function(d){return c[0]=b.i64.of_float(Date.now()),b.db.table(154).add({addonId:void 0,traceId:a[0],timestampMs:c[0],checkPointId:a[1],syncChannel:a[2],errorMessage:a[3],tags:a[4]})},function(a){return b.resolve(d)}])}a.__sproc_name__="LSDataTraceAppendDataTraceAddonStoredProcedure";e.exports=a}),null);.__d("LSArrayGetObjectAt",["I64","Promise"],(function(a,b,c,d,e,f,g){"use strict";var h,i;function a(a,c,e,f){return(i\|\|(i=b("Promise"))).resolve([e[(h\|\|(h=d("I64"))).to_int32(f)],e])}g.call=a}),98);.__d("LSDeleteThenInsertMessageRequest",[],(function(a,b,c,d,e,f){function a(){var a=arguments,b=a[a.length-1],c=[];return b.sequence([function(c){return b.db.table(34).put({threadKey:a[0],messageRequestStatus:a[2]})},function(a){return b.resolve(c)}])}a.__sproc_name__="LSMailboxDeleteThenInsertMessageRequestStoredProcedure";e.exports=a}),null);._

Chrome Cache Entry: 257

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (50989)
Category:	dropped
Size (bytes):	1060820
Entropy (8bit):	5.566410199776105
Encrypted:	false
SSDEEP:	24576:EWyEkjqarGBN9X1CMLwgsygoSk6jr2UL2xtkEpxTzRpwFpJSxsHHYhTLatQzvYE1:EW82arGBN9X1CMLwgsygoSk6jr2UL2xZ
MD5:	DA32575B262C26A6CE75498BDB3DC9AD
SHA1:	2E619FEB1C9EAF9BE5534E06E180E1BC9897BA98
SHA-256:	E058B68E1A204B0C0D06C295D59A085D9861355C354713544BC3C5DEFE44AC99
SHA-512:	6471D38E5ED682B31236522987146A284DDE5C064C342087B8AE1B255AEA02EB8F20985E7A4DDD1B48213661BF04B0DAAD1A82C411D300BECACEFF8030EFF708
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("CometBlueBridgeContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(!1);g["default"]=b}),98);.__d("WorkGalahadContextualLayerServerCallableAnchorRootContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(!1);c=b;g["default"]=c}),98);.__d("BaseGalahadModal.react",["BaseDocumentScrollView.react","BaseHeadingContext","BasePortal.react","CometBlueBridgeContext","CometContextualLayerAnchorRoot.react","FocusRegion.react","Layer","LayerTabIsolation","ModalLayer","WorkGalahadContextualLayerServerCallableAnchorRootContext","focusScopeQueries","react","stylex","useStable"],(function(a,b,c,d,e,f,g){"use strict";var h,i,j=i\|\|(i=d("react"));b=i;var k=b.useContext,l=b.useLayoutEffect,m={rootAboveClassicContextualLayer:{position:"x1n2onr6",zIndex:"x1qralhi",$$css:!0},rootAboveCometContextualLayer:{position:"x1n2onr6",zIndex:"x1vjfegm",$$css:!0}};function a(a){var b=a.children,e=a.contextKey;a

Chrome Cache Entry: 258

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 162924, version 1.0
Category:	downloaded
Size (bytes):	162924
Entropy (8bit):	7.998614826254304
Encrypted:	true
SSDEEP:	3072:XdhkQyBlHVVYwHUFDrzXtPz/qJwZmUyhjpimMS6DW4hb59a06EziVFKth8Biq:wQyBBvYw0FD/tPWJZjI3PXhbrduVFc8f
MD5:	7F2E1B48B71EC58FDA4539018A2F56CC
SHA1:	507BF81F52FA8C99BF2C5C8BD59A981899CA9995
SHA-256:	7F80C4C91054B3D6C80721939242C2D4F68F15E41F251E12641F695D78EB2F35
SHA-512:	DD7B52119D1179332147984F6C7D8CDCB3388AEB1E8AF708EF9036ACDDE6E7B3900ACC965221F4E4864DAD89797072E19E5B308CF065A65DDA7656BE884CDD77
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Preview:	wOF2......\|l..........\|..................................`..P..........N.....6.$.... .... [.m.A.B.$...c....5s/E...%.u..v..J6...:......;............$........@..M..... 8.HA.6%R...tB ..D..M".f.$G.....<....~.y;..R..23.S.T...p...'V{\|u.,S....Z...lZ)..Dc..D..;=n...V...<.X6...h.......:sw.....T.6.eF..!=.f..H\..dDd.q"s.E.Q......JT..v..#Mf"sH}A.>.....q.h.mLC...Q..Cv...+\|.u......6..B...I......K..I...R.[..m(...P<B."R.Ap.f.j:.o...\o..L..G3Yn.C..........\rI..$$!DH.!....v0r.E...p..WK.v...muW...X.[. ......j...1\U..8V.&.X..i.T^TO..^\......&.g2Iv....>.J(.T...y...v....4.f..a....$.K...M-5...1D.ya...'.'...A ....!.@..c...$.D.3q..:...:&O.rV..V..v.m...[-.Z..m.......:o......$}.h..i.N.FH.$(..Zq....v...k. ._.A...J&.J..D.......>...~!...H.".$........_...;v...*gU....W Y3lI...;.....RG.....\|.rw.. ..=@.....N.....=.W..=O.(...`..M......Y..&.O. R..'0.~6@$.4f.`I@.dV{..YJ[j`v).1(.L.."(oO...R...cI(.l.K..P,1.C.b....A=,u.B....;wm..H{.>......8e.8d.2.~.4.CDDDDDDDD..\|.Z..s.G!.._.....

Chrome Cache Entry: 259

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (50989)
Category:	downloaded
Size (bytes):	1060820
Entropy (8bit):	5.566410199776105
Encrypted:	false
SSDEEP:	24576:EWyEkjqarGBN9X1CMLwgsygoSk6jr2UL2xtkEpxTzRpwFpJSxsHHYhTLatQzvYE1:EW82arGBN9X1CMLwgsygoSk6jr2UL2xZ
MD5:	DA32575B262C26A6CE75498BDB3DC9AD
SHA1:	2E619FEB1C9EAF9BE5534E06E180E1BC9897BA98
SHA-256:	E058B68E1A204B0C0D06C295D59A085D9861355C354713544BC3C5DEFE44AC99
SHA-512:	6471D38E5ED682B31236522987146A284DDE5C064C342087B8AE1B255AEA02EB8F20985E7A4DDD1B48213661BF04B0DAAD1A82C411D300BECACEFF8030EFF708
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3i00E4/yW/l/en_GB/SHFsDr_1Zg9.js
Preview:	;/FB_PKG_DELIM/..__d("CometBlueBridgeContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(!1);g["default"]=b}),98);.__d("WorkGalahadContextualLayerServerCallableAnchorRootContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(!1);c=b;g["default"]=c}),98);.__d("BaseGalahadModal.react",["BaseDocumentScrollView.react","BaseHeadingContext","BasePortal.react","CometBlueBridgeContext","CometContextualLayerAnchorRoot.react","FocusRegion.react","Layer","LayerTabIsolation","ModalLayer","WorkGalahadContextualLayerServerCallableAnchorRootContext","focusScopeQueries","react","stylex","useStable"],(function(a,b,c,d,e,f,g){"use strict";var h,i,j=i\|\|(i=d("react"));b=i;var k=b.useContext,l=b.useLayoutEffect,m={rootAboveClassicContextualLayer:{position:"x1n2onr6",zIndex:"x1qralhi",$$css:!0},rootAboveCometContextualLayer:{position:"x1n2onr6",zIndex:"x1vjfegm",$$css:!0}};function a(a){var b=a.children,e=a.contextKey;a

Chrome Cache Entry: 260

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (57621)
Category:	downloaded
Size (bytes):	664810
Entropy (8bit):	5.277104188889445
Encrypted:	false
SSDEEP:	6144:kjo4iuKWmMUoKtfzNyK6necz7hGed4KyuN84Cfj:kjo4j4hFtfz0rj3SKyw85j
MD5:	C8AA79EF27BA702E3C9D048FEAE107E3
SHA1:	F6135688AD45C1264EB3EDDC18D3389CDFE92164
SHA-256:	720BE29CEC2D53CD6DF76CC66E7702D7A0F4BBD8CEBAAF7F0D3FA939AAF4FE3C
SHA-512:	79630E79B0BC47147B9F402B6B02725AF5F61604038AFFD5B018453344BAFDB14AEF5450FF336655D9BDAFD1E5E2554EEDCA01645006E5A1F6C1F6E810013A3C
Malicious:	false
Reputation:	low
URL:	"https://static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/KRWR7ahxEYA.css"
Preview:	div._3qw{height:auto;left:0;min-height:100%;position:absolute;right:0;top:0;z-index:400}._31e{position:fixed!important;width:100%}.webkit ._42w{position:absolute;top:0;visibility:hidden;width:1px}._3ixn{bottom:0;left:0;position:fixed;right:0;top:0}._3qw ._3ixn{background-color:rgba(255, 255, 255, .8)}._3qx ._3ixn{background-color:rgba(0, 0, 0, .9)}._4-hy ._3ixn{background-color:rgba(0, 0, 0, .4)}._99rc ._3ixn{-webkit-backdrop-filter:blur(20px);backdrop-filter:blur(20px);background-color:rgba(0, 0, 0, .5)}..x18l19kd{--accent:var(----accent,revert)}.x1b0580a{--primary-text:var(----primary-text,revert)}.x1i2ug1n{--primary-button-background:var(----primary-button-background,revert)}.x1obymqx{--secondary-text:var(----secondary-text,revert)}.x1v5e2he{--secondary-icon:var(----secondary-icon,revert)}.x6vdh9z{--primary-icon:var(----primary-icon,revert)}@keyframes xct2g7x-B{0%{transform:scale(1)}25%{transform:scale(1.2)}50%{transform:scale(.95)}100%{transform:scale(1)}}.xixsox3{--primary-deempha

Chrome Cache Entry: 261

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11592), with no line terminators
Category:	dropped
Size (bytes):	11592
Entropy (8bit):	5.214688259892576
Encrypted:	false
SSDEEP:	192:DwbgMiAo5mi2byCGQawyOFCKPUfY1P5lDSjNYRv6Ic/KjZ9wCmH5:D/5mi8lhyg/WYs5V1Y9EZ
MD5:	DDBB39A9E8E67D5067145F8AA76B938D
SHA1:	2F7CACFBCAAF8291A1A933898D1DFF0B21EDF1CB
SHA-256:	44798A517A7C8D28C1E371A1B8B869BAE1608BD48DF7ED50800CBED8703612C1
SHA-512:	0D39A3532DA94D3E32A87B89D2E3E8E1EE94F40E06C61773808F90DC9C0DC6A69BDDC713A5CD99151799FA5F74DDAF62A4E8ECACEF5241B54D6B37892561F811
Malicious:	false
Reputation:	low
Preview:	!function(){var d=window,v=window.TapfiliateObject\|\|"tap",r=d[v]&&d[v].q\|\|[];if(!d[v]\|\|!d[v].loaded){d[v]=function(t,n,e,o,i,r){var a=d[v][t];if("function"!=typeof a)throw'Function "'+t+'" not supported';a(n,e,o,i,r)},d[v].q=r,d[v].loaded=!0,d[v].baseUrl="https://frstre.com",d[v].baseUrlDepr="https://tapi.tapfiliate.com";var n,h;d[v].Tracking=d[v].Tracking\|\|{},d[v].options=d[v].options\|\|{};var m={},a=!1,s=function(t){var n,e,o,i,r;if(e=[],r=/%20/g,o=function(t,n){n="function"==typeof n?n():null===n?"":n,e[e.length]=encodeURIComponent(t)+"="+encodeURIComponent(n)},t instanceof Array)for(i in t)o(i,t[i]);else for(n in t)f(n,t[n],o);return e.join("&").replace(r,"+")},l=new function(){var s={},l=0,u=[],c=[],p=!1,o=this;return this.addMethod=function(t){if(t.supported())return l++,s[t.key]=t,this},this.init=function(){var t=l;function n(){--t<=0&&(p=!0,function(){for(var t=u.length-1;0<=t;t--)o.read.apply(o,u[t]);for(var n=c.length-1;0<=n;n--)o.write.apply(o,c[n])}())}for(var e in s)"functi

Chrome Cache Entry: 262

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	8332
Entropy (8bit):	7.943274504272014
Encrypted:	false
SSDEEP:	192:7KzxdORmCaOZLtcjJCUaoQw4OfsPighKVwGUFLybHrl:7KzxdORmC+jMUai4UkiY/GELybh
MD5:	21AF19C2D86EFCCC089A370B3E977126
SHA1:	4E384E8FE56355CA0EA40037538023C3F536D01A
SHA-256:	3FD77B3AD84BE32D99139A582A0BFC0597E302D51D7F45F8ED0994A2DC65C572
SHA-512:	581E27D7938774D9C893E58036D43156A46002672B6D1C1845AB95C2594DBF8129DA9E8C0A9353E0E9A2F9AFF8D08F5C113BE7595E00864E8CD60877B9812A49
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/zP7opc5mRojd_Hmq_COpDBXf_QbspUi9UYBBYacXiIgmM7_s-g2UqXjHpsFSCATOJnE=s64-rw
Preview:	RIFF. ..WEBPVP8Lx ../?...M.i.f.k...a......VF9K..\...HR4..?.....Z..R..$IRRk8.....a=\I.lZ}m..q7....c......_!K.Q.....)5.T.....\|......P.NH...'0..Y.......Z&.&.$..f....zK.Y!....c.l.M..,..K..@.$...g?.,S...+.U...`..:.9..f43.F...4b2..l?ff&3333.....3[.3w...........{{..}8io..'.uy7..<.@...a.pTN}S..u..p"....i..p.+`NZ..A.[.<m..Fv.6_.y.n..S.]...X..ajU......U0.z.....m6..2......r....i.j].p2.[..v.m.m..$Y...aN..0...fffff..i........2cZ'q...k.m.lk.wD$....m....m.m....wZ.U.IE.^k"h.6~.S~7....3....o.,.[...........C.o....A:)....[...0a......eN.....P..!........".u.B.u.X.>..F..w.. ...J\....m..+..>...p<...9+.....u.x...~...$@$$.lU.......u.B@e.@TQH.#..>.]OB....@..e....V.u..9.@.,....4...W..... .....H...AL6@{........jK.....0.].%......Y0.f.....$.:.#.{..f.kb......w2V..#S.Q.h."x...9..h4.8.0.J(lQGB..\|........V....$..R.)n.6.\|.V.?V._...@Y^.....d.%XB.S....V...q...a6Y1Iw...Q$BC...$....E.y.Q.j..u..V'...@.0HEA..@5.K.6..O....d_\i......<.!f......S .!....A...g.;D.U..,P.2%K.A*.E

Chrome Cache Entry: 263

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 157 x 28, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2191
Entropy (8bit):	7.8806721941399696
Encrypted:	false
SSDEEP:	48:iBGywlLthIdBZSpcL1cJMJVgU18guwI2GYci5l34V7:iMywptHJyt18Tgci/IV7
MD5:	EF72958375F5891863E9E027D910FE6F
SHA1:	B74DA6938B6C7B5F5DF6C0217993CD1AFAC15260
SHA-256:	5FDF464D02D5BE0BCFD2F1AD32C75AEED1F03232C2033F399DF2CE78A289D8F7
SHA-512:	F117B7B3EBA5C2FF9314E9649C9277BEC7134F261ED19B1D9310D81B154CE2FD2A8CE1B06364045D5B81306E51416904212951102F3FF6243529AB6A2FCF1AC4
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............{......tEXtSoftware.Adobe ImageReadyq.e<...1IDATx..\_h[U.?7....en.C.........>.A.<....... ....(.0..\|.$/"(4..{P.-L./6E..d....?....O..~7;=;..s.t....r..........b.....I..r.....u ..l...g._M,B......b.%D,.+..u.....+..b...4.t...u.{_y.....t.gFm.[..&..@#.......~n.._..%.E........@q..Xv..Y.5.?.../q,Z.....W..%.@....[.P...x....7b.u..f.a]S\|..W..r;;.~.5.a4.c..N..Z.....z..CN.n..$..p............1tA.....&....n...n. ....=.@J......,.8N.PfU..}..".j.t.......U....uN.n...8..7.1Y...Mt.........t\|.^.~...[...'...N..l......4.JP..:...M.}n....Y.l..,.\|..K..G..C...t...<.P\..W.L......a.nQ.d(..X...Q{.....x .................J..A....@.5k.@c."v....@}.Og..!\|Xe..l.?N......o\..~.....\|.$...d..#.V.......:..(UAe.t...8.+.IWd."..6.N:.=.._#F...Y..j.t`L..6..F.3...'.cw.....!.o3]C.P.v4.~.,.+<...l.n.. .%.s3...P2..%.....8.9..y.mF.;..s....f:/...R..A.C_..0.I.I/k.Q.~...>.>...!?.......hj#./...:......xvy...Vb&U.....AF.`......'...E=...L.C...s*.....................

Chrome Cache Entry: 264

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3712), with no line terminators
Category:	dropped
Size (bytes):	3712
Entropy (8bit):	5.212709096750888
Encrypted:	false
SSDEEP:	96:wrtnIBIwWpou6Tcf669S1xWpk6jfALbA9IrH:w5nIBIqcyZB6jmc9IrH
MD5:	C3B6AEBB4BB6348BDBC97877D611B398
SHA1:	0BF1D1278DE8F728F01878C5B1C9EBCB8B63F341
SHA-256:	B0A5EDA93203F5017626940664FF4C6885F1989B4DF80EF250567F0808C5CD2D
SHA-512:	533684A7CB43C0D7E5CF6E14584B9402C7283C028C62296EFFD6B476DADC2D723A8031843BD84A433B591B378C32C11CDFCDE8486FCC9F80CD77A7AB890A76EE
Malicious:	false
Reputation:	low
Preview:	(()=>{var t={78:(t,e,r)=>{var n=r(427);t.exports=function(t,e){if(!t)throw new Error("Missing elm");var r={};return(e\|\|[]).forEach((function(e){var o="data-"+n(e),i=t.getAttribute(o);/^(true\|false)$/.test(i)&&(i="true"===i),/^\d+$/.test(i)&&(i=parseInt(i,10)),null!==i&&(r[e]=i)})),r}},427:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"-".concat(t.toLowerCase())}))}},462:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"_".concat(t.toLowerCase())}))}},54:(t,e,r)=>{function n(t,e){var r=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),r.push.apply(r,n)}return r}function o(t){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?n(Object(r),!0).forEach((function(e){i(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):n(Obje

Chrome Cache Entry: 265

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10570)
Category:	downloaded
Size (bytes):	78472
Entropy (8bit):	5.411343661420377
Encrypted:	false
SSDEEP:	768:zYsXjygLW+gZu1lnvJkp0FyQBOuLuoqof6NC6D++5IG3PgUkEMkm5:UsXGdZmB1Ztvg3gn
MD5:	C97389663DAAF8E36A7C1A44E4C3BBF5
SHA1:	C4B5D25ACE3FFBC2547AF5EB8DC10D0CFA543E47
SHA-256:	2DCFC98F13880AFD3E9245A8B372C51D5661061A614FDFCE33EF15C5648D1B82
SHA-512:	92D2B87D1955449E1D1B8104660828812FA009F456D44933F093D665DC1000EDC8E08E9F5B42EA64FE68EB1E1F4D33E430A658C0F8142E806A125BB575DD8F2D
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3iy4i4/y5/l/en_GB/du3gSBma26r.js
Preview:	;/FB_PKG_DELIM/..__d("CenteredContainer.react",["cx","joinClasses","react"],(function(a,b,c,d,e,f,g,h){var i,j=i\|\|d("react");a=function(a){babelHelpers.inheritsLoose(b,a);function b(){return a.apply(this,arguments)\|\|this}var d=b.prototype;d.render=function(){var a=this.props,b=a.fullHeight,d=a.horizontal,e=a.vertical;a=babelHelpers.objectWithoutPropertiesLoose(a,["fullHeight","horizontal","vertical"]);e=(e?"_3bwv":"")+(d?" _3bww":"");d=j.Children.map(this.props.children,function(a){return j.jsx("div",{className:"_3bwx",children:a})});b=c("joinClasses")(this.props.className,b?"_5bpf":"");return j.jsx("div",babelHelpers["extends"]({},a,{className:b,children:j.jsx("div",{className:e,children:j.jsx("div",{className:"_3bwy",children:d})})}))};return b}(j.Component);a.defaultProps={fullHeight:!1,vertical:!1,horizontal:!0};g["default"]=a}),98);.__d("ChromeExtensionInstallError",[],(function(a,b,c,d,e,f){"use strict";a=function(a){babelHelpers.inheritsLoose(b,a);function b(b,c,d){var e;e=a.c

Chrome Cache Entry: 266

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	244
Entropy (8bit):	7.052798134603722
Encrypted:	false
SSDEEP:	6:c3ZFl0RTz7vgmXhsKroc6rRnPj5P1e32/XGyw7njUvp:c32Tnoz9P432/unjq
MD5:	81226FE56259FE6976BC69271844349A
SHA1:	2798D1D805F0B48140FABF2A95A925C5CF240AA5
SHA-256:	6CD9FDD3B8FDB2DF17D4D09FB17006C8EB39A3DF753D04D541472A4C8E708284
SHA-512:	AF656EC82FC287D897A2C227DAF621F593A56FD333BAB0C7E5664A24736683480CB73CBF91515CEA777FD4B9EA309AD6B42EF261D835E8060FC98DA7BD65E3E0
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../.....@.$.4P.k.,..V.r.d.+......7.....n..]...fU...ms..../b@_x.W..?)q.Rm.$.6.p.Q-....`..a..._B_.SB..dX.2.....5..97n6....;N...]..{....~.P.N[....j$.!.....$..`W.(q..r.7.G.....lM...........b,....$...aS...3j..A9..<9

Chrome Cache Entry: 267

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2186)
Category:	dropped
Size (bytes):	6423
Entropy (8bit):	5.539327858665286
Encrypted:	false
SSDEEP:	96:n1atQ8+xSTjKh//PvhvK48Ayhx3De4W0eq7vyiRjRZb:n2Qg+hv5vKNthxTBW0eq7Hdb
MD5:	A7A3260952B335A1EBB24B483C7872FF
SHA1:	CFCD98B9976707115C978BF71D48B7186D2CED7B
SHA-256:	117BF81F1E561E0002BCDF7BD281AF1F65E175C5EF92B6AD377AAD4229CE16A2
SHA-512:	14969923819574FAB0676E5EFE1D915C413D2DE860D12937DC64925F7821E01B936606B692BE45126FC93A7FBF3F6387CE297BB9DABBC52E86BD76DB7D83A259
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("warning",["cr:755"],(function(a,b,c,d,e,f,g){g["default"]=b("cr:755")}),98);.__d("Base64",[],(function(a,b,c,d,e,f){var g="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";function h(a){a=a.charCodeAt(0)<<16\|a.charCodeAt(1)<<8\|a.charCodeAt(2);return String.fromCharCode(g.charCodeAt(a>>>18),g.charCodeAt(a>>>12&63),g.charCodeAt(a>>>6&63),g.charCodeAt(a&63))}var i=">___?456789:;<=_______\0\x01\x02\x03\x04\x05\x06\x07\b\t\n\v\f\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19______\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123";function j(a){a=i.charCodeAt(a.charCodeAt(0)-43)<<18\|i.charCodeAt(a.charCodeAt(1)-43)<<12\|i.charCodeAt(a.charCodeAt(2)-43)<<6\|i.charCodeAt(a.charCodeAt(3)-43);return String.fromCharCode(a>>>16,a>>>8&255,a&255)}var k={encode:function(a){a=unescape(encodeURI(a));var b=(a.length+2)%3;a=(a+"\0\0".slice(b)).replace(/[\s\S]{3}/g,h);return a.slice(0,a.length+b-2)+"==".slice(b)},decode:function(a){a=a.replace(/[^A-Za-z0-9+\/]/g,"");v

Chrome Cache Entry: 268

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	645
Entropy (8bit):	7.631563068517978
Encrypted:	false
SSDEEP:	12:6v/7ihaL0Z6T2rkLv0cLSbLzKlRv+reS0TZPhnv8NuKS8jrRJI1b3g0hfue9:riS+v05bLzK7CmTRhnUTJjk1b3Jhfj
MD5:	EA2722D3B676D5CDD4F7225E65695112
SHA1:	97E5E94CFF5B62F60BA76C7DD9F606304AF8B10C
SHA-256:	317E5FDAA14E548C0045D5E662709CFE0B692E0384A8396CF22054BF0A1E1C48
SHA-512:	BF06CE48B306A0EA13EBC7BE92CB56440DDF1C35C214BA7C164DECFDA6E2E7AAAB31605196D0690BE4FF509404701CA620C504A5EDF0C3E6A12C6FA5A73C78DA
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/i/productlogos/avatar_anonymous/v4/web-32dp/logo_avatar_anonymous_color_1x_web_32dp.png
Preview:	.PNG........IHDR... ... .....szz....LIDATx.b .<\|...P\|.h(.E.0.....\|.x.......a.....!.....q{.t.U...(.A.g.....w.3,&.s.~..h2.....Ip=..4!..[.................r.p6.R......R.....19]z.......%.E.q..........6".#...9..Y.n.U.ZU.ZMu:.Q:t%..y`<.+.0T6.=.i.0.e..a.f...b.\..Ax..e...K...$7..BAk@.\f..}bG.K....\Nk@.T.ha.+.w.%x.5.....k..OJr...$Gd....,.0....n.{..b........%].....K.....?....f....w....j4...@%p{?...\|>.....hH.h.....r....h..s.J..@X.j..3#h>.`@Xw..l.K.;).c..>....V.b. T....0B.4....%G......a[..P.........G..B"..!...m9rj%.....E.AD...0...!..y``....o.z...1J.FF,..sEr3.s.&....b.m.+.........'.m3(D..{..:..So.Ja..*......#..'....IEND.B`.

Chrome Cache Entry: 269

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (824), with no line terminators
Category:	downloaded
Size (bytes):	824
Entropy (8bit):	4.880866331098017
Encrypted:	false
SSDEEP:	12:5Q94+f9/pi6L+HUkq81RHU8PpYKCj6pVopJEvQB2JkRvJWn:5c4+fJE6L4Uk7RHURjHp8kRhWn
MD5:	7A04E34B3D63DEF624AF82BA6DF461BA
SHA1:	023F366B89C8F008AC2BDE6246DD9774A21BCCD4
SHA-256:	0AF099B192033202033BB4999EC904031C72F05ED158816144CB898423A3EB72
SHA-512:	F115FDA1DD43E5FB726AD470124EB9B43FE063437F6DF57708EF43946A4C8A22D5E0CC76246B5D098406592B5A8B8887354D874AEF7E6321B8B59D546FC5E00D
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/js/faq.7a04e34b3d.js
Preview:	"use strict";function renderFAQSection(){var a=$(".accordion-container"),n=CODA.Shop.faqData.faq,e="";Object.keys(n).forEach(function(a,c){var t=n[a].question,o=n[a].answer;e+="<section class='accordion-section'>\n <input class='faq-switcher' type=\"checkbox\" id='faq-"+(c+1)+"'>\n <label class='faq-switcher-area' for='faq-"+(c+1)+"'>\n <h3 class='faq-element__question'>"+t+"</h3>\n <span class='faq-element__arrow'></span>\n </label>\n <article class='faq-element__answer'>"+o+"</article> \n </section>"}),a.append(e)}!function(a){a(document).ready(function(){"faq"in CODA.Shop.faqData&&CODA.Shop.faqData.faq.length?renderFAQSection():a(".faq-accordion-container").hide()})}(jQuery);

Chrome Cache Entry: 270

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	164
Entropy (8bit):	6.560027690474973
Encrypted:	false
SSDEEP:	3:u1Zrql17vRGlYo0Dr9TpkNTF3N9aQgn+39IzWIkYutRCv3hCEKX/n:u1Z+l17vRGMhuRT9p3WzWeutkvRCEKvn
MD5:	C3D7960132B3DA262B721E88CFB2583F
SHA1:	1612089211858694E09F6F715F3A0B4145DBA674
SHA-256:	DE88165FA4D58B4AD531B6F8D8FACBC5DC00F73E96B617E503D36FEE29C53CEC
SHA-512:	F18E3F59F71CF7521938C90826FDC28BB7F3EF43749C4DBC48F46FD6FA1B293A58461B50E021B7569F4EDD55B5129C4755E61E3D4F1205B7535F5A572A6EBE45
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
Preview:	RIFF....WEBPVP8L..../.......$)...M.=.X.~..Qm.J.....@.Z.......{...m.FiS...`..V..l&Z*. "...V..(..N......c..eLp..@..+..$..;.3......D.&a;\|...H..R\|;..3..#XD..UR..>V..

Chrome Cache Entry: 271

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32588)
Category:	dropped
Size (bytes):	35713
Entropy (8bit):	5.748945229879846
Encrypted:	false
SSDEEP:	384:7xOVzojduTK4lAsAlBz/+QV62XczensLR/pKgZXhrxfZLpnWLR/pKgZXhrxfZLpU:l6woTnHAPIZe/SGiQhCbsG
MD5:	67C4412171DBFA6626CBBB9BAD54324F
SHA1:	9C1DFD70B4191BD55A49B5E8A7AFF764300781BF
SHA-256:	FD19B8572E54B56AA0E11159BC14104C1567C340B6006CF26E32E21D7E85EADE
SHA-512:	7885557DAF3B9BE367B62342853A6F366C4C1DA807A5ADBB9FEEC7726D641BF79B36AFC71E0A7BF1E02E276BFB8B83E609ECAFFEAE1CC409411C5A20B342C506
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/../*. License: https://www.facebook.com/legal/license/OKBVmODmb-W/. */.__d("tweetnacl-1.0.1",[],(function(a,b,c,d,e,f){"use strict";b={};var g={exports:b};function h(){(function(a){var b=function(a){var b,c=new Float64Array(16);if(a)for(b=0;b<a.length;b++)c[b]=a[b];return c},c=function(){throw new Error("no PRNG")},d=new Uint8Array(16),e=new Uint8Array(32);e[0]=9;var f=b(),g=b([1]),h=b([56129,1]),i=b([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),j=b([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),k=b([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),l=b([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),m=b([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function n(a,b,c,d){a[b]=c>>24&255,a[b+1]=c>>16&255,a[b+2]=c>>8&255,a[b+3]=c&255,

Chrome Cache Entry: 272

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1434), with no line terminators
Category:	downloaded
Size (bytes):	1434
Entropy (8bit):	5.782287307315429
Encrypted:	false
SSDEEP:	24:2jkm94/zKPccAv+KVCe2TLph9gFB5vtADjkrDQndcl/1t4glvllLtw1aWDAQosLc:VKEctKo7LmvtUjPKtX7S1aiRLrwUnG
MD5:	E7F4945A3458503BDEE0AD9476537604
SHA1:	CD049E2F8F9D05ABC087BBEF7EFEDA01EFB0F3A6
SHA-256:	8AB3BC08E25F6A7E24EF75EE66ED06360BCEEACE487D22822D7724B3F2BBED50
SHA-512:	BD30B50396E0015B723FFD185972E37094A5CFF4A42CB5AE5D439AE3B85F2735F33145B363E2657AC174D66ED2E3F97FC0C2BFC9FDEE6B06C61E5A01FD1CFF34
Malicious:	false
Reputation:	low
URL:	https://www.google.com/recaptcha/api.js
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!=='control_1.1'){d.head.prepend(m)

Chrome Cache Entry: 273

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
Category:	downloaded
Size (bytes):	69694
Entropy (8bit):	4.2921245810153446
Encrypted:	false
SSDEEP:	768:xqH2KWbWcJNoSIKXBHPrkQS5ptA65yFUvz+0bSuqYp/pTQ8fTJD9aej:xM2PbtNoSIKRHzFipp5yFUXNjJDse
MD5:	2ED3BCA42B04A2F5424389B4783F1B02
SHA1:	8EA37A5FC91DF9503FF28CDF443827057DC3B304
SHA-256:	ACE07AF67895A64072C91508F5908659C7B573BBAFAAA1F22AD05208FA563492
SHA-512:	72C573400A2F5BC8CFFF5C8B5A4B598B3B9BF029555E01D98FB2E1D43B94699D8F4DB98BA3EFB03DFA1299E579A5E87006F06E623DF8C671C304CCA8844DDA43
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/ym/r/YQbyhl59TWY.ico
Preview:	............ .(.......(............. ...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 274

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	8228
Entropy (8bit):	7.958295631556091
Encrypted:	false
SSDEEP:	192:sebFJptMBcPsRSGmi3fj1zoTH4yPzeIbkSg5MuLn3bk6jt:sCpG2qZ3fxW4yPzYZ/jrZt
MD5:	89782DE0C4F78B6A6A925A1598C2F056
SHA1:	74A1051FE09DB7F3B8FC354BC456E13B6E539DDE
SHA-256:	D1F4CBE6B84E7EFE15178FB86C223917455B3984D10CA231121602F6D8E09323
SHA-512:	D6F9AC1F395FAF8D6C5BA12E4C2DEC7523378EEF570E2699EADA626C242CD7BA9C48E0786EE78792915A5915A2995A554AFCEA9BD59269A9F83EF2D21223E909
Malicious:	false
Reputation:	low
Preview:	RIFF. ..WEBPVP8L. ../?...M j.F.v..?.....,...Q[4.....6.@...]8.$I.R.u...^.:>;.D..Hy../..kz.....$E}..G...w....T/k.oR..z..........44..g.I.....:.\|......x....}.....-oKz....R.......6...=..VT...m.........2.......m.$Y....U]..5.m.w..m.w.m..9k..U...:.5....9.h.:.I.}.S..m.m.m.m..c.z.B.......I..}...Y3#ff.6..,F.LF_[`..........[k....9.R.0.%...V........2..:J.2.t..m........Sn..{<.g..L&.Ll...v.(.m.6.5.v.l.r.4.$.3.....#N...m;.I.m?..J.S..o.m.m.5.m{.n{......\.{.m.mk.Jic.9..m^.v.m.N."h;f.ml.{.....5.m...m....,.&....bj..j....Y.5..s.3"D......".F.<....q.1.h\.4r.<F..d....<..#2S.?H.3.X?.z....q..\E...\|........;.<.O.>.1...A...};.2.(...# &..J,.:.s....f&.Bz!w@.46.{!O.;. .@..!...._`......[...gp...L.Jx.-.....g.._~....t..qL.1..Q....(.C..._..{..5......G.....F/_Z..mw.....;..LsD.uW..@.I.......k....h-./.{s4=.W...dNX...D&].-.0.&.......Uu>.O6w..._D/..K..&..UR...m...k...6.....@"............s..u...P.....b..9.#&.......&..0.*.`.f.2..g..i...T.k....m.y..Y.+.Uz.#..<.[m..~.

Chrome Cache Entry: 275

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2106), with no line terminators
Category:	downloaded
Size (bytes):	2106
Entropy (8bit):	5.174718212509389
Encrypted:	false
SSDEEP:	48:sosBSoGvQgz4VgvlsSr07a1PZaJk9mVpkZ:sTwEgz4nSr07a1se96pkZ
MD5:	38ACC407B31DAA48FAFD99A877C64B5D
SHA1:	2D4FF63B5C01682308051B7C70C4D97861BE9BC6
SHA-256:	FD9E295B54BDDBDA076CB3B98F340699091FA8D67907462A3924B37EF061DEB1
SHA-512:	A38FEA2CB99B5CF9EEBC985AC2AD21FE17FD702C5FCC6201D5CC9730C3F857E4FC71B17025818856E782583C89748B5B5809D9E57459DC6453A3BB4C06DC9EBA
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/js/infoBar.38acc407b3.js
Preview:	"use strict";function _slicedToArray(t,n){return _arrayWithHoles(t)\|\|_iterableToArrayLimit(t,n)\|\|_nonIterableRest()}function _nonIterableRest(){throw new TypeError("Invalid attempt to destructure non-iterable instance")}function _iterableToArrayLimit(t,n){if(Symbol.iterator in Object(t)\|\|"[object Arguments]"===Object.prototype.toString.call(t)){var r=[],e=!0,i=!1,o=void 0;try{for(var a,c=t[Symbol.iterator]();!(e=(a=c.next()).done)&&(r.push(a.value),!n\|\|r.length!==n);e=!0);}catch(t){i=!0,o=t}finally{try{e\|\|null==c.return\|\|c.return()}finally{if(i)throw o}}return r}}function _arrayWithHoles(t){if(Array.isArray(t))return t}!function(t){t(document).ready(function(){function n(){var t=new Date;return t.getHours()>5?t.setDate(t.getDate()+1):t.setDate(t.getDate()),t.setHours(5),t.setMinutes(0),t.setMilliseconds(0),t}var r=t(".notification-wrapper"),e=[];if("null"!==CODA.Shop.infoBar&&"[]"!==CODA.Shop.infoBar&&void 0!==CODA.Shop.infoBar&&(e=JSON.parse(CODA.Shop.infoBar)),t(".notification-wrappe

Chrome Cache Entry: 276

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	1906
Entropy (8bit):	7.864505656773085
Encrypted:	false
SSDEEP:	24:V+5OX09S4axQxbjR4xITCnu6iZA+8d7f2GOi2IPEBhur+lKRYgkBbdK5U/Y65jao:s5VZmxqCu6iqnCuDI7CY3JK5URj0lRLQ
MD5:	BAD0C63AB1EE3F4662F15E0370EF502E
SHA1:	2F9DF0528C0E6D8E34FD50267FFE6150E5987E76
SHA-256:	3F0383F07B55D6104D7C11651E31603974260E992231FCD0B6BCC2A984168B18
SHA-512:	9D61CEC5363A0A5CA2494B8DD42E25C1B61F0089F12DE0F3ABFB96705B55D4113048C841F47519A60CF3DABF23E9A85C244A8676B68B030583C708D77593D95E
Malicious:	false
Reputation:	low
Preview:	RIFFj...WEBPVP8X........?..?..VP8 "...0 ...@.@.>i(.F.".!;......l..9A~...9O......M.7.n.9..3.y.y.~...u....G...W.......^......Z.._.....~..F........<=.&3....Ml+.....54O..U.....a......,U...).7x..9.m...2......h...J(.Ho.=.&O..!..Z..Q.(h.,.....\|....[...(9..B.].....v..3..X.rj:63.Oi..x;..\|6...B..X..........'a.......!.b.W.....c....R..Mqsd.ma.z._..L`......g..[.k..q.......G.8..w.k..y.$0..1!...^.6..XFjD..K.Rp..9....d.@.5C0.=.}z.E#.S.._...O.5...IUpANY4Fr.b.3.uU).A.>/$qq\...i{c.t.s>.......$....Ak.......T....C.!.-Y&..G...z....J.u.,....O........fm.....~9.%.W..R.4E...5......NMi.....kR...O........P.u[o...........T...N.%C........Z....j..A....C..............Rt....i..]?BP..D.SJ#..#...tv\|$Q%.. ..e.......A..j}...eq..B...}..Zn..W\.K.Yw.`...B7.....N.rcKA.bVmx.. ......S9#o..'..nQ...8.K......L.~;V..R..6..........p..=......C.yO....I.z<.J.........,.YUO.~..dp.....h?...>..N=...Xi.....\|.l.A....%...3\...RV.u..+....5.._.......~...h../Q\..-uyT.......3..t1.}..._.......

Chrome Cache Entry: 277

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 28440, version 1.0
Category:	downloaded
Size (bytes):	28440
Entropy (8bit):	7.992839171608245
Encrypted:	true
SSDEEP:	768:clowe3Y045NpEzQTnskmDT/Lmoa2zI4Nblc6u5cnt/vWupH:4cabpdEDbC7kLlc6n/vWgH
MD5:	1031840A9580BCC9B1B83A047F2282B4
SHA1:	92EB819B7183FE6B04774A1003216991342E3AF5
SHA-256:	386695F80ED730CC1A3108B4D91FAB24E1DB1D9E5F13CAA1F95095FB6F1DE147
SHA-512:	91796D4C1EA209292AF779FCBB4E8DA96EB2591BCD57BD8C16AC9F6731A6C646A58599AAA34ED895F90D9F1F367B60A48467A7AF2819FA5B243F7D7FCA0544C5
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Regular.woff2
Preview:	wOF2......o.......&`..n...........................\|..\|.`..t....e.....p..i..(..6.$..8. ..j..^.K[..qA._"...f.l.....ng.n.........l.....2........T.QwxH..0.!8J...um#..>.r...!.... .q..Q.....IO..J........n. ...[Y.lv..#X[OM.K.Tl.n.j.....4.k......S:n...n.....$..RW.d}}../......\|....9....7..'?$H.,....a.v.L..1...T.......o.....W@.x.(6Z.%.H.RB......U.>..&.$Q@UK..d.`d..Z..]{c.....8+QZ...AP.."Jh....PLT....6u..M.."...9..]<F..._.U.d.B...@~...Ow.Nm.EY...(ci.>.<e\|E7.:.y...\.v.~,.')^.\ ..N...._+P.]..p.l.....=$..L@..tjOu.Na%......=...-..N....z.....9.Iw..\|....?,..e..B.....J..9.....\.C+...O-..fp........?.z.%.....#..@Z .(.x...._.....a..xX..d).-O.T...+`.2lG\D9........."J.."B1.z.up...@0....V...v..7'.mQ.v....;I..P.'[v..d..b......@e...S.S.....E#F..y.cbF.]... ..........p@#...../.....u...e.u!a.+...G.75.J.+..N?%...c..?..c.......x.*.\......B.LM...OY.)..Ekc.R............I.Rc.K...c..k.Ix.(..4%..X.d..){.N...w.......vU.rQ....2g.K..P'W.X.w.?G.i..E.K...Db.$!@ ...+..9.l..ff..y..u

Chrome Cache Entry: 278

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	148
Entropy (8bit):	6.523312318185472
Encrypted:	false
SSDEEP:	3:clyg1ZreK5l1GzQ9O9xbSj0hGqBBs+dK484MVYQkGAKAJlJwBNlWn:coWZaKBUdSghtBfI43M0VJlJkWn
MD5:	F6FCD4D43487A3BF8F47A592569FAFEB
SHA1:	22B1887F1C703EA9ED827A59B02AC7FCDF79CA54
SHA-256:	C6AEC5614A1193CCECA829712C4027C6F1B94A106395D2223229861AE110A9A4
SHA-512:	98ECA13BC52869440EE4319FD09AB3C076EFBD51F769052B8C85571236355E50D5426F15CFD67F4DC1942D07D72A0BF0706ACADBDFC5CD2082645CF746778443
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../......j.....]@G....51..C..G.3..<...w..#.O....{.P...I).......T./]......}..1^..\|.~.}.B..B%.JP..%.\..%..$..K.Y,".\../?#..

Chrome Cache Entry: 279

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9961)
Category:	dropped
Size (bytes):	34297
Entropy (8bit):	5.430589999571692
Encrypted:	false
SSDEEP:	768:JXXM/HZq4W/P3/+Xn3JeflLU6mvbPRAS3mjTv:J74W/O3ElUZpAS3mjTv
MD5:	940CF106D9D64D59C16CFC7AB20FC4BD
SHA1:	E01E172E0F32B98DA097C2E7A44A7163A2715C1B
SHA-256:	666F48FE552311E8CF24697979A864D4C593CC27D891B8E72209F6F26D8489CC
SHA-512:	C608872B57FBC4A39C05AA4AC3187761B138E265E9D476ACEB7C396274DCADB4C77D2CA84437144AD1A0E6A7608432F7ED0556824A36950D923FF90EEDD0E800
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("ArtillerySegment",["invariant","cr:9985"],(function(a,b,c,d,e,f,g,h){var i=0;a=function(){function a(a){a\|\|h(0,1496),"category"in a&&"description"in a\|\|h(0,3138,JSON.stringify(a)),this.$1=!1,this.$2=babelHelpers["extends"]({},a,{id:(i++).toString(36)}),this.$3=[]}var c=a.prototype;c.getID=function(){return this.$2.id};c.begin=function(){this.$2.begin=b("cr:9985")();return this};c.end=function(){this.$2.end=b("cr:9985")();return this};c.appendChild=function(){var a=this;this.$1&&h(0,37302,this.$2.description);for(var b=arguments.length,c=new Array(b),d=0;d<b;d++)c[d]=arguments[d];c.forEach(function(b){a.$3.push(b.getID())});return this};c.setPosted=function(){this.$1=!0;return this};c.getPostData=function(){return babelHelpers["extends"]({},this.$2,{id:this.$2.id,children:this.$3.slice()})};return a}();g["default"]=a}),98);.__d("ArtillerySequence",["invariant"],(function(a,b,c,d,e,f,g,h){var i=0;a=function(){function a(a){a\|\|h(0,1496),"description"in a\|\|h(0,1497,

Chrome Cache Entry: 280

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	13316
Entropy (8bit):	4.834081998326948
Encrypted:	false
SSDEEP:	384:m+Y59vokdw11DD96E3x+ZxkLOdLWC0Le6VTeweaOerjeweaden8aXAExeg:mkX3x+ZxQOVWC0Le6VTeweaOerjeweaG
MD5:	9322772F80B83E13436FFE8D61064176
SHA1:	D81FC5203C58B7544AB1809C1958CEF028A5987E
SHA-256:	E419B62AE35CC3A7204D6B535399F76B1C902636D1400208DF525519141D6793
SHA-512:	F8622509C11744D43E4FDF509598AFEAECEC465512040C3C694B4B44CE3461915751834E9807B5D4129F3BEFE3EA394FFE93549E8C327BF126AF4218E62DB58A
Malicious:	false
Reputation:	low
URL:	https://support.codapay.com/hc/theming_assets/592660/165805/script.js?digest=33371583435033
Preview:	document.addEventListener('DOMContentLoaded', function() {. // Key map. var ENTER = 13;. var ESCAPE = 27;. var SPACE = 32;. var UP = 38;. var DOWN = 40;. var TAB = 9;.. function closest (element, selector) {. if (Element.prototype.closest) {. return element.closest(selector);. }. do {. if (Element.prototype.matches && element.matches(selector). \|\| Element.prototype.msMatchesSelector && element.msMatchesSelector(selector). \|\| Element.prototype.webkitMatchesSelector && element.webkitMatchesSelector(selector)) {. return element;. }. element = element.parentElement \|\| element.parentNode;. } while (element !== null && element.nodeType === 1);. return null;. }.. // social share popups. Array.prototype.forEach.call(document.querySelectorAll('.share a'), function(anchor) {. anchor.addEventListener('click', function(e) {. e.preventDefault();. window.open(this.href, '', 'height = 500, width = 500');. });. });..

Chrome Cache Entry: 281

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2866
Entropy (8bit):	7.176669115665954
Encrypted:	false
SSDEEP:	48:2/6BMYL4knA9WIM8H/c0X4r37HAq3WHAUoEQEnfo7ZIJbH+WVoJXIplChzYNrKbr:2S+YkknmWIM8H/JWHAfHAUfpfgZ+hkRX
MD5:	E3443D0D8AEA42FC61368B9792B6FDC3
SHA1:	6D0F867176171D6DD3FE1E052251B7FDC8C479CA
SHA-256:	E6FF78CBC0E7A99C0243089CD0357F70D4432FAEA71E5B43EBFA466A166939D6
SHA-512:	369005A314E3064A2950B90D473EF2F2045AA1AB859CD29EB5D6E315299C8496828E8685E48DF174C27EFA6BFF8B8657892EE21EF8F6A3AE44454573925161F7
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/social-media-logo/36/socmed-facebook-msg-H36.png
Preview:	.PNG........IHDR...$...$.............pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:50+07:00" xmp:ModifyDate="2020-04-24T11:36:21+07:00" xmp:MetadataDate="2020-04-24T11:36:21+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:65ec9e37-57ac-4da2-ba48-ca834a44cd8a" xmpMM:DocumentID="adobe:docid:photoshop:3000cbb2-9624-ad49-bc2c-7ae29484f

Chrome Cache Entry: 282

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2000 x 800, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	61755
Entropy (8bit):	7.748502484425811
Encrypted:	false
SSDEEP:	1536:wNNqP22JPMaHqiN6C0IhErwE7gMAXLp0ppIN3Ilkyp:wNNqPpCJPCnUtut4lZ
MD5:	29DAD06670F873936002DDB910253A4B
SHA1:	523EE4ADF550DF78348CF7528580171F0828F2B4
SHA-256:	8871194DC3AE9035B5BB04C84AA7B82AFA7442DAF2BAB5F1393A5751E6082A10
SHA-512:	AA1A38DE98C14B454715CC2240B752EAEC6824237BF1A6C760CCDC9859AEC7AC2E8827DC6D635820631EB0C5A56003770F0DA7C423E95CAAD0D1672CBDDA0268
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR....... .....{..s....IDATx....u.H.......7..D0p.CE.t.CE0R..#...8....8.......6....4%[.)..........3...%........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................L..:............^..:..\|..W...R.}....g.A.................. .$..............t...........$.@...........@..t...........$.@...........@..t...........$.@...........@..t....

Chrome Cache Entry: 283

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28924), with no line terminators
Category:	dropped
Size (bytes):	28924
Entropy (8bit):	5.231666786957434
Encrypted:	false
SSDEEP:	384:DDJ6NoRIwHWvsSHzmZA5RY1L0l3Pz8K73ilG42Iwnw4HFzKvkGuIcDYP8ALJiy+h:DE+IwZy+uyl3wn1tKvvqIulmpo
MD5:	4947FF982FB69173F95DA79B538F254D
SHA1:	884DB3BF10E92790CF6D9937731F70D59C87CC9F
SHA-256:	0278B60E08B67FB8AE86C56DD80075E94E1D51113EB21ADE41996147C601DFE6
SHA-512:	6B8291D34966FFFFD9CBD8F37C51F820A20B211E3B80CC01E94EC092AD58E40D7B1189FCB9FDBC3589A316E84C2E38BA0974CCF3E8EE18D880688840401BBAE2
Malicious:	false
Reputation:	low
Preview:	(function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){var FilterCSS=require("cssfilter").FilterCSS;var getDefaultCSSWhiteList=require("cssfilter").getDefaultWhiteList;var _=require("./util");function getDefaultWhiteList(){return{a:["target","href","title"],abbr:["title"],address:[],area:["shape","coords","href","alt"],article:[],aside:[],audio:["autoplay","controls","loop","preload","src"],b:[],bdi:["dir"],bdo:["dir"],big:[],blockquote:["cite"],br:[],caption:[],center:[],cite:[],code:[],col:["align","valign","span","width"],colgroup:["align","valign","span","width"],d

Chrome Cache Entry: 284

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	33178
Entropy (8bit):	7.993771853774586
Encrypted:	true
SSDEEP:	768:lbViGwRnu8dINwCH8chChg/4gby6u7kdWC+N8519S8hf2:l6Rui3CcchZ4my6kqR5519t2
MD5:	8B0E1EE60083A71F541479F192F6377D
SHA1:	D3952D18904A641D27BA1C267CF8AD3C6CE50F2E
SHA-256:	7CEE315AF50F998D562DE0E995A3B01DB63EC3A94B88AFBF3E27B2227FFA355D
SHA-512:	FD730E1315650AD5C2597EBFAF386EF8DF1754AD5A7BF699CB1C37A13D1DF9816F2339640524A3686E508A809D8908491283BF50FE806C7FDA8766748BBEB0C3
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/2jOMA2O_MgQc7r2hA6koqBLZg42SeH6MWJhghpjLxsp_hHomGqsNKx9tygGitPJwp1Dv=w526-h296-rw
Preview:	RIFF....WEBPVP8 ....p......(.>](.E.....u..p..jm...e..........=.7..............=../......}..+._..q.M......#._...O........V.'._...w./...?........M.C................[...G...?.>......i.....w..l...................Oh..............................F?2......>p............?.y......~...........A~`.....w./..._.~A....s.}...........?......~....C.W.o......~.>..{.G.?._.?......Y.w........(.....w.....o....+~....g...#........y..=......?......~.[.\..x..YKW(g......<......=.....7K.."......pF.s...W;P.H.#..!...JE.y..C..F..N.(@...G.l..5..$;'..W..e....s.U..c.UW!~f.[.~X..._.Q/.o.4..........w3.Kf..jT...F...aC])..t.....W.<..........;.@/..7.......&.2.K.....0.,(..t../...cz..0..m.....D..-xk.).+.p".&yB.%J6..X...OY.#H.G.c.q.].w5@....AI.V^..m<..J.`.b..y.M..nr..[..S(..{}..'\..Iw...S.g.C<.q.)....T.[....(0Y..,..h....o.B.1...C........R.........!@....e.}..)3.d$.R....EN..%\|.+...f..g.*h#.pX.P.....&.....1.B.2Pw.e....#B...L......pV...k.z....r.n...b.R..i;.2.J,.......S.ZV.J.!+.~o0.r=..)^[

Chrome Cache Entry: 285

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (526)
Category:	downloaded
Size (bytes):	7448
Entropy (8bit):	5.331602002000817
Encrypted:	false
SSDEEP:	192:7jFaLZ5Asd0x9ufi+1rniODiLpMBiPdkCYheGevbMoNmA:7jMZOjbu6+1rtDwpMB8CCyeGeDMMJ
MD5:	35D9DB48E3112F35D81E70B98457AA42
SHA1:	7BADED3DA3BAE7598688AD6C89800B88CDB49FDD
SHA-256:	5F8E21F061DE1874E4AF063F095A389187C40583C9033946E406A8BB825CA358
SHA-512:	9187EBCFB9D574CC3A443F6D692969B47D41BA5BACD09FFF729E58FE7B3E3ADC22F6E1C98B2AE23F2B98514EEE5A150040A5A213DC82863F02E5EB46D2537842
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/js/jquery.mask.min.js
Preview:	// jQuery Mask Plugin v1.14.10.// github.com/igorescobar/jQuery-Mask-Plugin.var $jscomp={scope:{},findInternal:function(a,f,c){a instanceof String&&(a=String(a));for(var l=a.length,g=0;g<l;g++){var b=a[g];if(f.call(c,b,g,a))return{i:g,v:b}}return{i:-1,v:void 0}}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(a,f,c){if(c.get\|\|c.set)throw new TypeError("ES3 does not support getters and setters.");a!=Array.prototype&&a!=Object.prototype&&(a[f]=c.value)};.$jscomp.getGlobal=function(a){return"undefined"!=typeof window&&window===a?a:"undefined"!=typeof global&&null!=global?global:a};$jscomp.global=$jscomp.getGlobal(this);$jscomp.polyfill=function(a,f,c,l){if(f){c=$jscomp.global;a=a.split(".");for(l=0;l<a.length-1;l++){var g=a[l];g in c\|\|(c[g]={});c=c[g]}a=a[a.length-1];l=c[a];f=f(l);f!=l&&null!=f&&$jscomp.defineProperty(c,a,{configurable:!0,writable:!0,value:f})}};.$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,c){

Chrome Cache Entry: 286

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52834)
Category:	dropped
Size (bytes):	214014
Entropy (8bit):	5.3853892910778205
Encrypted:	false
SSDEEP:	1536:CEMFv9d3wWLstPIEovvdQfaPvQmfIiBSQZWc1APF3SDRns71iMw8F6Oum19udpzc:PMF73wIvLvLwDXYn6L9C/G89Y357l
MD5:	47A613FEC437F71720191924AC52D232
SHA1:	91E49EDCFEBF05FC6DFA093A4916E2042EAC79EE
SHA-256:	276C100B1E1135C3BD5B90CDF345F90F824142AF054CB72AD47C01173FD98D75
SHA-512:	64A844A336818AE4F1BC66F6F6B1F7B39CE1F5680AA1A7962D056ECF71FF2FFD11C1347CBE498F61B8CB45C4FFDB0221DE4CB414C5630E1A0DEE44CFB5B859A0
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("IntlCLDRNumberType01",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){return c("IntlVariations").NUMBER_OTHER}};b=a;g["default"]=b}),98);.__d("IntlCLDRNumberType03",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){if(a===0\|\|a===1)return c("IntlVariations").NUMBER_ONE;else return c("IntlVariations").NUMBER_OTHER}};b=a;g["default"]=b}),98);.__d("IntlCLDRNumberType09",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){if(a===1)return c("IntlVariations").NUMBER_ONE;else return c("IntlVariations").NUMBER_OTHER}};b=a;g["default"]=b}),98);.__d("IntlCLDRNumberType34",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){if(a===0)return c("IntlVariations").NUMBER_ZERO;else if(a===1)return c("IntlVariations").NUMBER_ONE;else if(a===2)return c("IntlVariations").NUMBER_TWO;else if(a%100>=3&&a%100<=10)return c("IntlVariations").NUMBER_FEW;

Chrome Cache Entry: 287

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (3221), with no line terminators
Category:	downloaded
Size (bytes):	3237
Entropy (8bit):	4.865523830502584
Encrypted:	false
SSDEEP:	96:qTCN1qpXjoEx7NfcwNIYcYbb7VNfXFb7WN0TS:qTafLYXu
MD5:	E6202B83DEFD6474350841E595260599
SHA1:	8E5BDCE601C95458C50D6EE20F333A0350A7B887
SHA-256:	521F0BD8BD093F2B03D8ACCE2733F26267EF3282873068A814D15071A329A51B
SHA-512:	CB07BEE9F572E3DF84FA321DDE09DC7AE7EEBBD231B25B63C09ABAEFE4859C9176EDB52249200A554DF5E58B8B1CBE8845D51537941CE56365383ACD5C8D45BF
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/css/shared-shop-content.e6202b83de.css
Preview:	.shop-content--paragraph{margin:15px 0;line-height:22px;font-family:Lato-Regular,NotoSans-Regular,sans-serif;position:relative;overflow:hidden}article>.shop-content--paragraph:nth-child(1){margin:0}.form__field-instruction-text .shop-content--paragraph{margin:0;line-height:16px}.shop-content--list b,.shop-content--list strong,.shop-content--paragraph b,.shop-content--paragraph strong{font-family:Lato-Bold,NotoSans-Bold,sans-serif}.shop-content--list em,.shop-content--list i,.shop-content--paragraph em,.shop-content--paragraph i{font-family:Lato-Italic,NotoSans-Italic,sans-serif}.shop-content--list sub,.shop-content--list sup,.shop-content--paragraph sub,.shop-content--paragraph sup{font-size:10px;padding:1px;font-family:Lato-Regular,NotoSans-Regular,sans-serif}.shop-content--list u,.shop-content--paragraph u,.shop-content--underline{text-decoration:underline;display:inline-block}.shop-content--paragraph small{display:block}.shop-content--paragraph a{color:#2e33aa;text-decoration:underl

Chrome Cache Entry: 288

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	200
Entropy (8bit):	6.8089822048404605
Encrypted:	false
SSDEEP:	3:wl/yi1ZrRl/Kiwi7/Q+x85mmZ4df7UVksyqUjLp/nwoZ9kqqVC03pjpolqeOo:wAi1Z6iP3q/4Uw7fDDkqq40Zjpolqs
MD5:	DF61C422ECAE7409B8697262192A44FC
SHA1:	D402D28A126D995638A2F434DDBD2B276887B599
SHA-256:	329AD3C7AC436F964C7A8CFCC6A74C859B51CDABD8974A65F0836410B11F2DC5
SHA-512:	32B50246FF38917D79C18C2750FDDDAFD991EBB72F9B1EADF0FF928FA0F083EE1C6BA74F697549E50743E89E1E9FB547E666A895801669C7AC65219691492562
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
Preview:	RIFF....WEBPVP8L..../.....@.m..a...6..}....$../..H..\.O.,.^.C\|}lX.\|l..<8Dl4<.\,.c....!.H..0..D.....8.D._..6.....4./.a..\.v......._...}.p.\|..._.5......SLasI.R...<ODg..Qf...u.-......9..\|.6.

Chrome Cache Entry: 289

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4678
Entropy (8bit):	7.625796542792964
Encrypted:	false
SSDEEP:	96:2S+YkknmWIM8DAQ/4K5HA52HAUmVg+Sb/gVtuUoshVlKj/WV56aQgZKxQ9XNcy4+:2SvkkndEAs5g52gOD2BhVlKTWV56aQTO
MD5:	A91BE2E400B7F0DC66247427DFAFFCF3
SHA1:	900E87486AA051659E114EB5B7A2980D75E7889A
SHA-256:	62437412556A804293516DF99C0970427549B1A50258462035410072F96DD093
SHA-512:	02EBFD5194BAE38C8004CBF0979623AD507C51D89503BDD8A0C6F1CD2017F78DE09FFF347AD0FBDA4EC5675ED85737635E2C1ED6654DD31FE9743BAE74721070
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...$...$.............pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:52+07:00" xmp:ModifyDate="2020-04-24T11:34:50+07:00" xmp:MetadataDate="2020-04-24T11:34:50+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:5b6140fd-7afe-4ff5-b896-3897658f047b" xmpMM:DocumentID="adobe:docid:photoshop:041b76a2-5872-7047-bec1-0c7762148

Chrome Cache Entry: 290

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2186)
Category:	downloaded
Size (bytes):	6423
Entropy (8bit):	5.539327858665286
Encrypted:	false
SSDEEP:	96:n1atQ8+xSTjKh//PvhvK48Ayhx3De4W0eq7vyiRjRZb:n2Qg+hv5vKNthxTBW0eq7Hdb
MD5:	A7A3260952B335A1EBB24B483C7872FF
SHA1:	CFCD98B9976707115C978BF71D48B7186D2CED7B
SHA-256:	117BF81F1E561E0002BCDF7BD281AF1F65E175C5EF92B6AD377AAD4229CE16A2
SHA-512:	14969923819574FAB0676E5EFE1D915C413D2DE860D12937DC64925F7821E01B936606B692BE45126FC93A7FBF3F6387CE297BB9DABBC52E86BD76DB7D83A259
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/xf_tFhj8DfF.js
Preview:	;/FB_PKG_DELIM/..__d("warning",["cr:755"],(function(a,b,c,d,e,f,g){g["default"]=b("cr:755")}),98);.__d("Base64",[],(function(a,b,c,d,e,f){var g="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";function h(a){a=a.charCodeAt(0)<<16\|a.charCodeAt(1)<<8\|a.charCodeAt(2);return String.fromCharCode(g.charCodeAt(a>>>18),g.charCodeAt(a>>>12&63),g.charCodeAt(a>>>6&63),g.charCodeAt(a&63))}var i=">___?456789:;<=_______\0\x01\x02\x03\x04\x05\x06\x07\b\t\n\v\f\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19______\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123";function j(a){a=i.charCodeAt(a.charCodeAt(0)-43)<<18\|i.charCodeAt(a.charCodeAt(1)-43)<<12\|i.charCodeAt(a.charCodeAt(2)-43)<<6\|i.charCodeAt(a.charCodeAt(3)-43);return String.fromCharCode(a>>>16,a>>>8&255,a&255)}var k={encode:function(a){a=unescape(encodeURI(a));var b=(a.length+2)%3;a=(a+"\0\0".slice(b)).replace(/[\s\S]{3}/g,h);return a.slice(0,a.length+b-2)+"==".slice(b)},decode:function(a){a=a.replace(/[^A-Za-z0-9+\/]/g,"");v

Chrome Cache Entry: 291

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	low
URL:	http://www.card.xn--6qq986b3xl/favicon.ico
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 292

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	33844
Entropy (8bit):	7.99308267669055
Encrypted:	true
SSDEEP:	768:ROc9BiYgoyfM3SP89m1yiHInHIYaFg3CphA5bnitBYphI:om74fMu8m18oYH0hAFigpu
MD5:	F68ECD7B9440EE1DCFEAF75521A336DB
SHA1:	20ADBCBDF08FF40322149AC6F6018D04878C1B8C
SHA-256:	B4294275F40039DAD4AFABA680D466F706CA19BF408A4E60070F04E6DB95BAE7
SHA-512:	AFAE4D6CC2303ED490017D2DA87A9368E125907EEBC79187F813BDBF480BADED99F36FDF6991F96666FB4498B97AB62140BBC6F97884576383689ECB00286E35
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/mqmlU6mUH3kD4vLaikeVQOC8gmOCc0kf9YRgnVVw7vLG4oNQ-OQH7vAOaNOzacBbUYE=w526-h296-rw
Preview:	RIFF,...WEBPVP8 ..........(.>](.E....+......jm1 O.D.y....`.. .3.[..~Z.]...m.....o....z?{.o......+........+.Y.7..............7.....O.......~.}......+.G...........].#...........................s....?...........w.........p~..k...............xg.O.....s.+.w...\|.\|...f.7.i.O._...........}B?'...[.....o.O........z..1./._..{~...................~.........._.>.?..^............5=.}I...O.o......{k...%.........3.i.'........\|.P....d5(.cAn..............3....^...(.....\......o.W.m.u..b.\.,1...o..r,A.k.B..O...~......^\..U....:&n.~...9.._Is.j..K.<..1.EfdB......<."}.......)....pE.Vc..VM.?4?Q.2.2..NE..."'mM...zp5..em.n..cMl.q...p(...u...<K.y..Q.s^.s..K.......<n..n.._....A... .F.X.k5`./.....8...!MW~...sW...M.D.y.t.Y....s>#4N%..NgC._W...).W.....`".^.....u..f.k$S......-.$.V.G.\....).."....j..Z..hT...5....x....u...n.c.aQ-..]...m.~.]...~2_.b.F.ls2..C.JD.Ox.p.S;.d.....i..........M.y.F...6...i..)Pr.ry.ck.6..b`..?...f?^~.....<..-.1o..!.?e.(#.d..q...h.5i.N.....

Chrome Cache Entry: 293

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2433)
Category:	dropped
Size (bytes):	19657
Entropy (8bit):	5.611018546594219
Encrypted:	false
SSDEEP:	384:B0/0My1CYC0+OsPVajwyBdiYU3iVFx7ec9ZTVWsYa:Nn1n7wyTvvN
MD5:	95ACF294757AD2F8A5D5831535C082C2
SHA1:	AE086C711C3526E3E51BABF28902807DB33BCCD8
SHA-256:	01B52F3F09764B36AFB17B8F2417254B6DF014C43B7BE73D2ACD64EB42F984F4
SHA-512:	E6FDD790802BA4AFD772F49845B94725099957DEAEA610B9DFFBDAA9835C6F79349C5183D2419D695E854A9D575FB0F1B30F81BB024A9565B8D12CDE2771C769
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("BaseDivider.react",["react","react-strict-dom"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|d("react"),j={divider:{backgroundColor:"x14nfmen",boxSizing:"x9f619",height:"xjm9jq1",$$css:!0},reset:{backgroundColor:"xjbqb8w",borderTopWidth:"x972fbf",borderEndWidth:"xcfux6l",borderBottomWidth:"x1qhh985",borderStartWidth:"xm0m39n",marginTop:"xdj266r",marginEnd:"x11i5rnm",marginBottom:"xat24cr",marginStart:"x1mh8g0r",$$css:!0}};function a(a){var b=a.ariaHidden;a=a.xstyle;return i.jsx(d("react-strict-dom").html.hr,{"aria-hidden":b,style:[j.reset,j.divider,[a]]})}a.displayName=a.name+" [from "+f.id+"]";g["default"]=a}),98);.__d("CometSSRViewportHints",[],(function(a,b,c,d,e,f){"use strict";e={max:function(a,b){return a<=b},min:function(a,b){return a>=b}};var g=null,h=[];function a(a){return a==="width"?(a=g)==null?void 0:a.width_px:(a=g)==null?void 0:a.height_px}function b(){return g}function c(a){g=a}function d(a,b,c,d){var e=h.findIndex(function(b){return b.dimens

Chrome Cache Entry: 294

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 37 x 98, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	2056
Entropy (8bit):	6.9826016083365365
Encrypted:	false
SSDEEP:	48:jfOjcCoHnLTeWhZttn4maIfEPgiakcNHWsMDN0b5:jfOjIHLTeWhZ4vVPglk+WsMZ0b5
MD5:	899075C6F382DA673A2B79F4667C5D65
SHA1:	DE68367C0B45DD6A6FD2394B1B39B20C6A02C5EF
SHA-256:	270723E4BED32C21869706BAD0AD8747AA0F17C44E4FD597DB6F8EC356B8DD1B
SHA-512:	4560BCAC7766665AF60EF4AD93511B5AED00D816E5CF5D58315EF9316F0CB222B01AEAC01F673DFBDF028018551E4218204B9D9B08C48B39E15DE82FF15EC696
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...%...b.............PLTEGpL..........u..\|...........................................................z.................................................................................................................................................................................................f...............................................................................................................................................................................................................................UUU......................................................................................................................................................................................................w.....h...........n....................Z..[..E..H..N.................`....Q@....tRNS.......2..,0......0F v.F...*R........$.P(B6X.b^.Lx8.......0iH+..<$V. .Nt..D~.<.jo...@........(.\...&.yW..N:2<>.r...n.4.`2.Z:\|.........h.J\..z...".>......dT...... .f& x&P:.HT..^

Chrome Cache Entry: 295

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	dropped
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:	768:oHzaMKHBCwsZtisP5XqYofL+qviHOlTjdNoVJDe6VyKaqgYUD0ZTTE8yVfZsk:caMKH125hYiM8O9dNoVJ3N48yVL
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	low
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 296

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x241, components 3
Category:	dropped
Size (bytes):	67398
Entropy (8bit):	7.98625953181667
Encrypted:	false
SSDEEP:	1536:69v9T9mplUgnDqvI3dVrlFvryG70233D39W7:6VtkUgDqMdVrfvrT79a
MD5:	1825A826736D50F007A25988BF1A86C9
SHA1:	09ADFAAD5B4CC6ECB519829CDE8724541CCE72E8
SHA-256:	95DCBC02618AC287B3F9388C5F3EA2953BA74DBAC74B8C902CBAF3E892C93C96
SHA-512:	1C9F69CDE4EC7F952E6499C3087F00A32BEA9DDA1C52442AEB561DF1BF772DF81A2BC7BAF79A75429CAE6A70B0BD502CA2F4D0A6D2D2F3C63EA8BEFE15DC357B
Malicious:	false
Reputation:	low
Preview:	......JFIF..........................................................................................................................................................."......................................................%$......u.<.T.V.\.L....32.&...;.R{.za.........2y...CCi5.H.......o.G.....!N...,7...+..} ..5% 7....N...D...v..."...N.H.enN..C.....S7.5..4.\|.M3..%$.].......=5.e....j]..R..E...pf.<.6..........,0:..D...^..0...(.D....[..zy..5.. ...G..3.J....."..QF:p-50 q..\4..-.. .V.<i...jm..AF..Si.$.;.-n~...o..^..4..Y.L.ba.t[.ZPV...j...I$>.....n.-B./..K..S.;sC.."mB...5..z.)..%.1..D.n.D}..'P5.DM.u....K...d.x.....K....[8..j.7....O8[....x./".A..9:S{.E...k...[#n.^..[.,{..b%Qa".......L..2F,C0v....S..$.o.4.}O...k+<./.;.H..5.Ib......5...._......a..%.4..[;..r..n.+.qj..............)$F^.4.X...7.m=U...G~...].D..l.b....b...Xu.....#..... .i..mN3..*..=M5`..n...6.B;..Y(..J........<A..wa..a....c..<..+..el.........;.5..b]'....G....B3..: ..........4....}.._Z

Chrome Cache Entry: 297

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2784), with no line terminators
Category:	downloaded
Size (bytes):	2784
Entropy (8bit):	4.809042688586117
Encrypted:	false
SSDEEP:	48:sL5Yu8v+cPlhF8KNbt1J81Jv8H2qHTiNf3SkvuQuLP6TSt0xN7KYtuJ8uJq:05B8mc9hFjX8XkHZHTiV3SkvuQur6TSI
MD5:	B6C83D3582430126098676CC14C0B7AE
SHA1:	A117A8E06637487FABCE45C1716E33CE4008E560
SHA-256:	F1DC9F4F3ADDBFA08C795318BFA457A0BF60029D906C694E6AA46D5DB79AB50F
SHA-512:	DB6DC28BCC388145C20777B20D15B59E163D637500D0600B4C6C34AC4DEA017F3BA71ACB9B855302D2D9940F49B561E080EB2B3D28E7956565C2C1E4CAC21349
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.css
Preview:	@font-face{font-family:Lato-Bold;src:local('Lato Bold'),local('Lato-Bold'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff2) format('woff2'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff) format('woff');font-display:swap}@font-face{font-family:Lato-Italic;src:local('Lato Italic'),local('Lato-Italic'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Italic.woff2) format('woff2'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Italic.woff) format('woff');font-display:swap}@font-face{font-family:Lato-Light;src:local('Lato Light'),local('Lato-Light'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Light.woff2) format('woff2'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Light.woff) format('woff');font-display:swap}@font-face{font-family:Lato-Medium;src:local('Lato Medium'),local('Lato-Medium'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Medium.woff2) format('woff2'),url(https://cdn1.codashop.com/S/content/f

Chrome Cache Entry: 298

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28115)
Category:	dropped
Size (bytes):	1191591
Entropy (8bit):	5.700951802231328
Encrypted:	false
SSDEEP:	24576:pg67ycrfRFGB6Zy30mFi4KjOttTzTobNfT/f+M20GsjG57dxlkdGlmucouYsYm+W:pg67ycrfRFGB6Zy30mFi4KjOttTzTobH
MD5:	A3DCBC24F61BF50B9A3B55DA8AB80C91
SHA1:	C13AEA581A0B32BF06311869E27805D23CC617E8
SHA-256:	44479F67E56C9DE176929BF8B5C2CF7083CFCADAFB8ECC1692B160ECD7CD423E
SHA-512:	540F040940F7F400461933A9896CA4146A6D356DBA679B183CF3E1EDC4001D50F9D41E919FC0D20B7B34055383E9C3F47E855B8A8B25ECDF8327CBBE663DEB90
Malicious:	false
Reputation:	low
Preview:	"use strict";_F_installCss(".EDId0c{position:relative}.nhh4Ic{position:absolute;left:0;right:0;top:0;z-index:1;pointer-events:none}.nhh4Ic[data-state=snapping],.nhh4Ic[data-state=cancelled]{transition:transform 200ms}.MGUFnf{display:block;width:28px;height:28px;padding:15px;margin:0 auto;transform:scale(0.7);background-color:#fafafa;border:1px solid #e0e0e0;border-radius:50%;box-shadow:0 2px 2px 0 rgba(0,0,0,.2);transition:opacity 400ms}.nhh4Ic[data-state=resting] .MGUFnf,.nhh4Ic[data-state=cooldown] .MGUFnf{transform:scale(0);transition:transform 150ms}.nhh4Ic .LLCa0e{stroke-width:3.6px;transform:translateZ(1px)}.nhh4Ic[data-past-threshold=false] .LLCa0e{opacity:.3}.rOhAxb{fill:#4285f4;stroke:#4285f4}.A6UUqe{display:none;stroke-width:3px;width:28px;height:28px}.tbcVO{width:28px;height:28px}.bQ7oke{position:absolute;width:0;height:0;overflow:hidden}.A6UUqe.qs41qe{animation-name:quantumWizSpinnerRotate;animation-duration:1568.63ms;animation-iteration-count:infinite;animation-timing-func

Chrome Cache Entry: 299

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 38384, version 1.0
Category:	downloaded
Size (bytes):	38384
Entropy (8bit):	7.993871314529971
Encrypted:	true
SSDEEP:	768:FQ+usUhhv0N8qSRCjPCyloYRNcIsTh38i8/3V93ut0f:FQlsUhtYLBl/nGpUvI0f
MD5:	A4D31128B633BC0B1CC1F18A34FB3851
SHA1:	6EE4C79372C3FD679706306EDE47E4B03CF53D60
SHA-256:	E8EEA96E29A7C0A72612AB85CA3229979666467A28349642C2176E7189A1A39C
SHA-512:	C129C0CB100FEEA6D00B739D1CDE2A7362B2F45F38DA3E4C949193F40E59ABC9C387ADA4BB230B00FD62E137409E18DEF7C1636E1CD463F8070106E8B7E21D48
Malicious:	false
Reputation:	low
URL:	https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
Preview:	wOF2............................................?FFTM..`..B.......<..c.6.$..0..... ..A...?webf.[.:.B..v...H..6-...........~W..ha....c......&.1.m.. .Y.W.?..pTA...X..>..N;ih..F..B\|..M..pA.+:....:.V..(.J^.gu\Bg.....M&.....H....F..bV....RmcUMQu&+.)p....pk..h..q....;.....Mx.x9.p...}..^.2Eg...f[....c..^..3...P.1.5...W.~.s..(.3..9..T?.....}.?y....R2...~.....V<..7.Zi.B2.bQS".O......p.=06...`..K05C1.......E..,..I..4j..>Zg.\|.d...;.!0...;.?O......:!....E ..M.[....B...(..X&....K5.{B...m.Ll._.B.j..]..F..>....m.......C4g.J6..l..%.(R4Z.%...Z. .#pP...m.=k.Q5.G{..?5...._...^.......@.3..E..=...... ..:...Tm...u.. .f2B....)t.3...:.@...d.....gT...q...q...F.........s.Ry.2.9.?...f.np...R:..w.h.,........+......B....2...r..."c...g4YW....6.......Bx.l....Xb.%q...=ECY.G.......Qr......;{.!.w.........KX..:@.N.. .Z..L.....Q..~.H.uK .y.Oq.9._C>x....}.Xh..FV.%..H.[cR......H.......N.3mJ.-ep^.#.".B&f...t.~.p...(...%pUPQ.Fw.2;.;..-.>.{.a...s.Fz9.h.....D\..U......u..(#.....'..=

Chrome Cache Entry: 300

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2114
Entropy (8bit):	7.870988243839097
Encrypted:	false
SSDEEP:	48:V94BlzSNyJV4/NXbSRWKBkHdr11BzqIiL076xh6Qi0csBQ:V94bzSt/hKWmotjlqIW0u6t0cs6
MD5:	32EEF349F1092FC3E30B0BD65A6DC621
SHA1:	94C8348DE68E0D3889F5E70AFC0D009A19C4BA3C
SHA-256:	3308F417ECDC9CDD7646438A1BCF433C2A95FE5BED992A817B98F57A0F26F08E
SHA-512:	07A0B4B46F7490D14AE0D835E5272015D734B6577A489D61F86795AFA5A41C60E4F33C4F4EE1608A4BA0D884C3CEAC30DE2972982CB55A49266B18EAB3862125
Malicious:	false
Reputation:	low
Preview:	RIFF:...WEBPVP8X........?..?..VP8 .....#...@.@.>q,.F...!5..`...l..2.\|?..R. V...\|.]...'.....w.....o.o....y/A..}@?............?.K....../.?...8<.....>...!...I..0.......m.......K.S..}.}.\|..?........_...#.;....t.e...Q...EX....?......iZ..s..!@.S...B,^.6Q...n.....\|..:....Vd.N.Zd.f.F......m}B.H......T.B../.r..".....y..T...........).`..z..q7.B7.B.B?.^].i.9:.s.ct..\..R;v..(....V.gxR.V.v....}3.n......6..w.k......b..N.8...b....Y._..)C..I.M.?.:.e)..v..p..k..QO....c8...b..E.1..>..; .2ou....;..t&..w.z...V.c.-.i. ...a.....%.dnZ....Or5~.....%-x...O}........Ih`..fVG.0m.Q.....[.....R?.p.....c.....1._...6...L..W....-rd...6g....NX.CAO......P..5....(l.L....=.\.S....!@....~...;.PE.z{.,m..I.W=..P.[b..0...C.L...P........cE......6.P. ?...P.C.Gxq..d-...^...``.#....}..'d9..^....ZUG.......:SZ.z6.6^.....!..g"....q./O.....+mL.\|.x.S....P..f.}.:.%..R72.Vk.f_-3.\..M..1.+60....@%.\..f...0.'.....b..<......lP............q....a.r..h.w...Gc.%2x^(.+9.p.F./.$..4.Y2...4j.<.

Chrome Cache Entry: 301

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1618), with no line terminators
Category:	downloaded
Size (bytes):	1618
Entropy (8bit):	5.781837534694755
Encrypted:	false
SSDEEP:	48:VKEcJHxKo7LmvtUjPKtXsNEHFmc8s1aiRLrwUnG:fSHgj5c+HFbHv5suG
MD5:	94943530E104EE3F88D6AD86638B28C3
SHA1:	B8B7F7556523E03B5519338B59AE8D998987D457
SHA-256:	2538181A77FD5AEA93113400E39EBA98728EAC1FC13057F0B40C9AAE69054EA1
SHA-512:	5031C94E34477D67FAC9002DE62BB81CB359B16B59FAD19EB63CB1221ADFC275AC956F25580BBCA5D5F829FCBAAA4161F59302C584635E8D30217D3492F5D4D1
Malicious:	false
Reputation:	low
URL:	https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!

Chrome Cache Entry: 302

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8243)
Category:	downloaded
Size (bytes):	10408
Entropy (8bit):	5.228704012543909
Encrypted:	false
SSDEEP:	192:eZH7kUk70Eb1QAUf8HYTevU1gST4wLxr2:eRkR96ApHY2STr2
MD5:	74F18E69FCEEB4513B9F24322BE7386E
SHA1:	FE37CB92776F387DB632472296B0ADDEB815DD55
SHA-256:	E3FDF2DDBE34D56ED6DB667544576B0821399F47124E09DC9671DD62CFD1DD28
SHA-512:	7FAE4FBD35068C64252A7645D66FF19CFAF6FE02302A11070E503B315F58D12D48055A59DC72E7970E2FE0435D5095B6DE7FD61FA8C8DCCA07EC4DC376876B2D
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/lNInKxOqejp.js
Preview:	;/FB_PKG_DELIM/../*. License: https://www.facebook.com/legal/license/V9vdYColc4k/. /.__d("react-0.0.0",["React"],(function(a,b,c,d,e,f){"use strict";function a(a){return a&&typeof a==="object"&&"default"in a?a["default"]:a}var g=a(b("React"));d={};var h={exports:d};function i(){h.exports=g}var j=!1;function k(){j\|\|(j=!0,i());return h.exports}function c(a){switch(a){case void 0:return k()}}e.exports=c}),null);.__d("react",["react-0.0.0"],(function(a,b,c,d,e,f){e.exports=b("react-0.0.0")()}),null);./. License: https://www.facebook.com/legal/license/t3hOLs8wlXy/. */.__d("resize-observer-polyfill-1.5.1",[],(function(a,b,c,d,e,f){"use strict";var g={},h={exports:g};function i(){(function(b,c){typeof g==="object"&&typeof h!=="undefined"?h.exports=c():b.ResizeObserver=c()})(this,function(){var b=function(){if(typeof Map!=="undefined")return Map;function a(a,b){var c=-1;a.some(function(d,a){if(d[0]===b){c=a;return!0}return!1});return c}return function(){function b(){this.__entries__=

Chrome Cache Entry: 303

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5355)
Category:	downloaded
Size (bytes):	14708
Entropy (8bit):	5.396103297443062
Encrypted:	false
SSDEEP:	192:vsYUYQ6vcVbhDQ/uE07RnJeKzdwwY/TGCsaOgcNwAxpqCpepA4dHu0utuIuLWiuB:dWfqozUzeXUTGpUg
MD5:	1DA964857127936201A486EC156AAC67
SHA1:	9C11B592C7444B971BC7A59C238ACB65AEA11E94
SHA-256:	852EA1C356E43AAE9AD03E31AE85D9F108D346325E8270463F535EC5ACBC8BE7
SHA-512:	53829F2CC114FE9B9C66F94F27E22409496BF42E832D5E2FE051066D31FCE3A89E7960F96A61BC646837009F6FE4A02A593F9CAF27805146C69B2D27A453DD26
Malicious:	false
Reputation:	low
URL:	"https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/LxKwurBefMP.css"
Preview:	._3v_o{font-family:Helvetica Neue, Segoe UI, Helvetica, Arial, sans-serif;-webkit-font-smoothing:antialiased;font-weight:300;width:100%}._3v_o{display:table;height:100%;min-height:600px;padding-bottom:50px;position:fixed}._5hy2{display:table-cell;vertical-align:middle}html ._5hy2 label,html ._5hy2 input,html ._5hy2 button{font-family:Calibre, Helvetica Neue, Segoe UI, Helvetica, Arial, Lucida Grande, sans-serif}._3400{align-items:center;display:flex;height:120px;justify-content:center;min-width:100%;width:120px}._3400 .img{display:block;height:120px;margin-left:auto;margin-right:auto;width:120px}._3v_v ._3400 .img{height:120px!important}._aq3t{display:inline-flex}._3400 .img._9g9d{height:75px!important;width:75px}._5hy4{color:rgba(0, 0, 0, 1);font-size:40px;font-weight:300;margin-bottom:24px;text-align:center}._3403{color:rgba(0, 0, 0, 1);font-size:35px;font-weight:450;line-height:40px;margin-bottom:45px;margin-top:24px;text-align:center}._3v_o ._5s4n{height:216px}._3v_o ._2m_r{align-i

Chrome Cache Entry: 304

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (29520)
Category:	dropped
Size (bytes):	105068
Entropy (8bit):	5.423284412656987
Encrypted:	false
SSDEEP:	1536:+stiKbFlxRRrPAYf7rWf+YC7wEcSoLC3aXm7U:/6yr81C/KLCKXmA
MD5:	57DE1470BB81AD3BA3DAE7794EE6E30F
SHA1:	7B58BBE8CA71540FB36054DD16A5AF4FB2D770AC
SHA-256:	ED8C7AE9AD47D72E75497FDDCFBBCB0DF511DB0E42CDA9792122C9240E1B95DE
SHA-512:	67398088EAEDC23DB4719D98C37988A18DB96E1498985B0DBE48FB73C6F476305DC3DE9807EE256B27C93DE9D68265807E9691069DBEBF53CEE46BBB0A44BE00
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("ArbiterMixin",["Arbiter","guid"],(function(a,b,c,d,e,f,g){var h="arbiter$"+c("guid")(),i=Object.prototype.hasOwnProperty;a={_getArbiterInstance:function(){return i.call(this,h)?this[h]:this[h]=new(c("Arbiter"))()},inform:function(a,b,c){return this._getArbiterInstance().inform(a,b,c)},subscribe:function(a,b,c){return this._getArbiterInstance().subscribe(a,b,c)},subscribeOnce:function(a,b,c){return this._getArbiterInstance().subscribeOnce(a,b,c)},unsubscribe:function(a){this._getArbiterInstance().unsubscribe(a)},unsubscribeCurrentSubscription:function(){this._getArbiterInstance().unsubscribeCurrentSubscription()},releaseCurrentPersistentEvent:function(){this._getArbiterInstance().releaseCurrentPersistentEvent()},registerCallback:function(a,b){return this._getArbiterInstance().registerCallback(a,b)},query:function(a){return this._getArbiterInstance().query(a)}};b=a;g["default"]=b}),98);.__d("TrustedTypesIEFixDOMPolicy",["TrustedTypes"],(function(a,b,c,d,e,f,g){"us

Chrome Cache Entry: 305

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.3073549220576055
Encrypted:	false
SSDEEP:	3://ICkY:fkY
MD5:	D1350737AA2FC66C4FB7CE249F6D3982
SHA1:	170EC76DB49625B980D344C320A50940F67762D3
SHA-256:	FA033FEE0CB53069896341CA6228F62A8569FCAE3CF521AEE1F1F59F18AD850C
SHA-512:	8CD284971971188C3DE229EA8EB742451E9E8C93C540E6404769D775F2291AE6822FDDE8AAB1BA8CB0495BB6795B2BD1630686C5F8EDB9DFF46A043AADA1661B
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSFwltiA9DexvDjhIFDcdAknMSBQ1TWkfF?alt=proto
Preview:	ChIKBw3HQJJzGgAKBw1TWkfFGgA=

Chrome Cache Entry: 306

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	164
Entropy (8bit):	6.560027690474973
Encrypted:	false
SSDEEP:	3:u1Zrql17vRGlYo0Dr9TpkNTF3N9aQgn+39IzWIkYutRCv3hCEKX/n:u1Z+l17vRGMhuRT9p3WzWeutkvRCEKvn
MD5:	C3D7960132B3DA262B721E88CFB2583F
SHA1:	1612089211858694E09F6F715F3A0B4145DBA674
SHA-256:	DE88165FA4D58B4AD531B6F8D8FACBC5DC00F73E96B617E503D36FEE29C53CEC
SHA-512:	F18E3F59F71CF7521938C90826FDC28BB7F3EF43749C4DBC48F46FD6FA1B293A58461B50E021B7569F4EDD55B5129C4755E61E3D4F1205B7535F5A572A6EBE45
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../.......$)...M.=.X.~..Qm.J.....@.Z.......{...m.FiS...`..V..l&Z*. "...V..(..N......c..eLp..@..+..$..;.3......D.&a;\|...H..R\|;..3..#XD..UR..>V..

Chrome Cache Entry: 307

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	28380
Entropy (8bit):	7.991834639898943
Encrypted:	true
SSDEEP:	768:E+VzwBbQXwsB2XtcujwdHH9BJhp17hM8uOiZpo4vrg:DzyYb6edTNm8uRpo4vs
MD5:	BA0A6C906A71BE67D7F6C5281869ADA5
SHA1:	E411A0CFB0A300F82E08149E702DB759D3383543
SHA-256:	C465EDFA5CE4437CFA77DCD33118293FD67C38532B706172FCF752FFDB3EB33C
SHA-512:	027EE8F5245819086D0D24A7DB83B203330D57C66D4C5C762C40656603D721FF3DCA7A489ABDF30B4A9162B16D48F425A4ECDAA216B05E19CD8F9FD32D922976
Malicious:	false
Reputation:	low
Preview:	RIFF.n..WEBPVP8 .n.........(.>Y&.E..!.j>\8...6...(.]3..WY.s.........g.hZ3"\|E...6=....~.~b\|..l........?..............?+.c.............>..?..n........................o.................../../.?...z.{).......+.....^.?.?u?....o...y.3.....p......?....G..\|...7....?..4>..../..._v.....;._._.?3..........S.....{.~/..K...5.3.........^..,.........O......P.....o.y.S.?...~........G......._.>.?._........\|G.2....k.:6t.;.o..=&..fb.L.R.la^.....?...0..D+T....8.^.%..R.@./8....F....%K.p..9.B..7.e.NP,..A&w.\|j.a,w.y<..d..M....<.?.+.idA... M..1.......{..YJ....He.[.0+8.+...u.<..V....<.p......n....jH).W..T..^...3.$.Z......0H.C`.....,.'.4..xh.....QvH......n.....-s.tS../;......cw~B..c..v.._......j....j3.....)..@.^.Bo=XH.un-.%..........-;..;.!CP...ys.I.............i..AW...x.6p.%.w.._..B.M...e!....:g....../.Dc.\|.@.X.z..IUJ.O..V...%.\|...}}?.....bV..?.s.-..h.....Vqo.."p(UF.8.c..4....&.TAE.e... ...3I.w...L......E..C.yuH.L..w.8vu...{.g..;..D.B.CqZ..... B8^....q.<....K3....\.

Chrome Cache Entry: 308

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7696)
Category:	downloaded
Size (bytes):	122254
Entropy (8bit):	5.717916394544469
Encrypted:	false
SSDEEP:	3072:1Zzh5mc+LktEhEZcUYhbsI1+/RYucMi20:LN5mc+Lkt+xUYhoBPU20
MD5:	0AB9F68427B29FE787CA47D6B53F0C47
SHA1:	B5D3D14DBDCE0E968206317A36B67EA76C33B4F2
SHA-256:	C8C20517497BE86876982EBD2E8BDECAF4B4A899D60C15F139E2CF35A756AD9A
SHA-512:	B005AA0F54DD671FC95137EED671F8B4907ED9751D2E18C6475C98FC7C3BBFD3FF1F990DB2917C7262362AEC5AC40097C641B2005AF392E4D026E8BCB7AEC840
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,IcVnM,JNoxi,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,j9sf1,kWgXee,kjKdXe,kr6Nlf,lazG7b,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,ovKuLd,pYCIec,pjICDe,pw70Gc,s39S4,vrGZEc,w9hDv,wW2D8b,ws9Tlc,xQtZb,xUdipf,yDVVkb,z5Gxfe,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=vNKqzc,fI4Vwc,sJhETb,JWUKXe,t1sulf,JH2zc,tBvKNb,soHxf,IJGqxf,wg1P6b,ywOR5c,PHUIyb,BfdUQc,oEJvKc,kJXwXb,aTwUve,indMcf,pCKBF,RQJprf,lpwuxb,NkbkFd,nKuFpb,zBPctc,jX6UVc,qfGEyb,SWD8cc,tKHFxf,rpbmN"
Preview:	"use strict";_F_installCss("@media (max-height:fit-content48px){.ZDGq3b .VfPpkd-P5QLlc{max-height:calc(100% - 48px)}}@media (min-height:fit-content48px){.ZDGq3b .VfPpkd-P5QLlc{max-height:fit-content}}@media (-ms-high-contrast:active) and (min-height:fit-content48px),(-ms-high-contrast:none) and (min-height:fit-content48px){.ZDGq3b .VfPpkd-wzTsW{align-items:stretch;height:auto}}@media (max-width:528px){.ZDGq3b .VfPpkd-P5QLlc{max-width:calc(100vw - 48px)}}@media (min-width:528px){.ZDGq3b .VfPpkd-P5QLlc{max-width:480px}}.ZDGq3b .VfPpkd-P5QLlc{min-width:calc(100vw - 32px)}.ZDGq3b .VfPpkd-cnG4Wd{padding:24px 24px 18px 24px}@media screen and (min-width:720px){.ZDGq3b .VfPpkd-P5QLlc{min-width:600px}}@media screen and (min-width:720px) and (max-width:648px){.ZDGq3b .VfPpkd-P5QLlc{max-width:calc(100vw - 48px)}}@media screen and (min-width:720px) and (min-width:648px){.ZDGq3b .VfPpkd-P5QLlc{max-width:600px}}.Gqr3Sb{--gap-width:12px;margin:12px -16px 0;overflow:visible;padding:0 16px}.yUFvre{gap:

Chrome Cache Entry: 309

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5054)
Category:	dropped
Size (bytes):	321313
Entropy (8bit):	5.404550595754886
Encrypted:	false
SSDEEP:	3072:b0z6spGcOUDTS1DoU5VLtvryGC3lK+M+GgXLecMBFv00NMkynoYjn1:b84tC3CgQP7In1
MD5:	2EB0FEA4C1E52C8F699B5DA2C36B6E94
SHA1:	0BAECA081ECBD7BBB3466C3EDEA8D1FBF6FCE8B4
SHA-256:	D53918D3068D02394B61E37DE24F055FEC595BF33A77E582E8474901253B6D97
SHA-512:	0904DEE578E603291F37DFD24A15DBDBD6486F877F523CC5906D86E902F6F7EE8F4D744E27A60FA6DBEB0850D94D60394B413832E3CB3519C40C1070A7B7D44D
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("relay-runtime/util/RelayConcreteNode",[],(function(a,b,c,d,e,f){"use strict";a={ACTOR_CHANGE:"ActorChange",CATCH_FIELD:"CatchField",CONDITION:"Condition",CLIENT_COMPONENT:"ClientComponent",CLIENT_EDGE_TO_SERVER_OBJECT:"ClientEdgeToServerObject",CLIENT_EDGE_TO_CLIENT_OBJECT:"ClientEdgeToClientObject",CLIENT_EXTENSION:"ClientExtension",DEFER:"Defer",CONNECTION:"Connection",FRAGMENT:"Fragment",FRAGMENT_SPREAD:"FragmentSpread",INLINE_DATA_FRAGMENT_SPREAD:"InlineDataFragmentSpread",INLINE_DATA_FRAGMENT:"InlineDataFragment",INLINE_FRAGMENT:"InlineFragment",LINKED_FIELD:"LinkedField",LINKED_HANDLE:"LinkedHandle",LITERAL:"Literal",LIST_VALUE:"ListValue",LOCAL_ARGUMENT:"LocalArgument",MODULE_IMPORT:"ModuleImport",ALIASED_FRAGMENT_SPREAD:"AliasedFragmentSpread",ALIASED_INLINE_FRAGMENT_SPREAD:"AliasedInlineFragmentSpread",RELAY_RESOLVER:"RelayResolver",RELAY_LIVE_RESOLVER:"RelayLiveResolver",REQUIRED_FIELD:"RequiredField",OBJECT_VALUE:"ObjectValue",OPERATION:"Operation",RE

Chrome Cache Entry: 310

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	278
Entropy (8bit):	5.085951538066368
Encrypted:	false
SSDEEP:	6:U4SO01urxOcHOhldrfEHF3+lLB3ZXKbp7w8Q1hdrfEHTI:U4SO01u0cilSl+llip73AhSM
MD5:	0859F0E01014515A05F1738B1AD2975D
SHA1:	2CE5A8530A35A3DF627384C63ADD94B4324AB222
SHA-256:	D617F26025F9D24F380F09A7FA7BEC6D0306163E75DE36E17FC198F4D8450A5B
SHA-512:	9809005EC4A132241800953B2B0942938BD8C57BFABCF921DC2902B99A2394D9E7BE06D008230ACF2AB0BE746247B1633F15C47A01C945C1BA68067583F93DF8
Malicious:	false
Reputation:	low
Preview:	"use strict";function genVNVoucherReminderMsg(e,n,r){var t="";if(1==r.isThirdPartyMerchant&&"1Pay"==r.paymentChannel){$(".confirm-content").css("height","350px");t=e+" "+r.channelPrice+".<br/>",t+="<br/>"+n+"<br/><br/>"}else $(".confirm-content").css("height","260px");return t}

Chrome Cache Entry: 311

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2283)
Category:	dropped
Size (bytes):	206819
Entropy (8bit):	5.504897204843881
Encrypted:	false
SSDEEP:	6144:5oNdfTAiHfOBMm6OFrNNyNDVzsMLm6JkrrTBwQ+z4ATWDq/agzTKPyT1477UACsX:5oNdfTAiHfOBMm6OFrNNyNdscjkrrTBN
MD5:	EA30841C103AA706F053368755C17913
SHA1:	F0C5EFFD12204C370BA1E2F2211E7546E37320E5
SHA-256:	C40DFEFF0F0EC1322295523FAA711031A263464AA5B2C813441D88B612B9951E
SHA-512:	43C78248E2543FFCAB2D6BC982728FCC20E0D20B5791F49DF24F5365D838C4A6C251C431960BEE6A15BE41ED424DC2756186A0824D5965FA3803FAAADF014E08
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x19b747, 0x103eba3, 0x3f00c093, 0x18c1c783, 0x1, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT./.var baa,daa,iaa,kaa,Ia,saa,xaa,zaa,db,gb,Baa,Caa,Daa,Eaa,lb,nb,Gaa,Iaa,Kaa,sb,Naa,Paa,Qaa,Taa,Waa,Yaa,Zaa,cba,fba,$aa,eba,dba,bba,aba,gba,lba,mba,Nb,qba,tba,vba,uba,wba,bc,ac,zba,ic,Dba,Eba,Gba,Fba,Iba,Jba,Kba,Mba,Lba,Pba,tc,Qba,Rba,Sba,uc,Uba,Vba,xc,Xba,Zba,$ba,Lc,bca,cca,Ic,gca,hca,Hc,Jc,kca,rca,wca,xca,yca,Zc,Bca,vca,hd,Tca,gda,xd,ida,yd,mda,oda,Cd,vda,yda,xda,zda,Ada,Bda,Cda,Dda,Fda,Gda,Kda,Mda,Rda,Sda,Zda,$da,aea,

Chrome Cache Entry: 312

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	32964
Entropy (8bit):	7.9935503488862425
Encrypted:	true
SSDEEP:	768:MifyXSTpNaWPTbZYOZ/d1gECeEjTfId7+0Gx3gni0TiuatYa3:MiSST2gTLZ/D2jM7w6iEiFtYO
MD5:	8CEBC7FC52C8B250D3F811C5D4F97BD3
SHA1:	D16D2D98D353ADF1370A5EABC38731C93FA3858D
SHA-256:	6B7FE143F75B909062F47101082BA1FDCE1A53279995133120F90D84B545681C
SHA-512:	D10B7CCEAEE2EACA452A058CBF2C860EB70AA083B3FB2D4D8A07B6C9AECEE08E4B2CF5FDA7BE1541A010A130EBA298812E7A67185B447D8AE8D1853FADAABA0F
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 ....0......(.>](.E....6..p..jn-..I......._<..v......O......;.+....s.....=.....2.b...g.....3?....e.........@..........o....z?...~`\|....'.O.O...O.....{........W..............?...K...../.................w..7..`......?...z:......)\|.............w.M...?...\|.._.}.........p....}.......0...........?..._..+..q.}.../....\._.......?..Y...o...?.?7.....-.....G..............o...?..+.....Z.u......._O.....U.................i...w.O............>....w$.....'c.{yU.Y........"....$.}..../4.]..{..fC....-_.......O.gA....Cx1......e..s.:6@....&...R.......<..Z..0?.#....C.....@...&.......T..,.#.c(b.....N.I.....r....>..l.?-.V.w.....QGY...z...#z.G..<..l..K...A .q`..0.!.... '...X...f.#....0U.ok....9..N.".9U.....a........)......,..{.a1...r<..1.>...SSu...`Ub.?=^...c..d.a..:[A.....$L.\|)...6..w,.W.o......D.k....L.*.6.}...a..U..=.W...2..C...kVS.W .......W..Vf.E7.o.3m....p...y..T.B.3.....9...HA.......5n].8..=}T.&.r.b-..}d.......z..Q...K^{M{...Q....{E.X...;LO....P..5.

Chrome Cache Entry: 313

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 138 x 41, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2631
Entropy (8bit):	7.847895333366294
Encrypted:	false
SSDEEP:	48:NjPb2/U5P3PgXXXSWNrCFO0UGjTO7OWucmdKRNMhK64fGDCNTV:1T2/IIXXC4CR/eqKwGn
MD5:	E7EBC6C74EC20EA3614970E178217C10
SHA1:	F667FBC525F046F8C6D7617541884C4D6ED52478
SHA-256:	19C2B75FE23AE2238ADBD7F34901396D4120605D9028C2FCC7BD3C010E27EF9A
SHA-512:	919503E8BB602EA51AD0D92B3AFD7DD5701B5F2D3E28D8ECBF90D632AFDB7C14FCFDBA99F60F2BB6796DB536D3461882318B7DC0136E40B3D93556774BC30677
Malicious:	false
Reputation:	low
URL:	https://d1qgcmfii0ptfa.cloudfront.net/S/content/mobile/images/google_play_coda.png
Preview:	.PNG........IHDR.......).......A.....PLTE.........pppBBB...LLLccc...XXXooo...jjjggg{{{........................{{{.........qqqssswwwxxxccc\|\|\|qqq222......................................u..................+++......222666.....................""".........**...............]]]hhg...............LLLaaa..................... &&&(((///>>>.5Grrryyy~~~.....................;;;BBBQQQRRRpppuuu.............................333999HHHSSSVVVkkknnn.2H....................................EEEOOO...........w................-L.7E...\|\|{..m....#.ZZZ.,<.....................W...!I.%?.N./N.o..m..o...o.~"..}..z.........!..w.%../.d<UM..#7hZ...J..Deeefff.1F..f.o...........p..p..z...........<............?..@..+$./..H.I+..E<..[6KD.. D.'@..O...dcc....,J.3C..[..].x...l.x...r...\......................}..9.....=.........-.k....#tRNS..!"$1<CVZ^aeht.....................0......IDATx...w\|.U........../......f.I..&A3$M.6..Ym.-m..t/.j............{.............#yy....~...qJ...M.6....a}.G....cNe@..S,b...V..N...

Chrome Cache Entry: 314

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9217)
Category:	downloaded
Size (bytes):	231862
Entropy (8bit):	5.4580370109650715
Encrypted:	false
SSDEEP:	3072:5fLeYH8At6JK37OeR8NteGvQ+AMPpgArl0xYu5s713hW:5fLeYc+6JaH8N7QQGArHu5s713A
MD5:	3E34065323CCD70417621B0687E56775
SHA1:	F63D803164D63317D51A708C942FF511725A9E16
SHA-256:	5EBCE957851EB83517851E8613F012EB45AA4EBB6142B92C30B7D9492C874E22
SHA-512:	EDB02D4A93A15771FB0768C8A45F3DBAF0908E5C450737D59AF5804840B10E33C0955831B4B6B3F3362A839CC8DBEF2169667F4FDFB40299FDCB80E8A16051EA
Malicious:	false
Reputation:	low
URL:	https://connect.facebook.net/en_US/fbevents.js
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 315

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1906
Entropy (8bit):	7.864505656773085
Encrypted:	false
SSDEEP:	24:V+5OX09S4axQxbjR4xITCnu6iZA+8d7f2GOi2IPEBhur+lKRYgkBbdK5U/Y65jao:s5VZmxqCu6iqnCuDI7CY3JK5URj0lRLQ
MD5:	BAD0C63AB1EE3F4662F15E0370EF502E
SHA1:	2F9DF0528C0E6D8E34FD50267FFE6150E5987E76
SHA-256:	3F0383F07B55D6104D7C11651E31603974260E992231FCD0B6BCC2A984168B18
SHA-512:	9D61CEC5363A0A5CA2494B8DD42E25C1B61F0089F12DE0F3ABFB96705B55D4113048C841F47519A60CF3DABF23E9A85C244A8676B68B030583C708D77593D95E
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/xFT8o4tZjHkrDeLOh3fJsAQ5y0ZD7JJz6tWa_bOU-kU9H_D_iKILb4XAvMfhmSYWXV0F=s64-rw
Preview:	RIFFj...WEBPVP8X........?..?..VP8 "...0 ...@.@.>i(.F.".!;......l..9A~...9O......M.7.n.9..3.y.y.~...u....G...W.......^......Z.._.....~..F........<=.&3....Ml+.....54O..U.....a......,U...).7x..9.m...2......h...J(.Ho.=.&O..!..Z..Q.(h.,.....\|....[...(9..B.].....v..3..X.rj:63.Oi..x;..\|6...B..X..........'a.......!.b.W.....c....R..Mqsd.ma.z._..L`......g..[.k..q.......G.8..w.k..y.$0..1!...^.6..XFjD..K.Rp..9....d.@.5C0.=.}z.E#.S.._...O.5...IUpANY4Fr.b.3.uU).A.>/$qq\...i{c.t.s>.......$....Ak.......T....C.!.-Y&..G...z....J.u.,....O........fm.....~9.%.W..R.4E...5......NMi.....kR...O........P.u[o...........T...N.%C........Z....j..A....C..............Rt....i..]?BP..D.SJ#..#...tv\|$Q%.. ..e.......A..j}...eq..B...}..Zn..W\.K.Yw.`...B7.....N.rcKA.bVmx.. ......S9#o..'..nQ...8.K......L.~;V..R..6..........p..=......C.yO....I.z<.J.........,.YUO.~..dp.....h?...>..N=...Xi.....\|.l.A....%...3\...RV.u..+....5.._.......~...h../Q\..-uyT.......3..t1.}..._.......

Chrome Cache Entry: 316

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (706)
Category:	downloaded
Size (bytes):	3405
Entropy (8bit):	5.583924601098915
Encrypted:	false
SSDEEP:	96:kwLTDcB3eTH54uJ6jKwYtI1XLzh48eLlL0aivFZUl:BTDcpkAxo07C
MD5:	B238F13B364AFCD920425068B4ADA921
SHA1:	CB2BCD580203FB5C1F42F8ECD4F5A9163048A995
SHA-256:	0586A7F5F7EFED98BBAA46C7AA9B7E7E3152CFC515D6846C4BF6EA3E1BB4930B
SHA-512:	BBC2CA46DB574C1FE6D0388368414386AF3E6FC15E74132E3B7C28C8EDCA6C9BB2DA55D780365EE5A9696842877EB42DA8CF4BC1AA7DC9B8161CBF4119F38A87
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,C7s1K,EEDORb,EFQ78c,FuzVxc,GkRiKb,I8lFqf,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,RqjULd,SWD8cc,SdcwHb,SpsfSb,UUJqVe,UZStuc,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,Z5wzge,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,dfkSTe,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,q0xTif,qfGEyb,qqarmf,rpbmN,s39S4,sJhETb,sOXFj,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,yNB6me,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("Wt6vjf");.var vdb=class extends _.z{constructor(a){super(a,0,vdb.ke)}rc(){return _.dh(this,1)}mf(a){return _.zh(this,1,a)}};vdb.ke="f.bo";var wdb=function(a){a.gI&&(window.clearTimeout(a.gI),a.gI=0)},xdb=function(a){const b=_.ZK.get(window.location.protocol=="https:"?"SAPISID":"APISID","");a.GG=a.JE!==""&&b==="";a.AO=a.JE!=b;a.JE=b},zdb=function(a){a.Xz=!0;const b=ydb(a);let c="rt=r&f_uid="+encodeURIComponent(String(a.YI));_.Ek(b,(0,_.Ze)(a.N,a),"POST",c)},RL=function(a){if(a.uM\|\|a.Xz)wdb(a),a.gI=window.setTimeout((0,_.Ze)(a.H,a),Math.max(3,a.PE)1E3)},ydb=function(a){const b=new _.Yn(a.CV);a.QJ!=null&&_.jo(b,"authuser",a.QJ);return b},.Adb=function(a){a.GG\|\|(a.Xz=!0,a.PE=Math.min((a.PE\|\|3)2,60),RL(a))},Bdb=class extends _.Vj{wd(){this.uM=!1;wdb(this);super.wd()}H(){xdb(this);if(this.Xz)return zdb(this),!1;if(!this.AO)return RL(this),!0;this.dispatchEvent("p");if(!this.YI)return

Chrome Cache Entry: 317

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1881)
Category:	downloaded
Size (bytes):	42032
Entropy (8bit):	5.4396672543265145
Encrypted:	false
SSDEEP:	768:PSKy4A6Ds/WXJ1ybAFSUTufN8IYEmDZomkteZF3xovyVUs20ovENKFGE1Mr/+LVu:sN/W7TufN7HePD2JGE4/+JY7dOXsciZx
MD5:	C13B9A4C39C3D503D3400FC3AABCD6D5
SHA1:	D96A1662B14AB8CCCE4C65EE6895F0307B969889
SHA-256:	CF1ABED5A56B0FCFBC07AE43BE73EB509237EEF856A91D21252DFA76FCC32383
SHA-512:	DF3B9BF54CC39A7EF374B3FAEB6A5718CCF3BAE140DDE138195512B0EAD0A0B61B8F0CDB40B57BFE490EA561A0021A3480A0B54605D102309408A2BA2F0C364D
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=_b,_tp/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=byfTOb,lsjVmc,LEikZe"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.Iqa=function(a){let b=0;for(const c in a)b++;return b};_.Jqa=function(a,b){for(const c in a)if(a[c]==b)return!0;return!1};_.Kqa=function(a){return a.Kh&&typeof a.Kh=="function"?a.Kh():_.da(a)\|\|typeof a==="string"?a.length:_.Iqa(a)};._.Sn=function(a){if(a.Ci&&typeof a.Ci=="function")return a.Ci();if(typeof Map!=="undefined"&&a instanceof Map\|\|typeof Set!=="undefined"&&a instanceof Set)return Array.from(a.values());if(typeof a==="string")return a.split("");if(_.da(a)){for(var b=[],c=a.length,d=0;d<c;d++)b.push(a[d]);return b}return _.Va(a)};._.Lqa=function(a){if(a.tn&&typeof a.tn=="function")return a.tn();if(!a.Ci\|\|typeof a.Ci!="function"){if(typeof Map!=="undefined"&&a instanceof Map)return Array.from(a.keys());if(!(typeof Set!=="undefined"&&a instanceof Set)){if(_.da(a)\|\|typeof a==="string"){var b=[];a=a.length;for(var c=0;c<a;c++)b.push(c);return b}return _.Wa(a)}}};.var Mqa,Nqa,Oqa

Chrome Cache Entry: 318

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16456)
Category:	dropped
Size (bytes):	64797
Entropy (8bit):	5.896844004732185
Encrypted:	false
SSDEEP:	1536:MMfob7CMhXZYVRnaBJiYI8Zfy2LZpJWDBcR:M7JI8ZfyypJWDBcR
MD5:	F6F3EA0CE90BEDDC6AF1974CED0046CD
SHA1:	7372D64BDF770C0738F8894B9D6CD0BF7F1FCB7A
SHA-256:	4DAE6F7AF264A7B69C4CD1F11650C7A878D775F7F7EFE0CA846DA1E9FABE0719
SHA-512:	90DEB5AB76BB04860E07B8F14B702918D77248798AD14262262FA1F5F7A84C7BEC828C908A95CB647FC1117CB9F95A0BC21B0AA17950D42E3B75F0D97A79A14A
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("InstagramMediaProductTypeName",["$InternalEnum"],(function(a,b,c,d,e,f){a=b("$InternalEnum")({LIVE:"live",FEED:"feed",STORY:"story",DIRECT:"direct",IGTV:"igtv",NAMETAG:"nametag",DIRECT_AUDIO:"direct_audio",CAROUSEL_ITEM:"carousel_item",CAROUSEL_CONTAINER:"carousel_container",PROFILE_PIC:"profile_pic",AD:"ad",AR_EFFECT_PREVIEW:"ar_effect_preview",DIRECT_PERMANENT:"direct_permanent",SELFIE_STICKER:"selfie_sticker",COWATCH_LOCAL:"cowatch_local",CLIPS:"clips",GUIDE_MEDIA_FACADE:"guide_media_facade",FUNDRAISER_COVER:"fundraiser_cover",LIVE_ARCHIVE:"live_archive",HIGHLIGHT_POST_FACADE:"highlight_post_facade",DIRECT_THREAD:"direct_thread",SCHEDULED_LIVE:"scheduled_live",RATINGS_AND_REVIEWS:"ratings_and_reviews",DIRECT_HEADMOJI:"direct_headmoji",CLIPS_PREVIEW:"clips_preview",REPOST_MEDIA_FACADE:"repost_media_facade",STORY_INTERACTION_RESPONSE:"story_interaction_response",MEDIA_KIT:"media_kit",TEXT_POST:"text_post",NOTE_AUDIO:"note_audio",DIRECT_MESSAGE_COMMENT_FACADE:"d

Chrome Cache Entry: 319

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1520)
Category:	downloaded
Size (bytes):	7557
Entropy (8bit):	5.307278907988037
Encrypted:	false
SSDEEP:	96:sZGR/3xRGij4CLT31kR3U7yhRBbYE82hSP2dEb/7cuOAqd9bOs+VLs8v:0GpxYuI3rRBbYE8uU2u/74Asu
MD5:	E4EB21DEDD8F8FA515D0CFCB689FB456
SHA1:	13727570F31C39D8CAFA14E12401103C9A85AAA7
SHA-256:	6F8040C11D4DDD9B41CDAEF91B853050B04DAC68E6767B4B5864A702CC41203C
SHA-512:	200BEB86C44610F84CA2AC8E60366D761A973FC6FDF0DBF2E45161A6B20A96EB1CEFF8006A441C40B3AE21D41B3196FDF663D90B6291D11D456C160331897A2C
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/M4irg7K3pmC.js
Preview:	;/FB_PKG_DELIM/..__d("BaseImage.react",["CometSSRPreloadImageCollection","ExecutionEnvironment","RecoverableViolationWithComponentStack.react","mergeRefs","react","stylex","testID"],(function(a,b,c,d,e,f,g){"use strict";var h,i,j,k=j\|\|(j=d("react"));b=j;var l=b.useEffect,m=b.useMemo,n=b.useRef,o={contain:{objectFit:"x19kjcj4",$$css:!0},cover:{objectFit:"xl1xv1r",$$css:!0},fill:{objectFit:"xz74otr",$$css:!0}};e=k.forwardRef(a);function a(a,b){var e=a.alt;e=e===void 0?"":e;var f=a["aria-labelledby"],g=a.elementtiming,j=a.isDecorative,p=a.objectFit;p=p===void 0?"fill":p;var q=a.onLoad,r=a.referrerPolicy;r=r===void 0?"origin-when-cross-origin":r;var s=a.sizes,t=a.src,u=a.srcSet,v=a.testid,w=a.xstyle;a=babelHelpers.objectWithoutPropertiesLoose(a,["alt","aria-labelledby","elementtiming","isDecorative","objectFit","onLoad","referrerPolicy","sizes","src","srcSet","testid","xstyle"]);var x=n(null),y=m(function(){return c("mergeRefs")(x,b)},[x,b]);!(h\|\|(h=c("ExecutionEnvironment"))).canUseDOM&

Chrome Cache Entry: 320

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (20398)
Category:	downloaded
Size (bytes):	356266
Entropy (8bit):	5.402700905715015
Encrypted:	false
SSDEEP:	3072:Wjx6JPK5lD6E2yjEKLPGMZMg9bV4XG77jzf+WEf8/:WsJyDD6E0KLPGMZZ9bVj7+WEf8/
MD5:	7038475B342145FDF3A6BA1A53656D60
SHA1:	E887CC085B2F30B992E8771C5AB87C51876B3DF9
SHA-256:	7056C7278A0C812D8B5EBA4AF697FFB179974D0B73BE0892D54D06D621ED52BE
SHA-512:	A1E93778F6E6084303802507B1C0A6B217A90B59E8CE3EB2D12996BE97C72432708694C7C222205DEFD3445631B1F04B28E48FDAC5FB6027B807505A6A540EE8
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/iM5C1okGJtU.js
Preview:	;/FB_PKG_DELIM/.."use strict";(function(){var a=typeof globalThis!=="undefined"&&globalThis\|\|typeof self!=="undefined"&&self\|\|typeof global!=="undefined"&&global;if(typeof a.AbortController!=="undefined")return;var b=function(){function a(){this.__listeners=new Map()}a.prototype=Object.create(Object.prototype);a.prototype.addEventListener=function(a,b,c){if(arguments.length<2)throw new TypeError("TypeError: Failed to execute 'addEventListener' on 'CustomEventTarget': 2 arguments required, but only "+arguments.length+" present.");var d=this.__listeners,e=a.toString();d.has(e)\|\|d.set(e,new Map());var f=d.get(e);f.has(b)\|\|f.set(b,c)};a.prototype.removeEventListener=function(a,b,c){if(arguments.length<2)throw new TypeError("TypeError: Failed to execute 'addEventListener' on 'CustomEventTarget': 2 arguments required, but only "+arguments.length+" present.");var d=this.__listeners,e=a.toString();if(d.has(e)){var f=d.get(e);f.has(b)&&f["delete"](b)}};a.prototype.dispatchEvent=function(a){if

Chrome Cache Entry: 321

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 51 x 36, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2216
Entropy (8bit):	6.6961302583271225
Encrypted:	false
SSDEEP:	48:B/6BMYL4knA9WIM81/c0SkUL3T9HAq3SHAU4O6iufN+dgDrzRTM:BS+YkknmWIM81/ckE9HAPHAU4OPDGDrG
MD5:	123C968B7D12FCF714B9D2AF208D666A
SHA1:	E81C6311BE251AC7A4174D6A16C772E8AC78528E
SHA-256:	DCF5DC23BFCA5D9B4B2A36C9DB76F5375F51417BDE2B33F1C60E3925C814D361
SHA-512:	1C6E238E571C04F7564D6A382BE2141C4F7D4AE7632FB6923771F6E5EDBFA424D26431438B8CCFA96BF271A114C48984FC2FBD48FA6BFF68D23E3117990EA716
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/social-media-logo/36/socmed-youtube-H36.png
Preview:	.PNG........IHDR...3...$.....$r......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:52+07:00" xmp:ModifyDate="2020-04-24T11:32:50+07:00" xmp:MetadataDate="2020-04-24T11:32:50+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:2ae217ec-6f1b-4610-8d8a-7b6c7caf0ff7" xmpMM:DocumentID="adobe:docid:photoshop:99720a90-8db4-0b45-9d3f-0d132e926

Chrome Cache Entry: 322

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.212477523177281
Encrypted:	false
SSDEEP:	6:kRZzRxVvnGlUu6SoF/AuGNG/QVIly5hiDiJZwQRaNw6JpyxZRNlad0:kRZTFGlqScSI/AIwijkbRN20
MD5:	660C8C9C75922986FC04999BC03F4765
SHA1:	574DE7574A155C8B7CDF592580EA6F81827F9848
SHA-256:	DB69993C3B0D33E22C6B5E9A2E0FAF219F28FC1CBACB3BC5385CE6D9FEF30877
SHA-512:	1B621E1BBA820BF888C779B7C4F3D5AEAAD19E13953123103016C56F1FCAFB7E1AB2615BD75FDA9174D3AA3BDE862FF31618A80BB0177E609937B9BCAC08874E
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("C7s1K");._.qr(_.wEa,class extends _.rr{constructor(a){super(a.ta)}H(){return"C7s1K"}N(){return!0}Xa(){return _.g4}});_.$q.C7s1K=_.cD;._.w();.}catch(e){_._DumpException(e)}.}).call(this,this.default_PlayStoreUi);.// Google Inc..

Chrome Cache Entry: 323

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 231712, version 1.0
Category:	downloaded
Size (bytes):	231712
Entropy (8bit):	7.997989633392637
Encrypted:	true
SSDEEP:	6144:vjpKPgUn1+TlJ7YkfhelJ5Hl6YohloFU4yy2sL:vc8TL7DWf3oDVy2sL
MD5:	FCCD49E77F1D0FE7552D11EC3697A5C7
SHA1:	0314A4D1109FD76BEB5AB8F28A402F920FC2A225
SHA-256:	405DAE7456BC82C5F43ABDE71FDDDDE1BE42A759B1CC7DB12756D3C119AE5457
SHA-512:	CD2E160021654C9C466FE9E0DB6CC8E70511C8893EE8E34507661F1B6893F09D70AB84310B8971D6224F5D199060509FDF067A6AB0F7498088FF889488D69850
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Italic.woff2
Preview:	wOF2....... .......X............................... ..l.`..&..f........,..H..@..6.$..<. .... ..9[......[:......K .@j8\.".... ....P#.._M.y.K.......1.,D.....A.5$.. .X.....!r.]..x.;G.".<.o...................................=...}...... $@XV!...."X.T@.(Z.i.....3.&@..X...0J$.0.E.T...0.d.0.r$y?..{V.....W,...{$.A....NE]..{....g./.>....x..:)..P.<..).#..<.=\.P..V.=..6...-.....a@Q.L.A.....'.... ........&.8H3.#Y0g.l.uZ.&...cd.g.(..=.s;_D..L.-8.C-...+.BR.(X.#.%.........D.o.//C1H"!A.D...H_..x.2.b.........I..5ADWW.....u.i.3....."..........T.....<.o........JB.3...-.;%.ZlG[......E7.v.k.[Y......./x........{ .^..by...U_.y.O....(K..T.q..F:Cm.c..[.h.9...<jSE../E."..."aM...]..2N:..>4.&..!u.GB.$....O..v..vP.....4..0..,.......Px.8.(...V.x..<.Y.Fm.l...._..*.0.&.~..O..Fh}.B/...8.....t.c...v..$xb=..D...q..-L.P...R. .U@.).........[$h..6....G:1.R..J!.swc....^....h.z.k4Xsd.u.A.-..:....w..s.O..z.JQ.r....q..i.o.....@r..s;}J..&.c.7;b.l....1?..&.$.5...T..P....Z$A...;p......

Chrome Cache Entry: 324

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6861), with no line terminators
Category:	downloaded
Size (bytes):	6861
Entropy (8bit):	4.977583145013348
Encrypted:	false
SSDEEP:	192:dehiA6fqNDP3hLrv1fjujSjKjLjRxyOk63Kk12v6u:O6fqNDPxLjexyE3d2v6u
MD5:	5566E671B1A56ED10EE4665797BCA5BA
SHA1:	4E1268E9E8CC9B32D46D9E9B64052CA61CC0C688
SHA-256:	BBF453AA757D9EE7314E68E9F134A58C34FAC46D39BFBF282F9E8E03DBEA7DF0
SHA-512:	61D543EA72F6609D61DE7ACE3D832C94B9D40E0425311B66BF24DEEE11459046925DDAD818984F3B9C456F8E409D80D0924B8EC5F4F0B8FD43EB6D5A7DA44750
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/css/shared-topnav2.5566e671b1.css
Preview:	.logo-image,.search-icon--productpage,.search-icon-container{cursor:pointer}body{margin:0!important}.top-navbar{box-shadow:0 2px 1px 0 rgba(2,2,2,.25);background-color:#fff}.top-navbar.top-nav--productpage{display:none}.top-nav-container{width:100%;position:relative;max-width:760px;padding:8px;margin:auto;display:flex;align-items:center;justify-content:space-between;min-height:50px;overflow:visible;box-sizing:border-box}.theme-page--all-results .top-nav-container{max-width:960px}.product-page__container .top-nav-container{max-width:1280px}.slogan-element{font-family:Lato-Light,NotoSans-Light;font-style:italic;padding-left:10px;color:#333;margin:0;display:none;line-height:25px;vertical-align:middle;-webkit-font-smoothing:subpixel-antialiased!important;-moz-osx-font-smoothing:grayscale!important}.logo-container{display:inline-flex;flex-direction:row;align-items:center;flex-wrap:wrap;height:28px;overflow-y:hidden}.logo-image{max-width:100%;max-height:28px;width:auto;display:block}.search-

Chrome Cache Entry: 325

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5552)
Category:	downloaded
Size (bytes):	180712
Entropy (8bit):	5.299521308031669
Encrypted:	false
SSDEEP:	1536:R7hpwNC9ZK0BK01QYaKTZ02LKVsdmpyKcicgbJ9QIZQPBHete01pFF8nu1B5i65+:R7D9ZKAKBYaKj8wKcHgbPF0A9r8ne58
MD5:	74090B5AF95943571A91076ADDBB8827
SHA1:	35B6AA7D52B106CFBA77A3B7ABDA49D0BE46612D
SHA-256:	6068484A24E9B03A5CFEC9A6DEEFEC88062C2F3586EE4BBBD47963DC4EA64BED
SHA-512:	41F7C373E5385D8E31B17C9783743EAD55F440FA39213B205EDB035749B01099A55AC2B5BC98ABBD9A047F7832AEA9E02C461190903E4C1E63900AF238074679
Malicious:	false
Reputation:	low
URL:	https://connect.facebook.net/signals/config/916139058437464?v=2.9.169&r=stable&domain=www.card.xn--6qq986b3xl&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 326

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1434), with no line terminators
Category:	dropped
Size (bytes):	1434
Entropy (8bit):	5.782287307315429
Encrypted:	false
SSDEEP:	24:2jkm94/zKPccAv+KVCe2TLph9gFB5vtADjkrDQndcl/1t4glvllLtw1aWDAQosLc:VKEctKo7LmvtUjPKtX7S1aiRLrwUnG
MD5:	E7F4945A3458503BDEE0AD9476537604
SHA1:	CD049E2F8F9D05ABC087BBEF7EFEDA01EFB0F3A6
SHA-256:	8AB3BC08E25F6A7E24EF75EE66ED06360BCEEACE487D22822D7724B3F2BBED50
SHA-512:	BD30B50396E0015B723FFD185972E37094A5CFF4A42CB5AE5D439AE3B85F2735F33145B363E2657AC174D66ED2E3F97FC0C2BFC9FDEE6B06C61E5A01FD1CFF34
Malicious:	false
Reputation:	low
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!=='control_1.1'){d.head.prepend(m)

Chrome Cache Entry: 327

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9052)
Category:	dropped
Size (bytes):	1247853
Entropy (8bit):	5.459953481744206
Encrypted:	false
SSDEEP:	6144:vdCRGDK8O0hgrYAktKhpJSLGbv9w7ssRE5207Q9B9F/+F5j/KnAqogvK9aXJoFm6:VM/ktLGxw7cTp+g1eVuX
MD5:	B09BCC84FD863C39249CEF83297363A6
SHA1:	B2DC44BA268B139589D13EA1812BC574B74D93B1
SHA-256:	C7D8B47D64961E18375324ED735DD494D743DA918F5728ACB867907C99335D89
SHA-512:	0AFF5A915E0DF6A83B018D523ECAA0F72711DDC0DB56BA4F1320FBEE993A8EBDFFBEC639BFEE165E66B7EA20FC87E365F0CA1F49EA57AE31681CA4B4B9366695
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("AjaxError",[],(function(a,b,c,d,e,f){a="ar:error";b="ar:timeout";c="ar:proxy error";d="ar:transport error";e="ar:http error";var g="ar:parse error",h="ar:noservice";f.ERROR=a;f.TIMEOUT=b;f.PROXY_ERROR=c;f.TRANSPORT_ERROR=d;f.SERVER_ERROR=e;f.PARSE_ERROR=g;f.SERVICE_UNAVAILABLE=h}),66);.__d("AjaxRequest",["AjaxError","ErrorUtils","Keys","PHPQuerySerializer","TimeSlice","URI","UserAgent_DEPRECATED","ZeroRewrites","clearTimeout","killswitch","setTimeoutAcrossTransitions"],(function(a,b,c,d,e,f,g){var h,i,j,k=window.XMLHttpRequest&&"withCredentials"in new XMLHttpRequest(),l=[];function a(){var a=l;l=[];a.forEach(function(a){return a.abort()})}function m(a){a.onJSON=a.onError=a.onSuccess=null,c("clearTimeout")(a._timer),a.xhr&&a.xhr.readyState<4&&(a.xhr.abort(),a.xhr=null),l=l.filter(function(b){return b&&b!=a&&b.xhr&&b.xhr.readyState<4})}b=function(){function a(a,b,e){this.timeout=6e4,this.streamMode=!0,this.prelude=/^for \(;;\);/,this.status=null,this.$1=-1,this.$2

Chrome Cache Entry: 328

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 38 x 38, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	802
Entropy (8bit):	6.730321524502597
Encrypted:	false
SSDEEP:	24:GaByyEMDsiaXvDUbVdxQXHoyb9K7HjGY6LMr/:G88MDs9vu3xQXHKCor/
MD5:	20986D3FE0DDAC454B9F46BC34CE8952
SHA1:	DEFB0E4158B8A9576E663B240336A9BBB28D3267
SHA-256:	D7ECE5222547615BCB5066478F209B6A3E7C3B3C88667972E937C8481688EED7
SHA-512:	1254F83A4331002DAB51948F74C680C3BD7B960F9EF034BF606A80BBAE0D8132ECCA0002660988D7F596D715CAFB70FA79FAE749FBC67F9323E12C63E9BFED7A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...&...&.............PLTE........+..$..9..3..0..-..+.....,.....,..-..,..+..)../..-.....-..+..+.......-..,..+..+..-..,..+..+..-..,..-..-..,..-..,..,..-..-..,..-..,..+..,..+..-..,..,..+..+..,..+..-..,..,..,..+..,..+..,..,..,..,..,..,..,..,..,..,..,..,..,..,..+..,..,..-..,..,..,..,..,..,..,..,..,..,..,..,y..#...\tRNS............."#$%&(2356789@AMOQSTUWZ[]abcwx{~...............................................M.t=...^IDAT..}..:BQ...?..Q.Y%...c...)....9..>..{[.M...\.=.6.\|....Q..%.T.gCh1r...a4Yx...<.%.X...@+...`&...w.Q.............gp.....)..L...5..,..#.'J..yJop.(m.......-.5T..TL...z`.R......B.Z.V.."..&aMQ[D.Z.V.Z...^.vw.^....P.....f"@.Jq..,Q...E.....Fi..(.c8'...)..9.PD.,..0.......(.w....N.k.F.>...P.B.a 3.?+...a..Y....Gu.Mbglq:.V3%.i.Kl..:.f#.6"^*.My.h?@0W..../....IEND.B`.

Chrome Cache Entry: 329

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	low
URL:	http://www.card.xn--6qq986b3xl/css/popupLogin.css
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 330

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1443)
Category:	downloaded
Size (bytes):	3378
Entropy (8bit):	5.435501515008857
Encrypted:	false
SSDEEP:	48:VF8Hhlf1rcYV4aIdVzsNu0Lr0vxlwa2ga6zj+1zxxs8SHKQb7tPvdBXmw:wflNLr0A2vsdxgNvdFj
MD5:	8E9F0DA1F3DC0953D777D5C487191580
SHA1:	41459B3414F74FD3F75B0DF15B0114A03BA318C9
SHA-256:	6AD427B0D7E820F3EC29D6370EF4D3F8BA93D0DD0393DA8B530004C3BC57800D
SHA-512:	9846C198A808C00BE65355E47A4EAAF9041AB57E23D7DB03DA1EE19A64F5B2010A37EBFCCF1636B4B5E01BBC6250B8A56ED255F4ED34ACE6A66CC551C0ED9ADC
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/4XHx378TeEo.js
Preview:	;/FB_PKG_DELIM/..__d("CometLinkTrackingUtils.workplace",[],(function(a,b,c,d,e,f){"use strict";function a(a,b,c){return a}f.decorateHrefWithTrackingInfo=a}),66);.__d("RDFDRequireDeferredReference",["RequireDeferredReference"],(function(a,b,c,d,e,f,g){"use strict";a=function(a){babelHelpers.inheritsLoose(b,a);function b(){return a.apply(this,arguments)\|\|this}return b}(c("RequireDeferredReference"));g["default"]=a}),98);.__d("requireDeferredForDisplay",["RDFDRequireDeferredReference"],(function(a,b,c,d,e,f,g){"use strict";function a(a){return new(c("RDFDRequireDeferredReference"))(a)}g["default"]=a}),98);.__d("TimeSpentArray",["Banzai","TimeSlice","clearTimeout","pageID","setTimeoutAcrossTransitions"],(function(a,b,c,d,e,f,g){var h=2,i=h*32,j,k,l,m,n,o,p,q,r,s,t,u={},v,w=null;function x(){return{timeoutDelayMap:u,nextDelay:v,timeoutInSeconds:n}}function y(){if(j){var a=Date.now();a>p&&(r=Math.min(i,Math.ceil(a/1e3-o)));a=D();a&&j(a,v)}C()}function z(){A(),m=c("setTimeoutAcrossTransitio

Chrome Cache Entry: 331

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	37386
Entropy (8bit):	7.993958325487087
Encrypted:	true
SSDEEP:	768:1PK0bNv9X3mcPMNAAy8qgFsunp+UTDxtcx/kIp0o7nTQI8Tgu14eunS9QJtMHxP:pPNF9mlPkUTDxtcxTp0Awgu14eoNt89
MD5:	55E76BCD844AE277B16B7448659BDECD
SHA1:	3B796473595F2881B3BC54BCCF74C3C834FE9CC8
SHA-256:	50343F31F5B542246959A147F9C3AFB32701A7864E3D575251E150A94EF957C0
SHA-512:	1CE4DB565BC88C68C0B52EE171F92A9FC07BDFFBD418BEA3A95F1BE6E5F2511AF19E186FF0C3EAD791E8B338E2E0D5AAA8F66DDC2D561C4FF42BD46110FFE261
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 ..........(.>i.E."..-WL....llC.j"_..f....M.`...0.af.92{........._.o.....o....o............\|o...P.b...../._........Q.K.......O._..a........................]..g....._ _.............o.....~.?..........K.7...........?.{.........^0.s.o._r.......k.<......>..@.Q....._0.......?...z..Y.G...g.............k....~T\|L}w...}....e.....g./c....~..........?.?..................~......?.......=...........;.....G.7.N./N\|f.. W.......C_.:...j:.}=.V.3...]s..7.i...N,3e.'kIQ..5.T..........e..t.pQ...0.......^_.@..z(.......yp7.p...KR.Q.....vo.<..1..U..u.....a..._.j..R$.cZFw.X..\R..J../S.....>.N+6......Ax.....gPq.#............^.XX......M.P......j...3.......a.K.+.....r.g....TX...{........!..~....m.0.f....hqt.. ..Y.V.....6i.g.Y...J..........<..w.P`w..b.C6...'P......m.(onC.H..p6...a.>`7.Mud.[L..u..7&...)H.b....}....yF..[...c.#....Fl.5....5!.w.#..g....0..v^...<........X.....K".....V..QNa>....tp.6.Q1.o..)&Za=...h..L...4.^?...Q.BM..^..l. 5...v.....C.A.pf..T.

Chrome Cache Entry: 332

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (520), with no line terminators
Category:	dropped
Size (bytes):	520
Entropy (8bit):	5.265111984652385
Encrypted:	false
SSDEEP:	6:KZakkQC9KZULk731wqz7o2v/2v32QmTZDM/w37o01D2BZMI:0akQ9K8k731z7xvuv3XmZoIN1DO
MD5:	4A7A9740BCF8062898A69CB939B84746
SHA1:	948BBEA618CAE328D0ACB4CEA603023DA671358C
SHA-256:	C636BD0EA30E4E99B8EF807C5561DF5064F8C1BD84B08038CDAD8BDF989C7822
SHA-512:	25F28582AF320DA8B433B18B2CB098BA878EFCEFB062F45865C8619CB6E4EC638CAEF07A119AD1B12E154BEE396D607179AE19D6DC0EF9A129ADCD2F4C2ED47D
Malicious:	false
Reputation:	low
Preview:	"use strict";var CODA=CODA\|\|{};CODA.FREEFIRE=function(e,r){return{playerId:null}}(0,jQuery),$(document).ready(function(){$("input[name='freefire.userId']").mask("0999999999999999999999999");var e=$.cookie("freefire_playerid");null!=e&&(CODA.FREEFIRE.playerId=e,$("input[name='freefire.userId']").val(CODA.FREEFIRE.playerId)),$("input[name='freefire.userId']").blur(function(){CODA.FREEFIRE.playerId=$("input[name='freefire.userId']").val(),$.cookie("freefire_playerid",CODA.FREEFIRE.playerId,{path:"/",expires:180})})});

Chrome Cache Entry: 333

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (52402)
Category:	downloaded
Size (bytes):	56029
Entropy (8bit):	5.069639809499417
Encrypted:	false
SSDEEP:	768:Se3wl30MiCWNZj1kqUBlFXovmSuG8RcpeF3:SCwl30TXjUlF4OSvRQF3
MD5:	5191D4EA06BCC144E6774B0FE859528E
SHA1:	7A01E3DB400832724EA275F32BD2936DA83BA8F5
SHA-256:	BA2D68818246F93903142003B5D0DCF14C8536960078ACCD08F1D5813C61A485
SHA-512:	A8CF2CDC62F938013A055A3C56AC245D79B8EB8B04C4EE0B35BB9D3277BC5A9F434664FC09CAD1B134DEC5DFC543D7CA2C52F499EC04284E6A3FCEB212BD9091
Malicious:	false
Reputation:	low
URL:	https://static.zdassets.com/hc/assets/application-a42a464885a505c24ac3b0ab35047489.css
Preview:	:root{--zd-color-black: #000;--zd-color-green-100: #edf8f4;--zd-color-green-200: #d1e8df;--zd-color-green-300: #aecfc2;--zd-color-green-400: #5eae91;--zd-color-green-500: #228f67;--zd-color-green-600: #038153;--zd-color-green-700: #186146;--zd-color-green-800: #0b3b29;--zd-color-grey-100: #f8f9f9;--zd-color-grey-200: #e9ebed;--zd-color-grey-300: #d8dcde;--zd-color-grey-400: #c2c8cc;--zd-color-grey-500: #87929d;--zd-color-grey-600: #68737d;--zd-color-grey-700: #49545c;--zd-color-grey-800: #2f3941;--zd-color-blue-100: #edf7ff;--zd-color-blue-200: #cee2f2;--zd-color-blue-300: #adcce4;--zd-color-blue-400: #5293c7;--zd-color-blue-500: #337fbd;--zd-color-blue-600: #1f73b7;--zd-color-blue-700: #144a75;--zd-color-blue-800: #0f3554;--zd-color-kale-100: #f5fcfc;--zd-color-kale-200: #daeded;--zd-color-kale-300: #bdd9d7;--zd-color-kale-400: #90bbbb;--zd-color-kale-500: #467b7c;--zd-color-kale-600: #17494d;--zd-color-kale-700: #03363d;--zd-color-kale-800: #012b30;--zd-color-red-100: #fff0f1;--zd-co

Chrome Cache Entry: 334

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2707)
Category:	downloaded
Size (bytes):	18125
Entropy (8bit):	5.500820034723111
Encrypted:	false
SSDEEP:	384:2p5wewk9PjDr88sZIepIFzTbeQtzX3JmFHWMC1KjIXh:2p5wRgsZIe+hTbxHgFHtAKj+
MD5:	D24EBDF42C673FB29789B1F998DC5DB3
SHA1:	C23F6ADAA2521D9C80C06C3F0FFFEE3336E641BF
SHA-256:	BDE17F0A43479D9B8654D9FB24C694C63443A5B9D8FC954820DB4DD2A5066264
SHA-512:	6BAC6FF49E3D082D863AB558530BED7B6EB24742094CF9B80075DC58D2C11D3D4DCCB833AA0DA9A458236E784405CB2674D9270428E1E5B22A0D801D69D42A88
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3idxF4/yD/l/en_GB/XCfeZ1agvrY.js
Preview:	;/FB_PKG_DELIM/..__d("ChatFilter",["$InternalEnum","gkx"],(function(a,b,c,d,e,f,g){"use strict";var h=b("$InternalEnum")({DRAFT:"draft",FOLDERS:"folders",RECENT:"recent",UNREAD:"unread",ALL:"all",GROUPS:"groups",NAMED:"named",UNNAMED:"unnamed",WORK_UNSYNCED_CHAT:"WORK_UNSYNCED_CHAT",WORKROOMS_ONLY:"WORKROOMS_ONLY"});a=function(){return[h.UNREAD,h.DRAFT]};d=function(a){return a===h.UNREAD\|\|a===h.DRAFT\|\|c("gkx")("24511")&&!c("gkx")("24512")&&a===h.FOLDERS\|\|c("gkx")("24512")&&a===h.RECENT};g.ChatFilter=h;g.getSupportedFilters=a;g.isSupportedFilter=d}),98);.__d("ContextualLayer.react",["ContextualLayer","ReactBrowserEventEmitter_DO_NOT_USE","ReactDOM_DEPRECATED","ReactLayer","Style","prop-types","react","warning"],(function(a,b,c,d,e,f){var g,h=g\|\|b("react");a=b("ReactLayer").createClass({propTypes:{contextRef:b("prop-types").func,excludeFromHeroVC:b("prop-types").bool,context:function(a,b,c){if(a.context==null==(a.contextRef==null))return new Error("Exactly one of `context` or `contextR

Chrome Cache Entry: 335

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8051), with no line terminators
Category:	dropped
Size (bytes):	8051
Entropy (8bit):	5.786837721995434
Encrypted:	false
SSDEEP:	192:7ySZ86x+abuW1l0iXgsVq6Q3VDoDmEhCeGnZ/dMQMv:LpB11l0iXg1yhIeGiH
MD5:	EDE15D5E9F64ACA2AA962F6EB560C949
SHA1:	E8E80E62096EF772DE087B1B581ADCED502DBBB5
SHA-256:	038110C0642DBD16852472A77D906E2510B56A1421EEA296E0B4240A9DF13575
SHA-512:	A126989299072F087853313766252899C65D94B1CFCBD40CC400E57D8C884D1F30876DE6823CC1EEC9BA9072D8841FC64C7EC62DF78EF58F9A805BAE8B77E3F4
Malicious:	false
Reputation:	low
Preview:	window._cf_chl_opt={cFPWv:'g'};~function(V,f,g,l,m,n,x,y){V=b,function(c,d,U,B,C){for(U=b,B=c();!![];)try{if(C=parseInt(U(466))/1(parseInt(U(438))/2)+parseInt(U(465))/3(-parseInt(U(424))/4)+-parseInt(U(396))/5(-parseInt(U(482))/6)+-parseInt(U(434))/7(-parseInt(U(481))/8)+parseInt(U(399))/9+-parseInt(U(475))/10+parseInt(U(491))/11*(parseInt(U(483))/12),d===C)break;else B.push(B.shift())}catch(D){B.push(B.shift())}}(a,821428),f=this\|\|self,g=f[V(400)],l=function(a0,d,B,C){return a0=V,d=String[a0(454)],B={'h':function(D){return null==D?'':B.g(D,6,function(E,a1){return a1=b,a1(401)[a1(444)](E)})},'g':function(D,E,F,a2,G,H,I,J,K,L,M,N,O,P,Q,R,S,T){if(a2=a0,null==D)return'';for(H={},I={},J='',K=2,L=3,M=2,N=[],O=0,P=0,Q=0;Q<D[a2(445)];Q+=1)if(R=D[a2(444)](Q),Object[a2(417)][a2(468)][a2(446)](H,R)\|\|(H[R]=L++,I[R]=!0),S=J+R,Object[a2(417)][a2(468)][a2(446)](H,S))J=S;else{if(Object[a2(417)][a2(468)][a2(446)](I,J)){if(256>J[a2(458)](0)){for(G=0;G<M;O<<=1,E-1==P?(P=0,N[a2(463)](F(O)),O=0):P++,G

Chrome Cache Entry: 336

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (526)
Category:	dropped
Size (bytes):	7448
Entropy (8bit):	5.331602002000817
Encrypted:	false
SSDEEP:	192:7jFaLZ5Asd0x9ufi+1rniODiLpMBiPdkCYheGevbMoNmA:7jMZOjbu6+1rtDwpMB8CCyeGeDMMJ
MD5:	35D9DB48E3112F35D81E70B98457AA42
SHA1:	7BADED3DA3BAE7598688AD6C89800B88CDB49FDD
SHA-256:	5F8E21F061DE1874E4AF063F095A389187C40583C9033946E406A8BB825CA358
SHA-512:	9187EBCFB9D574CC3A443F6D692969B47D41BA5BACD09FFF729E58FE7B3E3ADC22F6E1C98B2AE23F2B98514EEE5A150040A5A213DC82863F02E5EB46D2537842
Malicious:	false
Reputation:	low
Preview:	// jQuery Mask Plugin v1.14.10.// github.com/igorescobar/jQuery-Mask-Plugin.var $jscomp={scope:{},findInternal:function(a,f,c){a instanceof String&&(a=String(a));for(var l=a.length,g=0;g<l;g++){var b=a[g];if(f.call(c,b,g,a))return{i:g,v:b}}return{i:-1,v:void 0}}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(a,f,c){if(c.get\|\|c.set)throw new TypeError("ES3 does not support getters and setters.");a!=Array.prototype&&a!=Object.prototype&&(a[f]=c.value)};.$jscomp.getGlobal=function(a){return"undefined"!=typeof window&&window===a?a:"undefined"!=typeof global&&null!=global?global:a};$jscomp.global=$jscomp.getGlobal(this);$jscomp.polyfill=function(a,f,c,l){if(f){c=$jscomp.global;a=a.split(".");for(l=0;l<a.length-1;l++){var g=a[l];g in c\|\|(c[g]={});c=c[g]}a=a[a.length-1];l=c[a];f=f(l);f!=l&&null!=f&&$jscomp.defineProperty(c,a,{configurable:!0,writable:!0,value:f})}};.$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,c){

Chrome Cache Entry: 337

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2357)
Category:	downloaded
Size (bytes):	19725
Entropy (8bit):	5.407222733892465
Encrypted:	false
SSDEEP:	384:SkoYkDkdvI8+RWt4rB+7iItavwbnBpHkFj3bfirlDt7wNNJPHXmpGSZgtkMbb1w:EYk8+OLtavwbnabbKrWNJPHXmkSZghw
MD5:	B97C28B965793E8FA6B815FBE3D1C8D9
SHA1:	3ABE4309331194257108B7C0AD38A4FE74B5F243
SHA-256:	25C0F82E0B381BD4FA9677564941698421E5525C5C0B8E6498A46CE4B3D90852
SHA-512:	A5D8794EC6FF0AF722EC8ED0EB35E0262E8CDEDDB57A9C663B79559AFAF8A623A39A3523F020B918279DD26ADE8064D11967995A287F6CBA6288A03BF47C7C5E
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3ihXI4/yl/l/en_GB/SkLKXu9kown.js
Preview:	;/FB_PKG_DELIM/..__d("CometDarkModeRootClass",["ExecutionEnvironment","StyleXSheet"],(function(a,b,c,d,e,f,g){"use strict";var h;function i(a,b,c){c?a.classList.add(b):a.classList.remove(b)}function a(a){j(a?"ENABLED":"DISABLED")}function j(a){if(!(h\|\|(h=c("ExecutionEnvironment"))).canUseDOM)return;var b=window.document.documentElement;i(b,c("StyleXSheet").DARK_MODE_CLASS_NAME,a==="ENABLED");i(b,c("StyleXSheet").LIGHT_MODE_CLASS_NAME,a==="DISABLED"\|\|a==="UNDECLARED")}g.toggleDarkModeRootClass=a;g.updateDarkModeRootClass=j}),98);.__d("CometSetDarkModeSettingMutation_facebookRelayOperation",[],(function(a,b,c,d,e,f){e.exports="5657317347705261"}),null);.__d("CometSetDarkModeSettingMutation.graphql",["CometSetDarkModeSettingMutation_facebookRelayOperation"],(function(a,b,c,d,e,f){"use strict";a=function(){var a={defaultValue:null,kind:"LocalArgument",name:"input"},c={defaultValue:null,kind:"LocalArgument",name:"setting"},d=[{alias:null,args:[{kind:"Variable",name:"input",variableName:"i

Chrome Cache Entry: 338

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 49443
Category:	downloaded
Size (bytes):	11264
Entropy (8bit):	7.983134697480816
Encrypted:	false
SSDEEP:	192:PW9EV64TkTOZDAr5S5XynDPAjQX/xTABjNaYe+AxTW0BkyM6cRZzVWdyJQ/CAnL:+y66k2qSgDojaxEBQN7W0kbz84G/HL
MD5:	36D4A5892F6740AA0509950EDD671CA4
SHA1:	72CECA181CA89A1DD145C980E90A7DBF3867D799
SHA-256:	61B04B2502FB87ADA8500ACA6EB347380FE017F8A6378172BA4562927B4CEAFB
SHA-512:	9DF70691440BDAAA12D35F4D0CBFE0CCA7EE28E37379D138C22CBFC610C061FDC39C0303C0083ED334BEECB65241782FA0DED11D3553D442A0F60B0D63E4776D
Malicious:	false
Reputation:	low
URL:	http://www.card.xn--6qq986b3xl/higgs-domino/
Preview:	...........Y.n.../.w.U ..4c..8.8..x...v.l...$J.."....-.9zS..7.....].}..R..if<.x.@/...t...s>.....W..X%l........<.X.[@.4..xB..J?..B..c)2P....j!...+V./]..x..E.e,RxH.+..\...o....Iw ..P..Iko.-..t..6:..:."b.]...a.#.!..SS\....2..1.+...>...r...(...g.......~aMl.BC..:=B;_..}.AD..3..!.Ya.....QO.:.[2.=w.y.lN.........._..QT1...F.D.......)..r.-...CD8....FG...mX......LU6.i..N@z.'.yi ......tZN...<.I....E.!U._.Hf..K.G..%.....q.=F.D.5.v..b.>VTp[S,eD.V..z...H.U.m.g.8.K....K.2i...S..(..R......X`S..pa.o.k.P...W. .-wjavkgc.?......\|....Gs]Id.D.A..Z..7......C...b..^.7...j.....^+..8&...{x."K.......V..a$..'...xu\l.-.=].f..!...X.1....r.N.n..:.J.5At.vA{0-.o.......8.kb........]).......L.$S.%..y..A...@.7......T.j.b.kA....,.@."..).~..P.y...!`...M...........r...tMXW$...:.X.-....}.]%.J..o..j....@.7.....y....0..u...IV..>...Y....SP.....'.......O1...u..`L1.P........w......8..C....H.`.FdeQ.L.<...I.....:#n....F.5..g..4.\Ewk..\|.+&4..W..fs~........?M.H..R....q.K..M..".X.....

Chrome Cache Entry: 339

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (26941), with no line terminators
Category:	downloaded
Size (bytes):	26941
Entropy (8bit):	5.034836744633708
Encrypted:	false
SSDEEP:	768:D+E4weuHCeS//JJ+YfztF0Q851PgwLtJ7OMmP3utuD8et+E:dxHC6OMq
MD5:	7EC2B81EDE93E59A3C985E6656B87427
SHA1:	1492B90F5361149A1D84D0870A5FCB15E1A9F60F
SHA-256:	8225B86ACE7FEC322A3BCFB3549603351FEF4111B98595A617499A69C8D6269B
SHA-512:	7ED7B8290F030D44116FF171A7D114B620A5D603571726E424EAD40A64D8E5E693EFAB7ED36ABB9B397E674202FA3FB6E4AF63C4B52CBEDFBF5EC61677E3E8B5
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/mobile/css/productPage/responsive-product-page2.7ec2b81ede.css
Preview:	.circle,.ico-question,.voucher-list-element>a{-webkit-font-smoothing:subpixel-antialiased!important;-moz-osx-font-smoothing:grayscale!important}.footer-text-divider,.form-field-wrapper,.form-input,.howItWorks,.ico-question,.voucher-list-element>a{vertical-align:middle}*{box-sizing:border-box}body{position:relative;background-color:#ff6c2c;font-family:Lato-Regular,sans-serif}.container{max-width:1280px;margin:auto;display:block;clear:both;overflow:hidden}.fade-background{position:absolute;width:100%;height:100vh;background-color:rgba(0,0,0,.65);display:none;z-index:10}.main-content,.product-details-container{display:block}.product-container{margin-top:5px;display:block}.product-details-container{color:#fff;position:relative}.product-top-banner__container{padding:0;margin:0;color:#fff;animation:fadeIn ease .75s}.product__name{font-size:20px;font-family:Lato-Bold,sans-serif;padding:10px 20px;animation:fadeIn ease .85s}.product__description{font-family:Lato-Regular,sans-serif;padding:0 20p

Chrome Cache Entry: 340

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1167)
Category:	downloaded
Size (bytes):	19019
Entropy (8bit):	5.646833799207168
Encrypted:	false
SSDEEP:	384:1Keg16PEyXOK1vpI9k+B/YJRJgVQ/dd4pACwONFb5hl3CvLNxgCRe440t+N+u7Z+:1Keg12XBppZ+B/YJRWVQFd4pACwYFb5W
MD5:	BA7514F3CC2E233C98D3EF3B5CC30084
SHA1:	3AB04C4D8F42F657042D3AF57D17747419EC333C
SHA-256:	62E26618F0876C5C1794EC3161972D20889AA2724469B48006332DDD5E1BAA59
SHA-512:	175F84F197B1186B7A35BCE2348313587654487B773C655959E682354C7648F0692F3190A70F5954596ABC948384DD4D6F2244405EC59ED37BF57861ACEFFC6A
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,EEDORb,EFQ78c,GkRiKb,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,RqjULd,SWD8cc,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,qfGEyb,rpbmN,s39S4,sJhETb,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=dfkSTe"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.rf(_.upa);._.u("sOXFj");.var rxa=class extends _.Dq{constructor(a){super(a.ta)}H(a){return a()}};_.Eq(_.tpa,rxa);._.w();._.u("oGtAuc");._.ixa=new _.ae(_.upa);._.w();._.jxa=class extends _.Pk{static Ia(){return{Sl:{PY(a){return _.Jd(a)}}}}constructor(a){super(a.ta);this.soy=this.Tj=null;if(this.Pk()){var b=_.Hj(this.Yh(),[_.ek,_.dk]);b=_.Pe([b[_.ek],b[_.dk]]).then(function(c){this.soy=c[0];this.Tj=c[1]},null,this);_.Qk(this,b)}this.Na=a.Sl.PY}ep(a){return this.Na.ep(a)}getData(a){return this.Na.getData(a)}ir(){_.ml(this.Tj.hf())}bH(){}};_.qr=(a,b)=>{a&&_.ce.Eb().register(a,b)};._.u("q0xTif");.var lxa=function(a){const b=c=>{_.Yk(c)&&(_.Yk(c).oc=null,_.br(c,null));c.XyHi9&&(c.XyHi9=null)};b(a);a=a.querySelectorAll("[c-wiz]");for(let c=0;c<a.length;c++)b(a[c])};var mxa,nxa,oxa,pxa;mxa=function(a){const b=a.Xa();return(...c)=>a.Ra.H(()=>b(...c))};nxa=function(a){const b=a.V();return b?(.

Chrome Cache Entry: 341

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 183 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6365
Entropy (8bit):	7.7625347975885335
Encrypted:	false
SSDEEP:	96:CSLYkknmWIYF7/5R2HnmHcwqOJYUmxQAqb54pKu2EMcgQCMzhdtCy3udPZQ+NZ2E:CSMkknSHmL1JYOLbKpZ211MzlY6QUsq6
MD5:	4AE08527924D769BD7EA410D6B7CF5AD
SHA1:	D1299F11F42FE3415EEAFD0EC1918765BC94DEE2
SHA-256:	2C1194B41DFCF822692A3A5BC896BA312978FE228C3C5563106AE947B7CED3FA
SHA-512:	38E0ACD3905A18C057CA27E9339EA3DF75D7A5702A81F1979B153ABEDD9823131FEEA1FC76F67EE3C74D1C8B3DF55F04095A41BBD0CEBFD656226BB29BFFC989
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......(......^k.....pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Windows)" xmp:CreateDate="2020-09-02T22:03:24+07:00" xmp:ModifyDate="2020-09-02T22:09:21+07:00" xmp:MetadataDate="2020-09-02T22:09:21+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:5710cb0d-6920-7a4d-9aad-0efb7b1bb61e" xmpMM:DocumentID="adobe:docid:photoshop:8e165072-0d9e-6a44-96c6-e1554209536

Chrome Cache Entry: 342

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1105
Entropy (8bit):	5.0863542372313555
Encrypted:	false
SSDEEP:	24:tuTutMM1OeLus3qBLgZMMmcLQ/MtPB7kwzMHxlIwGvGFGWKG6VMJf:VSs3sLgPLQokwzMH8ze8c6VMJf
MD5:	A224D1FA306A76146F1D46C886EF04AD
SHA1:	D53A8F8DE8955FEAC7346F1A4BDBAC4A9AA96747
SHA-256:	260FBEB66875B6936348AFE61B469BEAF6141AA28977872569305962C8B6F9C2
SHA-512:	2C004F93824EFA9D11D1AD95A4A1AAAE5D26759E77295DEABF8C8845FEEAB295CCA882C2A3BE899B23DCB96E5D36C5E769C85B4FA9A3203F642147BC3C44AAEA
Malicious:	false
Reputation:	low
Preview:	<svg width="80" height="80" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M40 .914C17.995.914.937 17.033.937 38.804c0 11.389 4.668 21.23 12.268 28.026a3.12 3.12 0 011.05 2.227l.212 6.95c.068 2.215 2.358 3.658 4.386 2.763l7.753-3.423a3.115 3.115 0 012.087-.153A42.602 42.602 0 0040 76.695c22.005 0 39.063-16.118 39.063-37.89C79.063 17.033 62.005.915 40 .915z" fill="url(#paint0_radial)"/><path fill-rule="evenodd" clip-rule="evenodd" d="M16.543 49.886L28.018 31.68a5.86 5.86 0 018.472-1.563l9.127 6.844c.837.628 1.989.625 2.823-.008L60.765 27.6c1.645-1.248 3.793.72 2.692 2.467L51.982 48.272a5.86 5.86 0 01-8.472 1.563l-9.127-6.845A2.344 2.344 0 0031.56 43l-12.325 9.354c-1.646 1.248-3.793-.72-2.692-2.467z" fill="#fff"/><defs><radialGradient id="paint0_radial" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="rotate(-57.092 80.25 24.628) scale(85.1246)"><stop stop-color="#09F"/><stop offset=".61" stop-color="#A033FF"/><stop of

Chrome Cache Entry: 343

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	835
Entropy (8bit):	5.1223932389292655
Encrypted:	false
SSDEEP:	24:D76bBSDFvVdGUF+fWlp9CkXXW/clctloFHMZeKsf:H8uNAwlpJmicnosk5
MD5:	A88ECA42083170AF225E964720471609
SHA1:	B73B59A702C62AD43B7617FDD627693C5240C659
SHA-256:	88995CCAA41E5467D559C0BE6C5D61FC5A49DE7E194861AC9EED559A5B4FB6F7
SHA-512:	21217F9BB3CA7F8D735448BFC4C3E3AA277B13B4BC1127AD5F406E84E00847F902533C45F145D1C050075EAF8FB249121C96A27CD9BF2BD18BE08286CF57D6AB
Malicious:	false
Reputation:	low
URL:	https://ssl.gstatic.com/support/realtime/operatorParams
Preview:	{. "operatorDeferredUrl": "https://ssl.gstatic.com/support/realtime/operator/1726819261182/operatordeferred_bin_base.js",. "eagerLoadHostnamePattern": "((https://www\\.google\\.com/express)\|(https://www\\.yt-web-green\\.corp\\.youtube\\.com)\|(https://www\\.web-green-qa\\.youtube\\.com)\|(((ads\|adwords)(-.)?\|campaignmanager\|photos-.\|play-.*\|support\|support-content-staging.sandbox\|business\|fi\|.+\\.corp)\\.google\\.))",. "eagerLoadHostnameFlags": "i",. "cbfVersion": 1726819261182,. "screenShareVersion": 1727168469248,. "settings": {. "enable_customer_can_end_chat": true,. "enable_emojis": true,. "mole_show_survey_url_percentage": 100,. "mole_skin_version": 2,. "operatordeferred_report_rpc_events_percentage": 10,. "screenshare_skin_version": 3,. "rms_screen_share_skin_version": 4. }.}.

Chrome Cache Entry: 344

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	278
Entropy (8bit):	5.085951538066368
Encrypted:	false
SSDEEP:	6:U4SO01urxOcHOhldrfEHF3+lLB3ZXKbp7w8Q1hdrfEHTI:U4SO01u0cilSl+llip73AhSM
MD5:	0859F0E01014515A05F1738B1AD2975D
SHA1:	2CE5A8530A35A3DF627384C63ADD94B4324AB222
SHA-256:	D617F26025F9D24F380F09A7FA7BEC6D0306163E75DE36E17FC198F4D8450A5B
SHA-512:	9809005EC4A132241800953B2B0942938BD8C57BFABCF921DC2902B99A2394D9E7BE06D008230ACF2AB0BE746247B1633F15C47A01C945C1BA68067583F93DF8
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/js/third_party_common.0859f0e010.js
Preview:	"use strict";function genVNVoucherReminderMsg(e,n,r){var t="";if(1==r.isThirdPartyMerchant&&"1Pay"==r.paymentChannel){$(".confirm-content").css("height","350px");t=e+" "+r.channelPrice+".<br/>",t+="<br/>"+n+"<br/><br/>"}else $(".confirm-content").css("height","260px");return t}

Chrome Cache Entry: 345

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	337
Entropy (8bit):	5.146083636237067
Encrypted:	false
SSDEEP:	6:kRZzRxVvnQYZopAuGNG/QVI32TKhiRANMwQRaNw6JpyxZRNlad0:kRZTFfZxI/AIGoiukbRN20
MD5:	9EA867987F5E11760B119B114916EAC6
SHA1:	5CB3CB6765A162D85ABC11AEA9AD20FD0EDC2971
SHA-256:	6C18B2A92280EF3E67E08B7657C2DEBE004BA1EF953233B11B2578C4F705D970
SHA-512:	4E80A40DC43BC20F025DE220A6411406DDABE7BF6D0F36E4E320C0BB9BA3767F006A4CBCDF9000671FE2F0FCCD8FC4E25A00878B22735FED03393D8E9F657584
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,EEDORb,EFQ78c,FuzVxc,GkRiKb,I8lFqf,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,RqjULd,SWD8cc,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,Z5wzge,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,dfkSTe,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,q0xTif,qfGEyb,qqarmf,rpbmN,s39S4,sJhETb,sOXFj,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,yNB6me,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=UZStuc"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("UZStuc");._.qr(_.sAa,class extends _.rr{constructor(a){super(a.ta)}H(){return"UZStuc"}N(){return!0}Xa(){return _.q5}});_.$q.UZStuc=_.zz;._.w();.}catch(e){_._DumpException(e)}.}).call(this,this.default_PlayStoreUi);.// Google Inc..

Chrome Cache Entry: 346

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (520), with no line terminators
Category:	downloaded
Size (bytes):	520
Entropy (8bit):	5.265111984652385
Encrypted:	false
SSDEEP:	6:KZakkQC9KZULk731wqz7o2v/2v32QmTZDM/w37o01D2BZMI:0akQ9K8k731z7xvuv3XmZoIN1DO
MD5:	4A7A9740BCF8062898A69CB939B84746
SHA1:	948BBEA618CAE328D0ACB4CEA603023DA671358C
SHA-256:	C636BD0EA30E4E99B8EF807C5561DF5064F8C1BD84B08038CDAD8BDF989C7822
SHA-512:	25F28582AF320DA8B433B18B2CB098BA878EFCEFB062F45865C8619CB6E4EC638CAEF07A119AD1B12E154BEE396D607179AE19D6DC0EF9A129ADCD2F4C2ED47D
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/mobile/js/freefire.4a7a9740bc.js
Preview:	"use strict";var CODA=CODA\|\|{};CODA.FREEFIRE=function(e,r){return{playerId:null}}(0,jQuery),$(document).ready(function(){$("input[name='freefire.userId']").mask("0999999999999999999999999");var e=$.cookie("freefire_playerid");null!=e&&(CODA.FREEFIRE.playerId=e,$("input[name='freefire.userId']").val(CODA.FREEFIRE.playerId)),$("input[name='freefire.userId']").blur(function(){CODA.FREEFIRE.playerId=$("input[name='freefire.userId']").val(),$.cookie("freefire_playerid",CODA.FREEFIRE.playerId,{path:"/",expires:180})})});

Chrome Cache Entry: 347

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7780)
Category:	downloaded
Size (bytes):	33406
Entropy (8bit):	5.518229748474891
Encrypted:	false
SSDEEP:	384:1xoBViW2yAVmX2067HWI4T7cl5UwVy8IZLr5VVXVrZJeN1sU1dJpQM6dqeEBN8Cy:1xdWWi+7HWgUwVy8CZDXVc7Cqe08B
MD5:	691C8B8D4BA6F9FF5DCCFE2175945DE2
SHA1:	2CFF07BB1774991F12BB137A736B29B20A85BA9C
SHA-256:	D3CEC72E3AD7C7C7D87E320846E77CE989180E44A2FD4FE81582E9C32B476565
SHA-512:	0E4619FFFA207E6B22C7097D0603F6D00735D62F21B10B6A92445ABFCCC6541CCF79626430136387463CE98B3699E7DC1299E5FB38D5DE9C663A51CAAC0E5242
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/pMcaHJlLs5z.js
Preview:	;/FB_PKG_DELIM/..__d("BaseRowContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext({columns:1,wrap:"none"});g["default"]=b}),98);.__d("BaseRow.react",["BaseRowContext","BaseView.react","react","useBaseRowA11yWrap","useMergeRefs"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react")),j=h.useMemo,k={expanding:{flexBasis:"x1r8uery",flexGrow:"x1iyjqo2",flexShrink:"xs83m0k",minWidth:"xeuugli",$$css:!0},row:{display:"x78zum5",flexShrink:"x2lah0s",position:"x1n2onr6",$$css:!0}},l={center:{justifyContent:"xl56j7k",$$css:!0},end:{justifyContent:"x13a6bvl",$$css:!0},justify:{justifyContent:"x1qughib",$$css:!0},start:{justifyContent:"x1nhvcw1",$$css:!0}},m={bottom:{alignItems:"xuk3077",$$css:!0},center:{alignItems:"x6s0dn4",$$css:!0},stretch:{alignItems:"x1qjc9v5",$$css:!0},top:{alignItems:"x1cy8zhl",$$css:!0}},n={backward:{flexDirection:"x15zctf7",$$css:!0},forward:{flexDirection:"x1q0g3np",$$css:!0}},o={backward:{flexWrap:"x8hhl5t",$$css:!0

Chrome Cache Entry: 348

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1105
Entropy (8bit):	5.0863542372313555
Encrypted:	false
SSDEEP:	24:tuTutMM1OeLus3qBLgZMMmcLQ/MtPB7kwzMHxlIwGvGFGWKG6VMJf:VSs3sLgPLQokwzMH8ze8c6VMJf
MD5:	A224D1FA306A76146F1D46C886EF04AD
SHA1:	D53A8F8DE8955FEAC7346F1A4BDBAC4A9AA96747
SHA-256:	260FBEB66875B6936348AFE61B469BEAF6141AA28977872569305962C8B6F9C2
SHA-512:	2C004F93824EFA9D11D1AD95A4A1AAAE5D26759E77295DEABF8C8845FEEAB295CCA882C2A3BE899B23DCB96E5D36C5E769C85B4FA9A3203F642147BC3C44AAEA
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/yd/r/hlvibnBVrEb.svg
Preview:	<svg width="80" height="80" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M40 .914C17.995.914.937 17.033.937 38.804c0 11.389 4.668 21.23 12.268 28.026a3.12 3.12 0 011.05 2.227l.212 6.95c.068 2.215 2.358 3.658 4.386 2.763l7.753-3.423a3.115 3.115 0 012.087-.153A42.602 42.602 0 0040 76.695c22.005 0 39.063-16.118 39.063-37.89C79.063 17.033 62.005.915 40 .915z" fill="url(#paint0_radial)"/><path fill-rule="evenodd" clip-rule="evenodd" d="M16.543 49.886L28.018 31.68a5.86 5.86 0 018.472-1.563l9.127 6.844c.837.628 1.989.625 2.823-.008L60.765 27.6c1.645-1.248 3.793.72 2.692 2.467L51.982 48.272a5.86 5.86 0 01-8.472 1.563l-9.127-6.845A2.344 2.344 0 0031.56 43l-12.325 9.354c-1.646 1.248-3.793-.72-2.692-2.467z" fill="#fff"/><defs><radialGradient id="paint0_radial" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="rotate(-57.092 80.25 24.628) scale(85.1246)"><stop stop-color="#09F"/><stop offset=".61" stop-color="#A033FF"/><stop of

Chrome Cache Entry: 349

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9052)
Category:	downloaded
Size (bytes):	1247853
Entropy (8bit):	5.459953481744206
Encrypted:	false
SSDEEP:	6144:vdCRGDK8O0hgrYAktKhpJSLGbv9w7ssRE5207Q9B9F/+F5j/KnAqogvK9aXJoFm6:VM/ktLGxw7cTp+g1eVuX
MD5:	B09BCC84FD863C39249CEF83297363A6
SHA1:	B2DC44BA268B139589D13EA1812BC574B74D93B1
SHA-256:	C7D8B47D64961E18375324ED735DD494D743DA918F5728ACB867907C99335D89
SHA-512:	0AFF5A915E0DF6A83B018D523ECAA0F72711DDC0DB56BA4F1320FBEE993A8EBDFFBEC639BFEE165E66B7EA20FC87E365F0CA1F49EA57AE31681CA4B4B9366695
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3iZ0n4/yA/l/en_GB/QJcq4F5sLsw.js
Preview:	;/FB_PKG_DELIM/..__d("AjaxError",[],(function(a,b,c,d,e,f){a="ar:error";b="ar:timeout";c="ar:proxy error";d="ar:transport error";e="ar:http error";var g="ar:parse error",h="ar:noservice";f.ERROR=a;f.TIMEOUT=b;f.PROXY_ERROR=c;f.TRANSPORT_ERROR=d;f.SERVER_ERROR=e;f.PARSE_ERROR=g;f.SERVICE_UNAVAILABLE=h}),66);.__d("AjaxRequest",["AjaxError","ErrorUtils","Keys","PHPQuerySerializer","TimeSlice","URI","UserAgent_DEPRECATED","ZeroRewrites","clearTimeout","killswitch","setTimeoutAcrossTransitions"],(function(a,b,c,d,e,f,g){var h,i,j,k=window.XMLHttpRequest&&"withCredentials"in new XMLHttpRequest(),l=[];function a(){var a=l;l=[];a.forEach(function(a){return a.abort()})}function m(a){a.onJSON=a.onError=a.onSuccess=null,c("clearTimeout")(a._timer),a.xhr&&a.xhr.readyState<4&&(a.xhr.abort(),a.xhr=null),l=l.filter(function(b){return b&&b!=a&&b.xhr&&b.xhr.readyState<4})}b=function(){function a(a,b,e){this.timeout=6e4,this.streamMode=!0,this.prelude=/^for \(;;\);/,this.status=null,this.$1=-1,this.$2

Chrome Cache Entry: 350

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 211160, version 1.0
Category:	downloaded
Size (bytes):	211160
Entropy (8bit):	7.99753509518461
Encrypted:	true
SSDEEP:	6144:JjeVyuvBMRrmTGCP2wjnH7IxSttemaflI9G5g:PoyRn6wScfg
MD5:	743278852FDAD61A73198BC74D529AF8
SHA1:	D0F790E800B87B0DB1EDC0AEDD9F3A82F88629CC
SHA-256:	57B0C1D7BEE3F753DA5E6AA215A417ABFA87DD9798EF2483F42585BFB08D64D9
SHA-512:	C1706A2522E9BD9F196D1ECF81D5082E5EB7765D863E8CD81E859FBD6975B687E1A56BFF27B1CBEF55FDC7DD57A1E5AD2722D2BA212048EC89342EAD97B0B7B7
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff2
Preview:	wOF2......8........$..8v..............................l.`..&..f........ .....@..6.$..<. .... ..9[.9....9.v..}._.r.sMT9n).+..Pq.D.?...........T.1.&I.....-...2....])n..#..H}.....:..x...t.m.......................................k.{...{.{..,+....... ...e.QQ@..f.V..X.K...........0...8..3I.<.9....K.L.8....E...[.......TU.@. G.....D6X...'..&...!aC...6TV.iXyj..S!!G..-.{..b...F./....T2.O.q..'....D....M..OR%p...>.YE^..8.P..s~..y.8../..G...........Y.....H.2,.........Pp.<..R.a.V...h5.:.!"./T..^.>.V]Y.l...l...fL[.vL...ZXH.R....rI...^.d[3.t..(9>.=N._.Sh9..v..<_..o.[.PJhSK(._D..)..J.\....\|.8...QZ....A..R.]..5.]..qw.JT...P.-Q.4.v.....U....h:....W........!-.k.HU.."..4pq.h....04r.zp......'EB.OL...u.tw......@..F.0..e..P...".....:.u..E.....n..I.t@I.MU..et-8..f..FH...EpKo;..m..'.R...T.lN.f.$......6.....XM..+.J...R.A:3..2...........a..4/.v.....+........`_`K....J...Oz`.?._R..v/. .....e....5......f;.4.2.@.i..$.hH.<.&-.._\|+..=6....S.$..-...........g.]eY^\ej.....y....^1Nu

Chrome Cache Entry: 351

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1520)
Category:	dropped
Size (bytes):	7557
Entropy (8bit):	5.307278907988037
Encrypted:	false
SSDEEP:	96:sZGR/3xRGij4CLT31kR3U7yhRBbYE82hSP2dEb/7cuOAqd9bOs+VLs8v:0GpxYuI3rRBbYE8uU2u/74Asu
MD5:	E4EB21DEDD8F8FA515D0CFCB689FB456
SHA1:	13727570F31C39D8CAFA14E12401103C9A85AAA7
SHA-256:	6F8040C11D4DDD9B41CDAEF91B853050B04DAC68E6767B4B5864A702CC41203C
SHA-512:	200BEB86C44610F84CA2AC8E60366D761A973FC6FDF0DBF2E45161A6B20A96EB1CEFF8006A441C40B3AE21D41B3196FDF663D90B6291D11D456C160331897A2C
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("BaseImage.react",["CometSSRPreloadImageCollection","ExecutionEnvironment","RecoverableViolationWithComponentStack.react","mergeRefs","react","stylex","testID"],(function(a,b,c,d,e,f,g){"use strict";var h,i,j,k=j\|\|(j=d("react"));b=j;var l=b.useEffect,m=b.useMemo,n=b.useRef,o={contain:{objectFit:"x19kjcj4",$$css:!0},cover:{objectFit:"xl1xv1r",$$css:!0},fill:{objectFit:"xz74otr",$$css:!0}};e=k.forwardRef(a);function a(a,b){var e=a.alt;e=e===void 0?"":e;var f=a["aria-labelledby"],g=a.elementtiming,j=a.isDecorative,p=a.objectFit;p=p===void 0?"fill":p;var q=a.onLoad,r=a.referrerPolicy;r=r===void 0?"origin-when-cross-origin":r;var s=a.sizes,t=a.src,u=a.srcSet,v=a.testid,w=a.xstyle;a=babelHelpers.objectWithoutPropertiesLoose(a,["alt","aria-labelledby","elementtiming","isDecorative","objectFit","onLoad","referrerPolicy","sizes","src","srcSet","testid","xstyle"]);var x=n(null),y=m(function(){return c("mergeRefs")(x,b)},[x,b]);!(h\|\|(h=c("ExecutionEnvironment"))).canUseDOM&

Chrome Cache Entry: 352

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (22664)
Category:	dropped
Size (bytes):	69642
Entropy (8bit):	5.356306994739534
Encrypted:	false
SSDEEP:	768:Z5Hq9erZRSz1XRBjtjJDmV84RsxeHoxlRSMQXRBjtjJDp0PBcsxe5BDJ8zkWTuT3:ZU9ej8+Hv0Ps5n8z1STZ8fb2
MD5:	E200800D8DCDD429810A05DF86551B56
SHA1:	0E36DF0575A96F1F0DD783D508016605023B4926
SHA-256:	2F38D54AD6DF6F72604985A63851C27CA5D4384D3A5480FCAC14B63990BDDEB9
SHA-512:	42E33EBD830F14F80A0A610B72AD8004BB64ED909005B4445A55D1D7397F6AD42E06835A7DB7471E1E70E00926E2C8207338B7D274881D61C8B84F9636BDC778
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("MDSButtonGroup.react",["Box.react","CometFocusTableContext","MDSButton.react","MDSRow.react","MDSRowItem.react","react"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react")),j=h.useContext,k={hiddenButton:{height:"xqtp20y",opacity:"xg01cxk",$$css:!0},resetFlexBasis:{flexBasis:"xdl72j9",$$css:!0}};function l(a){var b=j(c("CometFocusTableContext"));b=b.FocusCell;a=a.children;return b!=null?i.jsx(b,{children:a}):a}l.displayName=l.name+" [from "+f.id+"]";function a(a){var b=a.align,d=b===void 0?"justify":b;b=a.direction;b=b===void 0?"forward":b;var e=a.expanding;e=e===void 0?!1:e;var f=a.paddingHorizontal,g=a.paddingTop,h=a.primary,j=a.secondary,m=a.secondaryIcon,n=a.size,o=a.testid;o=a.verticalAlign;a=a.wrap;a=a===void 0?"none":a;var p=[],q=[],r=null;if(h!=null){var s=h.ref,t=h.testid;t=h.type;h=babelHelpers.objectWithoutPropertiesLoose(h,["ref","testid","type"]);r=i.jsx(l,{children:i.jsx(c("MDSButton.react"),babelHelpers["extends"]({},h,{ref:s,size:n,te

Chrome Cache Entry: 353

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3712), with no line terminators
Category:	downloaded
Size (bytes):	3712
Entropy (8bit):	5.212709096750888
Encrypted:	false
SSDEEP:	96:wrtnIBIwWpou6Tcf669S1xWpk6jfALbA9IrH:w5nIBIqcyZB6jmc9IrH
MD5:	C3B6AEBB4BB6348BDBC97877D611B398
SHA1:	0BF1D1278DE8F728F01878C5B1C9EBCB8B63F341
SHA-256:	B0A5EDA93203F5017626940664FF4C6885F1989B4DF80EF250567F0808C5CD2D
SHA-512:	533684A7CB43C0D7E5CF6E14584B9402C7283C028C62296EFFD6B476DADC2D723A8031843BD84A433B591B378C32C11CDFCDE8486FCC9F80CD77A7AB890A76EE
Malicious:	false
Reputation:	low
URL:	https://static.zdassets.com/auth/8aef649c7f65aed5d506b8bdce18780ab400dcd2/v2/host-without-iframe.js
Preview:	(()=>{var t={78:(t,e,r)=>{var n=r(427);t.exports=function(t,e){if(!t)throw new Error("Missing elm");var r={};return(e\|\|[]).forEach((function(e){var o="data-"+n(e),i=t.getAttribute(o);/^(true\|false)$/.test(i)&&(i="true"===i),/^\d+$/.test(i)&&(i=parseInt(i,10)),null!==i&&(r[e]=i)})),r}},427:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"-".concat(t.toLowerCase())}))}},462:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"_".concat(t.toLowerCase())}))}},54:(t,e,r)=>{function n(t,e){var r=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),r.push.apply(r,n)}return r}function o(t){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?n(Object(r),!0).forEach((function(e){i(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):n(Obje

Chrome Cache Entry: 354

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3650), with no line terminators
Category:	downloaded
Size (bytes):	3650
Entropy (8bit):	4.886467822961045
Encrypted:	false
SSDEEP:	48:1Hbj29IAmrgkMkXb21bPSTlT1UbrKzw7B/mGB3MWbJUylDM/7e19N:17j2KA49XkanSeCAsMWLRee19N
MD5:	2CE4D6E2994E655224B0AA48265AE15A
SHA1:	E08C6461B3168581712B18D9C9BD9343422F7E14
SHA-256:	CFDC96DA2E956842B4CBEA254D93C923A9C7D5F1443385996A0F2C80CC4B0F76
SHA-512:	EB95CD65101E4AEA2D1FF119E8306F468F347395250E30ABE4C81DAA34E622CD61A4A50ADEF8954F763171A9F0077984D142A1BFF5ED6D4E49430643DE8D0848
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/css/shared-footer2.2ce4d6e299.css
Preview:	.contact-text,.footer__google-copyright{white-space:normal;word-break:break-word}.custom--grab .footer-container .international-container,.custom--grab .footer-container .right-blocks-container,.custom--grab .footer-container .socials-container{display:none}footer{font-family:Lato-Regular,sans-serif}.international__country-name,.legal-content-container>a,.social-title,.support-title{font-family:Lato-Bold}.footer-container{box-sizing:border-box;background-color:#f4f4f4;display:flex;padding:10px;width:100%}.footer-area{width:100%;max-width:680px;margin:auto}.theme-page--product-page .footer-area{max-width:1280px}.theme-page--all-results .footer-area{max-width:960px}.footer__social-media-container{background-color:#fff;display:flex;flex-wrap:wrap;justify-content:space-evenly;align-items:center;width:100%;max-width:128px;margin:auto;direction:ltr}.social-icon-container{width:33.3333%;padding:4px}.left-blocks-container{display:flex;flex-flow:wrap;justify-content:center}.right-blocks-contain

Chrome Cache Entry: 355

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 445
Category:	downloaded
Size (bytes):	237
Entropy (8bit):	7.006639240349912
Encrypted:	false
SSDEEP:	3:Ftt7yFimY3ZoqnlHNIYm3a7Uby4Dk27l/iTe65NhvpnasN2XaxZoNYuo13/0EetG:Xt7Kst4qAibrpnGde13jetrCmFEDdYk/
MD5:	F62FF57472E5835FD8AB75303F14A3F1
SHA1:	329DD9075197E54C3F81FD6236F9CDDF1342B88F
SHA-256:	66521706A437E5178DE854395ACD3C6574F464C1AEF8EF9672F9DB9490C6BEC1
SHA-512:	4C325090EA1AC6F846A278AA038B06F254B0644216390CA36DD3362686E108FD1E402BA1B9697F161AD47CE2B4E1083699E4C5C54E2967F7C6541949D00E27D5
Malicious:	false
Reputation:	low
URL:	http://www.card.xn--6qq986b3xl/
Preview:	..........u..N.0...<.==A...I...t.B.N\|.Or..}{...d.....}.Ow.{Y..w.R.....t...........a.y.g..!..r....S..em.......7....Hx.$.. j......K1..S.D.......s.7g{.....V..........z.....+....c....^..Gr...1zh............&c..y..J..`.lj..*.%Q....

Chrome Cache Entry: 356

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8857)
Category:	downloaded
Size (bytes):	30099
Entropy (8bit):	5.496553665752133
Encrypted:	false
SSDEEP:	384:gh5wGFcEwwAyUx+BSgVB2jynTlvhr/mgLGTkMn8bpd3BzrNnm4OiBi17/lufNfKj:Sfs4B2OSipZB9nm4IlufNyf8fq
MD5:	02996D8D5F07706AC26CDCBC4310D47E
SHA1:	6C2E2DB7DE37581ABB0390DC7A27C499A64D210F
SHA-256:	3A60F9C3AFE375F6618D0A2A331F9558915BB740690D02DA555663B40D978DD9
SHA-512:	739C38906CFE7143FC5A7B8F3A2D8746F444F69BFC2F2E7748F2ED041B0F43B94AAB7F371B678AC0327E3199403E1194A947028E3F7805AC7EDC198E18B2A956
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/gXkOP75CM14.js
Preview:	;/FB_PKG_DELIM/..__d("bs_caml",[],(function(a,b,c,d,e,f){"use strict";function a(a,b){if(a<b)return-1;else if(a===b)return 0;else return 1}function b(a,b){if(a)if(b)return 0;else return 1;else if(b)return-1;else return 0}function c(a,b){if(a===b)return 0;else if(a<b)return-1;else if(a>b\|\|a===a)return 1;else if(b===b)return-1;else return 0}function d(a,b){if(a===b)return 0;else if(a<b)return-1;else return 1}function e(a,b){if(a)return b;else return a}function g(a,b){if(a<b)return a;else return b}function h(a,b){if(a<b)return a;else return b}function i(a,b){if(a<b)return a;else return b}function j(a,b){if(a<b)return a;else return b}function k(a,b){if(a)return a;else return b}function l(a,b){if(a>b)return a;else return b}function m(a,b){if(a>b)return a;else return b}function n(a,b){if(a>b)return a;else return b}function o(a,b){if(a>b)return a;else return b}function p(a,b){if(a[1]===b[1])return a[0]===b[0];else return!1}function q(a,b){var c=b[0],d=a[0];if(d>c)return!0;else if(d<c)return

Chrome Cache Entry: 357

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9892)
Category:	downloaded
Size (bytes):	48652
Entropy (8bit):	5.418612690445062
Encrypted:	false
SSDEEP:	768:JSEpwmTpALYAsC0AOXFzjI1S+ukcZ5SJSaLG+h9/tAsiWo8:JS2wH3l0VXFzjI1Sv5SJSw3hvAsO8
MD5:	50B1C929EEA0F91A532C73C112447150
SHA1:	9569F7C9637210BB84AA210EE116755341B1D5B6
SHA-256:	7951E1009212DC9ACD8D2528748A0659D0265EC7A1ABD1434F1FEFC7C4B9101F
SHA-512:	59DCE0E2461DE07A1D79D909ED5768E422883CC19B45CCEAB704977ABB36BFDF48EBBED6743EE6A5B09F05574CF134186EECBFF45C8BC6DCD26E2774C9D336DA
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/6CJP_CvVGl4.js
Preview:	;/FB_PKG_DELIM/..__d("BaseContextualLayerAvailableHeightContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(null);g["default"]=b}),98);.__d("BaseContextualLayerContextSizeContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(null);g["default"]=b}),98);.__d("BaseContextualLayerDefaultContainer.react",["LegacyHidden","react","stylex","testID"],(function(a,b,c,d,e,f,g){"use strict";var h,i,j=i\|\|d("react");b=j.forwardRef(a);function a(a,b){var d=a.children,e=a.hidden;a.presencePayload;var f=a.stopClickPropagation,g=a.testid;a=a.xstyle;return j.jsx(c("LegacyHidden"),{htmlAttributes:babelHelpers["extends"]({},c("testID")(g),{className:(h\|\|(h=c("stylex")))(a),onClick:f===!0?function(a){return a.stopPropagation()}:void 0}),mode:e?"hidden":"visible",ref:b,children:d})}a.displayName=a.name+" [from "+f.id+"]";e=b;g["default"]=e}),98);.__d("BaseContextualLayerLayerAdjustmentContext",["react"],(function(a,b,c,

Chrome Cache Entry: 358

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7696)
Category:	dropped
Size (bytes):	122254
Entropy (8bit):	5.717916394544469
Encrypted:	false
SSDEEP:	3072:1Zzh5mc+LktEhEZcUYhbsI1+/RYucMi20:LN5mc+Lkt+xUYhoBPU20
MD5:	0AB9F68427B29FE787CA47D6B53F0C47
SHA1:	B5D3D14DBDCE0E968206317A36B67EA76C33B4F2
SHA-256:	C8C20517497BE86876982EBD2E8BDECAF4B4A899D60C15F139E2CF35A756AD9A
SHA-512:	B005AA0F54DD671FC95137EED671F8B4907ED9751D2E18C6475C98FC7C3BBFD3FF1F990DB2917C7262362AEC5AC40097C641B2005AF392E4D026E8BCB7AEC840
Malicious:	false
Reputation:	low
Preview:	"use strict";_F_installCss("@media (max-height:fit-content48px){.ZDGq3b .VfPpkd-P5QLlc{max-height:calc(100% - 48px)}}@media (min-height:fit-content48px){.ZDGq3b .VfPpkd-P5QLlc{max-height:fit-content}}@media (-ms-high-contrast:active) and (min-height:fit-content48px),(-ms-high-contrast:none) and (min-height:fit-content48px){.ZDGq3b .VfPpkd-wzTsW{align-items:stretch;height:auto}}@media (max-width:528px){.ZDGq3b .VfPpkd-P5QLlc{max-width:calc(100vw - 48px)}}@media (min-width:528px){.ZDGq3b .VfPpkd-P5QLlc{max-width:480px}}.ZDGq3b .VfPpkd-P5QLlc{min-width:calc(100vw - 32px)}.ZDGq3b .VfPpkd-cnG4Wd{padding:24px 24px 18px 24px}@media screen and (min-width:720px){.ZDGq3b .VfPpkd-P5QLlc{min-width:600px}}@media screen and (min-width:720px) and (max-width:648px){.ZDGq3b .VfPpkd-P5QLlc{max-width:calc(100vw - 48px)}}@media screen and (min-width:720px) and (min-width:648px){.ZDGq3b .VfPpkd-P5QLlc{max-width:600px}}.Gqr3Sb{--gap-width:12px;margin:12px -16px 0;overflow:visible;padding:0 16px}.yUFvre{gap:

Chrome Cache Entry: 359

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5054)
Category:	downloaded
Size (bytes):	321313
Entropy (8bit):	5.404550595754886
Encrypted:	false
SSDEEP:	3072:b0z6spGcOUDTS1DoU5VLtvryGC3lK+M+GgXLecMBFv00NMkynoYjn1:b84tC3CgQP7In1
MD5:	2EB0FEA4C1E52C8F699B5DA2C36B6E94
SHA1:	0BAECA081ECBD7BBB3466C3EDEA8D1FBF6FCE8B4
SHA-256:	D53918D3068D02394B61E37DE24F055FEC595BF33A77E582E8474901253B6D97
SHA-512:	0904DEE578E603291F37DFD24A15DBDBD6486F877F523CC5906D86E902F6F7EE8F4D744E27A60FA6DBEB0850D94D60394B413832E3CB3519C40C1070A7B7D44D
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/oDCktW1TTvG.js
Preview:	;/FB_PKG_DELIM/..__d("relay-runtime/util/RelayConcreteNode",[],(function(a,b,c,d,e,f){"use strict";a={ACTOR_CHANGE:"ActorChange",CATCH_FIELD:"CatchField",CONDITION:"Condition",CLIENT_COMPONENT:"ClientComponent",CLIENT_EDGE_TO_SERVER_OBJECT:"ClientEdgeToServerObject",CLIENT_EDGE_TO_CLIENT_OBJECT:"ClientEdgeToClientObject",CLIENT_EXTENSION:"ClientExtension",DEFER:"Defer",CONNECTION:"Connection",FRAGMENT:"Fragment",FRAGMENT_SPREAD:"FragmentSpread",INLINE_DATA_FRAGMENT_SPREAD:"InlineDataFragmentSpread",INLINE_DATA_FRAGMENT:"InlineDataFragment",INLINE_FRAGMENT:"InlineFragment",LINKED_FIELD:"LinkedField",LINKED_HANDLE:"LinkedHandle",LITERAL:"Literal",LIST_VALUE:"ListValue",LOCAL_ARGUMENT:"LocalArgument",MODULE_IMPORT:"ModuleImport",ALIASED_FRAGMENT_SPREAD:"AliasedFragmentSpread",ALIASED_INLINE_FRAGMENT_SPREAD:"AliasedInlineFragmentSpread",RELAY_RESOLVER:"RelayResolver",RELAY_LIVE_RESOLVER:"RelayLiveResolver",REQUIRED_FIELD:"RequiredField",OBJECT_VALUE:"ObjectValue",OPERATION:"Operation",RE

Chrome Cache Entry: 360

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	548
Entropy (8bit):	7.327759164493212
Encrypted:	false
SSDEEP:	12:slPS8P+coL7FKl07V+cvbTPN+NYBM2kjeeoOilwtszyCaUT+KXTt2:sdDoXu07JDTV+NYsoOiqCmJI5XQ
MD5:	22549929E42B7A35BE8D71682A084617
SHA1:	E103A892F50646B447C5F4008691645F011FBAA2
SHA-256:	5263FC71E49ED5B768B6770B3844BC11B0EC52330B98C6AFA207AFD6309F40F3
SHA-512:	0F3A023167C564D1CE8FA2CD1C394FAAB99FC645429A3A3D623D7D014D38570C62B6284B662DAB1B93DF4A2AA6A82FEA843ED14200A772D87F743629FCA5444F
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X..............VP8 .........* . .>.6.G%#"!0......l..2.\|?.^.h ...._...:.7..R..].W...p....Q"...v...^._....Z....8.t..8BZ...ps~\|c...G`../]qg1..-S.[..or.R..{..f..>.I...\|....{.'.9.E..<@X.P2...../4w5.%.f?...T<.-.Y.%....8......+.................`g.:..W....5...L....x.9..]....R[...jy.e.{KN .'.X....\|.#A8...U.D.s...(N.>.`.)'..x..Y.....J........L.{P.0.VRs........00........w..&...ZB5...j...{C(u?zn.........B.y.'.j..BJq...wA.\|.+R.R...<.<.=.......2q.......3.....{.4WT..._..B;@_3.......EXIF"...II*.......1...............Picasa..

Chrome Cache Entry: 361

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1167)
Category:	dropped
Size (bytes):	19019
Entropy (8bit):	5.646833799207168
Encrypted:	false
SSDEEP:	384:1Keg16PEyXOK1vpI9k+B/YJRJgVQ/dd4pACwONFb5hl3CvLNxgCRe440t+N+u7Z+:1Keg12XBppZ+B/YJRWVQFd4pACwYFb5W
MD5:	BA7514F3CC2E233C98D3EF3B5CC30084
SHA1:	3AB04C4D8F42F657042D3AF57D17747419EC333C
SHA-256:	62E26618F0876C5C1794EC3161972D20889AA2724469B48006332DDD5E1BAA59
SHA-512:	175F84F197B1186B7A35BCE2348313587654487B773C655959E682354C7648F0692F3190A70F5954596ABC948384DD4D6F2244405EC59ED37BF57861ACEFFC6A
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.rf(_.upa);._.u("sOXFj");.var rxa=class extends _.Dq{constructor(a){super(a.ta)}H(a){return a()}};_.Eq(_.tpa,rxa);._.w();._.u("oGtAuc");._.ixa=new _.ae(_.upa);._.w();._.jxa=class extends _.Pk{static Ia(){return{Sl:{PY(a){return _.Jd(a)}}}}constructor(a){super(a.ta);this.soy=this.Tj=null;if(this.Pk()){var b=_.Hj(this.Yh(),[_.ek,_.dk]);b=_.Pe([b[_.ek],b[_.dk]]).then(function(c){this.soy=c[0];this.Tj=c[1]},null,this);_.Qk(this,b)}this.Na=a.Sl.PY}ep(a){return this.Na.ep(a)}getData(a){return this.Na.getData(a)}ir(){_.ml(this.Tj.hf())}bH(){}};_.qr=(a,b)=>{a&&_.ce.Eb().register(a,b)};._.u("q0xTif");.var lxa=function(a){const b=c=>{_.Yk(c)&&(_.Yk(c).oc=null,_.br(c,null));c.XyHi9&&(c.XyHi9=null)};b(a);a=a.querySelectorAll("[c-wiz]");for(let c=0;c<a.length;c++)b(a[c])};var mxa,nxa,oxa,pxa;mxa=function(a){const b=a.Xa();return(...c)=>a.Ra.H(()=>b(...c))};nxa=function(a){const b=a.V();return b?(.

Chrome Cache Entry: 362

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24274), with no line terminators
Category:	downloaded
Size (bytes):	24274
Entropy (8bit):	5.439783303384432
Encrypted:	false
SSDEEP:	384:Z6z7ifcDKuDiEB1UDUUeaFV/bSEP4w6bRtZJvW28ZCTUAX+ffSWbs0T:Y7ifcD3NE3ea/Y5h/8ZarOfTX
MD5:	E1AE1E8E526E50AC4D8CE91396726097
SHA1:	B125326B96E78802A1AEC6AEBBD69C10266FA9FA
SHA-256:	BD03B0B6236CB66EB345EF4921D76C8D9BE436EA7CC7C89F9E62163C3E0A4A64
SHA-512:	39A15EBA25DF8FAC9053827E54908531B4916B55916528313692A80EC49BA6EB07064B0F1C5D4082491B0660037AA1A1505DCC02E42E65A21691DE3EB0389B3D
Malicious:	false
Reputation:	low
URL:	https://static.zdassets.com/hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js
Preview:	(function(t){var e,n,s=Math.round,r={},i="undefined"!=typeof module&&module.exports,a=/^\/?Date\((\-?\d+)/i,o=/(\-)?(?:(\d)\.)?(\d+)\:(\d+)(?:\:(\d+)\.?(\d{3})?)?/,u=/^(-)?P(?:(?:([0-9,.])Y)?(?:([0-9,.])M)?(?:([0-9,.])D)?(?:T(?:([0-9,.])H)?(?:([0-9,.])M)?(?:([0-9,.])S)?)?\|([0-9,.])W)$/,h=/(\[[^\[]\])\|(\\)?(Mo\|MM?M?M?\|Do\|DDDo\|DD?D?D?\|ddd?d?\|do?\|w[o\|w]?\|W[o\|W]?\|YYYYY\|YYYY\|YY\|gg(ggg?)?\|GG(GGG?)?\|e\|E\|a\|A\|hh?\|HH?\|mm?\|ss?\|S{1,4}\|X\|zz?\|ZZ?\|.)/g,d=/(\[[^\[]\])\|(\\)?(LT\|LL?L?L?\|l{1,4})/g,c=/\d\d?/,f=/\d{1,3}/,l=/\d{3}/,_=/\d{1,4}/,m=/[+\-]?\d{1,6}/,y=/\d+/,p=/[0-9]['a-z\u00A0-\u05FF\u0700-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+\|[\u0600-\u06FF\/]+(\s?[\u0600-\u06FF]+){1,2}/i,g=/Z\|[\+\-]\d\d:?\d\d/i,w=/T/i,M=/[\+\-]?\d+(\.\d{1,3})?/,D=/^\s*\d{4}-(?:(\d\d-\d\d)\|(W\d\d$)\|(W\d\d-\d)\|(\d\d\d))((T\| )(\d\d(:\d\d(:\d\d(\.\d+)?)?)?)?([\+\-]\d\d:?\d\d\|Z)?)?$/,Y=["YYYY-MM-DD","GGGG-[W]WW","GGGG-[W]WW-E","YYYY-DDD"],k=[["HH:mm:ss.SSSS",/(T\| )\d\d:\d\d:\d\d\.\d{1,3}/],["HH:mm:ss",/(T\| )\d\d:\d\d:\d\d/

Chrome Cache Entry: 363

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	7840
Entropy (8bit):	7.935250751574642
Encrypted:	false
SSDEEP:	192:r6dPjxox9HyZcV7bHhgsZFsjXy3+aFU9eA7XOErOat6vjBi:2dPGx9HyZcV7LurPa8CiEi
MD5:	6290D6D480765D1491BA35078F3D6435
SHA1:	35686B9379151DF7A5B4FF4FC9553932DD52591D
SHA-256:	B9C92FC47FB93D104E9EF850B98EFF81817B8448671E787659D19CCBFF99D155
SHA-512:	7F35A27279905DF3211F173D91AE611624BFB7B61BE8B9870830DA1C74A4B50C62DAB5E162D93F09C54E154F74B325E7598C9E9F02E4525BC1D70EF6940ECE6A
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X........?..?..VP8LP.../?.....m.I.w...'\|."..Qu`.U..YF../B..~.`..#]..........uW@n.u$.J...Q..@..v.6.$5.,...b........]... .....8..c..`..HDn..n!Dx...2J.g....x..g..._#.}r"..._.}..\..K..a....#.$.q.pM......D.JR.[.L..0................-..T.....K.......3Le8s....}jR.qy....e....CGfR.........&..m.$I....y1X.vf.9SF..6^.....l{^.u..]...,wv$.22"...y....3$..~....,u..3k...m.6......}.m{=s.h..........Yr.....U...\b.....9.....aI.J.l.........M..w....@A....%...T.(...@..9...X.0.......J.../...........+...L.u...@.....W..D.. b.4....P..y0..c-..4.<.. .@.. ...Hm.+..Q2...Pa.[.B\.+.I(.~..6....Ng....O...".D.Q..{e...f.P.....].uR..B.;..^.tB...F..<../......l....w_A...`...S.....'...)kpT?.b.r\|..9...Z..u.z_..0%..\"..`}JY.x.5....~..v.V....5..k..7.iw...%..T.\|.f.....H....wj.7.\|..o...J.0.^o......>...1....=0.q..~...O.h..G..;#3.[QFK.l._P.do.f.U...[.../$.;huL..@...31..e......d.-.:pY.6.}:.C...54.FO.~'..K.C....D.-..%M....+r@@Y.e.]-.#.N.v...(Oh.aB...=.i..5:.. .9PF..<.....P'.\.AZ.@.

Chrome Cache Entry: 364

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4295)
Category:	downloaded
Size (bytes):	9518
Entropy (8bit):	5.304107201395299
Encrypted:	false
SSDEEP:	96:GKySQPgUbvhZ6Jv6zH+DcFoTXdPkHyFbTkd19RZwP52WSEkw+TaQ2f0W5GfzSp1Q:IdbvivgHxAPJJTki5oFw+Sl5G/SSx
MD5:	A9ECFAD31AF2EDDB68BB3E14CF3DDFCC
SHA1:	ADA2CBCCDA82610B2B1CC7B63C28C2ADA2D14251
SHA-256:	057BE99209042FE15B57B50E70BF11B00455E5D74B7E6E13042A1B68069AE110
SHA-512:	F1BCBC72D29F125A00D37465D3C795397F22A17EB3527713EAAAAFF5A1B7E5F4271D67CFC9F9027E92FD99731BD2D96F956F0BFEFA99647A510C017A3D1FFDD6
Malicious:	false
Reputation:	low
URL:	"https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/2ApW1F2Eu_c.css"
Preview:	..._42ft{cursor:pointer;display:inline-block;text-decoration:none;white-space:nowrap}._42ft:hover{text-decoration:none}._42ft+._42ft{margin-left:4px}._42fr,._42fs{cursor:default}._afhc{clip:rect(1px, 1px, 1px, 1px);height:1px;overflow:hidden;position:absolute;white-space:nowrap;width:1px}.form{margin:0;padding:0}label{color:#606770;cursor:default;font-weight:600;vertical-align:middle}label input{font-weight:normal}textarea,.inputtext,.inputpassword{-webkit-appearance:none;border:1px solid #ccd0d5;border-radius:0;margin:0;padding:3px}textarea{max-width:100%}select{border:1px solid #ccd0d5;padding:2px}input,select,textarea{background-color:#fff;color:#1c1e21}.inputtext,.inputpassword{padding-bottom:4px}.inputtext:invalid,.inputpassword:invalid{box-shadow:none}.inputradio{margin:0 5px 0 0;padding:0;vertical-align:middle}.inputcheckbox{border:0;vertical-align:middle}.inputbutton,.inputsubmit{background-color:#4267b2;border-color:#DADDE1 #0e1f5b #0e1f5b #d9dfea;border-style:solid;border-wid

Chrome Cache Entry: 365

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2866
Entropy (8bit):	7.176669115665954
Encrypted:	false
SSDEEP:	48:2/6BMYL4knA9WIM8H/c0X4r37HAq3WHAUoEQEnfo7ZIJbH+WVoJXIplChzYNrKbr:2S+YkknmWIM8H/JWHAfHAUfpfgZ+hkRX
MD5:	E3443D0D8AEA42FC61368B9792B6FDC3
SHA1:	6D0F867176171D6DD3FE1E052251B7FDC8C479CA
SHA-256:	E6FF78CBC0E7A99C0243089CD0357F70D4432FAEA71E5B43EBFA466A166939D6
SHA-512:	369005A314E3064A2950B90D473EF2F2045AA1AB859CD29EB5D6E315299C8496828E8685E48DF174C27EFA6BFF8B8657892EE21EF8F6A3AE44454573925161F7
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...$...$.............pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:50+07:00" xmp:ModifyDate="2020-04-24T11:36:21+07:00" xmp:MetadataDate="2020-04-24T11:36:21+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:65ec9e37-57ac-4da2-ba48-ca834a44cd8a" xmpMM:DocumentID="adobe:docid:photoshop:3000cbb2-9624-ad49-bc2c-7ae29484f

Chrome Cache Entry: 366

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Category:	dropped
Size (bytes):	92460
Entropy (8bit):	5.301101844267614
Encrypted:	false
SSDEEP:	1536:bz0ZWWnIba6epMf3zrBL2N3G5jaBsE6t8A9BI2nQfg6ZUMfnfmMBWh:RAAOPP3meWh
MD5:	06821D0F1E25137C2297502C6CED525D
SHA1:	459FB586F8FC6C7C824E06A4E7B5312622E4BFE9
SHA-256:	E1FC56C5AF917B653BE54D619245C4079C1AFEC0991321F0D358679B1EF529A0
SHA-512:	504D6699839AD90F6316EF9FD8BD72B76784176169EA49BBD8FC33DA380F5D0907D9B0266B4E5A10E15CDE25125824A098BE7E16EE2360ACBA6B2711D14F6EDC
Malicious:	false
Reputation:	low
Preview:	!function(e,t){function n(e,t){return t.toUpperCase()}function r(e){!s.addEventListener&&"load"!==e.type&&"complete"!==s.readyState\|\|(q(),w.ready())}var i,o,a=typeof t,s=e.document,u=e.location,l=e.jQuery,c=e.$,f={},p=[],d="1.9.1",h=p.concat,g=p.push,m=p.slice,y=p.indexOf,v=f.toString,b=f.hasOwnProperty,x=d.trim,w=function(e,t){return new w.fn.init(e,t,o)},T=/[+-]?(?:\d\.\|)\d+(?:[eE][+-]?\d+\|)/.source,N=/\S+/g,C=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,k=/^(?:(<[\w\W]+>)[^>]\|#([\w-]))$/,E=/^<(\w+)\s\/?>(?:<\/\1>\|)$/,S=/^[\],:{}\s]$/,A=/(?:^\|:\|,)(?:\s\[)+/g,j=/\\(?:["\\\/bfnrt]\|u[\da-fA-F]{4})/g,D=/"[^"\\\r\n]*"\|true\|false\|null\|-?(?:\d+\.\|)\d+(?:[eE][+-]?\d+\|)/g,L=/^-ms-/,H=/-([\da-z])/gi,q=function(){s.addEventListener?(s.removeEventListener("DOMContentLoaded",r,!1),e.removeEventListener("load",r,!1)):(s.detachEvent("onreadystatechange",r),e.detachEvent("onload",r))};function M(e){var t=e.length,n=w.type(e);return!w.isWindow(e)&&(!(1!==e.nodeType\|\|!t)\|\|"array"===n\|\|"function"!==n&&(0

Chrome Cache Entry: 367

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2720)
Category:	dropped
Size (bytes):	10972
Entropy (8bit):	5.468696557847035
Encrypted:	false
SSDEEP:	192:TyrCSDDt60cN/jite9JaJk2gH6RfVZfrELEQDZa0YQdf:TyFDJ6BjzH6GV5f
MD5:	C56913DBE48D685560708FAF019FBB2D
SHA1:	270C4D44FB014A9E108455588CD0E19839066994
SHA-256:	B5EA2C3E08D4CE47C0186F9CEADFB47642C93897488301D318D1B97477CD0D1D
SHA-512:	41AD4C69B293C7F03DD3F25FDEED8859653917B9B977843496D24C0E7F1B2A7603DFA9B9B5B1ED3F16984B5CCB3A08F7E6919DD343DF8D7AAEF1B4BBA7428157
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("FDSLazyTooltip.react",["BaseTooltip.react","FDSTooltipImpl.react","lazyLoadComponent","react"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react"));b=h;var j=b.useCallback,k=b.useMemo;function a(a){var b=a.children,d=a.delayContentMs;d=d===void 0?0:d;var e=a.delayTooltipMs;e=e===void 0?300:e;var f=a.forceInlineDisplay,g=a.onVisibilityChange,h=a.tooltipProps,l=a.tooltipResource;a=babelHelpers.objectWithoutPropertiesLoose(a,["children","delayContentMs","delayTooltipMs","forceInlineDisplay","onVisibilityChange","tooltipProps","tooltipResource"]);var m=j(function(a){a&&l.preload(),g==null?void 0:g(a)},[g,l]),n=k(function(){return c("lazyLoadComponent")(l)},[l]);return i.jsx(c("BaseTooltip.react"),babelHelpers["extends"]({delayContentMs:d,delayTooltipMs:e,forceInlineDisplay:f,onVisibilityChange:m,tooltip:i.jsx(n,babelHelpers["extends"]({},h)),tooltipImpl:c("FDSTooltipImpl.react")},a,{children:b}))}a.displayName=a.name+" [from "+f.id+"]";g["default"]=a}),98

Chrome Cache Entry: 368

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 157 x 28, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2191
Entropy (8bit):	7.8806721941399696
Encrypted:	false
SSDEEP:	48:iBGywlLthIdBZSpcL1cJMJVgU18guwI2GYci5l34V7:iMywptHJyt18Tgci/IV7
MD5:	EF72958375F5891863E9E027D910FE6F
SHA1:	B74DA6938B6C7B5F5DF6C0217993CD1AFAC15260
SHA-256:	5FDF464D02D5BE0BCFD2F1AD32C75AEED1F03232C2033F399DF2CE78A289D8F7
SHA-512:	F117B7B3EBA5C2FF9314E9649C9277BEC7134F261ED19B1D9310D81B154CE2FD2A8CE1B06364045D5B81306E51416904212951102F3FF6243529AB6A2FCF1AC4
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/mobile/images/codashop-logo.png
Preview:	.PNG........IHDR.............{......tEXtSoftware.Adobe ImageReadyq.e<...1IDATx..\_h[U.?7....en.C.........>.A.<....... ....(.0..\|.$/"(4..{P.-L./6E..d....?....O..~7;=;..s.t....r..........b.....I..r.....u ..l...g._M,B......b.%D,.+..u.....+..b...4.t...u.{_y.....t.gFm.[..&..@#.......~n.._..%.E........@q..Xv..Y.5.?.../q,Z.....W..%.@....[.P...x....7b.u..f.a]S\|..W..r;;.~.5.a4.c..N..Z.....z..CN.n..$..p............1tA.....&....n...n. ....=.@J......,.8N.PfU..}..".j.t.......U....uN.n...8..7.1Y...Mt.........t\|.^.~...[...'...N..l......4.JP..:...M.}n....Y.l..,.\|..K..G..C...t...<.P\..W.L......a.nQ.d(..X...Q{.....x .................J..A....@.5k.@c."v....@}.Og..!\|Xe..l.?N......o\..~.....\|.$...d..#.V.......:..(UAe.t...8.+.IWd."..6.N:.=.._#F...Y..j.t`L..6..F.3...'.cw.....!.o3]C.P.v4.~.,.+<...l.n.. .%.s3...P2..%.....8.9..y.mF.;..s....f:/...R..A.C_..0.I.I/k.Q.~...>.>...!?.......hj#./...:......xvy...Vb&U.....AF.`......'...E=...L.C...s*.....................

Chrome Cache Entry: 369

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3817)
Category:	downloaded
Size (bytes):	122923
Entropy (8bit):	5.472299399758699
Encrypted:	false
SSDEEP:	1536:KAIcfKjLatJdHL6knxNEWKeNhSMu64zsibf/GZA50frNNyhAnY/iBl6Jap+a3U2Q:PIyKoncFMqH/GZv2ap+atK8C
MD5:	675F3BFBA67EAF37FF1A747084B9D35D
SHA1:	017F8D67C92C67E480A004535800A41D2F1FE78F
SHA-256:	E643FAD6C7DA22675E44A57B206C5D7CC0E2528CEFAE6CB8858D128DCD98A5D8
SHA-512:	9C982BF214F0D338A2DD413EE35D8C2A2E8B7468BDB064F869E98415F4546EAB5CA7A50072BDB55FDA51C0D8A7132BD6046C21EE8D5165305C1BAD608C6D6E2D
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Preview:	(function(){var m,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},t=ca(this),v=function(a,b){if(b)a:{var c=t;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}};.v("Symbol",function(a){if(a)return a;var b=function(g,f){this.$jscomp$symbol$id_=g;ba(this,"description",{configurable:!0,writable:!0,value:f})};b.prototype.toString=function(){return this.$jscomp$symbol$id_};var c="jscomp_symbol_"+(Math.random

Chrome Cache Entry: 370

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 213284, version 1.0
Category:	downloaded
Size (bytes):	175952
Entropy (8bit):	7.99590151656972
Encrypted:	true
SSDEEP:	3072:4csjZMurVE+FkVzhr7sfh9ZCJUbv8DkjGT1NxZgbn0a/ntL0KBe:StMurVRWp7s998OmxZgbn0mn10K4
MD5:	2281B6F7647F9FEC8E369D7D085B7EBE
SHA1:	AF70830540C39FF403B03A702B19DC2FB7021ED2
SHA-256:	BF8F9A15A27D746E45DA716EB6E14CCA1612BF7B208885B597B3148E7E74B66A
SHA-512:	CF4017AB76593459AE0D0EF52FBCC04686458C49C4D225F587E498B17ACDAEA1E0DAB5E8D339DD271E74B56E2F71137F0E87B54DCE97BE09DB7D7508723DD0E6
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Semibold.woff2
Preview:	wOF2......A$......6,..@...............................l.`..&..f...........B..@..6.$..<. ... ..9[w^..}..70][.;.3.2..".. .1"...F....q.......jc..I..(..v...!..,.vj..:.....BY._O.K.k.e..a...c..(................................................?;...3.... 80.. BEPqA..-..$...b..iZ..mlL-..2.2. b(..."d...l.7. a(.....$..6lg.6....nG....\|.E@...EPo..x.(.dQ..\.h.r..T..[.5.:1.S....~.. .B..&J".n...C.2...Y_..>wT...q.&.Q...Qp....q4.b.U..1P...`FXw8.o.l.".A$..6.'.OeK..9..fh68.....!!AB..uR.....e..%.Z.'.e.9K...bL...C(..M.%.[..d.D.....rQ..,.\|.Z.<.2....8:.Nv.P...n^Zuk.....~..1.Nq..z.]...S...I.i#......1H....3..,.....[e.I(.l...X.;......%.#..-p.9^.G.....Y..K)..k"s...AF..e$(......,N.h...$....2....FF,....r.U#..~...#.l..p......fr(Ke..r...V,.~)...3b-....(."Q..Q)...M.w..D....\|.B.D.H...7......^;...u...$.T...f..$........N.,Q.....C...J/..kin.....6.&..<..Q}.[m.6.Mw.\|...g..{-N..#g.2.I.j.%Q..*.=..D..8..T.&...;..&...e.yp$..^.)./t.....O.\|o.P...".z.F".J.=..z...c....K."......\.+J.;......m....z

Chrome Cache Entry: 371

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5945)
Category:	dropped
Size (bytes):	265794
Entropy (8bit):	5.572719893143777
Encrypted:	false
SSDEEP:	6144:KjJpmFU7Nli04d7G3BsEemvevNnH0fxnQ6:YyW7N4nhiZ7
MD5:	AD69F7561EC713BE70AE65D7002545B3
SHA1:	C9AFDF33BAFD54790C86666136D53E3D27F69E52
SHA-256:	246DCB444EA297A253C608B507800A4F3F9834EA53A6CFCFB99C94CD1F3D4992
SHA-512:	EE789157766DA4B46ECFBE6742D7EA3AFB66B78CC2EBAB4B5DC6B6E123375A9BCA2D01A5C339DD33A5BB78542C425FF29F02A4D5DE2564F6877549E8B17382F6
Malicious:	false
Reputation:	low
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"6",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cross_domain","priority":16,"vtp_rules":["list","play\\.google\\.com"],"tag_id":10},{"function":"__ogt_referral_exclusion","priority":6,"vtp_includeConditions":["list","play\\.google\\.com"],"tag_id":12},{"function":"__ogt_dma","priority":6,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":13},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":

Chrome Cache Entry: 372

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8243)
Category:	dropped
Size (bytes):	10408
Entropy (8bit):	5.228704012543909
Encrypted:	false
SSDEEP:	192:eZH7kUk70Eb1QAUf8HYTevU1gST4wLxr2:eRkR96ApHY2STr2
MD5:	74F18E69FCEEB4513B9F24322BE7386E
SHA1:	FE37CB92776F387DB632472296B0ADDEB815DD55
SHA-256:	E3FDF2DDBE34D56ED6DB667544576B0821399F47124E09DC9671DD62CFD1DD28
SHA-512:	7FAE4FBD35068C64252A7645D66FF19CFAF6FE02302A11070E503B315F58D12D48055A59DC72E7970E2FE0435D5095B6DE7FD61FA8C8DCCA07EC4DC376876B2D
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/../*. License: https://www.facebook.com/legal/license/V9vdYColc4k/. /.__d("react-0.0.0",["React"],(function(a,b,c,d,e,f){"use strict";function a(a){return a&&typeof a==="object"&&"default"in a?a["default"]:a}var g=a(b("React"));d={};var h={exports:d};function i(){h.exports=g}var j=!1;function k(){j\|\|(j=!0,i());return h.exports}function c(a){switch(a){case void 0:return k()}}e.exports=c}),null);.__d("react",["react-0.0.0"],(function(a,b,c,d,e,f){e.exports=b("react-0.0.0")()}),null);./. License: https://www.facebook.com/legal/license/t3hOLs8wlXy/. */.__d("resize-observer-polyfill-1.5.1",[],(function(a,b,c,d,e,f){"use strict";var g={},h={exports:g};function i(){(function(b,c){typeof g==="object"&&typeof h!=="undefined"?h.exports=c():b.ResizeObserver=c()})(this,function(){var b=function(){if(typeof Map!=="undefined")return Map;function a(a,b){var c=-1;a.some(function(d,a){if(d[0]===b){c=a;return!0}return!1});return c}return function(){function b(){this.__entries__=

Chrome Cache Entry: 373

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	67568
Entropy (8bit):	7.995223827827181
Encrypted:	true
SSDEEP:	1536:Sr9FBdWwO30fCHi7d4WS8I2FLpssaCYOse5p31EL9sD2bSA:Sr7BdUXs829vP5pFo9gul
MD5:	F6CB5C74910A1F66FBCE7FA7EFA9A5F7
SHA1:	58C5B8D3BAEECA8EF315CAB2B54D93834B92491E
SHA-256:	B35686D67403F8942C749CDDA2B8CE3C4E98FFE48DA8964E541AF8E45567F927
SHA-512:	753A0D4AC7EEF2495E328B29E091BACF5CC05E539A3E0EAFDDA543F3D193D22676767E80A2DCFBA9283489337D369D2F88349E8568B3CEDB798E055C83150527
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/Fx0NDO3ZlqxtwW9QpsiSOTNGpFrX3tQXnmrDfIbwKPWPl0uUUJUDvlkZiQg-_AXl4d8_=w240-h480-rw
Preview:	RIFF....WEBPVP8X..............VP8L..../..;....$......{./.$5D....o7.@..M.}..k$..&..t#......7.... .......12.9-.;....U9F..H.Q]..Jl.:t.@....~/......\..........>....1.$~V.ox......n`. ...}..I...n)d.zC....l......{c..T?....5.O.:...5.\|..]......U....1.1V7.N6.......s.:...~..<g..../..k..e ...F....0n........>.;......^].R?(....P.$.* R..ad@_t........I.O....f!I.6.r..Q.....B.Q..Mt..c...9g..@.g..5HT..i....H.... ...{/.....].S$H...lm{.y..f..X`...,A]..VI...JVYz.^.?.p=Z.;.....8.....{QQ.C'I..c....n..m...h.;......<..5.......... ....>..2...:....b.+@B.....y)..C.A}?k...........7....@.:.W.}...1[.6.)..I?..%W.......9.."V....$.....H...Y.P.p..........2<...."..X.)..>.G..[X..{]H..........)9J.;f]U.R...7..u=..l0..4..d.$..A..k.......U}....E.....%X...#)xZ".aL.&o...?..V......... "V.1..`.R...-.....%..k(5,.............7q}.a.....o..<.<..zn....m..+.q.y..F+..~....z..e..Zx..Zu.....`.....&53.aQl.a....~.T......{....7...n3.p.Cg..;....8.nG#.......,.1J.1...a.._.......9.

Chrome Cache Entry: 374

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	28789
Entropy (8bit):	7.971396460866589
Encrypted:	false
SSDEEP:	768:mQmpRJ1JqkEDO5tjx6ZmOAKTTjgH1W7AH0VYvkLHNy:mQUJbqkoO/zPKDgmKvkLH0
MD5:	74190B93FC4F5D88F0C8E6411BA20BD8
SHA1:	89CE2ECB660A90B8E6ED1B335443D7767C59F28A
SHA-256:	092A3CD5F86B3F039FEEFDEB86694CD16AE545AF214CFDA614BDBBE2D1BDE401
SHA-512:	35FFC458DA53B5105BA45473350BC178D4B96ACC7E5F409FCF586ACA4E7C9B9B9B3A7D9D1C2185532EE13F9F496811156A38130FB7D9ABF5925436EF29F63ECB
Malicious:	false
Reputation:	low
URL:	http://www.card.xn--6qq986b3xl/img/facebook_text.png
Preview:	.PNG........IHDR...\...........&....sBIT....\|.d... .IDATx..w\|......{J:...{.. .`.."..}....r..{.r.+X... ..@....Az.$...s...<...{.IHB..'!0_>K.svg.....33....B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...BQ!.^...-...C.PT....Hs~.6....E.P(....r..K.n..._..gMp/\.BQ......?>:..$Q(...`....x.r._O.z.uW........(....m...F....yu$%{..@..Ia.....4........[^..r.?..4)..x.~.P...u..rkZ..B.8.h3d\.._...7~.g...:..@a.)H....FB...?#7...#..&..._ck....El<.J.?.\|4...Q(.Q.i.P]..rn...qu...t..oN.."owv J;.Dd...H.D.$A.".....%.g,..B.k....5.....l.....~....w=...Y.....^`eN....j.O.P.M3H....C.......>g....,..`}f....jZ...S....>.e..SO..U...0`.....hr..... {.0j...0.sG...4.&....Cok-v#=..".l.~i.1o..M...:.n....m............j......y5,.Bq,s..[.}...vl.^...E...S.....:.: .h....v5+.QF..&.....}.......3..9.V.6i.D<DD.,..%... ../b...3.(. ..i..&..T.mM.P.A..G..i...}......n..[v.]........9'...$X...M"".u...jO.Bq.R......y...<;...O..O....?f..xU...e

Chrome Cache Entry: 375

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	13316
Entropy (8bit):	4.834081998326948
Encrypted:	false
SSDEEP:	384:m+Y59vokdw11DD96E3x+ZxkLOdLWC0Le6VTeweaOerjeweaden8aXAExeg:mkX3x+ZxQOVWC0Le6VTeweaOerjeweaG
MD5:	9322772F80B83E13436FFE8D61064176
SHA1:	D81FC5203C58B7544AB1809C1958CEF028A5987E
SHA-256:	E419B62AE35CC3A7204D6B535399F76B1C902636D1400208DF525519141D6793
SHA-512:	F8622509C11744D43E4FDF509598AFEAECEC465512040C3C694B4B44CE3461915751834E9807B5D4129F3BEFE3EA394FFE93549E8C327BF126AF4218E62DB58A
Malicious:	false
Reputation:	low
Preview:	document.addEventListener('DOMContentLoaded', function() {. // Key map. var ENTER = 13;. var ESCAPE = 27;. var SPACE = 32;. var UP = 38;. var DOWN = 40;. var TAB = 9;.. function closest (element, selector) {. if (Element.prototype.closest) {. return element.closest(selector);. }. do {. if (Element.prototype.matches && element.matches(selector). \|\| Element.prototype.msMatchesSelector && element.msMatchesSelector(selector). \|\| Element.prototype.webkitMatchesSelector && element.webkitMatchesSelector(selector)) {. return element;. }. element = element.parentElement \|\| element.parentNode;. } while (element !== null && element.nodeType === 1);. return null;. }.. // social share popups. Array.prototype.forEach.call(document.querySelectorAll('.share a'), function(anchor) {. anchor.addEventListener('click', function(e) {. e.preventDefault();. window.open(this.href, '', 'height = 500, width = 500');. });. });..

Chrome Cache Entry: 376

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	236
Entropy (8bit):	6.968820977497042
Encrypted:	false
SSDEEP:	6:UAi1Z+eAl66OezH5t3NgVXHLvdY39d5JA7++Pr7b0y/ze5:Ud18RpOeTNUvdYtO++jc8ze5
MD5:	98E526A3A62C5CEAE9B2AFC76A7DEE17
SHA1:	9971683FECD5C2D9CDB376DD8A24660BF81998ED
SHA-256:	1FDCB9D4C640E231358D6C5FD570AB117750E5C6F3241023B253117AAE9BD301
SHA-512:	E39DEDB7240D3DC7D6800113129C9B7FFF53D22380FEDBAA0E400827B8438710B08F66FE8BF6FF26A7D6D0E6190C647E66E5F54070850EFF35A4A48499B54CE3
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 .........* . .>m*.E."....@...X..=.&..^D@/.....a;\...o~Q{...._.P.,YU.b_=E:..r..Zl......#.d......f..7.\|.RN^.[.._.\|.-W.Z...z.L.7.......zoDy.......}.H..u.8.@V.....B.....+yII.~.c%[B~..O..-~..6..,(.q).%..K.4H......

Chrome Cache Entry: 377

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7780)
Category:	dropped
Size (bytes):	33406
Entropy (8bit):	5.518229748474891
Encrypted:	false
SSDEEP:	384:1xoBViW2yAVmX2067HWI4T7cl5UwVy8IZLr5VVXVrZJeN1sU1dJpQM6dqeEBN8Cy:1xdWWi+7HWgUwVy8CZDXVc7Cqe08B
MD5:	691C8B8D4BA6F9FF5DCCFE2175945DE2
SHA1:	2CFF07BB1774991F12BB137A736B29B20A85BA9C
SHA-256:	D3CEC72E3AD7C7C7D87E320846E77CE989180E44A2FD4FE81582E9C32B476565
SHA-512:	0E4619FFFA207E6B22C7097D0603F6D00735D62F21B10B6A92445ABFCCC6541CCF79626430136387463CE98B3699E7DC1299E5FB38D5DE9C663A51CAAC0E5242
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("BaseRowContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext({columns:1,wrap:"none"});g["default"]=b}),98);.__d("BaseRow.react",["BaseRowContext","BaseView.react","react","useBaseRowA11yWrap","useMergeRefs"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react")),j=h.useMemo,k={expanding:{flexBasis:"x1r8uery",flexGrow:"x1iyjqo2",flexShrink:"xs83m0k",minWidth:"xeuugli",$$css:!0},row:{display:"x78zum5",flexShrink:"x2lah0s",position:"x1n2onr6",$$css:!0}},l={center:{justifyContent:"xl56j7k",$$css:!0},end:{justifyContent:"x13a6bvl",$$css:!0},justify:{justifyContent:"x1qughib",$$css:!0},start:{justifyContent:"x1nhvcw1",$$css:!0}},m={bottom:{alignItems:"xuk3077",$$css:!0},center:{alignItems:"x6s0dn4",$$css:!0},stretch:{alignItems:"x1qjc9v5",$$css:!0},top:{alignItems:"x1cy8zhl",$$css:!0}},n={backward:{flexDirection:"x15zctf7",$$css:!0},forward:{flexDirection:"x1q0g3np",$$css:!0}},o={backward:{flexWrap:"x8hhl5t",$$css:!0

Chrome Cache Entry: 378

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21179)
Category:	downloaded
Size (bytes):	165428
Entropy (8bit):	5.494587333899706
Encrypted:	false
SSDEEP:	1536:2DFNrn1Z3miv3qbXkoO6sIujEtlaPAZGhn+XPJP6rPui+POPLP1C6p6mTFBcGeW3:25PtmivkXPGAZGhnDCEH
MD5:	1720A13825DFE2756785997DC7EB3E6C
SHA1:	4737DB90B3E52DD8DC28B0D656620205A022463A
SHA-256:	B75B1C467CB500E533CF8962264898F3085C01728D6FD0937F73335668EAC2B4
SHA-512:	BADC151E76BDD58B13981A2D928B586B6F0C2150228DD7E0B9DF3BC67F80C30264B895833DC9D85C5FEFE809BB19560B75A663485F945577CA9D4C9760285D77
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3ibuB4/yi/l/en_GB/bF_FsAIIm3V.js
Preview:	;/FB_PKG_DELIM/..__d("$InternalEnumUtils",[],(function(a,b,c,d,e,f){"use strict";var g=Object.prototype.hasOwnProperty;function a(a){return function(b){return b==null\|\|!g.call(a,b)?null:a[b]}}var h=typeof WeakMap==="function"?new WeakMap():new Map();function b(a){return function(b){if(b==null)return null;var c=h.get(a);c==null&&(c=new Map(Object.getOwnPropertyNames(a).map(function(b){return[a[b],b]})),h.set(a,c));return(c=c.get(b))!=null?c:null}}f.createToJSEnum=a;f.createFromJSEnum=b}),66);.__d("CometListCellContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext({disabled:!1,level:void 0,shouldToggleOnListcell:!1});g["default"]=b}),98);.__d("AccordionAddOn.react",["ix","CometListCellContext","FDSIcon.react","fbicon","react"],(function(a,b,c,d,e,f,g,h){"use strict";var i,j=i\|\|(i=d("react")),k=i.useContext;function a(a){var b=a.color,e=a.disabled,f=a.icon;a.label;a.onPress;var g=a.open;g=g===void 0?!1:g;var i=a.openIcon;a=babelHelpers.objectWi

Chrome Cache Entry: 379

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	7952
Entropy (8bit):	7.968386802988122
Encrypted:	false
SSDEEP:	192:R77qArMUz0oFg7oo/ywB1VBRmfGTqe9KZhdR/G:R77qArX5FMOwnVBtTHY/G
MD5:	D6E1E6E5E6D283E28385FD4D3D73A723
SHA1:	8EE99185991226CC345DCC41C01D5DA0ABEB1C1A
SHA-256:	6B7EFF06FADFAEBDC8B08E3C447A34CEE343F3FA76B5C0866E71244E6EB47DD6
SHA-512:	2E2847CD1F939A9B39C9B28493242414925733696124FEB644D2E6B684BCE8BE9BA348C8BA13BEC6344FF66731E2C3252DB9A5210800953BB91FF0C04E91CED0
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X........?..?..VP8L..../?.....m.IZO...?.;....w4G....O.c.DO.C.:?...d+.........3E .#.V..../...s].[[..IRT..h.<..k....b..D....6....U.....m....#.+.........3~Ebz.....1rL.1M\...y.........I._.qo.Y..x.16.....r...../v.....@,..1[.3333.03......03s..l.(Y.....o`9..7{..T...,..7k.gVUo.n....@...m&y.0.{0.mZ.....UD....x.m..o.m.6.YfZ......s.^...m.$I.....HT.....m{~.m...sm...f.JUDF..}.9.m..3....Ni[...)..a.NJ;.+....c..e.FR.].@z>1.....r...........I.h.....Cp....h....!..Y...H.G..kQ.j..8....l...e...33.......G...s.......c........h....q}=Bt.....#%...,...4..$..j....0.Y.....1..f..3.p.0"V..+....f.L.k&.V`.%..Y3/{.^c..^....&0..!....\...2....b.b....L.g0.!.T.........v.H.{...0.jk.....].yPI5p......z@..t........,m..Tu...t.....i...1......]'h.}..Y..5k.r.zE..5z..}.....N~.[......l.O.........9.H. .F#...S.S2gf.JbF .\|..y...v..wl.5.v...q..?.4....0S....X.....h.2(:.......G.......\|L..\|....I.... .!..../U.Hf.Q.3.v6.n.5.\|.vr....3.... .]...V.%..d......N..E>..W1..B.\/..

Chrome Cache Entry: 380

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (20398)
Category:	dropped
Size (bytes):	356266
Entropy (8bit):	5.402700905715015
Encrypted:	false
SSDEEP:	3072:Wjx6JPK5lD6E2yjEKLPGMZMg9bV4XG77jzf+WEf8/:WsJyDD6E0KLPGMZZ9bVj7+WEf8/
MD5:	7038475B342145FDF3A6BA1A53656D60
SHA1:	E887CC085B2F30B992E8771C5AB87C51876B3DF9
SHA-256:	7056C7278A0C812D8B5EBA4AF697FFB179974D0B73BE0892D54D06D621ED52BE
SHA-512:	A1E93778F6E6084303802507B1C0A6B217A90B59E8CE3EB2D12996BE97C72432708694C7C222205DEFD3445631B1F04B28E48FDAC5FB6027B807505A6A540EE8
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/.."use strict";(function(){var a=typeof globalThis!=="undefined"&&globalThis\|\|typeof self!=="undefined"&&self\|\|typeof global!=="undefined"&&global;if(typeof a.AbortController!=="undefined")return;var b=function(){function a(){this.__listeners=new Map()}a.prototype=Object.create(Object.prototype);a.prototype.addEventListener=function(a,b,c){if(arguments.length<2)throw new TypeError("TypeError: Failed to execute 'addEventListener' on 'CustomEventTarget': 2 arguments required, but only "+arguments.length+" present.");var d=this.__listeners,e=a.toString();d.has(e)\|\|d.set(e,new Map());var f=d.get(e);f.has(b)\|\|f.set(b,c)};a.prototype.removeEventListener=function(a,b,c){if(arguments.length<2)throw new TypeError("TypeError: Failed to execute 'addEventListener' on 'CustomEventTarget': 2 arguments required, but only "+arguments.length+" present.");var d=this.__listeners,e=a.toString();if(d.has(e)){var f=d.get(e);f.has(b)&&f["delete"](b)}};a.prototype.dispatchEvent=function(a){if

Chrome Cache Entry: 381

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2114
Entropy (8bit):	7.870988243839097
Encrypted:	false
SSDEEP:	48:V94BlzSNyJV4/NXbSRWKBkHdr11BzqIiL076xh6Qi0csBQ:V94bzSt/hKWmotjlqIW0u6t0cs6
MD5:	32EEF349F1092FC3E30B0BD65A6DC621
SHA1:	94C8348DE68E0D3889F5E70AFC0D009A19C4BA3C
SHA-256:	3308F417ECDC9CDD7646438A1BCF433C2A95FE5BED992A817B98F57A0F26F08E
SHA-512:	07A0B4B46F7490D14AE0D835E5272015D734B6577A489D61F86795AFA5A41C60E4F33C4F4EE1608A4BA0D884C3CEAC30DE2972982CB55A49266B18EAB3862125
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/MjrhJApdcYG1D2vtDZFqcc6UebJ-eMLT_M5omELV_39EbQkiDigolM_XFgQ-aKZHdz0a=s64-rw
Preview:	RIFF:...WEBPVP8X........?..?..VP8 .....#...@.@.>q,.F...!5..`...l..2.\|?..R. V...\|.]...'.....w.....o.o....y/A..}@?............?.K....../.?...8<.....>...!...I..0.......m.......K.S..}.}.\|..?........_...#.;....t.e...Q...EX....?......iZ..s..!@.S...B,^.6Q...n.....\|..:....Vd.N.Zd.f.F......m}B.H......T.B../.r..".....y..T...........).`..z..q7.B7.B.B?.^].i.9:.s.ct..\..R;v..(....V.gxR.V.v....}3.n......6..w.k......b..N.8...b....Y._..)C..I.M.?.:.e)..v..p..k..QO....c8...b..E.1..>..; .2ou....;..t&..w.z...V.c.-.i. ...a.....%.dnZ....Or5~.....%-x...O}........Ih`..fVG.0m.Q.....[.....R?.p.....c.....1._...6...L..W....-rd...6g....NX.CAO......P..5....(l.L....=.\.S....!@....~...;.PE.z{.,m..I.W=..P.[b..0...C.L...P........cE......6.P. ?...P.C.Gxq..d-...^...``.#....}..'d9..^....ZUG.......:SZ.z6.6^.....!..g"....q./O.....+mL.\|.x.S....P..f.}.:.%..R72.Vk.f_-3.\..M..1.+60....@%.\..f...0.'.....b..<......lP............q....a.r..h.w...Gc.%2x^(.+9.p.F./.$..4.Y2...4j.<.

Chrome Cache Entry: 382

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (22664)
Category:	downloaded
Size (bytes):	69642
Entropy (8bit):	5.356306994739534
Encrypted:	false
SSDEEP:	768:Z5Hq9erZRSz1XRBjtjJDmV84RsxeHoxlRSMQXRBjtjJDp0PBcsxe5BDJ8zkWTuT3:ZU9ej8+Hv0Ps5n8z1STZ8fb2
MD5:	E200800D8DCDD429810A05DF86551B56
SHA1:	0E36DF0575A96F1F0DD783D508016605023B4926
SHA-256:	2F38D54AD6DF6F72604985A63851C27CA5D4384D3A5480FCAC14B63990BDDEB9
SHA-512:	42E33EBD830F14F80A0A610B72AD8004BB64ED909005B4445A55D1D7397F6AD42E06835A7DB7471E1E70E00926E2C8207338B7D274881D61C8B84F9636BDC778
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3iFpk4/yA/l/en_GB/wQJhXeVVcMB.js
Preview:	;/FB_PKG_DELIM/..__d("MDSButtonGroup.react",["Box.react","CometFocusTableContext","MDSButton.react","MDSRow.react","MDSRowItem.react","react"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react")),j=h.useContext,k={hiddenButton:{height:"xqtp20y",opacity:"xg01cxk",$$css:!0},resetFlexBasis:{flexBasis:"xdl72j9",$$css:!0}};function l(a){var b=j(c("CometFocusTableContext"));b=b.FocusCell;a=a.children;return b!=null?i.jsx(b,{children:a}):a}l.displayName=l.name+" [from "+f.id+"]";function a(a){var b=a.align,d=b===void 0?"justify":b;b=a.direction;b=b===void 0?"forward":b;var e=a.expanding;e=e===void 0?!1:e;var f=a.paddingHorizontal,g=a.paddingTop,h=a.primary,j=a.secondary,m=a.secondaryIcon,n=a.size,o=a.testid;o=a.verticalAlign;a=a.wrap;a=a===void 0?"none":a;var p=[],q=[],r=null;if(h!=null){var s=h.ref,t=h.testid;t=h.type;h=babelHelpers.objectWithoutPropertiesLoose(h,["ref","testid","type"]);r=i.jsx(l,{children:i.jsx(c("MDSButton.react"),babelHelpers["extends"]({},h,{ref:s,size:n,te

Chrome Cache Entry: 383

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6573)
Category:	downloaded
Size (bytes):	10849
Entropy (8bit):	5.551671316058498
Encrypted:	false
SSDEEP:	192:sn0g/f3O/+IErEeyKEIffWEeyU/gcLCqrFoxPGRmSREzmOtKs+xrDEyvZ:huk+I6EeyKEIWEeyCgqwPGRmSRymOQ5l
MD5:	FB4650E82A5A32490F5B1D4B85594CD7
SHA1:	ECCED02FA31FA36FD1CFA9B4C52200EF726EE357
SHA-256:	5FB29C66A3EDA461A11E8DAE54FCFF64E73C23D6B67A5232FC23F417719D8EBB
SHA-512:	E0E901B61153CC5FE8C8D216C391BFC78FE72E993F55098EFEBE7E4315F22C722D0E1D617F3A6B682092DFB41A91280963502F4096386EEA18EBF3FDF722EF87
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/ui2DkP-wt_7.js
Preview:	;/FB_PKG_DELIM/../*. License: https://www.facebook.com/legal/license/aJoeSHn7XcN/. */.__d("blakejs-1.1.0",[],(function(a,b,c,d,e,f){"use strict";b={};var g={exports:b};function h(){var a="Input must be an string, Buffer or Uint8Array";function b(b){var c;if(b instanceof Uint8Array)c=b;else if(b instanceof Buffer)c=new Uint8Array(b);else if(typeof b==="string")c=new Uint8Array(Buffer.from(b,"utf8"));else throw new Error(a);return c}function c(a){return Array.prototype.map.call(a,function(a){return(a<16?"0":"")+a.toString(16)}).join("")}function d(a){return(4294967296+a).toString(16).substring(1)}function e(a,b,c){var e="\n"+a+" = ";for(var f=0;f<b.length;f+=2){if(c===32)e+=d(b[f]).toUpperCase(),e+=" ",e+=d(b[f+1]).toUpperCase();else if(c===64)e+=d(b[f+1]).toUpperCase(),e+=d(b[f]).toUpperCase();else throw new Error("Invalid size "+c);f%6===4?e+="\n"+new Array(a.length+4).join(" "):f<b.length-2&&(e+=" ")}}function f(a,b,c){var d=new Date().getTime(),e=new Uint8Array(b);for(var f=0;f<

Chrome Cache Entry: 384

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (4269)
Category:	dropped
Size (bytes):	37836
Entropy (8bit):	5.440898121164512
Encrypted:	false
SSDEEP:	768:4gTB4WBzWIw4f0EW/zfz1X+HRBx5AENfWVz39+:R7+4cEMZXENfWV4
MD5:	2E20969B2BF0050EC093713CFBE42478
SHA1:	6689F2CDE01BB7398555F6EC214EAF286CF93948
SHA-256:	E0DA5DA80B21035811B7B7ADC731688D4C639DEF6C216A756646BDE481BA3CF3
SHA-512:	C1877464EB57BC605306B27B0081FFD9F78E55D6D5EE6C7715C7325B93E5CC0AEE24AE7DB68129F1CC8B8CBA4C6B5CE1A5D2421345AD7F7262B5EA089824DAC0
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("Banzai",["cr:7383"],(function(a,b,c,d,e,f,g){g["default"]=b("cr:7383")}),98);.__d("BasicVector",[],(function(a,b,c,d,e,f){a=function(){function a(a,b){this.x=a,this.y=b}var b=a.prototype;b.derive=function(b,c){return new a(b,c)};b.toString=function(){return"("+this.x+", "+this.y+")"};b.add=function(a,b){b===void 0&&(b=a.y,a=a.x);a=parseFloat(a);b=parseFloat(b);return this.derive(this.x+a,this.y+b)};b.mul=function(a,b){b===void 0&&(b=a);return this.derive(this.xa,this.yb)};b.div=function(a,b){b===void 0&&(b=a);return this.derive(this.x1/a,this.y1/b)};b.sub=function(a,b){if(arguments.length===1)return this.add(a.mul(-1));else return this.add(-a,-b)};b.distanceTo=function(a){return this.sub(a).magnitude()};b.magnitude=function(){return Math.sqrt(this.xthis.x+this.ythis.y)};b.rotate=function(a){return this.derive(this.xMath.cos(a)-this.yMath.sin(a),this.xMath.sin(a)+this.yMath.cos(a))};return a}();f["default"]=a}),66);.__d("ClientServiceWorkerMessage",[],(

Chrome Cache Entry: 385

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12046)
Category:	downloaded
Size (bytes):	315758
Entropy (8bit):	5.548865753406303
Encrypted:	false
SSDEEP:	6144:IT0dmGFpmFuQlq0kd7+hJsEsEemve4s+2L:28QQ/h4JsOQ
MD5:	2C68C6F61E80E1829D3D456158ECAD5C
SHA1:	F7E703DD50CF397F9384DE90423A541F4B01B3DA
SHA-256:	7CAFEEBCB5016A2A88DCBF483BBD74FB467E3CF57F0EA278FE75E339DC0CA4B4
SHA-512:	CAAE02B1B1461395652E3D10EEE3D3A09E2704FC60208C0FDFACEFF5E0AC7410A0A12682F70C2D136EDA7EEBFEA35D3E7FDBBB5B88469B7B6CC742D7BB0A53FD
Malicious:	false
Reputation:	low
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-K59689F
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"18",. . "macros":[{"function":"__e"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__j","vtp_name":"navigator.userAgent"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":["macro",3],"vtp_name":"originalLocation"},{"function":"__u","convert_case_to":1,"vtp_component":"QUERY","vtp_queryKey":"utm_source","vtp_customUrlSource":["macro",4],"vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__c","vtp_value":["template",["macro",2],":",["macro",5]]},{"function":"__dbg"},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__c","vtp_value":"G-LL

Chrome Cache Entry: 386

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	33178
Entropy (8bit):	7.993771853774586
Encrypted:	true
SSDEEP:	768:lbViGwRnu8dINwCH8chChg/4gby6u7kdWC+N8519S8hf2:l6Rui3CcchZ4my6kqR5519t2
MD5:	8B0E1EE60083A71F541479F192F6377D
SHA1:	D3952D18904A641D27BA1C267CF8AD3C6CE50F2E
SHA-256:	7CEE315AF50F998D562DE0E995A3B01DB63EC3A94B88AFBF3E27B2227FFA355D
SHA-512:	FD730E1315650AD5C2597EBFAF386EF8DF1754AD5A7BF699CB1C37A13D1DF9816F2339640524A3686E508A809D8908491283BF50FE806C7FDA8766748BBEB0C3
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 ....p......(.>](.E.....u..p..jm...e..........=.7..............=../......}..+._..q.M......#._...O........V.'._...w./...?........M.C................[...G...?.>......i.....w..l...................Oh..............................F?2......>p............?.y......~...........A~`.....w./..._.~A....s.}...........?......~....C.W.o......~.>..{.G.?._.?......Y.w........(.....w.....o....+~....g...#........y..=......?......~.[.\..x..YKW(g......<......=.....7K.."......pF.s...W;P.H.#..!...JE.y..C..F..N.(@...G.l..5..$;'..W..e....s.U..c.UW!~f.[.~X..._.Q/.o.4..........w3.Kf..jT...F...aC])..t.....W.<..........;.@/..7.......&.2.K.....0.,(..t../...cz..0..m.....D..-xk.).+.p".&yB.%J6..X...OY.#H.G.c.q.].w5@....AI.V^..m<..J.`.b..y.M..nr..[..S(..{}..'\..Iw...S.g.C<.q.)....T.[....(0Y..,..h....o.B.1...C........R.........!@....e.}..)3.d$.R....EN..%\|.+...f..g.*h#.pX.P.....&.....1.B.2Pw.e....#B...L......pV...k.z....r.n...b.R..i;.2.J,.......S.ZV.J.!+.~o0.r=..)^[

Chrome Cache Entry: 387

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3817)
Category:	dropped
Size (bytes):	122923
Entropy (8bit):	5.472299399758699
Encrypted:	false
SSDEEP:	1536:KAIcfKjLatJdHL6knxNEWKeNhSMu64zsibf/GZA50frNNyhAnY/iBl6Jap+a3U2Q:PIyKoncFMqH/GZv2ap+atK8C
MD5:	675F3BFBA67EAF37FF1A747084B9D35D
SHA1:	017F8D67C92C67E480A004535800A41D2F1FE78F
SHA-256:	E643FAD6C7DA22675E44A57B206C5D7CC0E2528CEFAE6CB8858D128DCD98A5D8
SHA-512:	9C982BF214F0D338A2DD413EE35D8C2A2E8B7468BDB064F869E98415F4546EAB5CA7A50072BDB55FDA51C0D8A7132BD6046C21EE8D5165305C1BAD608C6D6E2D
Malicious:	false
Reputation:	low
Preview:	(function(){var m,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},t=ca(this),v=function(a,b){if(b)a:{var c=t;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}};.v("Symbol",function(a){if(a)return a;var b=function(g,f){this.$jscomp$symbol$id_=g;ba(this,"description",{configurable:!0,writable:!0,value:f})};b.prototype.toString=function(){return this.$jscomp$symbol$id_};var c="jscomp_symbol_"+(Math.random

Chrome Cache Entry: 388

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2692
Entropy (8bit):	5.130838002349536
Encrypted:	false
SSDEEP:	48:KKzG9MHfIrGJjkOMep58H5xf4+O+0KzOrr:KKzG5rnOMKI6J+0KKrr
MD5:	753A330F95A906499ABE488E677662D3
SHA1:	217627BCA38E4470D91BF305145832F9B32AB9B3
SHA-256:	232F4B64740DD615857B7D31A7839D94DE691DDCE917FE1A56B0F3DE7498FA48
SHA-512:	2F1D6F498B1470A777FE0098A29C410E75A6BFBEFEDF062DBF897B6B3918CF6666E92A3E06931FE953F49A617E8C62C4CAC69F15EA2D5D70B56D094323462761
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/P/airtime/w/css/airtime_v1.0a.css
Preview:	@font-face {. font-family: 'Sanchez-Regular';. src: local('Sanchez Regular'), local('Sanchez-Regular'), url(https://cdn1.codapayments.com/W/pub/mobile-web/font-sanchez/Sanchez-Regular.woff) format('woff');.}..airtime_close-btn { font-family: 'Sanchez-Regular', serif; }.#airtime_form {. display:none;. width:670px;. height: 440px;. border:10px solid #666;. border:10px solid rgba(82, 82, 82, 0.698);. /* border: 1px solid #EEEEEE; /. background: none repeat scroll 0 0 #FFFFFF;. box-shadow: 0 0 10px 5px #F0F0F0;. -moz-border-radius:8px;. -webkit-border-radius:8px;. position: fixed;. z-index: 9999;. top: 84px;. left: 616.5px;. display: block;. border-radius: 8px 8px 8px 8px;.}. / background: none repeat scroll 0 0 #FFFFFF;. border: 1px solid #EEEEEE;. box-shadow: 0 0 10px 5px #F0F0F0;. margin: 5% auto;. min-height: 380px;. padding: 20px;. position: relative;. width: 600px; /.#airtime_form div {. / padding:10px; /. height: 440px;. / border:1px soli

Chrome Cache Entry: 389

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	4286
Entropy (8bit):	4.639719888612948
Encrypted:	false
SSDEEP:	96:EdAdhzUooooRoooT0oooooHooooooovqxoooooooooA:EkLL
MD5:	A217F758EFDFFF14053678DBE58FA4D0
SHA1:	6E0EB512C2F386D645712D7ECBE339EA85CFCA68
SHA-256:	F343B3015D0545A7D5B719A434135BCAE2AC766ED459AEEA671E3688B79D1875
SHA-512:	9BCF90FED875FFAF3170EF3425949642EB23B4E750CD42BA546D30E1A58C4FEE1A14CCDBD31455A6A442D09372CCB3873BD7477A59853608BC87660FB578119F
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/android/market_images/web/favicon_v3.ico
Preview:	...... .... .........(... ...@..... .................................................................................................................................................................5C..5C..5C.]5C.5C.5C.`5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..=/..$l.................................................. <../A.8D..5C..5C..5C..5C..5C.:5C..5C..5C..5C..5C..5C..5C..5C..5C..5C..=/..$l..................................................TN.(?..'>..8D..5C..5C..5C..5C..5C.5C..5C..5C..5C..5C..5C..5C..5C..5C..=/..$l....................................................2..l...8..&>..8D..5C..5C..5C..5C..5C..5C.5C..5C..5C..5C..5C..5C..5C..=/..$l..................................................../... ..m...8..&>..8D..5C..5C..5C..5C..5C..5C..5C.g5C..5C..5C..5C..5C..=/..$l...................................................E...>......m...8..%>..8D..5C..5C..5C..5C..5C..5C..5C..5C.?5C..5C..5C..=/..$l...................................................B..C...>......m...8..$=..8D..5C

Chrome Cache Entry: 390

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	148
Entropy (8bit):	6.523312318185472
Encrypted:	false
SSDEEP:	3:clyg1ZreK5l1GzQ9O9xbSj0hGqBBs+dK484MVYQkGAKAJlJwBNlWn:coWZaKBUdSghtBfI43M0VJlJkWn
MD5:	F6FCD4D43487A3BF8F47A592569FAFEB
SHA1:	22B1887F1C703EA9ED827A59B02AC7FCDF79CA54
SHA-256:	C6AEC5614A1193CCECA829712C4027C6F1B94A106395D2223229861AE110A9A4
SHA-512:	98ECA13BC52869440EE4319FD09AB3C076EFBD51F769052B8C85571236355E50D5426F15CFD67F4DC1942D07D72A0BF0706ACADBDFC5CD2082645CF746778443
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w48-h16-rw
Preview:	RIFF....WEBPVP8L..../......j.....]@G....51..C..G.3..<...w..#.O....{.P...I).......T./]......}..1^..\|.~.}.B..B%.JP..%.\..%..$..K.Y,".\../?#..

Chrome Cache Entry: 391

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11083)
Category:	dropped
Size (bytes):	79391
Entropy (8bit):	5.454378525863425
Encrypted:	false
SSDEEP:	768:B6tcK8Vd61yOa3lKJS7ZYVE0gkUzXlo/0wtcIvPL0Lga3dnEzvB:B4oV81yOAlZ9gEG/0wtJvPL0Lf29
MD5:	0AA506E4DDE15806A207EAE2C43A78AA
SHA1:	25ABD7618864F3430164623E8A7B0E666F10EEC8
SHA-256:	71DCA919B505E16273C3A1B21FB92B2BB643470EA27FEC26FFFCACDDA8232429
SHA-512:	36006676F6C826B3B13A76BC991CB5F925544CC0674AB0E3525ABE955062C07D2B59F55EAAA165162B4010792BEB28CC58C68682B9F5C6104E674F6276143082
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("CometHovercardQueryRendererQuery$Parameters",[],(function(a,b,c,d,e,f){"use strict";a={kind:"PreloadableConcreteRequest",params:{id:"8350576848352954",metadata:{},name:"CometHovercardQueryRendererQuery",operationKind:"query",text:null}};e.exports=a}),null);.__d("CometHovercardQueryRenderer.entrypoint",["CometHovercardQueryRendererQuery$Parameters","JSResourceForInteraction","WebPixelRatio"],(function(a,b,c,d,e,f,g){"use strict";a={getPreloadProps:function(a){var c=a.actionBarRenderLocation,e=a.context,f=a.entityID;a=a.groupID;return{queries:{hovercardQueryReference:{parameters:b("CometHovercardQueryRendererQuery$Parameters"),variables:{actionBarRenderLocation:c,context:e,entityID:f,groupID:a,scale:d("WebPixelRatio").get()}}}}},root:c("JSResourceForInteraction")("CometHovercardQueryRenderer.react").__setRef("CometHovercardQueryRenderer.entrypoint")};g["default"]=a}),98);.__d("BaseHovercardTriggerWrapper.react",["react","stylex"],(function(a,b,c,d,e,f,g){"use stri

Chrome Cache Entry: 392

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (946)
Category:	downloaded
Size (bytes):	209351
Entropy (8bit):	5.696920414020874
Encrypted:	false
SSDEEP:	3072:3/J8He/SDR6DEVsPWvd1pwWKMhH5ynzLFo1MUvQRxUIv++wlxGFNM/6ng:PqHvQWKMhafFTcQRxUlloFq6g
MD5:	F7941991D0CDE66E85820EC6FE8FA5E1
SHA1:	2B30E327957A95F009F71699FD6DE610836CDD52
SHA-256:	7D9448B9B58895DD7A3B958BF3E9D6F9A5D0921925FF025B791676392386BAA1
SHA-512:	08FAC41DD48F4384B2BD070BBC8E23A5B0C64D573F0EB27BA050326C2B2E007D5273D54661C922DC29454ED5B17AAE588240A34A8FE711B330C6D6E6DF906610
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,EEDORb,EFQ78c,GkRiKb,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,RqjULd,SWD8cc,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,dfkSTe,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,qfGEyb,rpbmN,s39S4,sJhETb,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=sOXFj,q0xTif,Z5wzge"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.wX=function(a){return"Rated "+a+" stars out of five stars"};.var bNb,dNb;_.xX=function(a,b){b!=null&&b.N()>0&&(a.open("div","mzPddd"),a.W(bNb\|\|(bNb=["class","pf5lIe"])),a.U(),a.O("wb5Mjc"),_.cNb(a,b.N(),"L0jl5e bUWb7c","vQHuPe bUWb7c",b.H()),a.T(),a.close())};._.cNb=function(a,b,c,d,e){var f=Math.floor(b);a.open("div","D5jpjf");a.W(dNb\|\|(dNb=["role","img"]));a.ha("aria-label",_.wX(e??""+b));a.U();e=b-f;f=Math.max(0,Math.ceil(f));for(let g=0;g<f;g++)a.open("div","CPcfF"),a.ha("class",d),a.U(),a.close();e>0&&(a.open("div","j3pqac"),a.ha("class",c+" cm4lTe"),a.U(),a.va("div","UZExhf"),a.ha("class",d+" D3FNOd"),a.ha("style","width: "+_.$o(e*100)+"%"),a.U(),a.close(),a.close());b=Math.max(0,Math.ceil(5-Math.ceil(b)));for(d=0;d<b;d++)a.open("div","pai7xd"),a.ha("class",.c),a.U(),a.close();a.Da()};._.eNb=function(a,b){if(b!=null&&b.H()>0){const c=_.US(new _.TS("{COUNT,plural,=1{1 rating}oth

Chrome Cache Entry: 393

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	8422
Entropy (8bit):	7.957610591307103
Encrypted:	false
SSDEEP:	192:AJUodg72/QDT40DJRHg8koK9i5xALHQTFPVvSY7X:AJnkgQP40H6oei0QTF9vSYr
MD5:	39DEECA0A2153295C9ACEBC59AA214AC
SHA1:	E5D3FDEC2B9B10AD80A1E238943C40960840A12A
SHA-256:	987226383173E6C949576F3CE1BA464D3FCF58884A1642A935C893B94393B984
SHA-512:	23AC081A6C4321824BFB4F95A5360CCB2B40513D19E776CA8B157C9EFA249DA6C221E01321E974246520FB3604DCFCBDE6157930DD81F1B2712D2305D620D81D
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/yUx5IRbWt1gaidaZIU4Ts5jePA40MnAU88T25jABDQuoL9KBgbbYnHxBAGWTzb51C9Gb=s64-rw
Preview:	RIFF. ..WEBPVP8X........?..?..VP8L. ../?...M0h.H...{......LE05.XX.J..>.ar1.^..=.F.$)...^.w...$IN......q&8y...$I2.3..6......FUDs.....N.....IO...F.)x..d...._....._y.........J...9..I..[..%X....P."S.b.....?h......9.w..dt..+.3.b........6`:..........p.#Ir$.c......R@....}.)...Q#..mU......!....v...22..]..H..I....>....f(r.H.Z....<......U.3...."Hxpwx...........x.9..CB....n.Y....z...m.a...~....6).m[.m.m.m[.V.O.6eV.he.f...m.....u?x.U.)..hF.}t.>l..?.m...Y.......3............9.}....w....@..H....V.-..\.,Z.Fq...N..g...0[.d3RH. ..,&..bA..... .V....@..a..B......yu.L/).A.0.H4.1!....B.i.H....X..^..F..1\|....]H.=.w.T.Q..h.,.......C..'.X@..."...XD(.H...[$...`.uH.5..%..0.:&O.0.`.Z..2....fQ....lK...x..u......y.ohNI........$qIB\....!..p.1.:..>...P(.C"F.B.r9x..B..wY..&...BSa.Zzi"...^.......V..`.]..}Q.M..~v... .?.{..\|.Y...G..ASx N.0.cHD.$!..P...F...=...u....m..8Q....c.g5......H.Uqoo891}....7.......+.!.}.'N..6.2..-si!..P....M.C.~W.....>1..U.7.S.w.W.z....@...4..q.

Chrome Cache Entry: 394

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	792
Entropy (8bit):	5.195185887951304
Encrypted:	false
SSDEEP:	12:kRZTFMTfXI/AIwivoXvI/AI+2iF5YxHI/AIoAnTiCdGMYeI/AI1iEowkbRN20:kzeT89cc0RF5J3eaQ+EoVrl
MD5:	04D4525BB28B425C6B2445CA91CFEB7F
SHA1:	BEC04C58EE946267F9DCA2F324A44E1963EEDDD6
SHA-256:	8C6770B4616D22385CB43F2E690FF3F62C6284FAB873F4234C434AE42A2DC1CE
SHA-512:	565763CC9A7DDD60915BA455AE0A6992CC6B5235F5C8B149F64A3F56772B937587199D91BA3A6C2A4B6A1ACBF983654DF1E37DD66CE7DD1D996E4590147562E1
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("yNB6me");._.qr(_.OCa,class extends _.rr{constructor(a){super(a.ta)}H(){return"yNB6me"}N(){return!0}Xa(){return _.Wbc}});_.$q.yNB6me=_.acc;._.w();._.u("qqarmf");._.qr(_.zDa,class extends _.rr{constructor(a){super(a.ta)}H(){return"qqarmf"}N(){return!0}Xa(){return _.ydc}});_.$q.qqarmf=_.Cfc;._.w();._.u("FuzVxc");._.qr(_.BDa,class extends _.rr{constructor(a){super(a.ta)}H(){return"FuzVxc"}N(){return!0}Xa(){return _.Yfc}});_.$q.FuzVxc=_.agc;._.w();._.u("I8lFqf");._.qr(_.EDa,class extends _.rr{constructor(a){super(a.ta)}H(){return"I8lFqf"}N(){return!0}Xa(){return _.dgc}});_.$q.I8lFqf=_.fgc;._.w();.}catch(e){_._DumpException(e)}.}).call(this,this.default_PlayStoreUi);.// Google Inc..

Chrome Cache Entry: 395

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1443)
Category:	dropped
Size (bytes):	3378
Entropy (8bit):	5.435501515008857
Encrypted:	false
SSDEEP:	48:VF8Hhlf1rcYV4aIdVzsNu0Lr0vxlwa2ga6zj+1zxxs8SHKQb7tPvdBXmw:wflNLr0A2vsdxgNvdFj
MD5:	8E9F0DA1F3DC0953D777D5C487191580
SHA1:	41459B3414F74FD3F75B0DF15B0114A03BA318C9
SHA-256:	6AD427B0D7E820F3EC29D6370EF4D3F8BA93D0DD0393DA8B530004C3BC57800D
SHA-512:	9846C198A808C00BE65355E47A4EAAF9041AB57E23D7DB03DA1EE19A64F5B2010A37EBFCCF1636B4B5E01BBC6250B8A56ED255F4ED34ACE6A66CC551C0ED9ADC
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("CometLinkTrackingUtils.workplace",[],(function(a,b,c,d,e,f){"use strict";function a(a,b,c){return a}f.decorateHrefWithTrackingInfo=a}),66);.__d("RDFDRequireDeferredReference",["RequireDeferredReference"],(function(a,b,c,d,e,f,g){"use strict";a=function(a){babelHelpers.inheritsLoose(b,a);function b(){return a.apply(this,arguments)\|\|this}return b}(c("RequireDeferredReference"));g["default"]=a}),98);.__d("requireDeferredForDisplay",["RDFDRequireDeferredReference"],(function(a,b,c,d,e,f,g){"use strict";function a(a){return new(c("RDFDRequireDeferredReference"))(a)}g["default"]=a}),98);.__d("TimeSpentArray",["Banzai","TimeSlice","clearTimeout","pageID","setTimeoutAcrossTransitions"],(function(a,b,c,d,e,f,g){var h=2,i=h*32,j,k,l,m,n,o,p,q,r,s,t,u={},v,w=null;function x(){return{timeoutDelayMap:u,nextDelay:v,timeoutInSeconds:n}}function y(){if(j){var a=Date.now();a>p&&(r=Math.min(i,Math.ceil(a/1e3-o)));a=D();a&&j(a,v)}C()}function z(){A(),m=c("setTimeoutAcrossTransitio

Chrome Cache Entry: 396

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Category:	downloaded
Size (bytes):	92460
Entropy (8bit):	5.301101844267614
Encrypted:	false
SSDEEP:	1536:bz0ZWWnIba6epMf3zrBL2N3G5jaBsE6t8A9BI2nQfg6ZUMfnfmMBWh:RAAOPP3meWh
MD5:	06821D0F1E25137C2297502C6CED525D
SHA1:	459FB586F8FC6C7C824E06A4E7B5312622E4BFE9
SHA-256:	E1FC56C5AF917B653BE54D619245C4079C1AFEC0991321F0D358679B1EF529A0
SHA-512:	504D6699839AD90F6316EF9FD8BD72B76784176169EA49BBD8FC33DA380F5D0907D9B0266B4E5A10E15CDE25125824A098BE7E16EE2360ACBA6B2711D14F6EDC
Malicious:	false
Reputation:	low
URL:	https://static.zdassets.com/hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js
Preview:	!function(e,t){function n(e,t){return t.toUpperCase()}function r(e){!s.addEventListener&&"load"!==e.type&&"complete"!==s.readyState\|\|(q(),w.ready())}var i,o,a=typeof t,s=e.document,u=e.location,l=e.jQuery,c=e.$,f={},p=[],d="1.9.1",h=p.concat,g=p.push,m=p.slice,y=p.indexOf,v=f.toString,b=f.hasOwnProperty,x=d.trim,w=function(e,t){return new w.fn.init(e,t,o)},T=/[+-]?(?:\d\.\|)\d+(?:[eE][+-]?\d+\|)/.source,N=/\S+/g,C=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,k=/^(?:(<[\w\W]+>)[^>]\|#([\w-]))$/,E=/^<(\w+)\s\/?>(?:<\/\1>\|)$/,S=/^[\],:{}\s]$/,A=/(?:^\|:\|,)(?:\s\[)+/g,j=/\\(?:["\\\/bfnrt]\|u[\da-fA-F]{4})/g,D=/"[^"\\\r\n]*"\|true\|false\|null\|-?(?:\d+\.\|)\d+(?:[eE][+-]?\d+\|)/g,L=/^-ms-/,H=/-([\da-z])/gi,q=function(){s.addEventListener?(s.removeEventListener("DOMContentLoaded",r,!1),e.removeEventListener("load",r,!1)):(s.detachEvent("onreadystatechange",r),e.detachEvent("onload",r))};function M(e){var t=e.length,n=w.type(e);return!w.isWindow(e)&&(!(1!==e.nodeType\|\|!t)\|\|"array"===n\|\|"function"!==n&&(0

Chrome Cache Entry: 397

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	8394
Entropy (8bit):	7.956399033870182
Encrypted:	false
SSDEEP:	192:kDTyjqG0PSRUbj6+e3Uz0b8dt41a2pQS/WkJbTFz:kHyt0EC6+eEQO41f/W6bTN
MD5:	F76ADDB1F81193EE46A149D74DF65884
SHA1:	798875532687A5F153E0B7051A7D071E2AEF805C
SHA-256:	52D17CEDDF265FA928C33AD316EEF8B056C5B6195B2C06F5E07B0F564473F38B
SHA-512:	C11E9E310F6F7791C9E47D9040D0F103F080882E42C222532FE06EEBE73FF03EA4525EC814F777E28C12A92E8646271D87FCA3072FEE526E5F99B773A36C442E
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/4-UAwBqazrTOzXLc32ZtW6RjPbcwm-AsWiZuyQGR-fFZpnGKGDOsvBVK1Tew-pdyqtQ1=s64-rw
Preview:	RIFF. ..WEBPVP8X........?..?..VP8Lz ../?...M(h#I..=..W..".?..mc....l.. [0.$...?.o..g....I.L..y....{.`$I..Y..n'.._rww..<......".&!......<.f....~....3..gAjl..04j....O.......".t..S..".&.......N..\.....}"..18u..zh2....e..)[E.<2w.....l..C...ztd....-S...q..5>.@..N...........io...[.^.n$.@.....:.....p.B.%r.......e.G.r[no...m.m...qH.,;q.,7..t...........~2333333..e...4...t...m;.F.}?...}7w.4o.^^.m.m.m..wl.Og..w....8..........2....q..@.y...:%.\|...9y.`..:2[..t...l..b..&E_/....Q..Gl.6.ls..O....M...v.o..~ ....Cf.a....ae.KRn.....E.HH<....h4........t<o..+P....H.ams...V0.....I.....4sa.E...0B.......Z.4F...[.r..@\|..$..0f.........i..$.6#P...q.....W...C......M..u@IE..e...I~?..R....}.....k..3......l.k.&.(.^&P(.@...".....7........J........h......<..o\2.......j...I......`...u......@......`f.$.)+5.s......kK.. ...x.5.........{H....g=v....w2m.(...W.-.fr.MB.B].5?s.Q....i.^Ms...wZI/.M._.....*.....{.P.3..g......_.Z..h.]. ..9WS.Q....w..._.7..5...ER^...q-2Q.oW..$.1

Chrome Cache Entry: 398

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	9448
Entropy (8bit):	7.961892163905334
Encrypted:	false
SSDEEP:	192:s7HRWNB0sVo/Veqvq47K2s4JxLSUEKLLUMznpBT:6Rk0BeqS4WELpLUAn7T
MD5:	A353B492A556C768CE192E6A4ED459E9
SHA1:	77DF6D072AC43D539AC5884733B83538495608E3
SHA-256:	B62E1E37A18814E2B08D88525D92DF0C6FF50BC05A2FB9E07DD4C5E7A0B277B3
SHA-512:	FD46BF437A749B8252A80356C2D78EAEFB04B96E7A982A91E7DFF62892BF7AA68A3C9587D14C68F10722753752030006701B882AC3D1F6330562BFF29C5C028C
Malicious:	false
Reputation:	low
Preview:	RIFF.$..WEBPVP8X........?..?..VP8L.$../?...M0l.6.,.....n...O@.;~v.).x...[.x.."3..F.$).=&........mm.J.q..(..cJ`.....b..V..O..6w.!h..... ....ssV.....\.u..W...6>..0....P <..t...5l..b.C.Z.'\|.<..h.....>....c.~...2...y.U.R.G.......1A.7.\..CA.6...v........&HP..$...H....;.g.y...Yaemm.YF..B....!...M.$..#";....<.K..@.NC>.d..t.ff.....J...m...._`Gv.qq33......5p..w@..2333.W.-..?...=.......D...L....S0..0....&m"....m.T...Y .%Y.d...........]ffff..erJ.s"...-.2....V...1`...........Y...q..a...[f.cf.1333c.cf.f..3....".,.[]U._.....m....HUeUWOO....m.Z.m.\..{.m['..O..}..=.U......l.6.... )v...<...i..4...D.E..t.. 9.....hp.[&p.]..6.'..7.F( .8.08.C.HpH..H........."/e..t.x....."k^.\.1.....&..b.N..rM...C.q......e.. ......_.$..%..E.]....g.+...$.D#..T.n5...~g$.......p..A..L....Y.v.efJ..aI.F....vn&/.............0.@@....)..J ....~{.R...x'.{.G.d.R......<...\?!..@+.F.N.P.3Q.].s?..7..xF..;.x.S.l..l0d..g.....H..1.j...%....`..PP) 0... 2....(.......8.L..M.T.[F.Z.V.=..Y..'..}KQ.Y

Chrome Cache Entry: 399

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	8406
Entropy (8bit):	7.960163056558925
Encrypted:	false
SSDEEP:	192:dSMwU6k9c503PEfWXekXIaw1zR+f16GKnKEC8R1:dS6X7cfjFFRo6BnKzk1
MD5:	354AED25167899A2202BC595D41AB660
SHA1:	BFE51641BA07724CE0C9E0C9665481C7CCE328C1
SHA-256:	DE857883CE4FCD40ACCC8D68FCDDAF27E52ABA855DC9A856D2162C4F18F5CF09
SHA-512:	CDFEA4620EEC70CC34C7A15A81BC75A9549D5D66755EA332701C4CB3105305AEC563D18DA7F11ED4C6F13C6A001968A1B6755F987709D64AC202ADAB52868D2F
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/metlPQbcsgsGldn5bJXm86AwhehBEosXGFuF_Yb5m9ub2M3Hp5-1Kc72ISMCKnCIS44=s64-rw
Preview:	RIFF. ..WEBPVP8X........?..?..VP8L. ../?...M(l.M.V..7........j......q..8..c`..$}...H..X...0d2.q0.m;.M......*...%..#I.M......_Y.m...2.l.M;P.\....\|..-.K.....@.2'....g......J.D....1.....H...._.X..`......I@..p....T.}.0.../.9.]k..9....'..Y...........{ D..P..D.k.....m.:.u?/.8)m.;.X.Ie.v:....6_=..._~...~$.Vm...r.m.b..y-m.d.K_A@m...f...Pdf.[.<.\}..j.#.j..k...~.................?L.C1...gA...qr.J,.m!.PU...v.C5.>&..\..zQQt..(r...........I....T....L...xm...m.m.wc...hw.33"~....e...C.........zPc.}_..7..G.6N...g.]..9.......m.!.....u.U.].M&N...c.m.m..g....&.d.....:Ca.6...[.D,w....n..t..t."&P.d...HRZ j......!...eA...{.]?.N.....X`7v:...C?..8..^Km....Q..c..Mos.\.V.O..ON.p......."........Y......T0J......)jj..:....YH.\|...f...}Nh.c.&.y..n......I.u....\.B8.Ma....R...9.....S...VLe.R.K.(..$. .$.$.Q.m....Ro..81.M...2S.m8..U+.:...~s..=.....p.......D3..2.....'lY\|..D..=......0Q..U...H[k.?T^A:..tK...<.... ..X$!... ...\..L..W.2.}...I...R...O...Q.%VpfF.........

Chrome Cache Entry: 400

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Category:	downloaded
Size (bytes):	77160
Entropy (8bit):	7.996509451516447
Encrypted:	true
SSDEEP:	1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2
MD5:	AF7AE505A9EED503F8B8E6982036873E
SHA1:	D6F48CBA7D076FB6F2FD6BA993A75B9DC1ECBF0C
SHA-256:	2ADEFCBC041E7D18FCF2D417879DC5A09997AA64D675B7A3C4B6CE33DA13F3FE
SHA-512:	838FEFDBC14901F41EDF995A78FDAC55764CD4912CCB734B8BEA4909194582904D8F2AFDF2B6C428667912CE4D65681A1044D045D1BC6DE2B14113F0315FC892
Malicious:	false
Reputation:	low
URL:	https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Preview:	wOF2......-h..........-.........................?FFTM.. .`..r.....(..X.6.$..p..... .....u[R.rGa......'.=.:..&..=r........].t..E.n.......1F...@....\|....f.m.`.$..@d[BQ.$([U<+(..@P.5..`....>.P..;.(..1..l..h...)..Yy..Ji......\|%..^..G..3..n........D..p\Yr .L.P.....t.)......6R.^"S.L~.YR.CXR...4...F.y\[..7n..\|.s.q..M..%K......,.....L.t.'....M.,..c..+b....O.s.^.$...z...m...h&gb...v.....'..6.:....s.m.b.1.m0"....*V.....c.$,0ATPT.1.....<..;...`..'.H.?.s.:..ND.....I..$..T..[..b4........,....bl6...IL.i}.&.4.m,'....#....Rw..bu..,K......v....m_-...\H....HH.......?...m..9P...)9.J..$.....8......~.;.r..n.=$.....Nddn.!'....;...8..'.N...!.-..J.........X.=.,......"`:....... {......K!'...-FH....#$~.Z_.......N5VU8F....%.P..........Cp..$.Q.......r.....k.k...3...:R.%....2{.....h%.)8..........ILK.6v.#......,;.6..N.2.hv...........OO..t#....xT..Bf....q^.#....?{.5b.I..%-WZ..b.A...^.1..n5.....NQ.Y'.........S.....!t" .`b3..%....35....fv;....l..9.:jgf?gr..p.x. ..\|.. $. e.

Chrome Cache Entry: 401

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52834)
Category:	downloaded
Size (bytes):	214014
Entropy (8bit):	5.3853892910778205
Encrypted:	false
SSDEEP:	1536:CEMFv9d3wWLstPIEovvdQfaPvQmfIiBSQZWc1APF3SDRns71iMw8F6Oum19udpzc:PMF73wIvLvLwDXYn6L9C/G89Y357l
MD5:	47A613FEC437F71720191924AC52D232
SHA1:	91E49EDCFEBF05FC6DFA093A4916E2042EAC79EE
SHA-256:	276C100B1E1135C3BD5B90CDF345F90F824142AF054CB72AD47C01173FD98D75
SHA-512:	64A844A336818AE4F1BC66F6F6B1F7B39CE1F5680AA1A7962D056ECF71FF2FFD11C1347CBE498F61B8CB45C4FFDB0221DE4CB414C5630E1A0DEE44CFB5B859A0
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/k8FLSg14O7c.js
Preview:	;/FB_PKG_DELIM/..__d("IntlCLDRNumberType01",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){return c("IntlVariations").NUMBER_OTHER}};b=a;g["default"]=b}),98);.__d("IntlCLDRNumberType03",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){if(a===0\|\|a===1)return c("IntlVariations").NUMBER_ONE;else return c("IntlVariations").NUMBER_OTHER}};b=a;g["default"]=b}),98);.__d("IntlCLDRNumberType09",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){if(a===1)return c("IntlVariations").NUMBER_ONE;else return c("IntlVariations").NUMBER_OTHER}};b=a;g["default"]=b}),98);.__d("IntlCLDRNumberType34",["IntlVariations"],(function(a,b,c,d,e,f,g){"use strict";a={getVariation:function(a){if(a===0)return c("IntlVariations").NUMBER_ZERO;else if(a===1)return c("IntlVariations").NUMBER_ONE;else if(a===2)return c("IntlVariations").NUMBER_TWO;else if(a%100>=3&&a%100<=10)return c("IntlVariations").NUMBER_FEW;

Chrome Cache Entry: 402

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (706)
Category:	dropped
Size (bytes):	3405
Entropy (8bit):	5.583924601098915
Encrypted:	false
SSDEEP:	96:kwLTDcB3eTH54uJ6jKwYtI1XLzh48eLlL0aivFZUl:BTDcpkAxo07C
MD5:	B238F13B364AFCD920425068B4ADA921
SHA1:	CB2BCD580203FB5C1F42F8ECD4F5A9163048A995
SHA-256:	0586A7F5F7EFED98BBAA46C7AA9B7E7E3152CFC515D6846C4BF6EA3E1BB4930B
SHA-512:	BBC2CA46DB574C1FE6D0388368414386AF3E6FC15E74132E3B7C28C8EDCA6C9BB2DA55D780365EE5A9696842877EB42DA8CF4BC1AA7DC9B8161CBF4119F38A87
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("Wt6vjf");.var vdb=class extends _.z{constructor(a){super(a,0,vdb.ke)}rc(){return _.dh(this,1)}mf(a){return _.zh(this,1,a)}};vdb.ke="f.bo";var wdb=function(a){a.gI&&(window.clearTimeout(a.gI),a.gI=0)},xdb=function(a){const b=_.ZK.get(window.location.protocol=="https:"?"SAPISID":"APISID","");a.GG=a.JE!==""&&b==="";a.AO=a.JE!=b;a.JE=b},zdb=function(a){a.Xz=!0;const b=ydb(a);let c="rt=r&f_uid="+encodeURIComponent(String(a.YI));_.Ek(b,(0,_.Ze)(a.N,a),"POST",c)},RL=function(a){if(a.uM\|\|a.Xz)wdb(a),a.gI=window.setTimeout((0,_.Ze)(a.H,a),Math.max(3,a.PE)1E3)},ydb=function(a){const b=new _.Yn(a.CV);a.QJ!=null&&_.jo(b,"authuser",a.QJ);return b},.Adb=function(a){a.GG\|\|(a.Xz=!0,a.PE=Math.min((a.PE\|\|3)2,60),RL(a))},Bdb=class extends _.Vj{wd(){this.uM=!1;wdb(this);super.wd()}H(){xdb(this);if(this.Xz)return zdb(this),!1;if(!this.AO)return RL(this),!0;this.dispatchEvent("p");if(!this.YI)return

Chrome Cache Entry: 403

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2707)
Category:	dropped
Size (bytes):	18125
Entropy (8bit):	5.500820034723111
Encrypted:	false
SSDEEP:	384:2p5wewk9PjDr88sZIepIFzTbeQtzX3JmFHWMC1KjIXh:2p5wRgsZIe+hTbxHgFHtAKj+
MD5:	D24EBDF42C673FB29789B1F998DC5DB3
SHA1:	C23F6ADAA2521D9C80C06C3F0FFFEE3336E641BF
SHA-256:	BDE17F0A43479D9B8654D9FB24C694C63443A5B9D8FC954820DB4DD2A5066264
SHA-512:	6BAC6FF49E3D082D863AB558530BED7B6EB24742094CF9B80075DC58D2C11D3D4DCCB833AA0DA9A458236E784405CB2674D9270428E1E5B22A0D801D69D42A88
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("ChatFilter",["$InternalEnum","gkx"],(function(a,b,c,d,e,f,g){"use strict";var h=b("$InternalEnum")({DRAFT:"draft",FOLDERS:"folders",RECENT:"recent",UNREAD:"unread",ALL:"all",GROUPS:"groups",NAMED:"named",UNNAMED:"unnamed",WORK_UNSYNCED_CHAT:"WORK_UNSYNCED_CHAT",WORKROOMS_ONLY:"WORKROOMS_ONLY"});a=function(){return[h.UNREAD,h.DRAFT]};d=function(a){return a===h.UNREAD\|\|a===h.DRAFT\|\|c("gkx")("24511")&&!c("gkx")("24512")&&a===h.FOLDERS\|\|c("gkx")("24512")&&a===h.RECENT};g.ChatFilter=h;g.getSupportedFilters=a;g.isSupportedFilter=d}),98);.__d("ContextualLayer.react",["ContextualLayer","ReactBrowserEventEmitter_DO_NOT_USE","ReactDOM_DEPRECATED","ReactLayer","Style","prop-types","react","warning"],(function(a,b,c,d,e,f){var g,h=g\|\|b("react");a=b("ReactLayer").createClass({propTypes:{contextRef:b("prop-types").func,excludeFromHeroVC:b("prop-types").bool,context:function(a,b,c){if(a.context==null==(a.contextRef==null))return new Error("Exactly one of `context` or `contextR

Chrome Cache Entry: 404

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	835
Entropy (8bit):	5.1223932389292655
Encrypted:	false
SSDEEP:	24:D76bBSDFvVdGUF+fWlp9CkXXW/clctloFHMZeKsf:H8uNAwlpJmicnosk5
MD5:	A88ECA42083170AF225E964720471609
SHA1:	B73B59A702C62AD43B7617FDD627693C5240C659
SHA-256:	88995CCAA41E5467D559C0BE6C5D61FC5A49DE7E194861AC9EED559A5B4FB6F7
SHA-512:	21217F9BB3CA7F8D735448BFC4C3E3AA277B13B4BC1127AD5F406E84E00847F902533C45F145D1C050075EAF8FB249121C96A27CD9BF2BD18BE08286CF57D6AB
Malicious:	false
Reputation:	low
Preview:	{. "operatorDeferredUrl": "https://ssl.gstatic.com/support/realtime/operator/1726819261182/operatordeferred_bin_base.js",. "eagerLoadHostnamePattern": "((https://www\\.google\\.com/express)\|(https://www\\.yt-web-green\\.corp\\.youtube\\.com)\|(https://www\\.web-green-qa\\.youtube\\.com)\|(((ads\|adwords)(-.)?\|campaignmanager\|photos-.\|play-.*\|support\|support-content-staging.sandbox\|business\|fi\|.+\\.corp)\\.google\\.))",. "eagerLoadHostnameFlags": "i",. "cbfVersion": 1726819261182,. "screenShareVersion": 1727168469248,. "settings": {. "enable_customer_can_end_chat": true,. "enable_emojis": true,. "mole_show_survey_url_percentage": 100,. "mole_skin_version": 2,. "operatordeferred_report_rpc_events_percentage": 10,. "screenshare_skin_version": 3,. "rms_screen_share_skin_version": 4. }.}.

Chrome Cache Entry: 405

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	12399
Entropy (8bit):	5.04897743893645
Encrypted:	false
SSDEEP:	192:kHdQ6BP/i4GAY/+QEmGbTM0U3Z0w/V+xH:k+6BnYemeYrZ/V+N
MD5:	48625F4127086C12C9DB05064A6BAB03
SHA1:	25FB09D9048D67C7E0CDC6C02BE8F34140A35082
SHA-256:	F6A3220F393767077637471193F95BBDE06A0928B0FE5FDA70A0AA01CD2CB7B0
SHA-512:	C3DA20D49FC76D47DF892F531090459F58BBA3B68FF901756667F924575C8FFB5058BA215B2FB0CD979A0500F0C7C1E860C052646CE0C4170B2A72FACE50C96C
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/css/flags.css
Preview:	/. World Flags. ---------------------. @desc: Css Sprite World Flags. @author: Alan Museljic. @twitter: https://www.twitter.com/_uloga. @source: http://www.decorator.io/worldflags. @copyright: Alan Museljic. @licence: MIT.\--------------------------------------------/../* flags 32x32 /.[class^="f32_"],.[class=" f32_"] {. background: url("flags32.png") no-repeat 0 0 transparent; . width: 32px;. height: 22px;. line-height: 26px;. vertical-align: middle;. display: inline-block;.}..f32_abkhazia{background-position:0px -6px}..f32_afghanistan{background-position:0px -38px}..f32_aland{background-position:0px -70px}..f32_albania{background-position:0px -102px}..f32_algeria{background-position:0px -134px}..f32_american_samoa{background-position:0px -166px}..f32_andorra{background-position:0px -198px}..f32_angola{background-position:0px -230px}..f32_anguilla{background-position:0px -262px}..f32_antigua_and_barbuda{background-position:0px -294px}..f32_argentina{backg

Chrome Cache Entry: 406

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24274), with no line terminators
Category:	dropped
Size (bytes):	24274
Entropy (8bit):	5.439783303384432
Encrypted:	false
SSDEEP:	384:Z6z7ifcDKuDiEB1UDUUeaFV/bSEP4w6bRtZJvW28ZCTUAX+ffSWbs0T:Y7ifcD3NE3ea/Y5h/8ZarOfTX
MD5:	E1AE1E8E526E50AC4D8CE91396726097
SHA1:	B125326B96E78802A1AEC6AEBBD69C10266FA9FA
SHA-256:	BD03B0B6236CB66EB345EF4921D76C8D9BE436EA7CC7C89F9E62163C3E0A4A64
SHA-512:	39A15EBA25DF8FAC9053827E54908531B4916B55916528313692A80EC49BA6EB07064B0F1C5D4082491B0660037AA1A1505DCC02E42E65A21691DE3EB0389B3D
Malicious:	false
Reputation:	low
Preview:	(function(t){var e,n,s=Math.round,r={},i="undefined"!=typeof module&&module.exports,a=/^\/?Date\((\-?\d+)/i,o=/(\-)?(?:(\d)\.)?(\d+)\:(\d+)(?:\:(\d+)\.?(\d{3})?)?/,u=/^(-)?P(?:(?:([0-9,.])Y)?(?:([0-9,.])M)?(?:([0-9,.])D)?(?:T(?:([0-9,.])H)?(?:([0-9,.])M)?(?:([0-9,.])S)?)?\|([0-9,.])W)$/,h=/(\[[^\[]\])\|(\\)?(Mo\|MM?M?M?\|Do\|DDDo\|DD?D?D?\|ddd?d?\|do?\|w[o\|w]?\|W[o\|W]?\|YYYYY\|YYYY\|YY\|gg(ggg?)?\|GG(GGG?)?\|e\|E\|a\|A\|hh?\|HH?\|mm?\|ss?\|S{1,4}\|X\|zz?\|ZZ?\|.)/g,d=/(\[[^\[]\])\|(\\)?(LT\|LL?L?L?\|l{1,4})/g,c=/\d\d?/,f=/\d{1,3}/,l=/\d{3}/,_=/\d{1,4}/,m=/[+\-]?\d{1,6}/,y=/\d+/,p=/[0-9]['a-z\u00A0-\u05FF\u0700-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+\|[\u0600-\u06FF\/]+(\s?[\u0600-\u06FF]+){1,2}/i,g=/Z\|[\+\-]\d\d:?\d\d/i,w=/T/i,M=/[\+\-]?\d+(\.\d{1,3})?/,D=/^\s*\d{4}-(?:(\d\d-\d\d)\|(W\d\d$)\|(W\d\d-\d)\|(\d\d\d))((T\| )(\d\d(:\d\d(:\d\d(\.\d+)?)?)?)?([\+\-]\d\d:?\d\d\|Z)?)?$/,Y=["YYYY-MM-DD","GGGG-[W]WW","GGGG-[W]WW-E","YYYY-DDD"],k=[["HH:mm:ss.SSSS",/(T\| )\d\d:\d\d:\d\d\.\d{1,3}/],["HH:mm:ss",/(T\| )\d\d:\d\d:\d\d/

Chrome Cache Entry: 407

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8857)
Category:	dropped
Size (bytes):	30099
Entropy (8bit):	5.496553665752133
Encrypted:	false
SSDEEP:	384:gh5wGFcEwwAyUx+BSgVB2jynTlvhr/mgLGTkMn8bpd3BzrNnm4OiBi17/lufNfKj:Sfs4B2OSipZB9nm4IlufNyf8fq
MD5:	02996D8D5F07706AC26CDCBC4310D47E
SHA1:	6C2E2DB7DE37581ABB0390DC7A27C499A64D210F
SHA-256:	3A60F9C3AFE375F6618D0A2A331F9558915BB740690D02DA555663B40D978DD9
SHA-512:	739C38906CFE7143FC5A7B8F3A2D8746F444F69BFC2F2E7748F2ED041B0F43B94AAB7F371B678AC0327E3199403E1194A947028E3F7805AC7EDC198E18B2A956
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("bs_caml",[],(function(a,b,c,d,e,f){"use strict";function a(a,b){if(a<b)return-1;else if(a===b)return 0;else return 1}function b(a,b){if(a)if(b)return 0;else return 1;else if(b)return-1;else return 0}function c(a,b){if(a===b)return 0;else if(a<b)return-1;else if(a>b\|\|a===a)return 1;else if(b===b)return-1;else return 0}function d(a,b){if(a===b)return 0;else if(a<b)return-1;else return 1}function e(a,b){if(a)return b;else return a}function g(a,b){if(a<b)return a;else return b}function h(a,b){if(a<b)return a;else return b}function i(a,b){if(a<b)return a;else return b}function j(a,b){if(a<b)return a;else return b}function k(a,b){if(a)return a;else return b}function l(a,b){if(a>b)return a;else return b}function m(a,b){if(a>b)return a;else return b}function n(a,b){if(a>b)return a;else return b}function o(a,b){if(a>b)return a;else return b}function p(a,b){if(a[1]===b[1])return a[0]===b[0];else return!1}function q(a,b){var c=b[0],d=a[0];if(d>c)return!0;else if(d<c)return

Chrome Cache Entry: 408

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	34894
Entropy (8bit):	7.994423410428234
Encrypted:	true
SSDEEP:	768:EPYJOesx5XdbpTd6p0YJe7/1b3S0tVBiPUp:EPReuXdbpp8Je7/BZYPUp
MD5:	D24A12C8A91E0E01E218539081EABFD7
SHA1:	7C58DEEE87037B7D12DED30E6A38050368C92A1B
SHA-256:	43F1DB2A50CD3A785E07C7D30749FFF7E3B2BE961564B6146B47CA3C48267C8C
SHA-512:	0427DDBF59950AF960ABD2B29E1B479C943B70026D78404B3B03D8DCADBBDEC5DBB98B7FE48C93715C37B7D1EDF1A66A12C3EC0DD6DE52DAD45C746B6066EB83
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/FmQqtyc4yebncKY9K97-_fmJJl2jIq82kXB5nJY_xFEcTSHXjmZf1choL9-04ic2aVlx=w526-h296-rw
Preview:	RIFFF...WEBPVP8 :...0......(.>](.E....:.d8..6.V.D#.(../..n..V.....G...7#.w.?.~......^.~_...'....+..././.?.}..\.I.S...#.'.....}.....................#.G.O._x?.?....G.....g...^...?.?..........W./i?...........g.C............f~I~g....3...#...g..o........z#...?..t..~.}........?/.........'.......d...E..............................W.......?..{.....#.........a.-......._..?i>.................U...../...?...................._...??.O.}.y..W.a.REn.M.L....O..Hq...Z.k.&...T..uA..#5.....a..e...u....e....s....;`.C.G.Lj>l..ov.u..5.+..E...mi[..C.\|....l.qs.I.+.?C.v\..9D.:....]........G.+..{ot./.n.@.,.a....Adq=R...L0`.K..7...o9..o..Q.Y=.....;.l.}....\|{)..ri2HA.......j...Q.<..4..7....!b...7:....\.D$..q.6.45..............+.,.8[.q..;q..T..#?..5E..Y.....w\|.{..Z..d..c....~...w.<j.y..94q.\...I.4.d5....3).S. =...w.uF.1,.{...m[-..7.-..&....n....l...@^]:hm.^K.....Ew...Z...Y.mP...X..U..S..`.R$.......t..y...4.F......d...G=..$...\3c.^..h....(...Z.........<N....^P....ie=G....'sJ

Chrome Cache Entry: 409

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	645
Entropy (8bit):	7.631563068517978
Encrypted:	false
SSDEEP:	12:6v/7ihaL0Z6T2rkLv0cLSbLzKlRv+reS0TZPhnv8NuKS8jrRJI1b3g0hfue9:riS+v05bLzK7CmTRhnUTJjk1b3Jhfj
MD5:	EA2722D3B676D5CDD4F7225E65695112
SHA1:	97E5E94CFF5B62F60BA76C7DD9F606304AF8B10C
SHA-256:	317E5FDAA14E548C0045D5E662709CFE0B692E0384A8396CF22054BF0A1E1C48
SHA-512:	BF06CE48B306A0EA13EBC7BE92CB56440DDF1C35C214BA7C164DECFDA6E2E7AAAB31605196D0690BE4FF509404701CA620C504A5EDF0C3E6A12C6FA5A73C78DA
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz....LIDATx.b .<\|...P\|.h(.E.0.....\|.x.......a.....!.....q{.t.U...(.A.g.....w.3,&.s.~..h2.....Ip=..4!..[.................r.p6.R......R.....19]z.......%.E.q..........6".#...9..Y.n.U.ZU.ZMu:.Q:t%..y`<.+.0T6.=.i.0.e..a.f...b.\..Ax..e...K...$7..BAk@.\f..}bG.K....\Nk@.T.ha.+.w.%x.5.....k..OJr...$Gd....,.0....n.{..b........%].....K.....?....f....w....j4...@%p{?...\|>.....hH.h.....r....h..s.J..@X.j..3#h>.`@Xw..l.K.;).c..>....V.b. T....0B.4....%G......a[..P.........G..B"..!...m9rj%.....E.AD...0...!..y``....o.z...1J.FF,..sEr3.s.&....b.m.+.........'.m3(D..{..:..So.Ja..*......#..'....IEND.B`.

Chrome Cache Entry: 410

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11083)
Category:	downloaded
Size (bytes):	79391
Entropy (8bit):	5.454378525863425
Encrypted:	false
SSDEEP:	768:B6tcK8Vd61yOa3lKJS7ZYVE0gkUzXlo/0wtcIvPL0Lga3dnEzvB:B4oV81yOAlZ9gEG/0wtJvPL0Lf29
MD5:	0AA506E4DDE15806A207EAE2C43A78AA
SHA1:	25ABD7618864F3430164623E8A7B0E666F10EEC8
SHA-256:	71DCA919B505E16273C3A1B21FB92B2BB643470EA27FEC26FFFCACDDA8232429
SHA-512:	36006676F6C826B3B13A76BC991CB5F925544CC0674AB0E3525ABE955062C07D2B59F55EAAA165162B4010792BEB28CC58C68682B9F5C6104E674F6276143082
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3i-yL4/yT/l/en_GB/QKEC-rD8FqA.js
Preview:	;/FB_PKG_DELIM/..__d("CometHovercardQueryRendererQuery$Parameters",[],(function(a,b,c,d,e,f){"use strict";a={kind:"PreloadableConcreteRequest",params:{id:"8350576848352954",metadata:{},name:"CometHovercardQueryRendererQuery",operationKind:"query",text:null}};e.exports=a}),null);.__d("CometHovercardQueryRenderer.entrypoint",["CometHovercardQueryRendererQuery$Parameters","JSResourceForInteraction","WebPixelRatio"],(function(a,b,c,d,e,f,g){"use strict";a={getPreloadProps:function(a){var c=a.actionBarRenderLocation,e=a.context,f=a.entityID;a=a.groupID;return{queries:{hovercardQueryReference:{parameters:b("CometHovercardQueryRendererQuery$Parameters"),variables:{actionBarRenderLocation:c,context:e,entityID:f,groupID:a,scale:d("WebPixelRatio").get()}}}}},root:c("JSResourceForInteraction")("CometHovercardQueryRenderer.react").__setRef("CometHovercardQueryRenderer.entrypoint")};g["default"]=a}),98);.__d("BaseHovercardTriggerWrapper.react",["react","stylex"],(function(a,b,c,d,e,f,g){"use stri

Chrome Cache Entry: 412

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 170 x 170, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	51462
Entropy (8bit):	7.992164270607303
Encrypted:	true
SSDEEP:	768:+yFEA7JPNwUDs92r8WFHKT7NG0Zo+C6L93CftdpgcLZhcosRuh2FnLyYdV/Qq:g+PsSzK9G0Zo+DB3CftdpgQhm5dtQq
MD5:	25F2553F56BE6F02B0F0DCE3722B8DBD
SHA1:	ACB4FA840ED572C564E77CAF97E9FBE3A495EE7B
SHA-256:	48A4133A202C1CD7E67149ABE70CE3207BE388983B96CA69B7F70092EB97701B
SHA-512:	23FACC250F60D290DCE5E8C8808BBDFDAE0F46A986F623F2604ED7266D145861AB80624A79111E1211BA1E9CF06419DEB75AFE7EEFF6ABFF771A7FF8EA6CD55A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............=v.....IDATx....%Wy..;.T.M.'..0...(#...`...h..5.....a..[{.....Yl.N..u".Dc2H ..%...H..&wOwO....~..R3..=..3......{..._...^.\.Ws@....EV. ..8Y..t.T..S..@.R.:.B.8..<D..s..}7. ..p..&..m..=...n..A.-.....PA."...,(.\|;...O...{=.....]..(..?9..z.u.8....u.c.g;...A..u....?...\|..!].\...vR.b.C..U..n8....Q............S.c..9..,..a..H.`..l...\.n.).-..c@+).Q....W....R.N@DyH.......U....(..K.....!I.2..'\.9L.e....l.Y.....p...Q.:s.j\|54ZT.J..R..5....K..L...:.s........<.j..._.>.3.._E....W.z....!-._...Sl...W...9.....b...x..{.. ......k..B....\.......h;...d.Uo...#..... .\|.....k`.Z..........B.!....o...]......LO....w..C.6.^t.}.._.( K-..N..W.T.m..RRu..e..R..Q.U......<......_H....m....)....o....P.<....83...=>...C..a.....a..P....X)....~...W...4.5W..ce..(.E9......t.....A.....=%.....~...S.......B....W/.....O<I.].Mz...N....-.0..~.cv....S.....ld..C;..8.<\|....>.v.8j.....JF.....C?E.k...D&...`x5z.n....Z...w'.8.......A}.BZ.mU..2P...

Chrome Cache Entry: 413

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28115)
Category:	downloaded
Size (bytes):	1191591
Entropy (8bit):	5.700951802231328
Encrypted:	false
SSDEEP:	24576:pg67ycrfRFGB6Zy30mFi4KjOttTzTobNfT/f+M20GsjG57dxlkdGlmucouYsYm+W:pg67ycrfRFGB6Zy30mFi4KjOttTzTobH
MD5:	A3DCBC24F61BF50B9A3B55DA8AB80C91
SHA1:	C13AEA581A0B32BF06311869E27805D23CC617E8
SHA-256:	44479F67E56C9DE176929BF8B5C2CF7083CFCADAFB8ECC1692B160ECD7CD423E
SHA-512:	540F040940F7F400461933A9896CA4146A6D356DBA679B183CF3E1EDC4001D50F9D41E919FC0D20B7B34055383E9C3F47E855B8A8B25ECDF8327CBBE663DEB90
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,WO9ee,mI3LFb,m9oV,z5Gxfe,ArluEf,IcVnM,fl2Zj,vrGZEc,wW2D8b,j9sf1,LCkxpb,kr6Nlf,O6y8ed,PrPYRd,MpJwZc,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,pYCIec,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,mdR7q,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,QIhFr,ovKuLd,hKSk3e,yDVVkb,hc6Ubd,SpsfSb,ebZ3mb,Z5uLle,BBI74,ZDZcre,MdUzUe,A7fCU,zbML3c,zr1jrb,Uas9Hd,pjICDe"
Preview:	"use strict";_F_installCss(".EDId0c{position:relative}.nhh4Ic{position:absolute;left:0;right:0;top:0;z-index:1;pointer-events:none}.nhh4Ic[data-state=snapping],.nhh4Ic[data-state=cancelled]{transition:transform 200ms}.MGUFnf{display:block;width:28px;height:28px;padding:15px;margin:0 auto;transform:scale(0.7);background-color:#fafafa;border:1px solid #e0e0e0;border-radius:50%;box-shadow:0 2px 2px 0 rgba(0,0,0,.2);transition:opacity 400ms}.nhh4Ic[data-state=resting] .MGUFnf,.nhh4Ic[data-state=cooldown] .MGUFnf{transform:scale(0);transition:transform 150ms}.nhh4Ic .LLCa0e{stroke-width:3.6px;transform:translateZ(1px)}.nhh4Ic[data-past-threshold=false] .LLCa0e{opacity:.3}.rOhAxb{fill:#4285f4;stroke:#4285f4}.A6UUqe{display:none;stroke-width:3px;width:28px;height:28px}.tbcVO{width:28px;height:28px}.bQ7oke{position:absolute;width:0;height:0;overflow:hidden}.A6UUqe.qs41qe{animation-name:quantumWizSpinnerRotate;animation-duration:1568.63ms;animation-iteration-count:infinite;animation-timing-func

Chrome Cache Entry: 414

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (4269)
Category:	downloaded
Size (bytes):	37836
Entropy (8bit):	5.440898121164512
Encrypted:	false
SSDEEP:	768:4gTB4WBzWIw4f0EW/zfz1X+HRBx5AENfWVz39+:R7+4cEMZXENfWV4
MD5:	2E20969B2BF0050EC093713CFBE42478
SHA1:	6689F2CDE01BB7398555F6EC214EAF286CF93948
SHA-256:	E0DA5DA80B21035811B7B7ADC731688D4C639DEF6C216A756646BDE481BA3CF3
SHA-512:	C1877464EB57BC605306B27B0081FFD9F78E55D6D5EE6C7715C7325B93E5CC0AEE24AE7DB68129F1CC8B8CBA4C6B5CE1A5D2421345AD7F7262B5EA089824DAC0
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/3Ep-a1p_5T8.js
Preview:	;/FB_PKG_DELIM/..__d("Banzai",["cr:7383"],(function(a,b,c,d,e,f,g){g["default"]=b("cr:7383")}),98);.__d("BasicVector",[],(function(a,b,c,d,e,f){a=function(){function a(a,b){this.x=a,this.y=b}var b=a.prototype;b.derive=function(b,c){return new a(b,c)};b.toString=function(){return"("+this.x+", "+this.y+")"};b.add=function(a,b){b===void 0&&(b=a.y,a=a.x);a=parseFloat(a);b=parseFloat(b);return this.derive(this.x+a,this.y+b)};b.mul=function(a,b){b===void 0&&(b=a);return this.derive(this.xa,this.yb)};b.div=function(a,b){b===void 0&&(b=a);return this.derive(this.x1/a,this.y1/b)};b.sub=function(a,b){if(arguments.length===1)return this.add(a.mul(-1));else return this.add(-a,-b)};b.distanceTo=function(a){return this.sub(a).magnitude()};b.magnitude=function(){return Math.sqrt(this.xthis.x+this.ythis.y)};b.rotate=function(a){return this.derive(this.xMath.cos(a)-this.yMath.sin(a),this.xMath.sin(a)+this.yMath.cos(a))};return a}();f["default"]=a}),66);.__d("ClientServiceWorkerMessage",[],(

Chrome Cache Entry: 415

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1887), with no line terminators
Category:	dropped
Size (bytes):	1887
Entropy (8bit):	4.999154685427076
Encrypted:	false
SSDEEP:	48:t/hPoBQVTk0RCFGZgli29SIP94sXrwdUbVpOEQVc0Ucn3pRH:tpPoBQVTjyGZYizUhQV5f
MD5:	535F3C6F7015DBAE9E6B2A4987192E2B
SHA1:	E356DDAC477467B6D240894078FE01320BDFA950
SHA-256:	250E11FDF553A784636F5A080FCD88F11F15E8D892C95BE88DFC391C515662CA
SHA-512:	61066059F1596CA2DE2D85471D021C72B8BE2909E2B385F413B450EF4445CC7872654032E57F19E7AF3E9A29E99BC2802B02313A7E639BE09A54DEE0FF02F151
Malicious:	false
Reputation:	low
Preview:	"use strict";!function(n){n(document).ready(function(){n("#paymentChannelSuggestionLink").click(function(e){n("#paymentChannelSuggestionModal").show(),n("#overlay").show()}),n("#btnIconClose").click(function(){n("#paymentChannelSuggestionModal").hide(),n("#overlay").hide()}),n("#paymentChannelSuggestionValue").keyup(function(){n("#paymentChannelSuggestionErrorMsg").html(""),n("#paymentChannelSuggestionErrorMsgDiv").hide()}),n("#paymentChannelSuggestionForm").submit(function(e){var t=n("#paymentChannelSuggestionCountry").val().trim(),a=n("#paymentChannelSuggestionValue").val().trim(),o=n("#g-recaptcha-response").val().trim();if(!a\|\|0===a.length)return n("#paymentChannelSuggestionErrorMsg").html(CODA.Shop.translation.paymentChannelSuggestionRequired?CODA.Shop.translation.paymentChannelSuggestionRequired:"Field cannot be empty."),n("#paymentChannelSuggestionErrorMsgDiv").show(),!1;if(!o\|\|0===o.length)return n("#paymentChannelSuggestionErrorMsg").html(CODA.Shop.translation.paymentChannelSu

Chrome Cache Entry: 416

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	low
URL:	http://www.card.xn--6qq986b3xl/international
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 417

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10570)
Category:	dropped
Size (bytes):	78472
Entropy (8bit):	5.411343661420377
Encrypted:	false
SSDEEP:	768:zYsXjygLW+gZu1lnvJkp0FyQBOuLuoqof6NC6D++5IG3PgUkEMkm5:UsXGdZmB1Ztvg3gn
MD5:	C97389663DAAF8E36A7C1A44E4C3BBF5
SHA1:	C4B5D25ACE3FFBC2547AF5EB8DC10D0CFA543E47
SHA-256:	2DCFC98F13880AFD3E9245A8B372C51D5661061A614FDFCE33EF15C5648D1B82
SHA-512:	92D2B87D1955449E1D1B8104660828812FA009F456D44933F093D665DC1000EDC8E08E9F5B42EA64FE68EB1E1F4D33E430A658C0F8142E806A125BB575DD8F2D
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("CenteredContainer.react",["cx","joinClasses","react"],(function(a,b,c,d,e,f,g,h){var i,j=i\|\|d("react");a=function(a){babelHelpers.inheritsLoose(b,a);function b(){return a.apply(this,arguments)\|\|this}var d=b.prototype;d.render=function(){var a=this.props,b=a.fullHeight,d=a.horizontal,e=a.vertical;a=babelHelpers.objectWithoutPropertiesLoose(a,["fullHeight","horizontal","vertical"]);e=(e?"_3bwv":"")+(d?" _3bww":"");d=j.Children.map(this.props.children,function(a){return j.jsx("div",{className:"_3bwx",children:a})});b=c("joinClasses")(this.props.className,b?"_5bpf":"");return j.jsx("div",babelHelpers["extends"]({},a,{className:b,children:j.jsx("div",{className:e,children:j.jsx("div",{className:"_3bwy",children:d})})}))};return b}(j.Component);a.defaultProps={fullHeight:!1,vertical:!1,horizontal:!0};g["default"]=a}),98);.__d("ChromeExtensionInstallError",[],(function(a,b,c,d,e,f){"use strict";a=function(a){babelHelpers.inheritsLoose(b,a);function b(b,c,d){var e;e=a.c

Chrome Cache Entry: 418

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (960), with no line terminators
Category:	downloaded
Size (bytes):	960
Entropy (8bit):	4.954516252316818
Encrypted:	false
SSDEEP:	12:x9LCIx/zWUy4sArRQGvQIfRc53t4a21rPXDt84DVEJuJzPs+nuYUgNt4w:vCuQGvQIfRWOz1rbXVIg71nuxgNOw
MD5:	662B8F1B5F919912C1DF4B367BFF2CC1
SHA1:	2BE016AC1842CCD1C46F24F3908E0567916B3857
SHA-256:	649336097B307D0D03ECF4B5625F62576CED687E627233BF62F73EA4C1375395
SHA-512:	A6A1FC1127CD4627758C0FB3814E7E1393F29F422BF91DD16CCC5F400E863E9E1AA61D08408CB089183AA7E329F7B52BF38C75BEADF3DBACFB87A420FBDD2AB0
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/mobile/css/infoBar.662b8f1b5f.css
Preview:	.promo-bar{background:#385072;color:#fff}.alert-bar{background:#F4E3B2;color:#333}.notification-bar{text-align:center;padding:15px;display:flex;flex-direction:row;justify-content:space-between;font-size:16px;position:relative;margin:auto;max-width:1280px}.notification-content{width:100%;padding:0 20px;font-family:Lato-Regular,sans-serif}.close-btn{cursor:pointer;position:absolute;right:5px;top:0;bottom:0;margin:auto;width:34px;height:34px}.close-btn::after,.close-btn::before{content:'';display:block;width:14px;height:3px;background-color:#333;border-radius:6px;position:absolute;left:0;right:0;top:0;bottom:0;margin:auto}.promo-bar .close-btn::after,.promo-bar .close-btn::before{background-color:#fff}.close-btn::before{transform:rotate(45deg)}.close-btn::after{transform:rotate(-45deg)}@media screen and (min-width:767px){.notification-bar{font-size:20px}.theme-page--product-page .close-btn{right:15px}.close-btn::after,.close-btn::before{width:16px}}

Chrome Cache Entry: 419

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1887), with no line terminators
Category:	downloaded
Size (bytes):	1887
Entropy (8bit):	4.999154685427076
Encrypted:	false
SSDEEP:	48:t/hPoBQVTk0RCFGZgli29SIP94sXrwdUbVpOEQVc0Ucn3pRH:tpPoBQVTjyGZYizUhQV5f
MD5:	535F3C6F7015DBAE9E6B2A4987192E2B
SHA1:	E356DDAC477467B6D240894078FE01320BDFA950
SHA-256:	250E11FDF553A784636F5A080FCD88F11F15E8D892C95BE88DFC391C515662CA
SHA-512:	61066059F1596CA2DE2D85471D021C72B8BE2909E2B385F413B450EF4445CC7872654032E57F19E7AF3E9A29E99BC2802B02313A7E639BE09A54DEE0FF02F151
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/js/payment-channel-suggestion.535f3c6f70.js
Preview:	"use strict";!function(n){n(document).ready(function(){n("#paymentChannelSuggestionLink").click(function(e){n("#paymentChannelSuggestionModal").show(),n("#overlay").show()}),n("#btnIconClose").click(function(){n("#paymentChannelSuggestionModal").hide(),n("#overlay").hide()}),n("#paymentChannelSuggestionValue").keyup(function(){n("#paymentChannelSuggestionErrorMsg").html(""),n("#paymentChannelSuggestionErrorMsgDiv").hide()}),n("#paymentChannelSuggestionForm").submit(function(e){var t=n("#paymentChannelSuggestionCountry").val().trim(),a=n("#paymentChannelSuggestionValue").val().trim(),o=n("#g-recaptcha-response").val().trim();if(!a\|\|0===a.length)return n("#paymentChannelSuggestionErrorMsg").html(CODA.Shop.translation.paymentChannelSuggestionRequired?CODA.Shop.translation.paymentChannelSuggestionRequired:"Field cannot be empty."),n("#paymentChannelSuggestionErrorMsgDiv").show(),!1;if(!o\|\|0===o.length)return n("#paymentChannelSuggestionErrorMsg").html(CODA.Shop.translation.paymentChannelSu

Chrome Cache Entry: 420

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 36, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	185
Entropy (8bit):	5.9780303893393345
Encrypted:	false
SSDEEP:	3:yionv//thPlSYLl+1IHCRsHrXLRa+dn/23rIIGU5thNnkncm3w4qtmkW7PXl0VMa:6v/lhP0YLkyymvVGtjnUnRq0kW7N0xVp
MD5:	07505E9DAC6DD922116F038EB58C9B88
SHA1:	4DAB9005E4603F76A6FAD92FE78FB9C92D05B62F
SHA-256:	C4DB75F643BB4DD47E39A9601FCC0A14621B588D5E4EBE987EE4828120BDE791
SHA-512:	5A94B97148037E9A25AF768AF67A1AD5D4959E5D5C216DC5353FB159630302A74A990CCA20F787C024C6B7229A12920B287A88A4063514FBA534E7D1DB094C11
Malicious:	false
Reputation:	low
URL:	https://ssl.gstatic.com/store/images/regionflags/us.png
Preview:	.PNG........IHDR...0...$.....=k.9....PLTE"u.#t."s..OO.PP.OO.........o.......tRNSJ....J..J.j.\...DIDATx.c`T..ec$.. .].A...1..Z..!..%p.A....H...0......*.....]...Qp...al.....IEND.B`.

Chrome Cache Entry: 421

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	78840
Entropy (8bit):	6.022413301778022
Encrypted:	false
SSDEEP:	1536:OfGNbFoZJSUYOOaLnAW8+IcTOIlbuhXwW4nxM:mGRFauOxLA/+IcTOjX/
MD5:	0CA290F7801B0434CFE66A0F300A324C
SHA1:	0891B431E5F2671A211DDD8F03ACF1D07792F076
SHA-256:	0C613DC5F9E10DFF735C7A102433381C97B89C4A26CE26C78D9FFAD1ADDDC528
SHA-512:	AF70C75F30B08D731042C45091681B55E398EA6E6D96189BC9935CE25584A57240C678FF44C0C0428F93BF1F6A504E0558BC63F233D66D1B9A5B477BA1EF1533
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/styles__ltr.css
Preview:	.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A/6C9p5MAAHq9SURBVHja7Z15fFTl9f/fd9ZM9n1PgCyEXSSRNYKCgAuiIipuVSuudavV1tq6W/WrtnWrrZbWDZUqUqUoCoIEQhBI2JesELKvM9mTWe7c3x83d5xAlkky8fv92ft5vfKC19znOWfuZ571POc5B1SoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKHifwGCRqsTNFrdj6VPq9XqtNofT9+wvutQyEyad8t9IaPPntFUd

Chrome Cache Entry: 422

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7283)
Category:	downloaded
Size (bytes):	22014
Entropy (8bit):	5.373845925748574
Encrypted:	false
SSDEEP:	384:KZ5Lm8h8SZ5wm8yZ5wm8gHsrIHpABEMaLltCFiNit:KZ59h8SZ5CyZ5CgHs0HpABSltCd
MD5:	DE4AC9EDBD2D6F182743AA413F0F4409
SHA1:	952B9E99521F1398FCE18F8579090E49E1FFA85A
SHA-256:	78B2DD607705792E2E47BCC48335D97C2A61B1C379D7A8E70EC7B1053D135ECF
SHA-512:	7380AD3CCA91A817DEE09DDBC2D8730C7BE5BABE7EACF058656612C60548D4D2F29E42566ED5CEFC0840544A97C81CB7AED47169724F0B5AF054FA3F8988D706
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/1mwUNpO6Gzi.js
Preview:	;/FB_PKG_DELIM/..__d("LSAppendDataTraceAddon",[],(function(a,b,c,d,e,f){function a(){var a=arguments,b=a[a.length-1],c=[],d=[];return b.sequence([function(d){return c[0]=b.i64.of_float(Date.now()),b.db.table(154).add({addonId:void 0,traceId:a[0],timestampMs:c[0],checkPointId:a[1],syncChannel:a[2],errorMessage:a[3],tags:a[4]})},function(a){return b.resolve(d)}])}a.__sproc_name__="LSDataTraceAppendDataTraceAddonStoredProcedure";e.exports=a}),null);.__d("LSArrayGetObjectAt",["I64","Promise"],(function(a,b,c,d,e,f,g){"use strict";var h,i;function a(a,c,e,f){return(i\|\|(i=b("Promise"))).resolve([e[(h\|\|(h=d("I64"))).to_int32(f)],e])}g.call=a}),98);.__d("LSDeleteThenInsertMessageRequest",[],(function(a,b,c,d,e,f){function a(){var a=arguments,b=a[a.length-1],c=[];return b.sequence([function(c){return b.db.table(34).put({threadKey:a[0],messageRequestStatus:a[2]})},function(a){return b.resolve(c)}])}a.__sproc_name__="LSMailboxDeleteThenInsertMessageRequestStoredProcedure";e.exports=a}),null);._

Chrome Cache Entry: 423

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	dropped
Size (bytes):	89476
Entropy (8bit):	5.2896589255084425
Encrypted:	false
SSDEEP:	1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
MD5:	DC5E7F18C8D36AC1D3D4753A87C98D0A
SHA1:	C8E1C8B386DC5B7A9184C763C88D19A346EB3342
SHA-256:	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
SHA-512:	6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
Malicious:	false
Reputation:	low
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

Chrome Cache Entry: 424

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	236
Entropy (8bit):	6.968820977497042
Encrypted:	false
SSDEEP:	6:UAi1Z+eAl66OezH5t3NgVXHLvdY39d5JA7++Pr7b0y/ze5:Ud18RpOeTNUvdYtO++jc8ze5
MD5:	98E526A3A62C5CEAE9B2AFC76A7DEE17
SHA1:	9971683FECD5C2D9CDB376DD8A24660BF81998ED
SHA-256:	1FDCB9D4C640E231358D6C5FD570AB117750E5C6F3241023B253117AAE9BD301
SHA-512:	E39DEDB7240D3DC7D6800113129C9B7FFF53D22380FEDBAA0E400827B8438710B08F66FE8BF6FF26A7D6D0E6190C647E66E5F54070850EFF35A4A48499B54CE3
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/a/ACg8ocJeUEY0r1lY88LZXQ4hyNO_-eGwKnex-CZfiNYD0aLUxQI0Uw=s32-rw-mo
Preview:	RIFF....WEBPVP8 .........* . .>m*.E."....@...X..=.&..^D@/.....a;\...o~Q{...._.P.,YU.b_=E:..r..Zl......#.d......f..7.\|.RN^.[.._.\|.-W.Z...z.L.7.......zoDy.......}.H..u.8.@V.....B.....+yII.~.c%[B~..O..-~..6..,(.q).%..K.4H......

Chrome Cache Entry: 425

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 34108, version 1.0
Category:	downloaded
Size (bytes):	34108
Entropy (8bit):	7.993096562158293
Encrypted:	true
SSDEEP:	768:xDa3S2Rdcc3/k1/3Sr8dgfqHwQGMIto3/fIpos4GbtJzxn:xu3SQ3e/3S43TUtoP4Ftn
MD5:	C15D33A9508923BE839D315A999AB9C7
SHA1:	D17F6E786A1464E13D4EC8E842F4EB121B103842
SHA-256:	65C99D3B9F1A1B905046E30D00A97F2D4D605E565C32917E7A89A35926E04B98
SHA-512:	959490E7AE26D4821170482D302E8772DD641FFBBE08CFEE47F3AA2D7B1126DCCD6DEC5F1448CA71A4A8602981966EF8790AE0077429857367A33718B5097D06
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Preview:	wOF2.......<..........................................\..4?HVAR.t.`?STAT..'...J/<.....`..(..Z.0..,.6.$.... ..B..K..[.h...c.....nC .../.V.v..6>nT.R...b.8.@.......ON.ch.......k..."..".9..\D...JBJ."T%5...Z2..Q.)wJ...sA.h..m....n..F.....t..ig.=..y.s@............t..j.....n.h(...........N..)9.....v`\|z....8.7..kTq....^.......[.K.O..1ZP.....;.HP.......>..+..j:.V.......A......[.f.l..v`x....F_..vo...e....n...H..X.2.v}...(.1J...x.....}.....5.3.....?..?..7...S..0.9..C.0.M..M9..e.b....bc..b4.0"e.G.....XT....z............E'c.(."...x`].]..e.rQ..ye.z........kFh;....Y.yPt.._Q.._-q..mi.Og.W.-qUI...m5..r.mvA~o....S.f........s..ql.aXD...H..wy.P..k...f$.V^.2...8U{...f.....]]..G..cf.......D.c&B'S.2~..N..........R;..).5...../... 6....b....]d6."C..T..........OI\+V'...E.[.g.u.E....,!F.....*U.q. :x.s..1..C....H..S%..)....h......K..........pw.f...f.......an3....9....@......%.2.c.+........cXD..F...B.....0'...O.z8.B....4...\..&c...H....;..p....@.l...:........L..`...5..xo&.

Chrome Cache Entry: 426

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7249), with no line terminators
Category:	downloaded
Size (bytes):	7249
Entropy (8bit):	5.208816439128352
Encrypted:	false
SSDEEP:	192:lK6+zHt3hKO3EH0qauYLE8OmeEaBvESdUvk4ikVOkrMDhAp:lK6eHZhrEH0qauYLE8OjEgvES+vk4i2V
MD5:	7E1FED6BDFC0657C0DEDC6E6C19553FA
SHA1:	558908AD0BE5BD05F13A8053C6CFDE0341BC6C08
SHA-256:	3674E598BAF27DFCEA3BDDBC29783B85FD74934F69A34920A061139D2149D7EC
SHA-512:	38D414DD52B07449AADBD637E62D6F20A0D41210CB459704AED66C800D96FC1E692B98658F23BB20D79AADD1C948314230F9D25B49BF92F7D1A1ED917F93A8D6
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/common/js/shop-topnav2.7e1fed6bdf.js
Preview:	"use strict";function getCurrentCountry2Name(e){return currentCountry=e.toLowerCase()}function redirectToAllSearchResult(e,t){var r,n=checkCurrentUrl(window.location.origin,"codashop.com"),a=checkCurrentUrl(window.location.origin,"codashop-test-new");$("body").hasClass("theme-page--landing-page")?r=window.location.href+"search?q="+e:$("body").hasClass("theme-page--product-page")?r=n\|\|a?window.location.origin+"/"+t+"/search?q="+e:window.location.origin+"/shop/"+t+"/search?q="+e:$("body").hasClass("theme-page--all-results")&&(r=window.location.origin+window.location.pathname+"?q="+e),window.location.href=r}function searchFieldInputUpdater(){$(".search-input-container--productpage").toggleClass("active"),$(".search-icon").toggleClass("active"),$("#search-keyword").val(""),$("#search-input").val(""),$(".search-result-list").hide().empty(),$(".top-nav--general .search-input-container").slideToggle("fast"),$("#search-keyword").focus(),$("#search-input").focus(),inputKeyword="",matchedResults

Chrome Cache Entry: 427

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	32964
Entropy (8bit):	7.9935503488862425
Encrypted:	true
SSDEEP:	768:MifyXSTpNaWPTbZYOZ/d1gECeEjTfId7+0Gx3gni0TiuatYa3:MiSST2gTLZ/D2jM7w6iEiFtYO
MD5:	8CEBC7FC52C8B250D3F811C5D4F97BD3
SHA1:	D16D2D98D353ADF1370A5EABC38731C93FA3858D
SHA-256:	6B7FE143F75B909062F47101082BA1FDCE1A53279995133120F90D84B545681C
SHA-512:	D10B7CCEAEE2EACA452A058CBF2C860EB70AA083B3FB2D4D8A07B6C9AECEE08E4B2CF5FDA7BE1541A010A130EBA298812E7A67185B447D8AE8D1853FADAABA0F
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/M5V_64F5d7H1jjSpR1rQCHDffGpl0PgyM1bfgSz4n4FzKxXvf4PJKEq2MkiJgeCEFIM=w526-h296-rw
Preview:	RIFF....WEBPVP8 ....0......(.>](.E....6..p..jn-..I......._<..v......O......;.+....s.....=.....2.b...g.....3?....e.........@..........o....z?...~`\|....'.O.O...O.....{........W..............?...K...../.................w..7..`......?...z:......)\|.............w.M...?...\|.._.}.........p....}.......0...........?..._..+..q.}.../....\._.......?..Y...o...?.?7.....-.....G..............o...?..+.....Z.u......._O.....U.................i...w.O............>....w$.....'c.{yU.Y........"....$.}..../4.]..{..fC....-_.......O.gA....Cx1......e..s.:6@....&...R.......<..Z..0?.#....C.....@...&.......T..,.#.c(b.....N.I.....r....>..l.?-.V.w.....QGY...z...#z.G..<..l..K...A .q`..0.!.... '...X...f.#....0U.ok....9..N.".9U.....a........)......,..{.a1...r<..1.>...SSu...`Ub.?=^...c..d.a..:[A.....$L.\|)...6..w,.W.o......D.k....L.*.6.}...a..U..=.W...2..C...kVS.W .......W..Vf.E7.o.3m....p...y..T.B.3.....9...HA.......5n].8..=}T.&.r.b-..}d.......z..Q...K^{M{...Q....{E.X...;LO....P..5.

Chrome Cache Entry: 428

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	7952
Entropy (8bit):	7.968386802988122
Encrypted:	false
SSDEEP:	192:R77qArMUz0oFg7oo/ywB1VBRmfGTqe9KZhdR/G:R77qArX5FMOwnVBtTHY/G
MD5:	D6E1E6E5E6D283E28385FD4D3D73A723
SHA1:	8EE99185991226CC345DCC41C01D5DA0ABEB1C1A
SHA-256:	6B7EFF06FADFAEBDC8B08E3C447A34CEE343F3FA76B5C0866E71244E6EB47DD6
SHA-512:	2E2847CD1F939A9B39C9B28493242414925733696124FEB644D2E6B684BCE8BE9BA348C8BA13BEC6344FF66731E2C3252DB9A5210800953BB91FF0C04E91CED0
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/-NOBBNOtTJ2HI7t9Sy-lx2z9qXaGUI1vCxvB_F737ygDv16b4UY7UqRic0KUwBRy9CA=s64-rw
Preview:	RIFF....WEBPVP8X........?..?..VP8L..../?.....m.IZO...?.;....w4G....O.c.DO.C.:?...d+.........3E .#.V..../...s].[[..IRT..h.<..k....b..D....6....U.....m....#.+.........3~Ebz.....1rL.1M\...y.........I._.qo.Y..x.16.....r...../v.....@,..1[.3333.03......03s..l.(Y.....o`9..7{..T...,..7k.gVUo.n....@...m&y.0.{0.mZ.....UD....x.m..o.m.6.YfZ......s.^...m.$I.....HT.....m{~.m...sm...f.JUDF..}.9.m..3....Ni[...)..a.NJ;.+....c..e.FR.].@z>1.....r...........I.h.....Cp....h....!..Y...H.G..kQ.j..8....l...e...33.......G...s.......c........h....q}=Bt.....#%...,...4..$..j....0.Y.....1..f..3.p.0"V..+....f.L.k&.V`.%..Y3/{.^c..^....&0..!....\...2....b.b....L.g0.!.T.........v.H.{...0.jk.....].yPI5p......z@..t........,m..Tu...t.....i...1......]'h.}..Y..5k.r.zE..5z..}.....N~.[......l.O.........9.H. .F#...S.S2gf.JbF .\|..y...v..wl.5.v...q..?.4....0S....X.....h.2(:.......G.......\|L..\|....I.... .!..../U.Hf.Q.3.v6.n.5.\|.vr....3.... .]...V.%..d......N..E>..W1..B.\/..

Chrome Cache Entry: 429

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1881)
Category:	dropped
Size (bytes):	42032
Entropy (8bit):	5.4396672543265145
Encrypted:	false
SSDEEP:	768:PSKy4A6Ds/WXJ1ybAFSUTufN8IYEmDZomkteZF3xovyVUs20ovENKFGE1Mr/+LVu:sN/W7TufN7HePD2JGE4/+JY7dOXsciZx
MD5:	C13B9A4C39C3D503D3400FC3AABCD6D5
SHA1:	D96A1662B14AB8CCCE4C65EE6895F0307B969889
SHA-256:	CF1ABED5A56B0FCFBC07AE43BE73EB509237EEF856A91D21252DFA76FCC32383
SHA-512:	DF3B9BF54CC39A7EF374B3FAEB6A5718CCF3BAE140DDE138195512B0EAD0A0B61B8F0CDB40B57BFE490EA561A0021A3480A0B54605D102309408A2BA2F0C364D
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.Iqa=function(a){let b=0;for(const c in a)b++;return b};_.Jqa=function(a,b){for(const c in a)if(a[c]==b)return!0;return!1};_.Kqa=function(a){return a.Kh&&typeof a.Kh=="function"?a.Kh():_.da(a)\|\|typeof a==="string"?a.length:_.Iqa(a)};._.Sn=function(a){if(a.Ci&&typeof a.Ci=="function")return a.Ci();if(typeof Map!=="undefined"&&a instanceof Map\|\|typeof Set!=="undefined"&&a instanceof Set)return Array.from(a.values());if(typeof a==="string")return a.split("");if(_.da(a)){for(var b=[],c=a.length,d=0;d<c;d++)b.push(a[d]);return b}return _.Va(a)};._.Lqa=function(a){if(a.tn&&typeof a.tn=="function")return a.tn();if(!a.Ci\|\|typeof a.Ci!="function"){if(typeof Map!=="undefined"&&a instanceof Map)return Array.from(a.keys());if(!(typeof Set!=="undefined"&&a instanceof Set)){if(_.da(a)\|\|typeof a==="string"){var b=[];a=a.length;for(var c=0;c<a;c++)b.push(c);return b}return _.Wa(a)}}};.var Mqa,Nqa,Oqa

Chrome Cache Entry: 430

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 38 x 38, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	802
Entropy (8bit):	6.730321524502597
Encrypted:	false
SSDEEP:	24:GaByyEMDsiaXvDUbVdxQXHoyb9K7HjGY6LMr/:G88MDs9vu3xQXHKCor/
MD5:	20986D3FE0DDAC454B9F46BC34CE8952
SHA1:	DEFB0E4158B8A9576E663B240336A9BBB28D3267
SHA-256:	D7ECE5222547615BCB5066478F209B6A3E7C3B3C88667972E937C8481688EED7
SHA-512:	1254F83A4331002DAB51948F74C680C3BD7B960F9EF034BF606A80BBAE0D8132ECCA0002660988D7F596D715CAFB70FA79FAE749FBC67F9323E12C63E9BFED7A
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S2/content/mobile/images/error-icon.20986d3fe0.png
Preview:	.PNG........IHDR...&...&.............PLTE........+..$..9..3..0..-..+.....,.....,..-..,..+..)../..-.....-..+..+.......-..,..+..+..-..,..+..+..-..,..-..-..,..-..,..,..-..-..,..-..,..+..,..+..-..,..,..+..+..,..+..-..,..,..,..+..,..+..,..,..,..,..,..,..,..,..,..,..,..,..,..,..+..,..,..-..,..,..,..,..,..,..,..,..,..,..,..,y..#...\tRNS............."#$%&(2356789@AMOQSTUWZ[]abcwx{~...............................................M.t=...^IDAT..}..:BQ...?..Q.Y%...c...)....9..>..{[.M...\.=.6.\|....Q..%.T.gCh1r...a4Yx...<.%.X...@+...`&...w.Q.............gp.....)..L...5..,..#.'J..yJop.(m.......-.5T..TL...z`.R......B.Z.V.."..&aMQ[D.Z.V.Z...^.vw.^....P.....f"@.Jq..,Q...E.....Fi..(.c8'...)..9.PD.,..0.......(.w....N.k.F.>...P.B.a 3.?+...a..Y....Gu.Mbglq:.V3%.i.Kl..:.f#.6"^*.My.h?@0W..../....IEND.B`.

Chrome Cache Entry: 431

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 37 x 98, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2056
Entropy (8bit):	6.9826016083365365
Encrypted:	false
SSDEEP:	48:jfOjcCoHnLTeWhZttn4maIfEPgiakcNHWsMDN0b5:jfOjIHLTeWhZ4vVPglk+WsMZ0b5
MD5:	899075C6F382DA673A2B79F4667C5D65
SHA1:	DE68367C0B45DD6A6FD2394B1B39B20C6A02C5EF
SHA-256:	270723E4BED32C21869706BAD0AD8747AA0F17C44E4FD597DB6F8EC356B8DD1B
SHA-512:	4560BCAC7766665AF60EF4AD93511B5AED00D816E5CF5D58315EF9316F0CB222B01AEAC01F673DFBDF028018551E4218204B9D9B08C48B39E15DE82FF15EC696
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/H13roW9YnBf.png
Preview:	.PNG........IHDR...%...b.............PLTEGpL..........u..\|...........................................................z.................................................................................................................................................................................................f...............................................................................................................................................................................................................................UUU......................................................................................................................................................................................................w.....h...........n....................Z..[..E..H..N.................`....Q@....tRNS.......2..,0......0F v.F...*R........$.P(B6X.b^.Lx8.......0iH+..<$V. .Nt..D~.<.jo...@........(.\...&.yW..N:2<>.r...n.4.`2.Z:\|.........h.J\..z...".>......dT...... .f& x&P:.HT..^

Chrome Cache Entry: 432

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	downloaded
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:	768:oHzaMKHBCwsZtisP5XqYofL+qviHOlTjdNoVJDe6VyKaqgYUD0ZTTE8yVfZsk:caMKH125hYiM8O9dNoVJ3N48yVL
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	low
URL:	https://www.google-analytics.com/analytics.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 433

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2283)
Category:	downloaded
Size (bytes):	206819
Entropy (8bit):	5.504897204843881
Encrypted:	false
SSDEEP:	6144:5oNdfTAiHfOBMm6OFrNNyNDVzsMLm6JkrrTBwQ+z4ATWDq/agzTKPyT1477UACsX:5oNdfTAiHfOBMm6OFrNNyNdscjkrrTBN
MD5:	EA30841C103AA706F053368755C17913
SHA1:	F0C5EFFD12204C370BA1E2F2211E7546E37320E5
SHA-256:	C40DFEFF0F0EC1322295523FAA711031A263464AA5B2C813441D88B612B9951E
SHA-512:	43C78248E2543FFCAB2D6BC982728FCC20E0D20B5791F49DF24F5365D838C4A6C251C431960BEE6A15BE41ED424DC2756186A0824D5965FA3803FAAADF014E08
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/excm=_b,_tp,appdetailsview/ed=1/dg=0/wt=2/ujg=1/rs=AB1caFVlevpfvKKyT1wcyG_Y1kne2zlHnw/m=_b,_tp"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x19b747, 0x103eba3, 0x3f00c093, 0x18c1c783, 0x1, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT./.var baa,daa,iaa,kaa,Ia,saa,xaa,zaa,db,gb,Baa,Caa,Daa,Eaa,lb,nb,Gaa,Iaa,Kaa,sb,Naa,Paa,Qaa,Taa,Waa,Yaa,Zaa,cba,fba,$aa,eba,dba,bba,aba,gba,lba,mba,Nb,qba,tba,vba,uba,wba,bc,ac,zba,ic,Dba,Eba,Gba,Fba,Iba,Jba,Kba,Mba,Lba,Pba,tc,Qba,Rba,Sba,uc,Uba,Vba,xc,Xba,Zba,$ba,Lc,bca,cca,Ic,gca,hca,Hc,Jc,kca,rca,wca,xca,yca,Zc,Bca,vca,hd,Tca,gda,xd,ida,yd,mda,oda,Cd,vda,yda,xda,zda,Ada,Bda,Cda,Dda,Fda,Gda,Kda,Mda,Rda,Sda,Zda,$da,aea,

Chrome Cache Entry: 434

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3866)
Category:	dropped
Size (bytes):	19130
Entropy (8bit):	5.420262619481056
Encrypted:	false
SSDEEP:	384:8hicNPZXWjYNJUe7xu+2VYmwOBHz7FrdwfTcK3m/MBKdDf3rLtFf:IXWjYTUe7E/LwOBtrdwbc2m/MBKdDf3H
MD5:	B06CA9702B4458036658D19FF7211E6B
SHA1:	0008BE541AAB5550D43039F376DFA26B20B76EEE
SHA-256:	80CC393AEAC83045FC43913D391C52F339A8FDADA333D920920A5C04C339850D
SHA-512:	37F882CF5E82A3AFB724447F7045C51CFE8D4F0A8AADE1AD9E169B11F86910B7697D4C0705BA0AC9BB4718861F5F97CDBCB6F5405E5379506D546C327BC984CF
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.aL=class{constructor(a,b,c){this.key=a;this.defaultValue=b;this.flagName=c}ctor(a){return typeof a==="boolean"?a:this.defaultValue}};._.u("RqjULd");.var Qbb=function(){return Pbb??(Pbb=Object.freeze({ie:a=>_.wd("iCzhFc").H(!1)\|\|a===-1,environment:_.fi(_.wd("y2FhP"))??void 0,mda:_.fi(_.wd("MUE6Ne"))??void 0,Yq:_.fi(_.wd("cfb2h"))??void 0,Ll:_.gi(_.wd("yFnxrf"),-1),YY:_.Oq(_.wd("fPDxwd")).map(a=>_.gi(a,0)).filter(a=>a>0)}))},Sbb=function(a){if(_.aa&&_.aa.performance&&_.aa.performance.memory){var b=_.aa.performance.memory;if(b){const c=new Rbb;isNaN(b.jsHeapSizeLimit)\|\|_.Eh(c,1,Math.round(b.jsHeapSizeLimit).toString());isNaN(b.totalJSHeapSize)\|\|._.Eh(c,2,Math.round(b.totalJSHeapSize).toString());isNaN(b.usedJSHeapSize)\|\|_.Eh(c,3,Math.round(b.usedJSHeapSize).toString());_.G(a,Rbb,1,c)}}},Wbb=function(a){if(Tbb()){var b=performance.getEntriesByType("navigation");if(b&&b.length){var c=new

Chrome Cache Entry: 435

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Category:	downloaded
Size (bytes):	15552
Entropy (8bit):	7.983966851275127
Encrypted:	false
SSDEEP:	384:HDKhlQ8AGL0dgUoEGBQTc7r6QYMkyr/iobA2E4/jKcJZI7lhzi:jslQ+LhUoTB0Qr6Qjkg/DmcJufzi
MD5:	285467176F7FE6BB6A9C6873B3DAD2CC
SHA1:	EA04E4FF5142DDD69307C183DEF721A160E0A64E
SHA-256:	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
SHA-512:	5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......<...........<Z.........................d..z..J.`..L.\..<.....<.....^...x.6.$..6. .... ..S..}%.......\|....x..[j.E...d..-A...]=sjf$X.o.5......V....i?}.\...;...V......5..mO=,[.B..d'..=..M...q...8..U'..N..G...[..8....Jp..xP...'.?....}.-.1F.C.....%z..#...Q...~.~..3.............r.Xk..v..7t.+bw...f..b...q.W..'E.....O..a..HI.....Y.B..i.K.0.:.d.E.Lw....Q..~.6.}B...bT.F.,<./....Qu....\|...H....Fk.-..H..p4.$......{.2.....".T'..........Va.6+.9uv....RW..U$8...p...........H5...B..N..V...{.1....5}p.q6..T...U.P.N...U...!.w..?..mI..8q.}.... >.Z.K.....tq..}.><Ok..w.. ..v....W...{....o...."+#+,..vdt...p.WKK:.p1...3`. 3.......Q.].V.$}.......:.S..bb!I...c.of.2uq.n.MaJ..Cf.......w.$.9C...sj.=...=.Z7...h.w M.D..A.t.....]..GVpL...U(.+.)m..e)..H.}i.o.L...S.r..m..Ko....i..M..J..84.=............S..@......Z.V.E..b...0.....@h>...."$.?....../..?.....?.J.a,..\|..d...\|`.m5..b..LWc...L...?.G.].i...Q..1.:..LJV.J...bU.2.:\.kt.......t.....k....B..i.z+...........A.....

Chrome Cache Entry: 436

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7249), with no line terminators
Category:	dropped
Size (bytes):	7249
Entropy (8bit):	5.208816439128352
Encrypted:	false
SSDEEP:	192:lK6+zHt3hKO3EH0qauYLE8OmeEaBvESdUvk4ikVOkrMDhAp:lK6eHZhrEH0qauYLE8OjEgvES+vk4i2V
MD5:	7E1FED6BDFC0657C0DEDC6E6C19553FA
SHA1:	558908AD0BE5BD05F13A8053C6CFDE0341BC6C08
SHA-256:	3674E598BAF27DFCEA3BDDBC29783B85FD74934F69A34920A061139D2149D7EC
SHA-512:	38D414DD52B07449AADBD637E62D6F20A0D41210CB459704AED66C800D96FC1E692B98658F23BB20D79AADD1C948314230F9D25B49BF92F7D1A1ED917F93A8D6
Malicious:	false
Reputation:	low
Preview:	"use strict";function getCurrentCountry2Name(e){return currentCountry=e.toLowerCase()}function redirectToAllSearchResult(e,t){var r,n=checkCurrentUrl(window.location.origin,"codashop.com"),a=checkCurrentUrl(window.location.origin,"codashop-test-new");$("body").hasClass("theme-page--landing-page")?r=window.location.href+"search?q="+e:$("body").hasClass("theme-page--product-page")?r=n\|\|a?window.location.origin+"/"+t+"/search?q="+e:window.location.origin+"/shop/"+t+"/search?q="+e:$("body").hasClass("theme-page--all-results")&&(r=window.location.origin+window.location.pathname+"?q="+e),window.location.href=r}function searchFieldInputUpdater(){$(".search-input-container--productpage").toggleClass("active"),$(".search-icon").toggleClass("active"),$("#search-keyword").val(""),$("#search-input").val(""),$(".search-result-list").hide().empty(),$(".top-nav--general .search-input-container").slideToggle("fast"),$("#search-keyword").focus(),$("#search-input").focus(),inputKeyword="",matchedResults

Chrome Cache Entry: 437

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:	384:ctE5KIuhGO+DSdXwye6i9Xm81v4vMHCbppV0pr3Ll9/w:cqrVO++tw/9CICFbQLlxw
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 438

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65435)
Category:	downloaded
Size (bytes):	743814
Entropy (8bit):	5.563084141746411
Encrypted:	false
SSDEEP:	6144:5NEzH/mv1zi+vSji+vSn+C7MYCycZrbGPHIWW/COBcNtztd9lKndc3k:5NEzf21z4IJMecZrjQd9Unp
MD5:	C918D2070E4E24BA39ACE5DF456FEC9D
SHA1:	9620492DB40CDE41E72B6CCAD46D76392B9DE4AC
SHA-256:	0893840809D3CC68B5FC54C52BEC3E2DFC6A2FD3E24C8F8C722A6E7C06EB689A
SHA-512:	1645C3B2B39252938E77759CDACCF71E77AA9E6FF3DB4185326319F9802D2A740B83FC359AD25178D888CA6DE0F8B6243146FE3820742164832C7C2D784F2EA5
Malicious:	false
Reputation:	low
URL:	https://static.zdassets.com/hc/assets/hc_enduser-860d7ece999603256af395ffcccc86d7.js
Preview:	/! For license information please see hc_enduser-860d7ece999603256af395ffcccc86d7.js.LICENSE.txt /.!function(){var e,t,n,r,a={38016:function(e,t,n){e.exports=n(66341)},89682:function(e,t){"use strict";function n(e){return JSON.stringify(e.map((function(e){return e&&"object"==typeof e?(t=e,Object.keys(t).sort().map((function(e){var n;return(n={})[e]=t[e],n}))):e;var t})))}t.default=function(e,t){return void 0===t&&(t={}),function(){for(var r,a=[],o=0;o<arguments.length;o++)a[o]=arguments[o];var i=n(a),c=i&&t[i];return c\|\|(c=new((r=e).bind.apply(r,[void 0].concat(a))),i&&(t[i]=c)),c}}},97070:function(e,t,n){"use strict";(t=e.exports=n(89682).default).default=t},78701:function(e,t,n){const r=n(73216),a=n(37566);function o(){if(!(this instanceof o))return new o}function i(e,t){!function(e){const t=a.get().files.intl;t&&!window.Intl?r(t,(function(t){t\|\|Intl.Collator\|\|(Intl.Collator=o),e(t)})):e()}((function(){const n=a.get().files,o=e.split("-")[0],i=n["relative."+("no"===o?"nn":o)]\|\|n["r

Chrome Cache Entry: 439

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 7904, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	26399
Entropy (8bit):	7.959673570604936
Encrypted:	false
SSDEEP:	768:1+H34A32asvhRo6sCNsKFeEotLUpbQBu82zd:1Id32npRojfKYtLUsq
MD5:	EE905AEEA99AA287B3F5B569FEDBD91E
SHA1:	0FD8E62C7B5240B5496DC1F2AF99D45766C30B86
SHA-256:	5AD678791B5D4839F74A625C1FF6D3F4A6BBFCA6417ECB0133F1A60DE77B415D
SHA-512:	D45ECFDBED27106D9A608998B7BDED221E9AE192D0F3C28F99B4E98B4B0C7D9555E8155FE89F2D78C66D1E39B3F1A5E1A63FA422D0294FD9E4A4BE29D3370F59
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/css/flags32.png
Preview:	.PNG........IHDR... .........b.s.....PLTELiq.8..8..8..8..8..8......f..~.....................?..".i.'g.$~......#'&.-b.}.).k.....2z.5..3..6..7..8..7..I/.@.p.>984....=..f.....`4.."H0q...PC."B..M..R.....G..S...'(Lj.Q..j@.P.!]6..(.jMv+`.r).]....$K..o.iB2..&........#..+..4....{<.e.NTI..5.x_.W.. &....h.....08....l......8.(/..$...:Z...Q.!=....$..&(H]..).sZ!.s..&.:v(..$...../..A.!N=_...C.L.........I..g0.-....8...I.A%.)5.(7[{.-....walb.....`.So.9G$\|...8Km..o..=(:u.>..A.5.....+).=..l;.{.?5.S...fy..WW........Z..:..^...X......MX.n.A.....}.{6.3..A.[.d.F%..s...ssg...q.I._.......hk;..H....Y...\|.J....~.....6..C...y\|Q..t..r..{.r..&...r...K..........g..2........:c.......,........d...........$.......................................X.....A.......J.....B......................................].o....tRNS...+P..v....c.IDATx...L[W...?V..&..@H'm...n@..Q.....l'[.)3.t...c..N.l7.$E[F..*[G..H.+!..0`...Gce..C.A..0....:I.A..c.~{..u.w.&.d.....~...{.K.........=.........f..x..d=j..

Chrome Cache Entry: 440

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21179)
Category:	dropped
Size (bytes):	165428
Entropy (8bit):	5.494587333899706
Encrypted:	false
SSDEEP:	1536:2DFNrn1Z3miv3qbXkoO6sIujEtlaPAZGhn+XPJP6rPui+POPLP1C6p6mTFBcGeW3:25PtmivkXPGAZGhnDCEH
MD5:	1720A13825DFE2756785997DC7EB3E6C
SHA1:	4737DB90B3E52DD8DC28B0D656620205A022463A
SHA-256:	B75B1C467CB500E533CF8962264898F3085C01728D6FD0937F73335668EAC2B4
SHA-512:	BADC151E76BDD58B13981A2D928B586B6F0C2150228DD7E0B9DF3BC67F80C30264B895833DC9D85C5FEFE809BB19560B75A663485F945577CA9D4C9760285D77
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("$InternalEnumUtils",[],(function(a,b,c,d,e,f){"use strict";var g=Object.prototype.hasOwnProperty;function a(a){return function(b){return b==null\|\|!g.call(a,b)?null:a[b]}}var h=typeof WeakMap==="function"?new WeakMap():new Map();function b(a){return function(b){if(b==null)return null;var c=h.get(a);c==null&&(c=new Map(Object.getOwnPropertyNames(a).map(function(b){return[a[b],b]})),h.set(a,c));return(c=c.get(b))!=null?c:null}}f.createToJSEnum=a;f.createFromJSEnum=b}),66);.__d("CometListCellContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext({disabled:!1,level:void 0,shouldToggleOnListcell:!1});g["default"]=b}),98);.__d("AccordionAddOn.react",["ix","CometListCellContext","FDSIcon.react","fbicon","react"],(function(a,b,c,d,e,f,g,h){"use strict";var i,j=i\|\|(i=d("react")),k=i.useContext;function a(a){var b=a.color,e=a.disabled,f=a.icon;a.label;a.onPress;var g=a.open;g=g===void 0?!1:g;var i=a.openIcon;a=babelHelpers.objectWi

Chrome Cache Entry: 441

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6573)
Category:	dropped
Size (bytes):	10849
Entropy (8bit):	5.551671316058498
Encrypted:	false
SSDEEP:	192:sn0g/f3O/+IErEeyKEIffWEeyU/gcLCqrFoxPGRmSREzmOtKs+xrDEyvZ:huk+I6EeyKEIWEeyCgqwPGRmSRymOQ5l
MD5:	FB4650E82A5A32490F5B1D4B85594CD7
SHA1:	ECCED02FA31FA36FD1CFA9B4C52200EF726EE357
SHA-256:	5FB29C66A3EDA461A11E8DAE54FCFF64E73C23D6B67A5232FC23F417719D8EBB
SHA-512:	E0E901B61153CC5FE8C8D216C391BFC78FE72E993F55098EFEBE7E4315F22C722D0E1D617F3A6B682092DFB41A91280963502F4096386EEA18EBF3FDF722EF87
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/../*. License: https://www.facebook.com/legal/license/aJoeSHn7XcN/. */.__d("blakejs-1.1.0",[],(function(a,b,c,d,e,f){"use strict";b={};var g={exports:b};function h(){var a="Input must be an string, Buffer or Uint8Array";function b(b){var c;if(b instanceof Uint8Array)c=b;else if(b instanceof Buffer)c=new Uint8Array(b);else if(typeof b==="string")c=new Uint8Array(Buffer.from(b,"utf8"));else throw new Error(a);return c}function c(a){return Array.prototype.map.call(a,function(a){return(a<16?"0":"")+a.toString(16)}).join("")}function d(a){return(4294967296+a).toString(16).substring(1)}function e(a,b,c){var e="\n"+a+" = ";for(var f=0;f<b.length;f+=2){if(c===32)e+=d(b[f]).toUpperCase(),e+=" ",e+=d(b[f+1]).toUpperCase();else if(c===64)e+=d(b[f+1]).toUpperCase(),e+=d(b[f]).toUpperCase();else throw new Error("Invalid size "+c);f%6===4?e+="\n"+new Array(a.length+4).join(" "):f<b.length-2&&(e+=" ")}}function f(a,b,c){var d=new Date().getTime(),e=new Uint8Array(b);for(var f=0;f<

Chrome Cache Entry: 442

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	28789
Entropy (8bit):	7.971396460866589
Encrypted:	false
SSDEEP:	768:mQmpRJ1JqkEDO5tjx6ZmOAKTTjgH1W7AH0VYvkLHNy:mQUJbqkoO/zPKDgmKvkLH0
MD5:	74190B93FC4F5D88F0C8E6411BA20BD8
SHA1:	89CE2ECB660A90B8E6ED1B335443D7767C59F28A
SHA-256:	092A3CD5F86B3F039FEEFDEB86694CD16AE545AF214CFDA614BDBBE2D1BDE401
SHA-512:	35FFC458DA53B5105BA45473350BC178D4B96ACC7E5F409FCF586ACA4E7C9B9B9B3A7D9D1C2185532EE13F9F496811156A38130FB7D9ABF5925436EF29F63ECB
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...\...........&....sBIT....\|.d... .IDATx..w\|......{J:...{.. .`.."..}....r..{.r.+X... ..@....Az.$...s...<...{.IHB..'!0_>K.svg.....33....B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...B.P(...BQ!.^...-...C.PT....Hs~.6....E.P(....r..K.n..._..gMp/\.BQ......?>:..$Q(...`....x.r._O.z.uW........(....m...F....yu$%{..@..Ia.....4........[^..r.?..4)..x.~.P...u..rkZ..B.8.h3d\.._...7~.g...:..@a.)H....FB...?#7...#..&..._ck....El<.J.?.\|4...Q(.Q.i.P]..rn...qu...t..oN.."owv J;.Dd...H.D.$A.".....%.g,..B.k....5.....l.....~....w=...Y.....^`eN....j.O.P.M3H....C.......>g....,..`}f....jZ...S....>.e..SO..U...0`.....hr..... {.0j...0.sG...4.&....Cok-v#=..".l.~i.1o..M...:.n....m............j......y5,.Bq,s..[.}...vl.^...E...S.....:.: .h....v5+.QF..&.....}.......3..9.V.6i.D<DD.,..%... ../b...3.(. ..i..&..T.mM.P.A..G..i...}......n..[v.]........9'...$X...M"".u...jO.Bq.R......y...<;...O..O....?f..xU...e

Chrome Cache Entry: 443

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	7854
Entropy (8bit):	7.967790360996982
Encrypted:	false
SSDEEP:	192:6ljcoz/0A0WC+pNC5UfLKsM6DGvHZZfkfNRHeQ2eGklwwd+HirpBl1TEQCuZay:FSPI++sJiPMfnHX27wd+CrpBnw0P
MD5:	D9CC581EC64A9C99C16D993EF38D5960
SHA1:	F10C54EE6A2639F10C81577BA66BC8B601A01736
SHA-256:	9F1097E9037362B77714B1698EE7C52D7D2A8D7196319F62D728C9A206708E13
SHA-512:	BC7DF7304F7EB07B64FE21579897C6CE78ABA1F877B94FF4188E977E3F32E9E81DD9AD833CE30053381710975E5B8C7DF0BF046EFDC8D3FCD94BB7F670D8B7B9
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/VZKGiuCEP2knhIKJYR4emUBuUra84gib_oDLocmdEcf1NYwf7hmo3Yv0OkzasOCQ2A=s64-rw
Preview:	RIFF....WEBPVP8L..../?...M0h.6.\|v.....DD.Cj5eR-.w..f...@.c...6..m.(.$E..Z.B..O..6........8b#.V.....5._..Z..L.# E....v....f...%?..`5"...\T....Q....2...o....S2..]v.G\|D.w.3.S.u..\|.Q..Ons...K2..A....~..1....2. l:)gP.S...l.#2........+cg.\|.......'.}W..9}..2#...j..m..Z{.{.}...m.6#....\Q.v....Vf......=...$.m...>.......@..1h.h.)..u.=g7.j.'.....Y}2D....V...;...K\.....x...p.m....;.d..Z.m..m.m..e.kc....'I.u..7....3$I..#".\.....=.m..W\.;...6.....Q....$.m.e....Z.....<S.......^9...\.R.......}4...GP..H.$I.YY..._..5.=Y...7.]...Y.j.Vm;}.s?).....b ..T0).....13s..{R.l[...... ..x&hb...1P..#...n...w.......V.......D....Q.Nahu.._...+2.%..@.P@.../...L.}.?...).(1....!dix.x.......7g..e..Uz.'........o......+U.w....R..Xq./.....>&..N.a..A.t]...0..M..n.$...(2%..f..r.m...RZ....6{....3.r...W...7..\a.q..N%..7...UNK.?>..S....e...`...B.i....2..-tb.n9F..%.)C...a..J8.P..uO..h..}8.5..M./s;..3r-^..>.....r....#.R-l.2m..#.\|...o...x.X....`)..!c........d.... ..h.....Z.Ay+x..

Chrome Cache Entry: 444

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28924), with no line terminators
Category:	downloaded
Size (bytes):	28924
Entropy (8bit):	5.231666786957434
Encrypted:	false
SSDEEP:	384:DDJ6NoRIwHWvsSHzmZA5RY1L0l3Pz8K73ilG42Iwnw4HFzKvkGuIcDYP8ALJiy+h:DE+IwZy+uyl3wn1tKvvqIulmpo
MD5:	4947FF982FB69173F95DA79B538F254D
SHA1:	884DB3BF10E92790CF6D9937731F70D59C87CC9F
SHA-256:	0278B60E08B67FB8AE86C56DD80075E94E1D51113EB21ADE41996147C601DFE6
SHA-512:	6B8291D34966FFFFD9CBD8F37C51F820A20B211E3B80CC01E94EC092AD58E40D7B1189FCB9FDBC3589A316E84C2E38BA0974CCF3E8EE18D880688840401BBAE2
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/js/xss.min.js
Preview:	(function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){var FilterCSS=require("cssfilter").FilterCSS;var getDefaultCSSWhiteList=require("cssfilter").getDefaultWhiteList;var _=require("./util");function getDefaultWhiteList(){return{a:["target","href","title"],abbr:["title"],address:[],area:["shape","coords","href","alt"],article:[],aside:[],audio:["autoplay","controls","loop","preload","src"],b:[],bdi:["dir"],bdo:["dir"],big:[],blockquote:["cite"],br:[],caption:[],center:[],cite:[],code:[],col:["align","valign","span","width"],colgroup:["align","valign","span","width"],d

Chrome Cache Entry: 445

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Category:	downloaded
Size (bytes):	183750
Entropy (8bit):	4.7745353828964685
Encrypted:	false
SSDEEP:	3072:fSBkDzFTJ13F8pVEXhqw0INKPwSzeDtRNQ27JLah6zStzwanK5:fSBkz313F8MqHPwSzeDtRNQ27WK5
MD5:	DE6D0681AF8043FF90621401DC185E17
SHA1:	D20FFE8AD5842C8FE478BB2E5A91A21DCD382818
SHA-256:	A5855DA7F0E002CC171C44BBBC3F9F0AEC5F469D19E4BF7655D9C2DBB3F3B176
SHA-512:	5445A44587C2DB9D4EB66F9EEF2015B4E0F7565D7C9D8BDD857D6F4A0FACC7A1BFFBC5BF8E16F90E320599DFB7C213B57C1FE6DDAD276BDEF4653712E7E83716
Malicious:	false
Reputation:	low
URL:	https://static.zdassets.com/hc/assets/en-us.99b0131b1f198c72c323.js
Preview:	!function(){window.I18N=window.I18N\|\|{};var e,t={locale:"en-us",direction:"ltr",translations:{"activemodel.attributes.request.anonymous_requester_email":"Anonymous requester email:","activemodel.attributes.request.recaptcha":"Recaptcha:","activemodel.errors.models.topic_form.attributes.base.topic_limit":"You have reached the maximum number of topics for your account: %{topic_limit}","activerecord.attributes.comment.body":"Comment:","activerecord.attributes.community_comment.body":"Comment:","activerecord.errors.format":"%{attribute} %{message}","activerecord.errors.full_messages.format":"%{attribute} %{message}","activerecord.errors.messages.could_not_save":"Could not save file","activerecord.errors.messages.not_an_integer":"must be an integer","activerecord.errors.models.access_policy.attributes.manageable_by.inclusion":"Must be `staff` or `managers`","activerecord.errors.models.access_policy.attributes.viewable_by.inclusion":"Must be `everybody`, `signed_in_users`, or `staff`","activ

Chrome Cache Entry: 446

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (8652)
Category:	downloaded
Size (bytes):	49595
Entropy (8bit):	5.412280445172081
Encrypted:	false
SSDEEP:	1536:P3C37T7Ek5lBVL+1lr1Iim0sKymy8W2Cu20u6SMiNckCuvw4Im+gSUTL0xk+NI7:e7TAPPIim0sKymy8W2Cu20u6gCuvw4Ik
MD5:	DFF147B5BD043DA190AC1A59D5DCCFCA
SHA1:	FE35D93FFD0183356FD9DB6FEA7C5473640948FA
SHA-256:	7A8B59F57A5EFBD7950521EE37D81AC63A7E730CEEB8B5E4F5977D3F0C9818EC
SHA-512:	659EF5C4A2D757049FFA7B7F201BEDD144336A310825B9AC7AE9F9DB7C0063AE61DD2FBBCD5E8FB30634812E58FB26167710B251F4AE55E9976F06B1060C58E9
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3ivps4/yg/l/en_GB/KT7_0H0wZQa.js
Preview:	;/FB_PKG_DELIM/..__d("LynxGeneration",["LinkshimHandlerConfig","URI"],(function(a,b,c,d,e,f,g){var h,i=new(h\|\|(h=c("URI")))(c("LinkshimHandlerConfig").linkshim_path).setDomain(c("LinkshimHandlerConfig").linkshim_host),j={getShimURI:function(){return new(h\|\|(h=c("URI")))(i)},getLynxURIProtocol:function(a){return c("LinkshimHandlerConfig").always_use_https?"https":a.getProtocol()==="http"?"http":"https"},getShimmedHref:function(a,b,d){var e;a=new(h\|\|(h=c("URI")))(a);var f=j.getLynxURIProtocol(a);a=j.getShimURI().setQueryData((e={},e[c("LinkshimHandlerConfig").linkshim_url_param]=a.toString(),e[c("LinkshimHandlerConfig").linkshim_enc_param]=b,e)).setProtocol(f);b=d==null?void 0:d.trackingNodes;e=d==null?void 0:d.callbacks;b&&b.length&&(a=a.addQueryData("__tn__",b.join("")));e&&e.length&&(a=a.addQueryData("c",e));return a}};a=j;g["default"]=a}),98);.__d("NonFBLinkReferrerProtector",["$","LinkshimHandlerConfig","Parent","URI","cr:5662","setTimeout"],(function(a,b,c,d,e,f){"use strict";var

Chrome Cache Entry: 447

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9217)
Category:	dropped
Size (bytes):	231862
Entropy (8bit):	5.4580370109650715
Encrypted:	false
SSDEEP:	3072:5fLeYH8At6JK37OeR8NteGvQ+AMPpgArl0xYu5s713hW:5fLeYc+6JaH8N7QQGArHu5s713A
MD5:	3E34065323CCD70417621B0687E56775
SHA1:	F63D803164D63317D51A708C942FF511725A9E16
SHA-256:	5EBCE957851EB83517851E8613F012EB45AA4EBB6142B92C30B7D9492C874E22
SHA-512:	EDB02D4A93A15771FB0768C8A45F3DBAF0908E5C450737D59AF5804840B10E33C0955831B4B6B3F3362A839CC8DBEF2169667F4FDFB40299FDCB80E8A16051EA
Malicious:	false
Reputation:	low
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 448

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	38730
Entropy (8bit):	7.99078326898714
Encrypted:	true
SSDEEP:	768:SSNlQVrYgWbV3agxRNmGBKFLR6toC+3wBgD7iCbep5VgzmuWBxx0cr:7Ny2bVKgbEGIFgV+3hi8kIWBb0cr
MD5:	2E92B59BC98E76B719AB4A01368A7A3E
SHA1:	7A88DE4978A69CA38C2928E197A3CF88B612D86C
SHA-256:	F4ADDD16BABC7C1F5265B116E1A8B762CF70001DC3C6B70A473E02F2DB3A9EBC
SHA-512:	3ED80AF8E6E173BD27BB98FA2AC2686AB5B50664D0051B8C3C764E4F4498C7BBFA29B81E157374691E8AA118DBE4709A2A31ACF4FF0C1D2FBF540B557D86239D
Malicious:	false
Reputation:	low
URL:	https://image.winudf.com/v2/image1/Y29tLm5lcHR1bmUuZG9taW5vX2ljb25fMTU1OTA0NjkyOV8wODc/icon.png?w=170&fakeurl=1
Preview:	RIFFB...WEBPVP8L5.../.@...m...d.r.w.....".?.....N.$m....Nb.Ut...:R.q....-.....@{.Tq4.....Wr]6.O..9..C. v)..P...h..7T..mK.}.]....m.Z..:..Y...Z.=.U....^C...2..p'26KJ.J..r..QV.N"%..'U.(i..V....n......x..I../d..H.H.....h......q.....y.Gwkw.5@{.=mseYQ..w......i..+...eE.L.vm...aZ.m.q.c.....]..<...+.".m......&.P7z.....&.2..`.....!?.......1.#.;..!...Q...C.P9"-..E......n.;.2x.....[.D.8.....3...!....W}..'7..-.2N.O^.\|.ad.....1K....!.O.M...1.YD.2.n&.&>'.....h4.J..Q..\..<.4E...Y..2)....)q....6.....f.:....;..e5Yml6.rmN..M....4..N..M...-.n...Eg......T.[g.....FK.e...6^....0........'....n..im...l)K...k.,.....NB....b.<VF.3.1p.l.l..O..i...v1XX.....P.....j..Iz'.C..`.....io.8.....7...8Rkk.lcro.="...P.).u2.W.(C1v....q..Q.}f........6.....).u. .............?.{...0.4....<6.__.>64.V>6...{..g....>n....:.n...^..@km}.wt..=(..?~...f^s...S.CR..j1P../.?..I.X...Cjh:........h1-'..$\..$$$TQ...H.........u.t.TUv..UFe'.....G.Y....z.za]....&.>^.`CS?.....'..g..#.k2..........f..B...

Chrome Cache Entry: 449

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	334
Entropy (8bit):	5.212477523177281
Encrypted:	false
SSDEEP:	6:kRZzRxVvnGlUu6SoF/AuGNG/QVIly5hiDiJZwQRaNw6JpyxZRNlad0:kRZTFGlqScSI/AIwijkbRN20
MD5:	660C8C9C75922986FC04999BC03F4765
SHA1:	574DE7574A155C8B7CDF592580EA6F81827F9848
SHA-256:	DB69993C3B0D33E22C6B5E9A2E0FAF219F28FC1CBACB3BC5385CE6D9FEF30877
SHA-512:	1B621E1BBA820BF888C779B7C4F3D5AEAAD19E13953123103016C56F1FCAFB7E1AB2615BD75FDA9174D3AA3BDE862FF31618A80BB0177E609937B9BCAC08874E
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,EEDORb,EFQ78c,FuzVxc,GkRiKb,I8lFqf,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,RqjULd,SWD8cc,SdcwHb,SpsfSb,UUJqVe,UZStuc,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,Z5wzge,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,dfkSTe,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,q0xTif,qfGEyb,qqarmf,rpbmN,s39S4,sJhETb,sOXFj,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,yNB6me,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=C7s1K"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("C7s1K");._.qr(_.wEa,class extends _.rr{constructor(a){super(a.ta)}H(){return"C7s1K"}N(){return!0}Xa(){return _.g4}});_.$q.C7s1K=_.cD;._.w();.}catch(e){_._DumpException(e)}.}).call(this,this.default_PlayStoreUi);.// Google Inc..

Chrome Cache Entry: 450

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2890
Entropy (8bit):	7.192134477647289
Encrypted:	false
SSDEEP:	48:2/6BMYL4knA9WIM8j/c05ibl3PfHAq3DlHAU02hl607wBnJgnAD4Vtq8Ha+H:2S+YkknmWIM8j/rKHAAHAUxYJie4Vtqe
MD5:	CF9659FA3891ADD490CB7D0D099D72AC
SHA1:	85581945FF05F48B3A652BA3E90AE44D97B18CF1
SHA-256:	76DB9987BB4F902E6D4A6702577717A6D6AFFF1BEF8EB6DFCE62C5C69E8D707D
SHA-512:	D0DFED00B29718DEDDB2FCFD0926D6234FE2E6AD6AC8A2D029747A01747B55CA5EFDD05D2694CF63D807D06FD46ED296D105C40169EF976E50FA81853D60EF14
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/social-media-logo/36/socmed-facebook-H36.png
Preview:	.PNG........IHDR...$...$.............pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-02-25T08:48:52+07:00" xmp:ModifyDate="2020-04-24T11:35:36+07:00" xmp:MetadataDate="2020-04-24T11:35:36+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:f2f79ae0-3b29-4334-b916-3b0a0edf17e9" xmpMM:DocumentID="adobe:docid:photoshop:5db56676-51d6-d84d-af27-2a604b659

Chrome Cache Entry: 451

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (8652)
Category:	dropped
Size (bytes):	49595
Entropy (8bit):	5.412280445172081
Encrypted:	false
SSDEEP:	1536:P3C37T7Ek5lBVL+1lr1Iim0sKymy8W2Cu20u6SMiNckCuvw4Im+gSUTL0xk+NI7:e7TAPPIim0sKymy8W2Cu20u6gCuvw4Ik
MD5:	DFF147B5BD043DA190AC1A59D5DCCFCA
SHA1:	FE35D93FFD0183356FD9DB6FEA7C5473640948FA
SHA-256:	7A8B59F57A5EFBD7950521EE37D81AC63A7E730CEEB8B5E4F5977D3F0C9818EC
SHA-512:	659EF5C4A2D757049FFA7B7F201BEDD144336A310825B9AC7AE9F9DB7C0063AE61DD2FBBCD5E8FB30634812E58FB26167710B251F4AE55E9976F06B1060C58E9
Malicious:	false
Reputation:	low
Preview:	;/FB_PKG_DELIM/..__d("LynxGeneration",["LinkshimHandlerConfig","URI"],(function(a,b,c,d,e,f,g){var h,i=new(h\|\|(h=c("URI")))(c("LinkshimHandlerConfig").linkshim_path).setDomain(c("LinkshimHandlerConfig").linkshim_host),j={getShimURI:function(){return new(h\|\|(h=c("URI")))(i)},getLynxURIProtocol:function(a){return c("LinkshimHandlerConfig").always_use_https?"https":a.getProtocol()==="http"?"http":"https"},getShimmedHref:function(a,b,d){var e;a=new(h\|\|(h=c("URI")))(a);var f=j.getLynxURIProtocol(a);a=j.getShimURI().setQueryData((e={},e[c("LinkshimHandlerConfig").linkshim_url_param]=a.toString(),e[c("LinkshimHandlerConfig").linkshim_enc_param]=b,e)).setProtocol(f);b=d==null?void 0:d.trackingNodes;e=d==null?void 0:d.callbacks;b&&b.length&&(a=a.addQueryData("__tn__",b.join("")));e&&e.length&&(a=a.addQueryData("c",e));return a}};a=j;g["default"]=a}),98);.__d("NonFBLinkReferrerProtector",["$","LinkshimHandlerConfig","Parent","URI","cr:5662","setTimeout"],(function(a,b,c,d,e,f){"use strict";var

Chrome Cache Entry: 452

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	8332
Entropy (8bit):	7.943274504272014
Encrypted:	false
SSDEEP:	192:7KzxdORmCaOZLtcjJCUaoQw4OfsPighKVwGUFLybHrl:7KzxdORmC+jMUai4UkiY/GELybh
MD5:	21AF19C2D86EFCCC089A370B3E977126
SHA1:	4E384E8FE56355CA0EA40037538023C3F536D01A
SHA-256:	3FD77B3AD84BE32D99139A582A0BFC0597E302D51D7F45F8ED0994A2DC65C572
SHA-512:	581E27D7938774D9C893E58036D43156A46002672B6D1C1845AB95C2594DBF8129DA9E8C0A9353E0E9A2F9AFF8D08F5C113BE7595E00864E8CD60877B9812A49
Malicious:	false
Reputation:	low
Preview:	RIFF. ..WEBPVP8Lx ../?...M.i.f.k...a......VF9K..\...HR4..?.....Z..R..$IRRk8.....a=\I.lZ}m..q7....c......_!K.Q.....)5.T.....\|......P.NH...'0..Y.......Z&.&.$..f....zK.Y!....c.l.M..,..K..@.$...g?.,S...+.U...`..:.9..f43.F...4b2..l?ff&3333.....3[.3w...........{{..}8io..'.uy7..<.@...a.pTN}S..u..p"....i..p.+`NZ..A.[.<m..Fv.6_.y.n..S.]...X..ajU......U0.z.....m6..2......r....i.j].p2.[..v.m.m..$Y...aN..0...fffff..i........2cZ'q...k.m.lk.wD$....m....m.m....wZ.U.IE.^k"h.6~.S~7....3....o.,.[...........C.o....A:)....[...0a......eN.....P..!........".u.B.u.X.>..F..w.. ...J\....m..+..>...p<...9+.....u.x...~...$@$$.lU.......u.B@e.@TQH.#..>.]OB....@..e....V.u..9.@.,....4...W..... .....H...AL6@{........jK.....0.].%......Y0.f.....$.:.#.{..f.kb......w2V..#S.Q.h."x...9..h4.8.0.J(lQGB..\|........V....$..R.)n.6.\|.V.?V._...@Y^.....d.%XB.S....V...q...a6Y1Iw...Q$BC...$....E.y.Q.j..u..V'...@.0HEA..@5.K.6..O....d_\i......<.!f......S .!....A...g.;D.U..,P.2%K.A*.E

Chrome Cache Entry: 453

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3866)
Category:	downloaded
Size (bytes):	19130
Entropy (8bit):	5.420262619481056
Encrypted:	false
SSDEEP:	384:8hicNPZXWjYNJUe7xu+2VYmwOBHz7FrdwfTcK3m/MBKdDf3rLtFf:IXWjYTUe7E/LwOBtrdwbc2m/MBKdDf3H
MD5:	B06CA9702B4458036658D19FF7211E6B
SHA1:	0008BE541AAB5550D43039F376DFA26B20B76EEE
SHA-256:	80CC393AEAC83045FC43913D391C52F339A8FDADA333D920920A5C04C339850D
SHA-512:	37F882CF5E82A3AFB724447F7045C51CFE8D4F0A8AADE1AD9E169B11F86910B7697D4C0705BA0AC9BB4718861F5F97CDBCB6F5405E5379506D546C327BC984CF
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,EEDORb,EFQ78c,GkRiKb,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,SWD8cc,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,qfGEyb,rpbmN,s39S4,sJhETb,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.aL=class{constructor(a,b,c){this.key=a;this.defaultValue=b;this.flagName=c}ctor(a){return typeof a==="boolean"?a:this.defaultValue}};._.u("RqjULd");.var Qbb=function(){return Pbb??(Pbb=Object.freeze({ie:a=>_.wd("iCzhFc").H(!1)\|\|a===-1,environment:_.fi(_.wd("y2FhP"))??void 0,mda:_.fi(_.wd("MUE6Ne"))??void 0,Yq:_.fi(_.wd("cfb2h"))??void 0,Ll:_.gi(_.wd("yFnxrf"),-1),YY:_.Oq(_.wd("fPDxwd")).map(a=>_.gi(a,0)).filter(a=>a>0)}))},Sbb=function(a){if(_.aa&&_.aa.performance&&_.aa.performance.memory){var b=_.aa.performance.memory;if(b){const c=new Rbb;isNaN(b.jsHeapSizeLimit)\|\|_.Eh(c,1,Math.round(b.jsHeapSizeLimit).toString());isNaN(b.totalJSHeapSize)\|\|._.Eh(c,2,Math.round(b.totalJSHeapSize).toString());isNaN(b.usedJSHeapSize)\|\|_.Eh(c,3,Math.round(b.usedJSHeapSize).toString());_.G(a,Rbb,1,c)}}},Wbb=function(a){if(Tbb()){var b=performance.getEntriesByType("navigation");if(b&&b.length){var c=new

Chrome Cache Entry: 454

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (724)
Category:	downloaded
Size (bytes):	551834
Entropy (8bit):	5.646059185430787
Encrypted:	false
SSDEEP:	6144:ytxIUYTteVvs0E8gSdoxS4MLYw1tZnAzsz1I9VBojCdzNDC2vPpD:ybYTZMgGopkAzsz1ciEU2d
MD5:	33AFF52B82A1DF246136E75500D93220
SHA1:	4675754451AF81F996EAB925923C31EF5115A9F4
SHA-256:	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
SHA-512:	2E1BAAE95052737BDB3613A6165589643516A1F4811D19C2F037D426265AA5ADF3C70334C1106B1B0EEF779244389F0D7C8C52B4CD55FCE9BAB2E4FCB0642720
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var z=function(){return[function(v,p,K,u,W,n){if(!((v>>2&(n=[6,"Unknown format requested type for int64",9],n[0])\|\|!U[22](11,this.U(),p)&&this.dispatchEvent("enter")&&this.isEnabled()&&R[23](n[2],this,2)&&R[3](n[0],2,!0,this),v-1)<20&&(v>>1&7)>=4&&(u=new vf,W=R[41](1,p,u,kV,K==p?K:P[8](37,K),5)),v<<1&11))throw Error(n[1]);return W},function(v,p,K,u,W){return((W=[17,7,46],v)<<2&W[1]\|\|(p=function(n){return K.call(p.src,p.listener,n)},K=UJ,u=p),(v-1\|12)<v&&(v-9\|59)>=v)&&(u=M[W[2]](15,p)&&!M[W[2]](13,."iPod")&&!M[W[2]](W[0],K)),((v\|8)&W[1])==1&&(u=p.Y?p.Y:p.I?"application/x-protobuffer":""),u},function(v,p,K,u,W){retu

Chrome Cache Entry: 455

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16456)
Category:	downloaded
Size (bytes):	64797
Entropy (8bit):	5.896844004732185
Encrypted:	false
SSDEEP:	1536:MMfob7CMhXZYVRnaBJiYI8Zfy2LZpJWDBcR:M7JI8ZfyypJWDBcR
MD5:	F6F3EA0CE90BEDDC6AF1974CED0046CD
SHA1:	7372D64BDF770C0738F8894B9D6CD0BF7F1FCB7A
SHA-256:	4DAE6F7AF264A7B69C4CD1F11650C7A878D775F7F7EFE0CA846DA1E9FABE0719
SHA-512:	90DEB5AB76BB04860E07B8F14B702918D77248798AD14262262FA1F5F7A84C7BEC828C908A95CB647FC1117CB9F95A0BC21B0AA17950D42E3B75F0D97A79A14A
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/y6adcQCOfPz.js
Preview:	;/FB_PKG_DELIM/..__d("InstagramMediaProductTypeName",["$InternalEnum"],(function(a,b,c,d,e,f){a=b("$InternalEnum")({LIVE:"live",FEED:"feed",STORY:"story",DIRECT:"direct",IGTV:"igtv",NAMETAG:"nametag",DIRECT_AUDIO:"direct_audio",CAROUSEL_ITEM:"carousel_item",CAROUSEL_CONTAINER:"carousel_container",PROFILE_PIC:"profile_pic",AD:"ad",AR_EFFECT_PREVIEW:"ar_effect_preview",DIRECT_PERMANENT:"direct_permanent",SELFIE_STICKER:"selfie_sticker",COWATCH_LOCAL:"cowatch_local",CLIPS:"clips",GUIDE_MEDIA_FACADE:"guide_media_facade",FUNDRAISER_COVER:"fundraiser_cover",LIVE_ARCHIVE:"live_archive",HIGHLIGHT_POST_FACADE:"highlight_post_facade",DIRECT_THREAD:"direct_thread",SCHEDULED_LIVE:"scheduled_live",RATINGS_AND_REVIEWS:"ratings_and_reviews",DIRECT_HEADMOJI:"direct_headmoji",CLIPS_PREVIEW:"clips_preview",REPOST_MEDIA_FACADE:"repost_media_facade",STORY_INTERACTION_RESPONSE:"story_interaction_response",MEDIA_KIT:"media_kit",TEXT_POST:"text_post",NOTE_AUDIO:"note_audio",DIRECT_MESSAGE_COMMENT_FACADE:"d

Chrome Cache Entry: 456

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	7854
Entropy (8bit):	7.967790360996982
Encrypted:	false
SSDEEP:	192:6ljcoz/0A0WC+pNC5UfLKsM6DGvHZZfkfNRHeQ2eGklwwd+HirpBl1TEQCuZay:FSPI++sJiPMfnHX27wd+CrpBnw0P
MD5:	D9CC581EC64A9C99C16D993EF38D5960
SHA1:	F10C54EE6A2639F10C81577BA66BC8B601A01736
SHA-256:	9F1097E9037362B77714B1698EE7C52D7D2A8D7196319F62D728C9A206708E13
SHA-512:	BC7DF7304F7EB07B64FE21579897C6CE78ABA1F877B94FF4188E977E3F32E9E81DD9AD833CE30053381710975E5B8C7DF0BF046EFDC8D3FCD94BB7F670D8B7B9
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../?...M0h.6.\|v.....DD.Cj5eR-.w..f...@.c...6..m.(.$E..Z.B..O..6........8b#.V.....5._..Z..L.# E....v....f...%?..`5"...\T....Q....2...o....S2..]v.G\|D.w.3.S.u..\|.Q..Ons...K2..A....~..1....2. l:)gP.S...l.#2........+cg.\|.......'.}W..9}..2#...j..m..Z{.{.}...m.6#....\Q.v....Vf......=...$.m...>.......@..1h.h.)..u.=g7.j.'.....Y}2D....V...;...K\.....x...p.m....;.d..Z.m..m.m..e.kc....'I.u..7....3$I..#".\.....=.m..W\.;...6.....Q....$.m.e....Z.....<S.......^9...\.R.......}4...GP..H.$I.YY..._..5.=Y...7.]...Y.j.Vm;}.s?).....b ..T0).....13s..{R.l[...... ..x&hb...1P..#...n...w.......V.......D....Q.Nahu.._...+2.%..@.P@.../...L.}.?...).(1....!dix.x.......7g..e..Uz.'........o......+U.w....R..Xq./.....>&..N.a..A.t]...0..M..n.$...(2%..f..r.m...RZ....6{....3.r...W...7..\a.q..N%..7...UNK.?>..S....e...`...B.i....2..-tb.n9F..%.)C...a..J8.P..uO..h..}8.5..M./s;..3r-^..>.....r....#.R-l.2m..#.\|...o...x.X....`)..!c........d.... ..h.....Z.Ay+x..

Chrome Cache Entry: 457

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Category:	downloaded
Size (bytes):	16958
Entropy (8bit):	3.7894912728920813
Encrypted:	false
SSDEEP:	384:QU4LdnMHZX+os6tWhFVSknSXLRiew7LYx2oRBVABafIs0PPbmXRj3FIDdl:QaGDf
MD5:	CAD7601F1F8C2C359780F4F874276A1A
SHA1:	E829E5E11613A6F433E4C3A86FFFD27C33415340
SHA-256:	CDB10ACC3D96D44468F0BD10E020BBEEE6106C9C23E553CD8B6188F3ADCA54CE
SHA-512:	964BC8477E55B7B21185399607A3C79B54EF4C892C85A3116046D6F4E935F3C5D0F5195DD7FDF65B651186EBA75B75571D97E0C20E70662559F0353AA18BD771
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/images/favicon.ico
Preview:	......@@.... .(B......(...@......... ...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 458

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (946)
Category:	dropped
Size (bytes):	209351
Entropy (8bit):	5.696920414020874
Encrypted:	false
SSDEEP:	3072:3/J8He/SDR6DEVsPWvd1pwWKMhH5ynzLFo1MUvQRxUIv++wlxGFNM/6ng:PqHvQWKMhafFTcQRxUlloFq6g
MD5:	F7941991D0CDE66E85820EC6FE8FA5E1
SHA1:	2B30E327957A95F009F71699FD6DE610836CDD52
SHA-256:	7D9448B9B58895DD7A3B958BF3E9D6F9A5D0921925FF025B791676392386BAA1
SHA-512:	08FAC41DD48F4384B2BD070BBC8E23A5B0C64D573F0EB27BA050326C2B2E007D5273D54661C922DC29454ED5B17AAE588240A34A8FE711B330C6D6E6DF906610
Malicious:	false
Reputation:	low
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.wX=function(a){return"Rated "+a+" stars out of five stars"};.var bNb,dNb;_.xX=function(a,b){b!=null&&b.N()>0&&(a.open("div","mzPddd"),a.W(bNb\|\|(bNb=["class","pf5lIe"])),a.U(),a.O("wb5Mjc"),_.cNb(a,b.N(),"L0jl5e bUWb7c","vQHuPe bUWb7c",b.H()),a.T(),a.close())};._.cNb=function(a,b,c,d,e){var f=Math.floor(b);a.open("div","D5jpjf");a.W(dNb\|\|(dNb=["role","img"]));a.ha("aria-label",_.wX(e??""+b));a.U();e=b-f;f=Math.max(0,Math.ceil(f));for(let g=0;g<f;g++)a.open("div","CPcfF"),a.ha("class",d),a.U(),a.close();e>0&&(a.open("div","j3pqac"),a.ha("class",c+" cm4lTe"),a.U(),a.va("div","UZExhf"),a.ha("class",d+" D3FNOd"),a.ha("style","width: "+_.$o(e*100)+"%"),a.U(),a.close(),a.close());b=Math.max(0,Math.ceil(5-Math.ceil(b)));for(d=0;d<b;d++)a.open("div","pai7xd"),a.ha("class",.c),a.U(),a.close();a.Da()};._.eNb=function(a,b){if(b!=null&&b.H()>0){const c=_.US(new _.TS("{COUNT,plural,=1{1 rating}oth

Chrome Cache Entry: 459

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	8228
Entropy (8bit):	7.958295631556091
Encrypted:	false
SSDEEP:	192:sebFJptMBcPsRSGmi3fj1zoTH4yPzeIbkSg5MuLn3bk6jt:sCpG2qZ3fxW4yPzYZ/jrZt
MD5:	89782DE0C4F78B6A6A925A1598C2F056
SHA1:	74A1051FE09DB7F3B8FC354BC456E13B6E539DDE
SHA-256:	D1F4CBE6B84E7EFE15178FB86C223917455B3984D10CA231121602F6D8E09323
SHA-512:	D6F9AC1F395FAF8D6C5BA12E4C2DEC7523378EEF570E2699EADA626C242CD7BA9C48E0786EE78792915A5915A2995A554AFCEA9BD59269A9F83EF2D21223E909
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/xqUAS7ybTTu-O2dBQp2ZeoDTPvszt7NC5o-7ugw-TWkrUGpYiQSofQQDfNDPHPYueOo=s64-rw
Preview:	RIFF. ..WEBPVP8L. ../?...M j.F.v..?.....,...Q[4.....6.@...]8.$I.R.u...^.:>;.D..Hy../..kz.....$E}..G...w....T/k.oR..z..........44..g.I.....:.\|......x....}.....-oKz....R.......6...=..VT...m.........2.......m.$Y....U]..5.m.w..m.w.m..9k..U...:.5....9.h.:.I.}.S..m.m.m.m..c.z.B.......I..}...Y3#ff.6..,F.LF_[`..........[k....9.R.0.%...V........2..:J.2.t..m........Sn..{<.g..L&.Ll...v.(.m.6.5.v.l.r.4.$.3.....#N...m;.I.m?..J.S..o.m.m.5.m{.n{......\.{.m.mk.Jic.9..m^.v.m.N."h;f.ml.{.....5.m...m....,.&....bj..j....Y.5..s.3"D......".F.<....q.1.h\.4r.<F..d....<..#2S.?H.3.X?.z....q..\E...\|........;.<.O.>.1...A...};.2.(...# &..J,.:.s....f&.Bz!w@.46.{!O.;. .@..!...._`......[...gp...L.Jx.-.....g.._~....t..qL.1..Q....(.C..._..{..5......G.....F/_Z..mw.....;..LsD.uW..@.I.......k....h-./.{s4=.W...dNX...D&].-.0.&.......Uu>.O6w..._D/..K..&..UR...m...k...6.....@"............s..u...P.....b..9.#&.......&..0.*.`.f.2..g..i...T.k....m.y..Y.+.Uz.#..<.[m..~.

Chrome Cache Entry: 460

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11592), with no line terminators
Category:	downloaded
Size (bytes):	11592
Entropy (8bit):	5.214688259892576
Encrypted:	false
SSDEEP:	192:DwbgMiAo5mi2byCGQawyOFCKPUfY1P5lDSjNYRv6Ic/KjZ9wCmH5:D/5mi8lhyg/WYs5V1Y9EZ
MD5:	DDBB39A9E8E67D5067145F8AA76B938D
SHA1:	2F7CACFBCAAF8291A1A933898D1DFF0B21EDF1CB
SHA-256:	44798A517A7C8D28C1E371A1B8B869BAE1608BD48DF7ED50800CBED8703612C1
SHA-512:	0D39A3532DA94D3E32A87B89D2E3E8E1EE94F40E06C61773808F90DC9C0DC6A69BDDC713A5CD99151799FA5F74DDAF62A4E8ECACEF5241B54D6B37892561F811
Malicious:	false
Reputation:	low
URL:	https://script.tapfiliate.com/tapfiliate.js
Preview:	!function(){var d=window,v=window.TapfiliateObject\|\|"tap",r=d[v]&&d[v].q\|\|[];if(!d[v]\|\|!d[v].loaded){d[v]=function(t,n,e,o,i,r){var a=d[v][t];if("function"!=typeof a)throw'Function "'+t+'" not supported';a(n,e,o,i,r)},d[v].q=r,d[v].loaded=!0,d[v].baseUrl="https://frstre.com",d[v].baseUrlDepr="https://tapi.tapfiliate.com";var n,h;d[v].Tracking=d[v].Tracking\|\|{},d[v].options=d[v].options\|\|{};var m={},a=!1,s=function(t){var n,e,o,i,r;if(e=[],r=/%20/g,o=function(t,n){n="function"==typeof n?n():null===n?"":n,e[e.length]=encodeURIComponent(t)+"="+encodeURIComponent(n)},t instanceof Array)for(i in t)o(i,t[i]);else for(n in t)f(n,t[n],o);return e.join("&").replace(r,"+")},l=new function(){var s={},l=0,u=[],c=[],p=!1,o=this;return this.addMethod=function(t){if(t.supported())return l++,s[t.key]=t,this},this.init=function(){var t=l;function n(){--t<=0&&(p=!0,function(){for(var t=u.length-1;0<=t;t--)o.read.apply(o,u[t]);for(var n=c.length-1;0<=n;n--)o.write.apply(o,c[n])}())}for(var e in s)"functi

Chrome Cache Entry: 461

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9961)
Category:	downloaded
Size (bytes):	34297
Entropy (8bit):	5.430589999571692
Encrypted:	false
SSDEEP:	768:JXXM/HZq4W/P3/+Xn3JeflLU6mvbPRAS3mjTv:J74W/O3ElUZpAS3mjTv
MD5:	940CF106D9D64D59C16CFC7AB20FC4BD
SHA1:	E01E172E0F32B98DA097C2E7A44A7163A2715C1B
SHA-256:	666F48FE552311E8CF24697979A864D4C593CC27D891B8E72209F6F26D8489CC
SHA-512:	C608872B57FBC4A39C05AA4AC3187761B138E265E9D476ACEB7C396274DCADB4C77D2CA84437144AD1A0E6A7608432F7ED0556824A36950D923FF90EEDD0E800
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3i_Ou4/y9/l/en_GB/HQk3O9bBiV8.js
Preview:	;/FB_PKG_DELIM/..__d("ArtillerySegment",["invariant","cr:9985"],(function(a,b,c,d,e,f,g,h){var i=0;a=function(){function a(a){a\|\|h(0,1496),"category"in a&&"description"in a\|\|h(0,3138,JSON.stringify(a)),this.$1=!1,this.$2=babelHelpers["extends"]({},a,{id:(i++).toString(36)}),this.$3=[]}var c=a.prototype;c.getID=function(){return this.$2.id};c.begin=function(){this.$2.begin=b("cr:9985")();return this};c.end=function(){this.$2.end=b("cr:9985")();return this};c.appendChild=function(){var a=this;this.$1&&h(0,37302,this.$2.description);for(var b=arguments.length,c=new Array(b),d=0;d<b;d++)c[d]=arguments[d];c.forEach(function(b){a.$3.push(b.getID())});return this};c.setPosted=function(){this.$1=!0;return this};c.getPostData=function(){return babelHelpers["extends"]({},this.$2,{id:this.$2.id,children:this.$3.slice()})};return a}();g["default"]=a}),98);.__d("ArtillerySequence",["invariant"],(function(a,b,c,d,e,f,g,h){var i=0;a=function(){function a(a){a\|\|h(0,1496),"description"in a\|\|h(0,1497,

Chrome Cache Entry: 462

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (724)
Category:	downloaded
Size (bytes):	551834
Entropy (8bit):	5.646059185430787
Encrypted:	false
SSDEEP:	6144:ytxIUYTteVvs0E8gSdoxS4MLYw1tZnAzsz1I9VBojCdzNDC2vPpD:ybYTZMgGopkAzsz1ciEU2d
MD5:	33AFF52B82A1DF246136E75500D93220
SHA1:	4675754451AF81F996EAB925923C31EF5115A9F4
SHA-256:	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
SHA-512:	2E1BAAE95052737BDB3613A6165589643516A1F4811D19C2F037D426265AA5ADF3C70334C1106B1B0EEF779244389F0D7C8C52B4CD55FCE9BAB2E4FCB0642720
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var z=function(){return[function(v,p,K,u,W,n){if(!((v>>2&(n=[6,"Unknown format requested type for int64",9],n[0])\|\|!U[22](11,this.U(),p)&&this.dispatchEvent("enter")&&this.isEnabled()&&R[23](n[2],this,2)&&R[3](n[0],2,!0,this),v-1)<20&&(v>>1&7)>=4&&(u=new vf,W=R[41](1,p,u,kV,K==p?K:P[8](37,K),5)),v<<1&11))throw Error(n[1]);return W},function(v,p,K,u,W){return((W=[17,7,46],v)<<2&W[1]\|\|(p=function(n){return K.call(p.src,p.listener,n)},K=UJ,u=p),(v-1\|12)<v&&(v-9\|59)>=v)&&(u=M[W[2]](15,p)&&!M[W[2]](13,."iPod")&&!M[W[2]](W[0],K)),((v\|8)&W[1])==1&&(u=p.Y?p.Y:p.I?"application/x-protobuffer":""),u},function(v,p,K,u,W){retu

Chrome Cache Entry: 463

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5552)
Category:	dropped
Size (bytes):	180712
Entropy (8bit):	5.299521308031669
Encrypted:	false
SSDEEP:	1536:R7hpwNC9ZK0BK01QYaKTZ02LKVsdmpyKcicgbJ9QIZQPBHete01pFF8nu1B5i65+:R7D9ZKAKBYaKj8wKcHgbPF0A9r8ne58
MD5:	74090B5AF95943571A91076ADDBB8827
SHA1:	35B6AA7D52B106CFBA77A3B7ABDA49D0BE46612D
SHA-256:	6068484A24E9B03A5CFEC9A6DEEFEC88062C2F3586EE4BBBD47963DC4EA64BED
SHA-512:	41F7C373E5385D8E31B17C9783743EAD55F440FA39213B205EDB035749B01099A55AC2B5BC98ABBD9A047F7832AEA9E02C461190903E4C1E63900AF238074679
Malicious:	false
Reputation:	low
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 464

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 526x296, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	37386
Entropy (8bit):	7.993958325487087
Encrypted:	true
SSDEEP:	768:1PK0bNv9X3mcPMNAAy8qgFsunp+UTDxtcx/kIp0o7nTQI8Tgu14eunS9QJtMHxP:pPNF9mlPkUTDxtcxTp0Awgu14eoNt89
MD5:	55E76BCD844AE277B16B7448659BDECD
SHA1:	3B796473595F2881B3BC54BCCF74C3C834FE9CC8
SHA-256:	50343F31F5B542246959A147F9C3AFB32701A7864E3D575251E150A94EF957C0
SHA-512:	1CE4DB565BC88C68C0B52EE171F92A9FC07BDFFBD418BEA3A95F1BE6E5F2511AF19E186FF0C3EAD791E8B338E2E0D5AAA8F66DDC2D561C4FF42BD46110FFE261
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/we0bhS3JiHZckLoz-x8MZ7OBO162eznUU-hdS-a3tfoKR8-fsQjQOBkGhEc-YP8zaine=w526-h296-rw
Preview:	RIFF....WEBPVP8 ..........(.>i.E."..-WL....llC.j"_..f....M.`...0.af.92{........._.o.....o....o............\|o...P.b...../._........Q.K.......O._..a........................]..g....._ _.............o.....~.?..........K.7...........?.{.........^0.s.o._r.......k.<......>..@.Q....._0.......?...z..Y.G...g.............k....~T\|L}w...}....e.....g./c....~..........?.?..................~......?.......=...........;.....G.7.N./N\|f.. W.......C_.:...j:.}=.V.3...]s..7.i...N,3e.'kIQ..5.T..........e..t.pQ...0.......^_.@..z(.......yp7.p...KR.Q.....vo.<..1..U..u.....a..._.j..R$.cZFw.X..\R..J../S.....>.N+6......Ax.....gPq.#............^.XX......M.P......j...3.......a.K.+.....r.g....TX...{........!..~....m.0.f....hqt.. ..Y.V.....6i.g.Y...J..........<..w.P`w..b.C6...'P......m.(onC.H..p6...a.>`7.Mud.[L..u..7&...)H.b....}....yF..[...c.#....Fl.5....5!.w.#..g....0..v^...<........X.....K".....V..QNa>....tp.6.Q1.o..)&Za=...h..L...4.^?...Q.BM..^..l. 5...v.....C.A.pf..T.

Chrome Cache Entry: 465

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	85304
Entropy (8bit):	4.84771628371739
Encrypted:	false
SSDEEP:	384:49Tp3WQ0QhABG/fPEXWJkRqx44kKL4OwRR4wJDFDTp3WQ0QhABG/fPEXWJkRqx4P:5Q0c/HJ44T4dawxmQ0c/HJ44T4dawxR
MD5:	0920EA34072683229E6EA8299345CD09
SHA1:	0903033A844336F7C78ED4ABBBCD92CD3115A03E
SHA-256:	F37D6F502A5A961AC5C3F17C8D58685FF6B0DC0F69C2DCDD379CCABC96EC3BF2
SHA-512:	F63DC67289985C19D3A5863182A57653CC31909F2D5A4CF3E796FF2C3857D51610E03177EAC950250B7E3978FD5B6F0A12C665258513724D17E88784F8888FF1
Malicious:	false
Reputation:	low
URL:	https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css
Preview:	/!. Material Design Iconic Font by Sergey Kupletsky (@zavoloklom) - http://zavoloklom.github.io/material-design-iconic-font/. * License - http://zavoloklom.github.io/material-design-iconic-font/license (Font: SIL OFL 1.1, CSS: MIT License). */.@font-face {. font-family: 'Material-Design-Iconic-Font';. src: url('../fonts/Material-Design-Iconic-Font.woff2?v=2.2.0') format('woff2'), url('../fonts/Material-Design-Iconic-Font.woff?v=2.2.0') format('woff'), url('../fonts/Material-Design-Iconic-Font.ttf?v=2.2.0') format('truetype');. font-weight: normal;. font-style: normal;.}..zmdi {. display: inline-block;. font: normal normal normal 14px/1 'Material-Design-Iconic-Font';. font-size: inherit;. text-rendering: auto;. -webkit-font-smoothing: antialiased;. -moz-osx-font-smoothing: grayscale;.}..zmdi-hc-lg {. font-size: 1.33333333em;. line-height: 0.75em;. vertical-align: -15%;.}..zmdi-hc-2x {. font-size: 2em;.}..zmdi-hc-3x {. font-size: 3em;.}..zmdi-hc-4x {. font-size: 4em;

Chrome Cache Entry: 466

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x241, components 3
Category:	downloaded
Size (bytes):	67398
Entropy (8bit):	7.98625953181667
Encrypted:	false
SSDEEP:	1536:69v9T9mplUgnDqvI3dVrlFvryG70233D39W7:6VtkUgDqMdVrfvrT79a
MD5:	1825A826736D50F007A25988BF1A86C9
SHA1:	09ADFAAD5B4CC6ECB519829CDE8724541CCE72E8
SHA-256:	95DCBC02618AC287B3F9388C5F3EA2953BA74DBAC74B8C902CBAF3E892C93C96
SHA-512:	1C9F69CDE4EC7F952E6499C3087F00A32BEA9DDA1C52442AEB561DF1BF772DF81A2BC7BAF79A75429CAE6A70B0BD502CA2F4D0A6D2D2F3C63EA8BEFE15DC357B
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/images/mno/higgs_domino640x241.jpg
Preview:	......JFIF..........................................................................................................................................................."......................................................%$......u.<.T.V.\.L....32.&...;.R{.za.........2y...CCi5.H.......o.G.....!N...,7...+..} ..5% 7....N...D...v..."...N.H.enN..C.....S7.5..4.\|.M3..%$.].......=5.e....j]..R..E...pf.<.6..........,0:..D...^..0...(.D....[..zy..5.. ...G..3.J....."..QF:p-50 q..\4..-.. .V.<i...jm..AF..Si.$.;.-n~...o..^..4..Y.L.ba.t[.ZPV...j...I$>.....n.-B./..K..S.;sC.."mB...5..z.)..%.1..D.n.D}..'P5.DM.u....K...d.x.....K....[8..j.7....O8[....x./".A..9:S{.E...k...[#n.^..[.,{..b%Qa".......L..2F,C0v....S..$.o.4.}O...k+<./.;.H..5.Ib......5...._......a..%.4..[;..r..n.+.qj..............)$F^.4.X...7.m=U...G~...].D..l.b....b...Xu.....#..... .i..mN3..*..=M5`..n...6.B;..Y(..J........<A..wa..a....c..<..+..el.........;.5..b]'....G....B3..: ..........4....}.._Z

Chrome Cache Entry: 467

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1618), with no line terminators
Category:	dropped
Size (bytes):	1618
Entropy (8bit):	5.781837534694755
Encrypted:	false
SSDEEP:	48:VKEcJHxKo7LmvtUjPKtXsNEHFmc8s1aiRLrwUnG:fSHgj5c+HFbHv5suG
MD5:	94943530E104EE3F88D6AD86638B28C3
SHA1:	B8B7F7556523E03B5519338B59AE8D998987D457
SHA-256:	2538181A77FD5AEA93113400E39EBA98728EAC1FC13057F0B40C9AAE69054EA1
SHA-512:	5031C94E34477D67FAC9002DE62BB81CB359B16B59FAD19EB63CB1221ADFC275AC956F25580BBCA5D5F829FCBAAA4161F59302C584635E8D30217D3492F5D4D1
Malicious:	false
Reputation:	low
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!

Chrome Cache Entry: 468

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	8458
Entropy (8bit):	7.936237880471812
Encrypted:	false
SSDEEP:	192:HjmaoRlRlveVs7prowYPGRQCCR/dCWp57cjSvmIMsNnwucLdErH:HCaclneyNshGmzCW3QjsrRH
MD5:	B9015B21978B460514E2D0CA25E383E0
SHA1:	DAFA570719E0525D896C0C95F5B0E7ABD598DF7B
SHA-256:	51DA9F26B3488A53F846A848747D3C4D1F47FA54C14951668E94531EB1AAFD0E
SHA-512:	7E545807030075E3C96737EA4BA8D131CFA0CC52EAC5BCAB431C3D06797C35F0BF4671FD05DB5372B399D2CF4C830228B8CB3030C81F941A3D3365E08722F10D
Malicious:	false
Reputation:	low
URL:	https://play-lh.googleusercontent.com/mvFrMMdovquq71B-ta-JVKBdw4Zbs2RmPxe8EVFyGiXAtHAm_p0x3940NqDmFGk6vg=s64-rw
Preview:	RIFF.!..WEBPVP8X........?..?..VP8L. ../?...M8j.I......G\| "..x..;K...T.#.=......H..U..D..A.bffj.l#Ir.P6qP...[(KS.$I24......l...I. .W.P.E.LI....!Bt.......d..o....d..v.a.+..E.vF.-~b>...&.4....#.....(.9..I....{.D.p.P../.5m."9r./3+...I.-f..............yd.\..K..j...7.....2......^..GlE.O...g.....e/..a...Le.e.33{....}....1...._.D.~...I....p..p...........b.Z..BI)If....,..vH.....GddVV..L...m.m.m..c...v..]U.....n.m.+..#0C.6 .U.f.Z.H."CPSE[w}3..t.t..0.......0.@......$..B.b..H.BHh0..$.. ..".8.....&.....[.Z.4..........$..D..qD.(.....h...i.a.QGN....d...@........).8..GD.k@l.p3c..o......D.@.....3.N...4.E..Q'.Y...4.h...B..O .q..V.....l.?..2....E..$Q...J"..0.D.4t.QG.(>.4.Q7...F@..'...".......W%@...i..v..>.p.y.K.:.......K...y.a"&..Y&.:..qd..I!.2P.b.DZ..IJ.D:;M"A.W[....^..%..z..q..D(r..p..]).....H.\|.......f..'.$...'.,G#i&C.*.DDd.j.5.Y..W..,.........T{.{e..t...pd......R..5x..e.gM..s..T3...r.2...\|.......}....9."Q.&b.....f.M.9..v.d.....Cz..K.d...T..qo\|/A..#n\|.".F..FO.

Chrome Cache Entry: 469

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2363)
Category:	downloaded
Size (bytes):	35973
Entropy (8bit):	5.266740217260602
Encrypted:	false
SSDEEP:	192:10OW02ANbMb6l2n+brGtUQnSMfps3+eYQY+h572hk//r8Y5Y6BjSmMErEURHllPb:xMb/+vaW1e07/PiF5fy/EzDS25qb
MD5:	C4A88EC0CB998929A670C0C58D7DC526
SHA1:	03135A88E8DBC36020DD453D1E7407CE9A3A2CC2
SHA-256:	44F8A56D427917B5FA0DD7933BA545679BE5E6B3B93099E64A4E29C2159F57C0
SHA-512:	FD0D6C06ABCD661796DB2BC071C2A2BBFC5CFE8D80B434B68CD068CC312A03FF0C93F21C1FCE77C2BC03486A80765EE317239639C79F2EDC03777918A36EFA1F
Malicious:	false
Reputation:	low
URL:	https://cdn1.codashop.com/S/content/common/css/jquery-ui-1.12.1.css
Preview:	/! jQuery UI - v1.12.1 - 2016-09-14. http://jqueryui.com.* Includes: core.css, accordion.css, autocomplete.css, menu.css, button.css, controlgroup.css, checkboxradio.css, datepicker.css, dialog.css, draggable.css, resizable.css, progressbar.css, selectable.css, selectmenu.css, slider.css, sortable.css, spinner.css, tabs.css, tooltip.css, theme.css.* To view and modify this theme, visit http://jqueryui.com/themeroller/?ffDefault=Arial%2CHelvetica%2Csans-serif&fsDefault=1em&fwDefault=normal&cornerRadius=3px&bgColorHeader=e9e9e9&bgTextureHeader=flat&borderColorHeader=dddddd&fcHeader=333333&iconColorHeader=444444&bgColorContent=ffffff&bgTextureContent=flat&borderColorContent=dddddd&fcContent=333333&iconColorContent=444444&bgColorDefault=f6f6f6&bgTextureDefault=flat&borderColorDefault=c5c5c5&fcDefault=454545&iconColorDefault=777777&bgColorHover=ededed&bgTextureHover=flat&borderColorHover=cccccc&fcHover=2b2b2b&iconColorHover=555555&bgColorActive=007fff&bgTextureActive=flat&borderColorActiv

Chrome Cache Entry: 470

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21258)
Category:	downloaded
Size (bytes):	684469
Entropy (8bit):	5.54260065489702
Encrypted:	false
SSDEEP:	6144:iHX4S/U/lpNXhQ5WOZiA2tb3+ojzsteGR6UJCFGz6CiEZqQ65P9/6D:7SUdHy5WOZAZBu6dYjir6D
MD5:	640947626C7AA8FA1FE5B0F2375A672C
SHA1:	1233FDFA767DF50E0750D8A7661C7162EED60E8F
SHA-256:	85A807B883A241217A83824610E7DA6B8AF08B317F59E3CBE34A45684B5157A9
SHA-512:	FFE63DAF2DC8B86A783D1F3C24F64E6DE16136B68105118514A48A1602C96BCAFCFFFDA6510142CE60123021E61DBA36C1B637374FA3986AA547E60DC77CF169
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3i7C_4/yF/l/en_GB/bHdWeYlnPYC.js
Preview:	;/FB_PKG_DELIM/..__d("ActiveFocusRegionUtilsContext",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;a=h\|\|d("react");b=a.createContext(null);c=b;g["default"]=c}),98);.__d("BanzaiAdapter",["cr:5866"],(function(a,b,c,d,e,f,g){g["default"]=b("cr:5866")}),98);.__d("BanzaiConsts",[],(function(a,b,c,d,e,f){a={SEND:"Banzai:SEND",OK:"Banzai:OK",ERROR:"Banzai:ERROR",SHUTDOWN:"Banzai:SHUTDOWN",BASIC:"basic",VITAL:"vital",BASIC_WAIT:6e4,BASIC_WAIT_COMET:2e3,VITAL_WAIT:1e3,BATCH_SIZE_LIMIT:64e3,EXPIRY:864e5,BATCH_TIMEOUT:1e4,LAST_STORAGE_FLUSH:"banzai:last_storage_flush",STORAGE_FLUSH_INTERVAL:12606e4,POST_READY:0,POST_INFLIGHT:1,POST_SENT:2};b=a;f["default"]=b}),66);.__d("BanzaiUtils",["BanzaiConsts","FBLogger","cr:1172","cr:9985","cr:9986"],(function(a,b,c,d,e,f){"use strict";var g,h={canSend:function(a){return a[2]>=b("cr:9985")()-(g\|\|(g=b("BanzaiConsts"))).EXPIRY},filterPost:function(a,c,d,e){if(e.overlimit)return!0;if(!e.sendMinimumOnePost&&a[4]+e.currentSize>(g\|\|(g=b("BanzaiConsts"

Chrome Cache Entry: 471

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11341)
Category:	downloaded
Size (bytes):	36897
Entropy (8bit):	5.420585042130978
Encrypted:	false
SSDEEP:	384:kG/cNHiLQ/+MzmB8ln+NBioD2AnrcGi37QNPrRQmleOvnzqZlfGhqg/u+c:zUBirNBioD2Gro37QNP1CDj4W+c
MD5:	3C18A5266395BD7E41E3F47066E8CD3C
SHA1:	1BC42FE72967EAF08BCD951B32B41A58C4B638A0
SHA-256:	6C9B5A513B8BD89640850A847F661D6093E804445AE178A45F11BEB15047EEE5
SHA-512:	80B88EDE4EE4784EA4A9BD2652D3234FD2E634DEF8B25E90E85690BD16847049E33FB05C805B7DBDCFE5FB077A969F34153D346ABB4F93EB653F0BE7627F85D6
Malicious:	false
Reputation:	low
URL:	https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Mke0TqvRbAM.js
Preview:	;/FB_PKG_DELIM/..__d("ActorURIConfig",[],(function(a,b,c,d,e,f){a=Object.freeze({PARAMETER_ACTOR:"av",ENCRYPTED_PARAMETER_ACTOR:"eav"});f["default"]=a}),66);.__d("usePrevious",["react"],(function(a,b,c,d,e,f,g){"use strict";var h;b=h\|\|d("react");var i=b.useEffect,j=b.useRef;function a(a){var b=j(null);i(function(){b.current=a});return b.current}g["default"]=a}),98);.__d("BaseDocumentScrollView.react",["BaseView.react","HiddenSubtreeContext","HiddenSubtreeContextProvider.react","react","usePrevious","useStable"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h\|\|(h=d("react"));e=h;var j=e.useCallback,k=e.useContext,l=e.useLayoutEffect,m=e.useRef,n=e.useState,o={detached:{MsOverflowStyle:"x1pq812k",height:"x5yr21d",start:"x17qophe",left:null,right:null,overflowX:"xw2csxc",overflowY:"x1odjw0f",position:"xixxii4",scrollbarWidth:"x1rohswg",top:"x13vifvy",width:"xh8yej3","::-webkit-scrollbar_display":"xfk6m8","::-webkit-scrollbar_height":"x1yqm8si","::-webkit-scrollbar_width":"xjx87ck",$$css

Chrome Cache Entry: 472

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	792
Entropy (8bit):	5.195185887951304
Encrypted:	false
SSDEEP:	12:kRZTFMTfXI/AIwivoXvI/AI+2iF5YxHI/AIoAnTiCdGMYeI/AI1iEowkbRN20:kzeT89cc0RF5J3eaQ+EoVrl
MD5:	04D4525BB28B425C6B2445CA91CFEB7F
SHA1:	BEC04C58EE946267F9DCA2F324A44E1963EEDDD6
SHA-256:	8C6770B4616D22385CB43F2E690FF3F62C6284FAB873F4234C434AE42A2DC1CE
SHA-512:	565763CC9A7DDD60915BA455AE0A6992CC6B5235F5C8B149F64A3F56772B937587199D91BA3A6C2A4B6A1ACBF983654DF1E37DD66CE7DD1D996E4590147562E1
Malicious:	false
Reputation:	low
URL:	"https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O/ck=boq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O/am=R7cZwOj6QDAJDPAPHgdjAQ/d=1/exm=A1yn5d,A7fCU,ArluEf,BBI74,BVgquf,BfdUQc,EEDORb,EFQ78c,GkRiKb,IJGqxf,IZT63,IcVnM,JH2zc,JNoxi,JWUKXe,KUM7Z,L1AAkb,LCkxpb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NkbkFd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PHUIyb,PrPYRd,QIhFr,RMhBfe,RQJprf,RqjULd,SWD8cc,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,Z5wzge,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aTwUve,aW3pY,aurFic,byfTOb,dfkSTe,e5qFLc,ebZ3mb,fI4Vwc,fKUV3e,fl2Zj,gychg,hKSk3e,hc6Ubd,indMcf,j9sf1,jX6UVc,kJXwXb,kWgXee,kjKdXe,kr6Nlf,lazG7b,lpwuxb,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nKuFpb,oEJvKc,ovKuLd,pCKBF,pYCIec,pjICDe,pw70Gc,q0xTif,qfGEyb,rpbmN,s39S4,sJhETb,sOXFj,soHxf,t1sulf,tBvKNb,tKHFxf,vNKqzc,vrGZEc,w9hDv,wW2D8b,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,ywOR5c,z5Gxfe,zBPctc,zbML3c,zr1jrb/excm=_b,_tp,appdetailsview/ed=1/wt=2/ujg=1/rs=AB1caFU8eZDGCoQynZAto5A5FNNCWi5yGA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Hs0fpd:jLUKge;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;Rdd4dc:WXw8B;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;nAu0tf:z5Gxfe;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;sgjhQc:bQAegc;wR5FRb:O1Gjze;xqZiqf:BBI74;yEQyxe:TLjaTd;yxTchf:KUM7Z;zxnPse:GkRiKb/m=yNB6me,qqarmf,FuzVxc,I8lFqf"
Preview:	"use strict";this.default_PlayStoreUi=this.default_PlayStoreUi\|\|{};(function(_){var window=this;.try{._.u("yNB6me");._.qr(_.OCa,class extends _.rr{constructor(a){super(a.ta)}H(){return"yNB6me"}N(){return!0}Xa(){return _.Wbc}});_.$q.yNB6me=_.acc;._.w();._.u("qqarmf");._.qr(_.zDa,class extends _.rr{constructor(a){super(a.ta)}H(){return"qqarmf"}N(){return!0}Xa(){return _.ydc}});_.$q.qqarmf=_.Cfc;._.w();._.u("FuzVxc");._.qr(_.BDa,class extends _.rr{constructor(a){super(a.ta)}H(){return"FuzVxc"}N(){return!0}Xa(){return _.Yfc}});_.$q.FuzVxc=_.agc;._.w();._.u("I8lFqf");._.qr(_.EDa,class extends _.rr{constructor(a){super(a.ta)}H(){return"I8lFqf"}N(){return!0}Xa(){return _.dgc}});_.$q.I8lFqf=_.fgc;._.w();.}catch(e){_._DumpException(e)}.}).call(this,this.default_PlayStoreUi);.// Google Inc..

Static File Info

⊘No static file info

Network Behavior

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 28, 2024 01:47:05.331402063 CEST	192.168.2.7	1.1.1.1	0x8aa8	Standard query (0)	www.card.xn--6qq986b3xl	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:05.331582069 CEST	192.168.2.7	1.1.1.1	0x3a6f	Standard query (0)	www.card.xn--6qq986b3xl	65	IN (0x0001)	false
Sep 28, 2024 01:47:06.998100042 CEST	192.168.2.7	1.1.1.1	0x7e3b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:06.998660088 CEST	192.168.2.7	1.1.1.1	0xc3b6	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:09.386957884 CEST	192.168.2.7	1.1.1.1	0x7253	Standard query (0)	connect.facebook.net	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.389317036 CEST	192.168.2.7	1.1.1.1	0xe920	Standard query (0)	connect.facebook.net	65	IN (0x0001)	false
Sep 28, 2024 01:47:09.426393032 CEST	192.168.2.7	1.1.1.1	0x7e4	Standard query (0)	cdn1.codashop.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.426522970 CEST	192.168.2.7	1.1.1.1	0x6aa8	Standard query (0)	cdn1.codashop.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:09.429398060 CEST	192.168.2.7	1.1.1.1	0x1c47	Standard query (0)	cdn.onesignal.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.429577112 CEST	192.168.2.7	1.1.1.1	0x20a0	Standard query (0)	cdn.onesignal.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:09.444165945 CEST	192.168.2.7	1.1.1.1	0x6726	Standard query (0)	script.tapfiliate.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.444441080 CEST	192.168.2.7	1.1.1.1	0xe179	Standard query (0)	script.tapfiliate.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:09.445631981 CEST	192.168.2.7	1.1.1.1	0x3a91	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.446331024 CEST	192.168.2.7	1.1.1.1	0xf24b	Standard query (0)	cdnjs.cloudflare.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:09.447988033 CEST	192.168.2.7	1.1.1.1	0x6678	Standard query (0)	stackpath.bootstrapcdn.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.448582888 CEST	192.168.2.7	1.1.1.1	0xffe	Standard query (0)	stackpath.bootstrapcdn.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:09.460261106 CEST	192.168.2.7	1.1.1.1	0xe60	Standard query (0)	image.winudf.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.460817099 CEST	192.168.2.7	1.1.1.1	0xfd87	Standard query (0)	image.winudf.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:10.796384096 CEST	192.168.2.7	1.1.1.1	0x3f9d	Standard query (0)	www.card.xn--6qq986b3xl	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:10.796874046 CEST	192.168.2.7	1.1.1.1	0x87fd	Standard query (0)	www.card.xn--6qq986b3xl	65	IN (0x0001)	false
Sep 28, 2024 01:47:11.931653976 CEST	192.168.2.7	1.1.1.1	0x9a84	Standard query (0)	image.winudf.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.953896999 CEST	192.168.2.7	1.1.1.1	0xd76	Standard query (0)	image.winudf.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:11.967222929 CEST	192.168.2.7	1.1.1.1	0x12e5	Standard query (0)	script.tapfiliate.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.968374014 CEST	192.168.2.7	1.1.1.1	0xa209	Standard query (0)	script.tapfiliate.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:12.073715925 CEST	192.168.2.7	1.1.1.1	0x475d	Standard query (0)	d1qgcmfii0ptfa.cloudfront.net	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.074062109 CEST	192.168.2.7	1.1.1.1	0x779e	Standard query (0)	d1qgcmfii0ptfa.cloudfront.net	65	IN (0x0001)	false
Sep 28, 2024 01:47:12.075031042 CEST	192.168.2.7	1.1.1.1	0x129	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.075215101 CEST	192.168.2.7	1.1.1.1	0x20b7	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:12.393548012 CEST	192.168.2.7	1.1.1.1	0xbd49	Standard query (0)	cdn1.codashop.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.393831015 CEST	192.168.2.7	1.1.1.1	0xb4d3	Standard query (0)	cdn1.codashop.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:12.845518112 CEST	192.168.2.7	1.1.1.1	0x9363	Standard query (0)	connect.facebook.net	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.845830917 CEST	192.168.2.7	1.1.1.1	0x67a	Standard query (0)	connect.facebook.net	65	IN (0x0001)	false
Sep 28, 2024 01:47:13.080173016 CEST	192.168.2.7	1.1.1.1	0xdf5b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:13.080311060 CEST	192.168.2.7	1.1.1.1	0x7da4	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:13.198555946 CEST	192.168.2.7	1.1.1.1	0xd25d	Standard query (0)	d1qgcmfii0ptfa.cloudfront.net	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:13.198728085 CEST	192.168.2.7	1.1.1.1	0xcba	Standard query (0)	d1qgcmfii0ptfa.cloudfront.net	65	IN (0x0001)	false
Sep 28, 2024 01:47:21.090147972 CEST	192.168.2.7	1.1.1.1	0x168d	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:21.090392113 CEST	192.168.2.7	1.1.1.1	0x783b	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:33.988023996 CEST	192.168.2.7	1.1.1.1	0x2278	Standard query (0)	bit.ly	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:33.988754034 CEST	192.168.2.7	1.1.1.1	0xba0	Standard query (0)	bit.ly	65	IN (0x0001)	false
Sep 28, 2024 01:47:34.479547977 CEST	192.168.2.7	1.1.1.1	0x97eb	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:34.479902029 CEST	192.168.2.7	1.1.1.1	0x2f99	Standard query (0)	play.google.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:36.621237040 CEST	192.168.2.7	1.1.1.1	0xad42	Standard query (0)	play-lh.googleusercontent.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:36.621469975 CEST	192.168.2.7	1.1.1.1	0x7f90	Standard query (0)	play-lh.googleusercontent.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:38.838311911 CEST	192.168.2.7	1.1.1.1	0xc99c	Standard query (0)	play-lh.googleusercontent.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:38.839063883 CEST	192.168.2.7	1.1.1.1	0xc5fb	Standard query (0)	play-lh.googleusercontent.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:47.012803078 CEST	192.168.2.7	1.1.1.1	0xc246	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:47.013031006 CEST	192.168.2.7	1.1.1.1	0x67e5	Standard query (0)	play.google.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:50.384037971 CEST	192.168.2.7	1.1.1.1	0xc4a8	Standard query (0)	support.codapay.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:50.384562016 CEST	192.168.2.7	1.1.1.1	0x3947	Standard query (0)	support.codapay.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:51.937717915 CEST	192.168.2.7	1.1.1.1	0x9b2f	Standard query (0)	a.nel.cloudflare.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:51.938158989 CEST	192.168.2.7	1.1.1.1	0x8743	Standard query (0)	a.nel.cloudflare.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:51.941981077 CEST	192.168.2.7	1.1.1.1	0x84df	Standard query (0)	static.zdassets.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:51.942357063 CEST	192.168.2.7	1.1.1.1	0x5268	Standard query (0)	static.zdassets.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:53.047389984 CEST	192.168.2.7	1.1.1.1	0xe830	Standard query (0)	codapay.zendesk.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.050508976 CEST	192.168.2.7	1.1.1.1	0x5aa8	Standard query (0)	codapay.zendesk.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:53.650439024 CEST	192.168.2.7	1.1.1.1	0x18d7	Standard query (0)	support.codapay.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.650779009 CEST	192.168.2.7	1.1.1.1	0x3f8f	Standard query (0)	support.codapay.com	65	IN (0x0001)	false
Sep 28, 2024 01:47:53.690051079 CEST	192.168.2.7	1.1.1.1	0x3c80	Standard query (0)	static.zdassets.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.690623045 CEST	192.168.2.7	1.1.1.1	0xe5c0	Standard query (0)	static.zdassets.com	65	IN (0x0001)	false
Sep 28, 2024 01:48:02.062820911 CEST	192.168.2.7	1.1.1.1	0x475d	Standard query (0)	m.me	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:02.063185930 CEST	192.168.2.7	1.1.1.1	0x4d5c	Standard query (0)	m.me	65	IN (0x0001)	false
Sep 28, 2024 01:48:02.776598930 CEST	192.168.2.7	1.1.1.1	0x7a36	Standard query (0)	m.me	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:02.776860952 CEST	192.168.2.7	1.1.1.1	0x184c	Standard query (0)	m.me	65	IN (0x0001)	false
Sep 28, 2024 01:48:03.779218912 CEST	192.168.2.7	1.1.1.1	0xb620	Standard query (0)	www.facebook.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:03.779433966 CEST	192.168.2.7	1.1.1.1	0x3cd3	Standard query (0)	www.facebook.com	65	IN (0x0001)	false
Sep 28, 2024 01:48:04.755573034 CEST	192.168.2.7	1.1.1.1	0x81b2	Standard query (0)	www.messenger.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:04.755752087 CEST	192.168.2.7	1.1.1.1	0x50b8	Standard query (0)	www.messenger.com	65	IN (0x0001)	false
Sep 28, 2024 01:48:06.812136889 CEST	192.168.2.7	1.1.1.1	0x6efa	Standard query (0)	static.xx.fbcdn.net	65	IN (0x0001)	false
Sep 28, 2024 01:48:06.812138081 CEST	192.168.2.7	1.1.1.1	0x6d07	Standard query (0)	static.xx.fbcdn.net	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:11.078437090 CEST	192.168.2.7	1.1.1.1	0xa561	Standard query (0)	www.facebook.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:11.078588963 CEST	192.168.2.7	1.1.1.1	0x4657	Standard query (0)	www.facebook.com	65	IN (0x0001)	false
Sep 28, 2024 01:48:12.590306044 CEST	192.168.2.7	1.1.1.1	0xe118	Standard query (0)	static.xx.fbcdn.net	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:12.590550900 CEST	192.168.2.7	1.1.1.1	0x412f	Standard query (0)	static.xx.fbcdn.net	65	IN (0x0001)	false
Sep 28, 2024 01:48:12.932487965 CEST	192.168.2.7	1.1.1.1	0x10b2	Standard query (0)	www.facebook.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:12.932701111 CEST	192.168.2.7	1.1.1.1	0x9540	Standard query (0)	www.facebook.com	65	IN (0x0001)	false
Sep 28, 2024 01:48:14.899241924 CEST	192.168.2.7	1.1.1.1	0xcce8	Standard query (0)	www.messenger.com	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:14.899532080 CEST	192.168.2.7	1.1.1.1	0x8fe3	Standard query (0)	www.messenger.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 28, 2024 01:47:06.198808908 CEST	1.1.1.1	192.168.2.7	0x8aa8	No error (0)	www.card.xn--6qq986b3xl		162.210.102.233	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:07.004771948 CEST	1.1.1.1	192.168.2.7	0x7e3b	No error (0)	www.google.com		142.250.185.132	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:07.005666018 CEST	1.1.1.1	192.168.2.7	0xc3b6	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:09.393815994 CEST	1.1.1.1	192.168.2.7	0x7253	No error (0)	connect.facebook.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:09.393815994 CEST	1.1.1.1	192.168.2.7	0x7253	No error (0)	scontent.xx.fbcdn.net		157.240.251.9	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.395975113 CEST	1.1.1.1	192.168.2.7	0xe920	No error (0)	connect.facebook.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:09.395975113 CEST	1.1.1.1	192.168.2.7	0xe920	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:47:09.395975113 CEST	1.1.1.1	192.168.2.7	0xe920	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:47:09.436023951 CEST	1.1.1.1	192.168.2.7	0x1c47	No error (0)	cdn.onesignal.com		104.16.160.145	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.436023951 CEST	1.1.1.1	192.168.2.7	0x1c47	No error (0)	cdn.onesignal.com		104.17.111.223	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.437347889 CEST	1.1.1.1	192.168.2.7	0x20a0	No error (0)	cdn.onesignal.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:09.452322006 CEST	1.1.1.1	192.168.2.7	0x3a91	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.452322006 CEST	1.1.1.1	192.168.2.7	0x3a91	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.453300953 CEST	1.1.1.1	192.168.2.7	0xf24b	No error (0)	cdnjs.cloudflare.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:09.454561949 CEST	1.1.1.1	192.168.2.7	0x6678	No error (0)	stackpath.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.454561949 CEST	1.1.1.1	192.168.2.7	0x6678	No error (0)	stackpath.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.455828905 CEST	1.1.1.1	192.168.2.7	0xffe	No error (0)	stackpath.bootstrapcdn.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:09.457170963 CEST	1.1.1.1	192.168.2.7	0x7e4	No error (0)	cdn1.codashop.com	d94kc4f8ihaz6.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:09.457170963 CEST	1.1.1.1	192.168.2.7	0x7e4	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.6	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.457170963 CEST	1.1.1.1	192.168.2.7	0x7e4	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.4	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.457170963 CEST	1.1.1.1	192.168.2.7	0x7e4	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.87	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.457170963 CEST	1.1.1.1	192.168.2.7	0x7e4	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.115	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.462294102 CEST	1.1.1.1	192.168.2.7	0x6726	No error (0)	script.tapfiliate.com		13.32.121.127	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.462294102 CEST	1.1.1.1	192.168.2.7	0x6726	No error (0)	script.tapfiliate.com		13.32.121.73	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.462294102 CEST	1.1.1.1	192.168.2.7	0x6726	No error (0)	script.tapfiliate.com		13.32.121.84	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.462294102 CEST	1.1.1.1	192.168.2.7	0x6726	No error (0)	script.tapfiliate.com		13.32.121.7	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.462970018 CEST	1.1.1.1	192.168.2.7	0x6aa8	No error (0)	cdn1.codashop.com	d94kc4f8ihaz6.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:09.467506886 CEST	1.1.1.1	192.168.2.7	0xe60	No error (0)	image.winudf.com		172.67.68.182	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.467506886 CEST	1.1.1.1	192.168.2.7	0xe60	No error (0)	image.winudf.com		104.26.9.22	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.467506886 CEST	1.1.1.1	192.168.2.7	0xe60	No error (0)	image.winudf.com		104.26.8.22	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:09.467653036 CEST	1.1.1.1	192.168.2.7	0xfd87	No error (0)	image.winudf.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:11.755671978 CEST	1.1.1.1	192.168.2.7	0x3f9d	No error (0)	www.card.xn--6qq986b3xl		162.210.102.233	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.942928076 CEST	1.1.1.1	192.168.2.7	0x9a84	No error (0)	image.winudf.com		104.26.9.22	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.942928076 CEST	1.1.1.1	192.168.2.7	0x9a84	No error (0)	image.winudf.com		104.26.8.22	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.942928076 CEST	1.1.1.1	192.168.2.7	0x9a84	No error (0)	image.winudf.com		172.67.68.182	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.962574959 CEST	1.1.1.1	192.168.2.7	0xd76	No error (0)	image.winudf.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:11.985872030 CEST	1.1.1.1	192.168.2.7	0x12e5	No error (0)	script.tapfiliate.com		13.32.121.127	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.985872030 CEST	1.1.1.1	192.168.2.7	0x12e5	No error (0)	script.tapfiliate.com		13.32.121.73	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.985872030 CEST	1.1.1.1	192.168.2.7	0x12e5	No error (0)	script.tapfiliate.com		13.32.121.7	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:11.985872030 CEST	1.1.1.1	192.168.2.7	0x12e5	No error (0)	script.tapfiliate.com		13.32.121.84	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.085589886 CEST	1.1.1.1	192.168.2.7	0x20b7	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:12.086028099 CEST	1.1.1.1	192.168.2.7	0x129	No error (0)	www.google.com		172.217.23.100	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.097589016 CEST	1.1.1.1	192.168.2.7	0x475d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.175	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.097589016 CEST	1.1.1.1	192.168.2.7	0x475d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.228	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.097589016 CEST	1.1.1.1	192.168.2.7	0x475d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.96	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.097589016 CEST	1.1.1.1	192.168.2.7	0x475d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.107	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.425120115 CEST	1.1.1.1	192.168.2.7	0xbd49	No error (0)	cdn1.codashop.com	d94kc4f8ihaz6.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:12.425120115 CEST	1.1.1.1	192.168.2.7	0xbd49	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.4	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.425120115 CEST	1.1.1.1	192.168.2.7	0xbd49	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.115	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.425120115 CEST	1.1.1.1	192.168.2.7	0xbd49	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.6	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.425120115 CEST	1.1.1.1	192.168.2.7	0xbd49	No error (0)	d94kc4f8ihaz6.cloudfront.net		18.66.102.87	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.432410002 CEST	1.1.1.1	192.168.2.7	0xb4d3	No error (0)	cdn1.codashop.com	d94kc4f8ihaz6.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:12.854940891 CEST	1.1.1.1	192.168.2.7	0x9363	No error (0)	connect.facebook.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:12.854940891 CEST	1.1.1.1	192.168.2.7	0x9363	No error (0)	scontent.xx.fbcdn.net		157.240.253.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:12.855705023 CEST	1.1.1.1	192.168.2.7	0x67a	No error (0)	connect.facebook.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:12.855705023 CEST	1.1.1.1	192.168.2.7	0x67a	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:47:12.855705023 CEST	1.1.1.1	192.168.2.7	0x67a	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:47:13.103800058 CEST	1.1.1.1	192.168.2.7	0xdf5b	No error (0)	www.google.com		142.250.184.196	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:13.103821993 CEST	1.1.1.1	192.168.2.7	0x7da4	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:13.219521999 CEST	1.1.1.1	192.168.2.7	0xd25d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.228	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:13.219521999 CEST	1.1.1.1	192.168.2.7	0xd25d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.96	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:13.219521999 CEST	1.1.1.1	192.168.2.7	0xd25d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.107	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:13.219521999 CEST	1.1.1.1	192.168.2.7	0xd25d	No error (0)	d1qgcmfii0ptfa.cloudfront.net		52.222.206.175	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:21.096920013 CEST	1.1.1.1	192.168.2.7	0x168d	No error (0)	www.google.com		142.250.184.196	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:21.097229004 CEST	1.1.1.1	192.168.2.7	0x783b	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 28, 2024 01:47:33.995143890 CEST	1.1.1.1	192.168.2.7	0x2278	No error (0)	bit.ly		67.199.248.10	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:33.995143890 CEST	1.1.1.1	192.168.2.7	0x2278	No error (0)	bit.ly		67.199.248.11	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:34.486129045 CEST	1.1.1.1	192.168.2.7	0x97eb	No error (0)	play.google.com		172.217.16.206	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:36.627876043 CEST	1.1.1.1	192.168.2.7	0xad42	No error (0)	play-lh.googleusercontent.com		142.250.185.118	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:38.845009089 CEST	1.1.1.1	192.168.2.7	0xc99c	No error (0)	play-lh.googleusercontent.com		142.250.184.246	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:47.019453049 CEST	1.1.1.1	192.168.2.7	0xc246	No error (0)	play.google.com		142.250.181.238	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:50.423023939 CEST	1.1.1.1	192.168.2.7	0x3947	No error (0)	support.codapay.com	codapay.zendesk.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:50.435352087 CEST	1.1.1.1	192.168.2.7	0xc4a8	No error (0)	support.codapay.com	codapay.zendesk.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:50.435352087 CEST	1.1.1.1	192.168.2.7	0xc4a8	No error (0)	codapay.zendesk.com		216.198.53.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:50.435352087 CEST	1.1.1.1	192.168.2.7	0xc4a8	No error (0)	codapay.zendesk.com		216.198.54.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:51.944751024 CEST	1.1.1.1	192.168.2.7	0x9b2f	No error (0)	a.nel.cloudflare.com		35.190.80.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:51.948950052 CEST	1.1.1.1	192.168.2.7	0x84df	No error (0)	static.zdassets.com		104.18.70.113	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:51.948950052 CEST	1.1.1.1	192.168.2.7	0x84df	No error (0)	static.zdassets.com		104.18.72.113	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.064757109 CEST	1.1.1.1	192.168.2.7	0xe830	No error (0)	codapay.zendesk.com		216.198.53.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.064757109 CEST	1.1.1.1	192.168.2.7	0xe830	No error (0)	codapay.zendesk.com		216.198.54.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.689044952 CEST	1.1.1.1	192.168.2.7	0x3f8f	No error (0)	support.codapay.com	codapay.zendesk.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:53.690208912 CEST	1.1.1.1	192.168.2.7	0x18d7	No error (0)	support.codapay.com	codapay.zendesk.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:47:53.690208912 CEST	1.1.1.1	192.168.2.7	0x18d7	No error (0)	codapay.zendesk.com		216.198.53.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.690208912 CEST	1.1.1.1	192.168.2.7	0x18d7	No error (0)	codapay.zendesk.com		216.198.54.1	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.697532892 CEST	1.1.1.1	192.168.2.7	0x3c80	No error (0)	static.zdassets.com		104.18.72.113	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:53.697532892 CEST	1.1.1.1	192.168.2.7	0x3c80	No error (0)	static.zdassets.com		104.18.70.113	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:56.851223946 CEST	1.1.1.1	192.168.2.7	0x6e8c	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:47:56.851223946 CEST	1.1.1.1	192.168.2.7	0x6e8c	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:02.070641994 CEST	1.1.1.1	192.168.2.7	0x475d	No error (0)	m.me		157.240.0.13	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:02.787246943 CEST	1.1.1.1	192.168.2.7	0x7a36	No error (0)	m.me		157.240.0.13	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:03.786230087 CEST	1.1.1.1	192.168.2.7	0xb620	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:03.786230087 CEST	1.1.1.1	192.168.2.7	0xb620	No error (0)	star-mini.c10r.facebook.com		157.240.253.35	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:03.786608934 CEST	1.1.1.1	192.168.2.7	0x3cd3	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:04.762370110 CEST	1.1.1.1	192.168.2.7	0x50b8	No error (0)	www.messenger.com	star.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:04.762370110 CEST	1.1.1.1	192.168.2.7	0x50b8	No error (0)	star.facebook.com	star.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:04.762370110 CEST	1.1.1.1	192.168.2.7	0x50b8	No error (0)	star.c10r.facebook.com			65	IN (0x0001)	false
Sep 28, 2024 01:48:04.762370110 CEST	1.1.1.1	192.168.2.7	0x50b8	No error (0)	star.c10r.facebook.com			65	IN (0x0001)	false
Sep 28, 2024 01:48:04.762625933 CEST	1.1.1.1	192.168.2.7	0x81b2	No error (0)	www.messenger.com	star.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:04.762625933 CEST	1.1.1.1	192.168.2.7	0x81b2	No error (0)	star.facebook.com	star.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:04.762625933 CEST	1.1.1.1	192.168.2.7	0x81b2	No error (0)	star.c10r.facebook.com		157.240.0.13	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:06.819135904 CEST	1.1.1.1	192.168.2.7	0x6d07	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:06.819135904 CEST	1.1.1.1	192.168.2.7	0x6d07	No error (0)	scontent.xx.fbcdn.net		157.240.0.6	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:06.819509983 CEST	1.1.1.1	192.168.2.7	0x6efa	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:06.819509983 CEST	1.1.1.1	192.168.2.7	0x6efa	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:48:06.819509983 CEST	1.1.1.1	192.168.2.7	0x6efa	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:48:11.087308884 CEST	1.1.1.1	192.168.2.7	0xa561	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:11.087308884 CEST	1.1.1.1	192.168.2.7	0xa561	No error (0)	star-mini.c10r.facebook.com		157.240.251.35	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:11.087395906 CEST	1.1.1.1	192.168.2.7	0x4657	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:12.597330093 CEST	1.1.1.1	192.168.2.7	0xe118	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:12.597330093 CEST	1.1.1.1	192.168.2.7	0xe118	No error (0)	scontent.xx.fbcdn.net		157.240.252.13	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:12.598037004 CEST	1.1.1.1	192.168.2.7	0x412f	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:12.598037004 CEST	1.1.1.1	192.168.2.7	0x412f	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:48:12.598037004 CEST	1.1.1.1	192.168.2.7	0x412f	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 28, 2024 01:48:12.939007998 CEST	1.1.1.1	192.168.2.7	0x10b2	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:12.939007998 CEST	1.1.1.1	192.168.2.7	0x10b2	No error (0)	star-mini.c10r.facebook.com		157.240.251.35	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:12.939203024 CEST	1.1.1.1	192.168.2.7	0x9540	No error (0)	www.facebook.com	star-mini.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:14.906892061 CEST	1.1.1.1	192.168.2.7	0xcce8	No error (0)	www.messenger.com	star.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:14.906892061 CEST	1.1.1.1	192.168.2.7	0xcce8	No error (0)	star.facebook.com	star.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:14.906892061 CEST	1.1.1.1	192.168.2.7	0xcce8	No error (0)	star.c10r.facebook.com		157.240.251.6	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:14.907182932 CEST	1.1.1.1	192.168.2.7	0x8fe3	No error (0)	www.messenger.com	star.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:14.907182932 CEST	1.1.1.1	192.168.2.7	0x8fe3	No error (0)	star.facebook.com	star.c10r.facebook.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 28, 2024 01:48:14.907182932 CEST	1.1.1.1	192.168.2.7	0x8fe3	No error (0)	star.c10r.facebook.com			65	IN (0x0001)	false
Sep 28, 2024 01:48:14.907182932 CEST	1.1.1.1	192.168.2.7	0x8fe3	No error (0)	star.c10r.facebook.com			65	IN (0x0001)	false
Sep 28, 2024 01:48:46.356828928 CEST	1.1.1.1	192.168.2.7	0xe1ca	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Sep 28, 2024 01:48:46.356828928 CEST	1.1.1.1	192.168.2.7	0xe1ca	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.7	49706	162.210.102.233	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:47:06.204462051 CEST	451	OUT	GET /higgs-domino/ HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:09.157440901 CEST	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:06 GMT Server: Apache X-Powered-By: PHP/7.3.33 Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 39 66 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ec 59 dd 6e dc b8 15 be 2f d0 77 a0 55 20 b6 d1 91 34 63 8f 9d 38 f1 38 b0 e3 9f 78 13 ff a4 76 dc 6c 82 c0 a0 24 4a a2 87 22 15 91 9a 9f 2d f6 39 7a 53 f4 ae 37 8b de f4 19 f6 5d 16 7d 8c 1e 52 a3 19 69 66 3c f6 78 b7 40 2f 1a c0 b6 74 c8 f3 cb 73 3e 9e a3 ec ae 04 c2 57 c3 94 a0 58 25 6c ef f7 bf db d5 7f 11 c3 3c ea 58 84 5b 40 d1 34 82 03 78 42 08 ed 4a 3f a3 a9 42 9a a5 63 29 32 50 ee 1d ee e1 82 6a 21 99 f9 1d 2b 56 2a 95 2f 5d d7 0f 78 cb f1 45 80 65 2c 52 78 48 dc 2b d7 17 5c 11 ae e0 6f 92 08 ee de 49 77 20 a5 93 50 ee dc 49 6b 6f d7 2d 04 8d 74 ad d8 36 3a e2 01 3a 11 22 62 04 5d e3 08 9d 61 8e 23 92 21 db ae db 53 53 5c d0 1c 85 d3 90 32 8a 15 31 ca 2b af a0 eb 3e 0f b0 1c 72 7f da 90 84 28 8c fc 18 67 92 a8 8e f5 f1 fa d8 7e 61 4d 6c fc 42 43 c4 14 3a 3d 42 3b 5f 0b ea 7d 86 41 44 ee a4 e3 33 91 07 21 c3 59 61 17 be c3 03 97 51 4f ba 3a f4 5b 32 a6 3d 77 d3 79 ee 6c 4e de ef 09 90 d1 ff 85 f0 80 86 5f c7 01 51 54 31 b2 f7 96 46 91 44 87 02 18 [TRUNCATED] Data Ascii: 9f8Yn/wU 4c88xvl$J"-9zS7]}Rif<x@/ts>WX%l<X[@4xBJ?Bc)2Pj!+V/]xEe,RxH+\oIw PIko-t6::"b]a#!SS\21+>r(g~aMlBC:=B;_}AD3!YaQO:[2=wylN_QT1FD)r-CD8FGmXLU6iN@z'yi tZN<IE!U_HfKG%q=FD5vb>VTp[S,eDVzHU.mg8KK2iS(RX`SpaokPW -wjavkgc?\|Gs]IdDAZ7Cb^7j^+8&{x"KVa$'.xu\l-=]f!X1rNn:J5AtvA{0-o8kb])L$S%yA@7TjbkA*,@")~Py!`M.rtMXW$:X-}]%Joj@7y0uIV>YSP'O1u`L1P.w8CH`FdeQL<I:#nF5g4\Ewk\|
Sep 28, 2024 01:47:09.157475948 CEST	1236	IN	Data Raw: 98 2b 26 34 8a ab 57 e7 f6 66 73 7e ce eb de a7 9e f1 05 02 fc 3f 4d 1e 48 93 09 52 a5 19 81 00 71 a2 4b b7 8e 4d 1a 19 22 d3 58 da e0 16 1b 2a ea 4b 9d 27 d6 12 32 46 64 27 c4 3e f1 84 e8 3a 9c 28 eb 49 36 28 1c 25 45 6b bb b4 0d 01 77 4c 40 22 Data Ascii: +&4Wfs~?MHRqKM"XK'2Fd'>:(I6(%EkwL@")M122#-GL,BNV_%P2<\|8x\0aJxitID"\kayDl gH2^Zo2gUe2o)w93beG75gQ
Sep 28, 2024 01:47:09.157485962 CEST	367	IN	Data Raw: 7b f2 b6 94 8c 1c 7a 93 d3 e0 d8 e4 86 96 52 79 5f 4a 8e c9 31 0b f5 30 cb e1 ad cc 65 ed 31 86 99 8d 0d e7 08 f3 72 a5 a0 dd 2c a4 c9 dc 4b a8 1a 23 98 a7 78 a5 74 74 a5 9c f2 5d b7 e0 98 4e 75 57 67 f6 03 65 58 b4 a8 f6 a8 b4 ac bd 37 e6 bd 2c Data Ascii: {zRy_J10e1r,K#xtt]NuWgeX7,4%?bgqIC%,.BG3g$`Ol=H#1w<]$;1x2?E/$Z;QkC7b,
Sep 28, 2024 01:47:09.158049107 CEST	1236	IN	Data Raw: 37 65 34 0d 0a ec 5b db 6e db 46 10 fd 95 ad 50 20 09 60 d2 14 a9 6b 2e 2e 9c b8 49 dc d4 a9 d0 d8 e8 a3 b0 22 29 71 23 8a 64 78 b1 a3 00 fd 8c be f5 eb fa 25 9d d9 5d 92 bb 22 69 49 89 1f 0a 34 80 41 53 cb dd e1 5e 67 ce cc 1c 62 69 37 70 e8 38 Data Ascii: 7e4[nFP `k..I")q#dx%]"iI4AS^gbi7p8;SF>y@sQxt"gS\tX9b)70VRhW5p*?W!jJ7\|u\|\`-g Kz[r&y^C,9
Sep 28, 2024 01:47:09.158133984 CEST	791	IN	Data Raw: 9c 91 31 22 36 65 07 02 6c cb 3f 3f a7 69 ce dc d0 6f ac 8e 32 a0 43 37 36 37 8f 95 f6 d5 16 36 01 e4 04 c0 18 e1 f6 ec e7 df 2f df bf 39 bf 3e 7f ff 94 5c f9 39 c6 d0 10 36 d1 2d f2 7c 6b fe 32 09 68 b4 e5 68 2b 03 24 45 25 c0 9a 49 aa 33 f9 e0 Data Ascii: 1"6el??io2C7676/9>\96-\|k2hh+$E%I3E:C-O03$B/hpGMB#C! 6`m(5#XF+XHXl$sj6L<#R, ?Wbv//t8$0\|,68w(NsEeQ='\|
Sep 28, 2024 01:47:09.158663034 CEST	1236	IN	Data Raw: 35 65 32 0d 0a dc 5c 6d 6f db 36 10 fe 2b aa 3a 40 32 66 2b 4e e2 24 88 bb 06 68 9c 0e cb da bc 60 4e b1 01 41 50 d0 96 62 73 91 65 c3 92 fa b2 22 ff 7d cf 91 94 25 39 a4 ec bc 4c 06 e6 0f 86 2d 51 77 c7 13 79 77 3c 3e 47 bf 4a c0 dc 9a 17 47 32 Data Ascii: 5e2\mo6+:@2f+N$h`NAPbse"}%9L-Qwyw<>GJG2R1[dN&@/M7}`Gw\|.Jk[b ;T<l)$Q18(ngo6zum6wlGoKM,=:6\|vl?N7
Sep 28, 2024 01:47:09.158723116 CEST	277	IN	Data Raw: 79 5a 96 84 21 bc a1 21 e0 2e 35 51 e5 6c 19 fe c7 d1 05 e3 da 15 43 95 cc 69 b2 46 ae bc 20 44 26 bf 89 f9 13 d7 02 6a 6d f9 dc b5 c0 6e 79 2d 90 a3 79 1e b3 0b 2f 61 94 c5 29 d2 4f 47 23 b9 95 7b 46 79 f5 7c a7 7b d8 8a 17 b7 e4 16 96 41 3a 51 Data Ascii: yZ!!.5QlCiF D&jmny-y/a)OG#{Fy\|{A:Q]EI5G-6[Cy%0Q=W4%Ra[m$)Z=q,O!9SP;lkL!&~bT'8CBPKSpnF_YT
Sep 28, 2024 01:47:09.159646988 CEST	1236	IN	Data Raw: 37 36 62 0d 0a c4 5d 6d 6f db 36 10 fe 2b 4c 86 2d 1d 60 29 b6 93 78 49 b6 65 70 91 76 e9 d2 2e c1 5a 6c 68 bf 18 b4 45 c7 b2 64 5b d5 4b b6 ec d7 ef ee 48 49 94 44 89 4a d3 b5 01 82 38 92 4c de 1d df 8e a7 7b 1e 82 61 ba d5 36 70 0a 98 3b 06 a1 Data Ascii: 76b]mo6+L-`)xIepv.ZlhEd[KHIDJ8L{a6p;>(CkU4HdJC\|=AexBE7oHGti;ZXF?e*=g-Yoi})K+Nb6u2X,x.V\|N"?O^/Nn"
Sep 28, 2024 01:47:09.159717083 CEST	670	IN	Data Raw: a8 0c cf 14 ca a1 b4 2e 7b 0b 5d 12 bc cd d1 10 3b 96 4e ab 23 f1 4e ca 71 e5 0a db 14 81 e5 33 b6 e6 60 af 94 6e ca 3b 32 94 0d 6e ae cf 8e cf d0 9f 45 66 0e 68 23 c2 44 6f 32 39 14 04 b4 ff 1a 3e 97 51 65 a4 aa 61 81 48 04 b9 8b 7c eb 36 fa d1 Data Ascii: .{];N#Nq3`n;2nEfh#Do29>QeaH\|6,GB7#rIB]r<+LEHT8-~/:..{s>b5_#udel@CN4Mb6@g0nAw&j9c,(?1cJ
Sep 28, 2024 01:47:09.162344933 CEST	1236	IN	Data Raw: 36 63 64 0d 0a cc 5d e9 6e e3 36 10 7e 15 56 59 6c ec 1f a2 45 dd 6e b1 29 8a 14 68 16 45 81 a0 79 80 85 6c cb 36 b7 72 6c 58 76 36 1b ec 3e 50 5f a3 4f d6 19 1e 92 28 4b b2 9c 38 69 13 1f b2 c4 21 87 d7 f0 9a f9 e6 75 9a ee 7f 52 ac 45 1e 5f a3 Data Ascii: 6cd]n6~VYlEn)hEyl6rlXv6>P_O(K8i!uRE_`OHF//b`F~}EWiP{Yy5C6jUr:J}>&t4!p/1u=RhU^<Mj~L6lJG0/pQNL
Sep 28, 2024 01:47:09.162415028 CEST	512	IN	Data Raw: ac 72 a0 27 0a 0b 4f f3 68 38 19 cf 83 a9 37 0b 8a 43 98 8a a1 e8 77 55 23 d5 7a 38 17 8b 4d 07 44 b8 b0 ca 8d c3 a0 33 a5 76 3b 4a f8 76 c7 57 e9 e8 8b 48 48 fd fa f4 c0 a8 93 98 09 2a 03 5f 63 bf 2e f9 9c 3c 2a ff 1f c9 86 cb 99 3c de 03 79 32 Data Ascii: r'Oh87CwU#z8MD3v;JvWHH_c.<<y2# =SM({H!0AV]D24*>!Q&"WsC/i&lOb4jJP9HhwpTe`Eo}cg!aPfb:M{A;Y
Sep 28, 2024 01:47:09.449085951 CEST	364	OUT	GET /css/popupLogin.css HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/css,/;q=0.1 Referer: http://www.card.xn--6qq986b3xl/higgs-domino/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:09.582952023 CEST	515	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.7	49707	162.210.102.233	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:47:09.450150967 CEST	362	OUT	GET /css/facebook.css HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/css,/;q=0.1 Referer: http://www.card.xn--6qq986b3xl/higgs-domino/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:09.580445051 CEST	516	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.7	49714	162.210.102.233	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:47:09.461066008 CEST	361	OUT	GET /css/twitter.css HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/css,/;q=0.1 Referer: http://www.card.xn--6qq986b3xl/higgs-domino/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:10.746916056 CEST	516	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Sep 28, 2024 01:47:10.748513937 CEST	516	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Sep 28, 2024 01:47:10.749288082 CEST	516	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.7	49715	162.210.102.233	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:47:09.461730957 CEST	413	OUT	GET /img/facebook_text.png HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://www.card.xn--6qq986b3xl/higgs-domino/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:10.746012926 CEST	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Last-Modified: Mon, 25 Jan 2021 15:48:52 GMT ETag: "7075-5b9bb797fe100" Accept-Ranges: bytes Content-Length: 28789 Vary: User-Agent Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/png Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 5c 00 00 00 9e 08 06 00 00 00 e7 a3 d4 26 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 20 00 49 44 41 54 78 9c ec 9d 77 7c 15 c5 da c7 7f b3 7b 4a 3a a1 86 de 7b 07 0b 20 a2 60 bd a0 22 8a d8 7d ed e5 da bd f6 72 15 15 7b bb 2a 72 d5 2b 58 b0 a3 a0 20 88 d8 40 04 01 91 de 41 7a 09 24 90 84 94 73 ce ee ce 3c ef 1f b3 7b ce 49 48 42 92 b3 27 21 30 5f 3e 4b 92 73 76 67 9e 99 9d f2 cc 33 33 cf 00 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 51 21 fa 5e fe c0 9b 2d ce bf e2 92 9a 96 43 a1 50 54 9d f6 fd de 48 73 7e ef 36 f8 d6 94 9a 94 45 a1 50 28 8e 12 fe e5 a2 72 f4 e2 4b 00 6e 05 9e fb 5f f7 f3 67 4d 70 2f 5c 85 42 51 bd 10 8b fe ab db 3f 3e [TRUNCATED] Data Ascii: PNGIHDR\&sBIT\|d IDATxw\|{J:{ `"}r{r+X @Az$s<{IHB'!0_>Ksvg33BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BQ!^-CPTHs~6EP(rKn_gMp/\BQ?>:$Q(`xr_OzuW(mFyu$%{@Ia4[^r?4)x~PurkZB8h3d\_7~g:@a)HFB?#7#&_ck.El<J?\|4Q(QiP]rnqutoN"owv J;DdHD$A"%g,Bk5l~w=Y^`eNjOPM3HC>g,`}f.jZS>eSOU0`hr {0j0sG4&Cok-v#="l~i1oM:nmjy5,Bq,s.[}vl^ES.:: hv5+QF&}39V6iD<DD,% /b3( i&TmMPAGi}n[v]9'$X
Sep 28, 2024 01:47:10.746030092 CEST	1236	IN	Data Raw: d2 e0 cd 4d 22 22 fa 75 c1 92 9c 6a 4f 8f 42 71 14 52 bf d7 87 cd 00 a0 cf 79 df fc 0e 3c 3b a8 c4 d7 83 4f be e4 9d 4f de fd f8 97 3f 66 fe ba 78 55 d6 fe fc 65 1b b7 ec a3 9c a2 32 3b 60 7b 86 c9 20 12 21 22 2b 44 44 44 ef 7d b9 60 56 0d 24 ad Data Ascii: M""ujOBqRy<;OO?fxUe2;`{ !"+DDD}`V$6g+eS.Y~fzs,\5@LGjP(7/uMO<N6I/tjRN &DB@p&4 @PZp}s>b%;mOKO5%%h#
Sep 28, 2024 01:47:10.746043921 CEST	1236	IN	Data Raw: 28 14 0a 45 71 e2 a9 70 9d 55 3f 3d 8d 81 18 04 23 17 15 2e 06 62 00 23 01 c6 18 72 82 02 37 df 3f 6e ea 57 63 ef 38 bf ea e1 7e f3 cd 81 a9 df b8 20 9f 42 a1 50 28 14 0a c5 a1 c4 73 0d 97 f0 f9 75 44 56 b3 bb b1 88 cb 3e 28 13 04 62 26 84 e6 c7 Data Ascii: (EqpU?=#.b#r7?nWc8~ BP(suDV>(b&i}5};.DP(BS=~z`0i*:(BPJ.hvIP(-p}rNb8]?^BP(\'g)J2uIr<
Sep 28, 2024 01:47:10.746057987 CEST	672	IN	Data Raw: 92 70 c8 7c 15 82 e8 c0 01 21 72 f6 ef d7 1a a6 63 d9 e2 15 5b 82 7f 2c de 62 3c fb e8 65 5f c1 56 f0 5b 9f 3b f9 3f 27 b4 fc e9 b1 49 e3 c6 15 c4 94 c8 ea e1 92 1b ee fd e8 fa 81 27 36 4d 3d e9 b8 ce 96 cf 9b d8 2e c4 3d 19 f5 1b a4 89 e4 24 e1 Data Ascii: p\|!rc[,b<e_V[;?'I'6M=.=$a/BASF6m/X\|=z?tB>K~jJk9LhK?/37=z+zl=o{ixzD=Ym4"nZ\Xy]
Sep 28, 2024 01:47:10.746071100 CEST	1236	IN	Data Raw: fa 7f f7 7f f6 39 11 91 61 72 57 d2 63 91 29 7f 11 82 38 97 f9 f6 e3 dc 85 fb 01 a0 de 29 1f 5c ff ce e7 bf ff f2 f3 82 b5 85 db 0e 04 02 07 82 56 38 5f 5d 41 44 ca a7 20 99 af 7b 0b 0c 5a bc 71 4f ee 3b 93 66 af ee 79 de ad 53 dd cc 3b b7 b9 fb Data Ascii: 9arWc)8)\V8_]AD {ZqO;fyS;{o DEeQ7(\zxl_YQYN~m_hZ,#U'DD8boQoL_r2p=Hv]SbCy9 5[}mP6pDTH(
Sep 28, 2024 01:47:10.746851921 CEST	1236	IN	Data Raw: 32 1c 83 13 09 8b d6 6e cd 26 00 87 4c 93 c7 c4 eb 9f 2e 58 2c eb 62 11 59 64 91 20 8b 84 ec c6 0e b9 0e ad b8 25 5a f4 d8 de d0 21 7f ca 4a 5d ba 2c 87 5e 16 99 24 64 27 66 77 ae 6b 77 ef 2d 77 f1 fd 84 a9 0b 66 58 4e 32 c8 b0 9b e8 8a c6 57 de Data Ascii: 2n&L.X,bYd %Z!J],^$d'fwkw-wfXN2We\&mkD&gO!hp T3}mG*i@Ab4qrj[y^DeYNo dC".eE? S?'Ae.WRH+W>?pw
Sep 28, 2024 01:47:10.746865988 CEST	1236	IN	Data Raw: be b7 03 03 12 dd 91 3d 8a 49 b3 77 7e 21 65 08 45 29 5c 35 df 98 55 1e 11 a5 70 49 c5 69 c6 ef 2b b7 96 97 f6 79 cb ff ce 97 8f 3a 8d 85 2b c5 ad 1a b0 48 08 43 8e c8 88 28 2b 40 e2 c1 e7 3f df e4 7a e1 28 c1 97 3f ee 78 71 6f a1 b3 f6 a8 f6 11 Data Ascii: =Iw~!eE)\5UpIi+y:+HC(+@?z(?xqopDV1+2F<v_ M{cU}:wUvL8)#>{a<tsV}anp!UmUQLLrN=( n7'_4LMlX"4
Sep 28, 2024 01:47:10.746876955 CEST	104	IN	Data Raw: 7f 90 d9 a4 df 97 c7 01 b8 75 c1 a7 77 8d 6a 51 9f 20 4c 40 30 1d 9c 59 e0 08 81 9c e3 66 cb 68 de 8e 7c 08 04 2f a0 99 d0 f4 10 04 07 86 f4 6b 57 7f ca cf 2b 5f 02 50 3f 96 90 37 15 a4 0d bf 65 cc d7 cf 9c 75 66 ef 93 19 37 a0 51 12 38 23 08 00 Data Ascii: uwjQ L@0Yfh\|/kW+_P?7euf7Q8#!&jQ_o &t$
Sep 28, 2024 01:47:10.746891022 CEST	1236	IN	Data Raw: 5e 7e f2 b6 13 80 f3 6a cc 17 5c 3c 18 76 f5 9b 13 ce 1d 76 7c 12 10 00 84 07 44 1a 84 0b ef 2b fa a8 2a 06 40 d3 18 96 ac da 82 51 43 4f a8 b2 1b 88 63 4e e1 22 00 02 dc 5e 44 61 22 27 48 00 f0 2c 36 b1 50 69 f7 bf 70 ef 40 9e e2 d5 21 90 04 62 Data Ascii: ^~j\<vv\|D+@QCOcN"^Da"'H,6Pip@!bkZ/`: <@]>b<4:tR,<v{!#kTxi44~_kZZ+t4HOKOV&=/k< ht$F,[
Sep 28, 2024 01:47:10.746903896 CEST	224	IN	Data Raw: e4 81 06 8e e3 fa b6 38 0f c0 35 35 26 5b 0c 8c 19 3b 75 67 bf e3 5b 03 c2 b0 fb 31 e7 72 70 a1 0e 30 0e 30 0f 16 fd b5 63 fb 84 17 af 3b 29 f6 00 2b a1 70 f9 bc 7e 03 80 b4 92 90 d3 50 94 9e 28 11 be c8 fd 39 71 67 db 40 15 6d c0 f2 c9 48 a3 94 Data Ascii: 855&[;ug[1rp00c;)+p~P(9qg@mH%wc\|MBi[Aib#S,}nbB1tRGg\s)'<@s-CAWp#rE!saa4&%`>0M+nT
Sep 28, 2024 01:47:10.746929884 CEST	1236	IN	Data Raw: 9d b4 9c 2c 99 12 1e 4e d0 61 b0 00 e4 03 28 04 c8 02 85 37 d8 3a 65 2c 76 b4 a8 ed 23 1a 08 43 4f 3b b1 1d 70 77 95 ac a5 ee 43 00 0c 00 22 aa 0e 71 10 0c 10 cc c8 ee 3d fb 56 42 08 04 c3 2e 73 32 9b 0f b1 db 12 01 54 e1 17 70 78 98 cc 37 00 20 Data Ascii: ,Na(7:e,v#CO;pwC"q=VB.s2Tpx7 @Wzw5o{c)kny2et'\|,} ykO"PX`v%C[b%(6yaWru?=%a
Sep 28, 2024 01:47:10.748526096 CEST	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Last-Modified: Mon, 25 Jan 2021 15:48:52 GMT ETag: "7075-5b9bb797fe100" Accept-Ranges: bytes Content-Length: 28789 Vary: User-Agent Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/png Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 5c 00 00 00 9e 08 06 00 00 00 e7 a3 d4 26 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 20 00 49 44 41 54 78 9c ec 9d 77 7c 15 c5 da c7 7f b3 7b 4a 3a a1 86 de 7b 07 0b 20 a2 60 bd a0 22 8a d8 7d ed e5 da bd f6 72 15 15 7b bb 2a 72 d5 2b 58 b0 a3 a0 20 88 d8 40 04 01 91 de 41 7a 09 24 90 84 94 73 ce ee ce 3c ef 1f b3 7b ce 49 48 42 92 b3 27 21 30 5f 3e 4b 92 73 76 67 9e 99 9d f2 cc 33 33 cf 00 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 51 21 fa 5e fe c0 9b 2d ce bf e2 92 9a 96 43 a1 50 54 9d f6 fd de 48 73 7e ef 36 f8 d6 94 9a 94 45 a1 50 28 8e 12 fe e5 a2 72 f4 e2 4b 00 6e 05 9e fb 5f f7 f3 67 4d 70 2f 5c 85 42 51 bd 10 8b fe ab db 3f 3e [TRUNCATED] Data Ascii: PNGIHDR\&sBIT\|d IDATxw\|{J:{ `"}r{r+X @Az$s<{IHB'!0_>Ksvg33BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BQ!^-CPTHs~6EP(rKn_gMp/\BQ?>:$Q(`xr_OzuW(mFyu$%{@Ia4[^r?4)x~PurkZB8h3d\_7~g:@a)HFB?#7#&_ck.El<J?\|4Q(QiP]rnqutoN"owv J;DdHD$A"%g,Bk5l~w=Y^`eNjOPM3HC>g,`}f.jZS>eSOU0`hr {0j0sG4&Cok-v#="l~i1oM:nmjy5,Bq,s.[}vl^ES.:: hv5+QF&}39V6iD<DD,% /b3( i&TmMPAGi}n[v]9'$X
Sep 28, 2024 01:47:10.750102043 CEST	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:09 GMT Server: Apache Last-Modified: Mon, 25 Jan 2021 15:48:52 GMT ETag: "7075-5b9bb797fe100" Accept-Ranges: bytes Content-Length: 28789 Vary: User-Agent Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/png Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 5c 00 00 00 9e 08 06 00 00 00 e7 a3 d4 26 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 20 00 49 44 41 54 78 9c ec 9d 77 7c 15 c5 da c7 7f b3 7b 4a 3a a1 86 de 7b 07 0b 20 a2 60 bd a0 22 8a d8 7d ed e5 da bd f6 72 15 15 7b bb 2a 72 d5 2b 58 b0 a3 a0 20 88 d8 40 04 01 91 de 41 7a 09 24 90 84 94 73 ce ee ce 3c ef 1f b3 7b ce 49 48 42 92 b3 27 21 30 5f 3e 4b 92 73 76 67 9e 99 9d f2 cc 33 33 cf 00 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 51 21 fa 5e fe c0 9b 2d ce bf e2 92 9a 96 43 a1 50 54 9d f6 fd de 48 73 7e ef 36 f8 d6 94 9a 94 45 a1 50 28 8e 12 fe e5 a2 72 f4 e2 4b 00 6e 05 9e fb 5f f7 f3 67 4d 70 2f 5c 85 42 51 bd 10 8b fe ab db 3f 3e [TRUNCATED] Data Ascii: PNGIHDR\&sBIT\|d IDATxw\|{J:{ `"}r{r+X @Az$s<{IHB'!0_>Ksvg33BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BQ!^-CPTHs~6EP(rKn_gMp/\BQ?>:$Q(`xr_OzuW(mFyu$%{@Ia4[^r?4)x~PurkZB8h3d\_7~g:@a)HFB?#7#&_ck.El<J?\|4Q(QiP]rnqutoN"owv J;DdHD$A"%g,Bk5l~w=Y^`eNjOPM3HC>g,`}f.jZS>eSOU0`hr {0j0sG4&Cok-v#="l~i1oM:nmjy5,Bq,s.[}vl^ES.:: hv5+QF&}39V6iD<DD,% /b3( i&TmMPAGi}n[v]9'$X
Sep 28, 2024 01:47:12.074434042 CEST	407	OUT	GET /img/codapay.png HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://www.card.xn--6qq986b3xl/higgs-domino/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:12.212635040 CEST	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:12 GMT Server: Apache Last-Modified: Mon, 25 Jan 2021 15:48:52 GMT ETag: "18dd-5b9bb797fe100" Accept-Ranges: bytes Content-Length: 6365 Vary: User-Agent Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: image/png Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b7 00 00 00 28 08 06 00 00 00 bc 5e 6b 09 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 05 fa 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f [TRUNCATED] Data Ascii: PNGIHDR(^kpHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Windows)" xmp:CreateDate="2020-09-02T22:03:24+07:00" xmp:ModifyDate="2020-09-02T22:09:21+07:00" xmp:MetadataDate="2020-09-02T22:09:21+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:5710cb0d-6920-7a4d-9aad-0efb7b1bb61e" xmpMM:DocumentID="adobe

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.7	49724	162.210.102.233	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:47:11.770477057 CEST	297	OUT	GET /img/facebook_text.png HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:12.294296026 CEST	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:12 GMT Server: Apache Last-Modified: Mon, 25 Jan 2021 15:48:52 GMT ETag: "7075-5b9bb797fe100" Accept-Ranges: bytes Content-Length: 28789 Vary: User-Agent Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/png Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 5c 00 00 00 9e 08 06 00 00 00 e7 a3 d4 26 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 20 00 49 44 41 54 78 9c ec 9d 77 7c 15 c5 da c7 7f b3 7b 4a 3a a1 86 de 7b 07 0b 20 a2 60 bd a0 22 8a d8 7d ed e5 da bd f6 72 15 15 7b bb 2a 72 d5 2b 58 b0 a3 a0 20 88 d8 40 04 01 91 de 41 7a 09 24 90 84 94 73 ce ee ce 3c ef 1f b3 7b ce 49 48 42 92 b3 27 21 30 5f 3e 4b 92 73 76 67 9e 99 9d f2 cc 33 33 cf 00 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 a1 50 28 14 0a 85 42 51 21 fa 5e fe c0 9b 2d ce bf e2 92 9a 96 43 a1 50 54 9d f6 fd de 48 73 7e ef 36 f8 d6 94 9a 94 45 a1 50 28 8e 12 fe e5 a2 72 f4 e2 4b 00 6e 05 9e fb 5f f7 f3 67 4d 70 2f 5c 85 42 51 bd 10 8b fe ab db 3f 3e [TRUNCATED] Data Ascii: PNGIHDR\&sBIT\|d IDATxw\|{J:{ `"}r{r+X @Az$s<{IHB'!0_>Ksvg33BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BP(BQ!^-CPTHs~6EP(rKn_gMp/\BQ?>:$Q(`xr_OzuW(mFyu$%{@Ia4[^r?4)x~PurkZB8h3d\_7~g:@a)HFB?#7#&_ck.El<J?\|4Q(QiP]rnqutoN"owv J;DdHD$A"%g,Bk5l~w=Y^`eNjOPM3HC>g,`}f.jZS>eSOU0`hr {0j0sG4&Cok-v#="l~i1oM:nmjy5,Bq,s.[}vl^ES.:: hv5+QF&}39V6iD<DD,% /b3( i&TmMPAGi}n[v]9'$X
Sep 28, 2024 01:47:12.294310093 CEST	1236	IN	Data Raw: d2 e0 cd 4d 22 22 fa 75 c1 92 9c 6a 4f 8f 42 71 14 52 bf d7 87 cd 00 a0 cf 79 df fc 0e 3c 3b a8 c4 d7 83 4f be e4 9d 4f de fd f8 97 3f 66 fe ba 78 55 d6 fe fc 65 1b b7 ec a3 9c a2 32 3b 60 7b 86 c9 20 12 21 22 2b 44 44 44 ef 7d b9 60 56 0d 24 ad Data Ascii: M""ujOBqRy<;OO?fxUe2;`{ !"+DDD}`V$6g+eS.Y~fzs,\5@LGjP(7/uMO<N6I/tjRN &DB@p&4 @PZp}s>b%;mOKO5%%h#
Sep 28, 2024 01:47:12.294320107 CEST	1236	IN	Data Raw: 28 14 0a 45 71 e2 a9 70 9d 55 3f 3d 8d 81 18 04 23 17 15 2e 06 62 00 23 01 c6 18 72 82 02 37 df 3f 6e ea 57 63 ef 38 bf ea e1 7e f3 cd 81 a9 df b8 20 9f 42 a1 50 28 14 0a c5 a1 c4 73 0d 97 f0 f9 75 44 56 b3 bb b1 88 cb 3e 28 13 04 62 26 84 e6 c7 Data Ascii: (EqpU?=#.b#r7?nWc8~ BP(suDV>(b&i}5};.DP(BS=~z`0i*:(BPJ.hvIP(-p}rNb8]?^BP(\'g)J2uIr<
Sep 28, 2024 01:47:12.294329882 CEST	1236	IN	Data Raw: 92 70 c8 7c 15 82 e8 c0 01 21 72 f6 ef d7 1a a6 63 d9 e2 15 5b 82 7f 2c de 62 3c fb e8 65 5f c1 56 f0 5b 9f 3b f9 3f 27 b4 fc e9 b1 49 e3 c6 15 c4 94 c8 ea e1 92 1b ee fd e8 fa 81 27 36 4d 3d e9 b8 ce 96 cf 9b d8 2e c4 3d 19 f5 1b a4 89 e4 24 e1 Data Ascii: p\|!rc[,b<e_V[;?'I'6M=.=$a/BASF6m/X\|=z?tB>K~jJk9LhK?/37=z+zl=o{ixzD=Ym4"nZ\Xy]
Sep 28, 2024 01:47:12.294341087 CEST	896	IN	Data Raw: 11 17 9c b8 08 12 a7 02 92 cd 66 28 26 39 38 e7 24 84 20 61 15 10 89 42 12 3c 68 cb 45 94 5b 64 d0 ec 35 db b2 ce b9 e5 bf ef bb 99 87 b1 71 e3 e3 df cd 5d bd 78 d3 de fc bc c2 a8 74 58 3c 44 24 02 44 a2 80 04 0f 85 cb 4a d5 33 86 64 5b c6 05 91 Data Ascii: f(&98$ aB<hE[d5q]xtX<D$DJ3d[eQ@dEb= Zi_/9?-ZU7'd" D<DU=1["A;C%[[w/3UzyY2"EX.2d?mZDAD7=f6~L\znpu,!
Sep 28, 2024 01:47:12.294353008 CEST	1236	IN	Data Raw: d1 1f 2b b6 d0 b9 57 3e eb ea ba 3f b7 15 ae 70 a1 0f 77 e0 f2 dd 39 ef 35 3a d5 b2 47 3c 24 33 5c 81 db ed 4b b8 2e 3b 83 a3 42 22 12 f9 24 28 9f 32 43 06 4d 9c b5 ae 7a a7 19 3b dc f7 c1 6f cb 76 ec 93 75 cc 20 21 42 c5 ac be 51 93 25 e1 36 c9 Data Ascii: +W>?pw95:G<$3\K.;B"$(2CMz;ovu !BQ%6-EXQ2$7.dfOGR7&v~J*2 Y9,#HP@7L&q'_OL~_nB-T}&(D\|2Fm-sKz/e%d.
Sep 28, 2024 01:47:12.294724941 CEST	1236	IN	Data Raw: a9 4d 0a d7 1f ab f6 6c 97 d6 bf 58 8d 22 11 19 8b 99 34 04 11 89 22 b2 88 e8 99 b1 d3 2a 6d 7d 3d c6 3d cd cb b5 f2 4c 4f 2a d7 c2 55 a7 4e 3a a4 a7 19 c4 ea 32 a8 fa 61 00 c1 02 11 a1 41 42 88 fd fb de 4b da 3d f5 d6 d4 59 ce d7 6d 8f 7b be 8e Data Ascii: MlX"4"m}==LOUN:2aABK=Ym{xg]&*o;I@q3OF`6;NjZ;}e+62q>@V<`(XX'tjbU6S
Sep 28, 2024 01:47:12.294738054 CEST	1236	IN	Data Raw: 34 af 1f 3a f3 80 e9 1a c0 00 0f 18 bc b5 74 cd 52 2c bc 3c 76 fa d3 03 7b b7 a8 0f 00 9a ee 87 ae d9 ef 21 f6 23 03 6b 0e 0d d0 a0 c1 83 54 78 a1 83 69 00 34 0f 34 2a c4 a0 7e ed da de f6 d4 c4 5f 6b 5a c4 5a 87 c6 01 a6 c3 2b 74 80 0c 34 48 4f Data Ascii: 4:tR,<v{!#kTxi44*~_kZZ+t4HOKOV&=/k< ht$F,[#\|$1<}[LA4Z}x`Gjs4%4F~n]+5HFJ3M{tGYt]\|_PFP IDAT
Sep 28, 2024 01:47:12.294749022 CEST	1236	IN	Data Raw: 62 42 cd b1 f0 31 19 74 cf ce ad 01 a0 52 47 67 5c 73 e1 29 27 fb 3c 16 40 0c 1a 73 a9 91 b2 df 2d 81 43 c0 82 80 80 00 81 c3 02 07 87 00 07 41 d8 57 e4 9f 70 1c fd 11 81 23 72 45 ca 21 80 f0 73 f2 92 61 1d 9a b1 61 a3 34 01 80 26 b7 ee e3 cb 25 Data Ascii: bB1tRGg\s)'<@s-CAWp#rE!saa4&%`>0M+nT,Na(7:e,v#CO;pwC"q=VB.s2Tpx7 @Wzw5o{c)kny2e
Sep 28, 2024 01:47:12.294759989 CEST	1236	IN	Data Raw: da 63 ef f0 58 39 46 c2 8a 2a 34 a4 fb 80 8f be 5b fd dc ff 9d db ed 1f 87 7b ee f9 77 17 9c d9 38 23 0d 96 19 82 c7 1b 3f 67 b0 06 f3 c2 07 0e 0d f6 94 97 26 15 7a 99 11 c5 a7 be c2 b5 91 39 3d a5 63 7d 8f cf 52 0d 0a db 41 38 da b7 69 d1 04 40 Data Ascii: cX9F4[{w8#?g&z9=c}RA8i@TuO=^pnJ9{F<m13b<BhFY jCg@rCr1DT2irNOdVbW8hA<Gs "0C#<pkPQ;=n>
Sep 28, 2024 01:47:12.299346924 CEST	1236	IN	Data Raw: 1b 01 e1 c6 91 83 69 71 39 27 b5 dd 7c c9 e0 46 69 1e c0 d9 75 1c 0f 34 30 58 a4 c1 a3 a7 60 e3 ae bd 98 3c 75 7e e8 a1 5b 27 bc 0d 7c 77 f7 61 1e bd f3 82 eb 5e 18 75 f7 2d 23 7b f5 ee dd 2e 35 d1 0b e8 c2 02 34 d3 fe da ad 39 3b 06 62 72 93 80 Data Ascii: iq9'\|Fiu40X`<u~['\|wa^u-#{.549;brF&lRUuj`Ud\|XH7=<vKL{oe0Qk\I`im;&N.j 9pc0}?"Ezd,"s\|E~p;v
Sep 28, 2024 01:47:12.396651983 CEST	291	OUT	GET /img/codapay.png HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:12.538819075 CEST	1236	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:12 GMT Server: Apache Last-Modified: Mon, 25 Jan 2021 15:48:52 GMT ETag: "18dd-5b9bb797fe100" Accept-Ranges: bytes Content-Length: 6365 Vary: User-Agent Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: image/png Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b7 00 00 00 28 08 06 00 00 00 bc 5e 6b 09 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 05 fa 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f [TRUNCATED] Data Ascii: PNGIHDR(^kpHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Windows)" xmp:CreateDate="2020-09-02T22:03:24+07:00" xmp:ModifyDate="2020-09-02T22:09:21+07:00" xmp:MetadataDate="2020-09-02T22:09:21+07:00" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:5710cb0d-6920-7a4d-9aad-0efb7b1bb61e" xmpMM:DocumentID="adobe

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.7	49804	67.199.248.10	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:47:34.008692026 CEST	428	OUT	GET /2HPopnP HTTP/1.1 Host: bit.ly Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:34.476752043 CEST	617	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Fri, 27 Sep 2024 23:47:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 161 Cache-Control: private, max-age=90 Content-Security-Policy: referrer always; Location: https://play.google.com/store/apps/details?id=com.neptune.domino&hl=en Referrer-Policy: unsafe-url Set-Cookie: _bit=o8rnLy-fbcf8a3cfe5451c0a6-00T; Domain=bit.ly; Expires=Wed, 26 Mar 2025 23:47:34 GMT Via: 1.1 google Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 42 69 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6c 61 79 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 74 6f 72 65 2f 61 70 70 73 2f 64 65 74 61 69 6c 73 3f 69 64 3d 63 6f 6d 2e 6e 65 70 74 75 6e 65 2e 64 6f 6d 69 6e 6f 26 61 6d 70 3b 68 6c 3d 65 6e 22 3e 6d 6f 76 65 64 20 68 65 72 65 3c 2f 61 3e 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Bitly</title></head><body><a href="https://play.google.com/store/apps/details?id=com.neptune.domino&hl=en">moved here</a></body></html>
Sep 28, 2024 01:47:50.259027004 CEST	476	OUT	GET /CodaHelpIDN HTTP/1.1 Host: bit.ly Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: _bit=o8rnLy-fbcf8a3cfe5451c0a6-00T
Sep 28, 2024 01:47:50.380153894 CEST	511	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Fri, 27 Sep 2024 23:47:50 GMT Content-Type: text/html; charset=utf-8 Content-Length: 157 Cache-Control: private, max-age=90 Content-Security-Policy: referrer always; Location: https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia Referrer-Policy: unsafe-url Via: 1.1 google Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 42 69 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 63 6f 64 61 70 61 79 2e 63 6f 6d 2f 68 63 2f 65 6e 2d 75 73 2f 63 61 74 65 67 6f 72 69 65 73 2f 33 36 30 30 30 30 30 31 32 32 32 33 2d 49 6e 64 6f 6e 65 73 69 61 22 3e 6d 6f 76 65 64 20 68 65 72 65 3c 2f 61 3e 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Bitly</title></head><body><a href="https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia">moved here</a></body></html>
Sep 28, 2024 01:48:35.436805010 CEST	6	OUT	Data Raw: 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.7	49948	162.210.102.233	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:47:57.662353992 CEST	438	OUT	GET / HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:58.221321106 CEST	509	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:58 GMT Server: Apache Accept-Ranges: none Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 237 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html;charset=ISO-8859-1 Data Raw: 1f 8b 08 00 00 00 00 00 00 03 75 90 b1 4e c3 30 10 86 f7 3c c5 91 3d 3d 41 d7 c3 03 49 11 95 0a 74 08 42 8c 4e 7c 8d 4f 72 ec 8a b8 12 7d 7b 9c 14 a4 64 c8 e2 f3 7f f7 7d cb 4f 77 d5 7b 59 7f 1d 77 f0 52 bf 1e e0 f8 f1 74 d8 97 90 17 88 9f db 12 b1 aa ab db 61 bb 79 80 67 f1 da 21 ee de 72 95 91 8d bd 53 19 90 65 6d d2 04 8a 12 1d ab bd 37 fc 03 e1 04 48 78 db 24 06 ff 20 6a 82 b9 8e ee fd 82 4b 31 a3 8b 53 e4 44 91 06 fb cd a7 c7 bc 0d de 73 1b 37 67 7b ce 15 cc 12 a1 56 84 09 cd 16 bc 95 ae 1b 0a 13 7a f1 01 93 b1 c8 2b 8e f4 dd 88 8e 63 85 e8 b5 f8 c8 5e fb 96 47 72 1e d7 0c 31 7a 68 2e d7 09 ff ff af b1 a1 11 c7 85 e3 8e bd 19 26 63 b9 99 79 98 0a 4a ef d4 60 aa 6c 6a ff 17 2a de 25 51 bd 01 00 00 Data Ascii: uN0<==AItBN\|Or}{d}Ow{YwRtayg!rSem7Hx$ jK1SDs7g{Vz+c^Gr1zh.&cyJ`lj*%Q
Sep 28, 2024 01:47:58.277854919 CEST	390	OUT	GET /favicon.ico HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:47:58.407046080 CEST	515	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:47:58 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
Sep 28, 2024 01:48:00.010915041 CEST	451	OUT	GET /international HTTP/1.1 Host: www.card.xn--6qq986b3xl Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:48:00.140801907 CEST	515	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:48:00 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.7	49950	157.240.0.13	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:48:02.082777023 CEST	438	OUT	GET /Codashop.IDofficial HTTP/1.1 Host: m.me Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 28, 2024 01:48:02.774220943 CEST	207	IN	HTTP/1.1 301 Moved Permanently Location: https://m.me/Codashop.IDofficial Content-Type: text/plain Server: proxygen-bolt Date: Fri, 27 Sep 2024 23:48:02 GMT Connection: keep-alive Content-Length: 0
Sep 28, 2024 01:48:47.937139988 CEST	6	OUT	Data Raw: 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.7	49803	67.199.248.10	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:48:19.030592918 CEST	6	OUT	Data Raw: 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.7	49951	157.240.0.13	80	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 28, 2024 01:48:47.124757051 CEST	6	OUT	Data Raw: 00 Data Ascii:

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.7	49709	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:09 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 23:47:09 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=233873 Date: Fri, 27 Sep 2024 23:47:09 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.7	49720	172.67.68.182	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:10 UTC	668	OUT	GET /v2/image1/Y29tLm5lcHR1bmUuZG9taW5vX2ljb25fMTU1OTA0NjkyOV8wODc/icon.png?w=170&fakeurl=1 HTTP/1.1 Host: image.winudf.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:10 UTC	880	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:10 GMT Content-Type: image/webp Content-Length: 38730 Connection: close Cf-Bgj: imgq:100,h2pri Cf-Polished: origFmt=png, origSize=63628 Content-Disposition: inline; filename="icon.webp" Vary: Accept etag: 337c5a6c strict-transport-security: max-age=15724800; includeSubDomains x-cache: MISS Cache-Control: max-age=31536000 CF-Cache-Status: HIT Age: 46013 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CB99MjbvtG5Czgs3Hi%2FfkUzJvc%2FP5eGN99b%2Fp1M7pKum5%2BJbZhI61u90W1xv63GhRCkxvmQ3hk%2F1S%2Bh1TrKly6tHtn9dgMhxeSuhQr%2FQczV4TkOp10IPCgFhx9DufHv%2FzD0%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Access-Control-Allow-Origin: * Timing-Allow-Origin: * Server: cloudflare CF-RAY: 8c9f6098ba10de95-EWR
2024-09-27 23:47:10 UTC	489	IN	Data Raw: 52 49 46 46 42 97 00 00 57 45 42 50 56 50 38 4c 35 97 00 00 2f a9 40 2a 10 09 87 6d db 06 12 64 f7 72 fd 77 b2 ff c0 d7 bb 19 22 fa 3f 01 dd 1c bb 81 4e 02 24 6d 1b 03 0f 0e 4e 62 03 55 74 0f b4 b3 3a 52 82 71 a0 c7 ee de 2d b5 94 e2 c6 d0 40 7b ef bc 54 71 34 b0 d6 02 a2 ae 57 72 5d 36 cf 4f 85 ed 39 94 f2 80 43 d8 20 76 29 fe d9 50 ab a8 e2 68 f7 cb bd 37 54 15 fc 6d 4b 8e 7d d7 5d fb 02 aa 96 6d b7 5a fb 2e 3a f7 85 59 e4 f4 9f 5a d3 3d cd 55 f8 1c e5 ca 5e 43 0f f0 05 32 b3 c9 70 27 32 36 4b 4a c2 4a 2e 0a 72 94 a4 51 56 cc 4e 22 25 ca e2 27 55 92 28 69 e5 0c 56 12 f0 8a c1 6e 00 fb 01 b8 aa 2a fe 78 82 99 49 f7 bc 2f 64 a9 d6 a6 48 d2 a5 48 92 a0 08 82 8f 68 0b 92 e0 e7 eb ee 71 9f d9 ff 1a 86 79 9c 47 77 6b 77 b7 35 40 7b ad 3d 6d 73 65 59 51 b9 2e Data Ascii: RIFFBWEBPVP8L5/@mdrw"?N$mNbUt:Rq-@{Tq4Wr]6O9C v)Ph7TmK}]mZ.:YZ=U^C2p'26KJJ.rQVN"%'U(iVnxI/dHHhqyGwkw5@{=mseYQ.
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 9f 32 29 eb c4 cb c8 29 71 8c 1c 97 01 36 86 b3 a5 d3 ed 66 d3 3a 06 80 06 06 3b 00 14 65 35 59 6d 6c 36 91 72 6d 4e 87 94 4d e0 0a a3 d8 34 9b b4 4e 00 ca 4d 19 80 18 2d ef 6e c0 15 d1 45 67 b4 17 12 b8 92 fd 54 ac 5b 67 d7 dd 7f b8 89 46 4b a7 65 e1 c0 16 36 5e c3 c6 b6 b6 f1 30 d8 e7 f4 ab b0 9a 8f ca 27 b9 b3 c4 c8 6e 0c 84 69 6d f4 ac c5 6c 29 4b 0c 8f 0c 6b e0 2c 8e f0 a8 ce 10 da 4e 42 1b 00 9c 10 62 af 3c 56 46 92 33 bb 31 70 85 6c 84 6c b3 d9 4f fb d9 69 c0 b5 e5 76 31 58 58 1f 94 cd ac a3 bd 50 b7 a8 8b c5 d8 6a de c5 49 7a 27 b1 43 01 86 60 eb b4 b0 ee 18 10 88 69 6f 02 38 c0 07 ab d1 da 37 a3 b7 c3 38 52 6b 6b f8 6c 63 72 6f 91 3d 22 09 04 f4 50 d8 29 e8 75 32 05 57 1d 28 43 31 76 8a ff f7 8a 71 90 fd 51 dd 7d 66 a2 a6 98 a8 d5 bc b3 f0 04 36 Data Ascii: 2))q6f:;e5Yml6rmNM4NM-nEgT[gFKe6^0'niml)Kk,NBb<VF31pllOiv1XXPjIz'C`io878Rkklcro="P)u2W(C1vqQ}f6
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 2d 3b 0c 0b b9 ef 65 ba f9 5e 78 98 99 99 99 99 99 99 99 99 99 9f 4d b2 37 33 d3 f2 3a e4 38 8e 05 96 34 d4 dd 55 ff 5f 28 70 24 c9 58 9d 6d bc c0 f2 f5 7f a7 64 3b ef bb 77 ed ea 3e d5 38 ba 07 57 27 b6 6d db b6 6d db ce c8 b6 6d 27 d7 b6 ed 7b 8f d9 66 55 ed da fb 7d 2f aa af fe 82 ef ca ea 95 d9 59 3d cb ba e3 38 ef e0 9d ec 38 b5 32 bf ab ff 80 d8 49 4d f6 a4 86 15 db 76 d2 31 6b 72 a6 b1 93 73 33 bb b3 ac 6b df 0a a6 d6 c8 b6 9d f4 ca d4 b6 6d 3b 39 f3 d8 36 46 59 b6 33 b3 ad 33 cb ac 62 db 23 5b 57 13 ca b5 6d ab b6 95 31 d6 3e e7 dc fb f4 bb 97 70 a9 11 04 8d 14 c9 84 00 3e 01 50 fc 6e 25 dc 9f dc 7b cf de d3 92 6d db 8a 24 47 f7 de f7 bf 99 b3 3c 52 cc 0c 6d 2d f5 d5 d4 52 4b 03 d0 08 d4 63 a6 21 68 06 9a 84 54 35 01 66 66 66 ae 72 f7 00 73 33 fb Data Ascii: -;e^xM73:84U_(p$Xmd;w>8W'mmm'{fU}/Y=882IMv1krs3km;96FY33b#[Wm1>p>Pn%{m$G<Rm-RKc!hT5fffrs3
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: dd 59 c0 ba d0 8e 56 14 d7 f1 e8 a4 55 a6 96 b4 8c 9b 34 67 73 ae 64 4a d5 79 f7 50 11 60 ef 0a ae 7a cf 6c 3a 95 35 5d a3 8f d1 fb 11 88 9a f8 aa fa 8e de d1 db ad 81 ef e8 ab 51 01 92 81 62 c0 7a 1a 26 d0 eb ea e5 07 c7 25 28 2b 95 38 0d 4b 63 48 87 4f 2f e4 30 28 a8 f8 99 76 35 5e b6 af 09 56 6b ad be 39 59 01 98 99 68 a8 1f 8c 8b 35 fc 33 3b e0 81 9f 53 79 60 a2 16 d3 d5 8d 07 61 92 0d 98 c2 27 bb e4 68 6e 7f 15 f9 ee 71 33 05 a1 c8 9a 72 f5 f3 6f 37 d9 ff 7e 3f 1f 7f 11 90 85 0a 94 cc e5 8f 93 f6 c6 4e 9c 6b 04 89 dc 65 bc 9c e5 7b b4 c6 bb 27 13 a9 0e 13 ae 60 21 0b 70 27 b1 b7 d9 11 8e df b9 3f d1 d5 f7 99 e4 20 aa c0 91 d1 81 b2 db ca 83 85 13 a0 a0 fb 2f 31 5d 75 b8 c6 d3 6b 2e c7 d6 15 f0 94 5f d1 ea 88 c1 34 3c 04 ee b3 be 96 32 ef a1 7f e3 c6 Data Ascii: YVU4gsdJyP`zl:5]Qbz&%(+8KcHO/0(v5^Vk9Yh53;Sy`a'hnq3ro7~?Nke{'`!p'? /1]uk._4<2
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: be ea 11 9c 0b d0 92 c0 a1 57 dc 61 a6 2b 54 22 54 c0 3c 49 6a b2 b2 4f 75 4e 58 61 da b5 93 73 55 0d 44 5b 7e 77 b5 05 ae 49 be 88 d7 d5 54 48 da d8 1e 7a 79 79 93 e1 51 13 8e 29 1e 07 94 70 a9 37 a7 39 66 44 0e 55 b3 ab b7 fa 19 63 bb 73 6f 82 3a 80 83 b8 3e f8 5e ad 1e f9 ae 55 c0 0d c1 a0 d3 e9 c4 05 46 21 cd 22 89 04 80 f3 44 51 f4 f3 bd 52 37 b9 eb 10 cc 20 e8 9c d2 0c 8e 05 d2 17 b6 90 a1 b3 c3 42 b4 0f 68 5b bc 0f 71 3b 31 fa 22 4e 9c bd 3b 6c 12 22 e3 93 b8 ab d0 b2 20 5e f2 99 9f b9 40 22 19 8e c4 c2 3b 3a 99 a7 21 60 b7 67 39 f0 17 ac 4f 6d eb f8 84 cf 8c a3 f4 41 1c 7c 09 0a cf 8d a0 ff e5 db 64 3e be b1 f2 96 e1 08 8d 47 ea f3 ec 7c e3 fc f9 02 bf a0 42 b7 cc a7 81 66 01 14 07 9f a4 96 16 cc 30 0d 86 21 64 a6 40 2d b9 13 64 89 d8 99 64 81 15 Data Ascii: Wa+T"T<IjOuNXasUD[~wITHzyyQ)p79fDUcso:>^UF!"DQR7 Bh[q;1"N;l" ^@";:!`g9OmA\|d>G\|Bf0!d@-dd
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 0c 0d 9c d3 52 8c 22 42 56 5f e1 27 88 74 59 5d 50 22 6a f2 c1 10 e0 4d e1 a8 fd 98 28 8a 5c e0 75 54 df db 64 73 dc e3 05 d2 f7 05 f6 9d 90 90 1a 68 0d 68 0d 93 8a 24 8e 00 4b 36 04 cc 6d 8f 57 23 a9 18 ed 5c d5 a5 fe c3 df d4 7e 48 45 ff a7 ec bf bf 50 c3 e7 50 28 02 a6 91 c0 2a f5 60 d6 40 81 52 23 7d a3 56 19 a5 36 fc 5d 90 36 64 f0 2c e7 52 71 0c 39 b1 ec a2 e1 86 c5 67 2f 35 04 20 e1 44 55 32 c2 d6 1b e2 71 3e e7 9e a4 12 a8 05 ee 64 2b 81 3a e0 56 42 a7 dd 81 07 81 5c 04 0d 60 52 9c 50 56 a3 64 93 62 41 a2 69 a8 85 3c a5 d0 79 90 4e 56 08 de b2 4d c1 a2 6e 4b 31 77 2c 17 31 4a e3 a3 b9 81 3c 09 c7 1d 3c c6 27 19 b0 7f f1 5c 9c 87 7d 54 16 10 8b f9 65 62 85 4e 9a 12 ce af 3c 8c f8 14 c8 4d cb 00 30 19 26 23 30 05 51 1b 9b 0e e5 c2 ba bb 39 0c ec 35 Data Ascii: R"BV_'tY]P"jM(\uTdshh$K6mW#\~HEPP(*`@R#}V6]6d,Rq9g/5 DU2q>d+:VB\`RPVdbAi<yNVMnK1w,1J<<'\}TebN<M0&#0Q95
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 2d 94 a0 16 c0 22 b7 48 08 00 c0 07 d1 eb e0 04 7c 80 5b b0 ef a2 72 5f 83 28 59 39 2a b6 ab 80 bf fa 14 1d af b5 5d 7b ae 0d 8f a8 7f 82 1a a0 01 f8 28 08 8b f1 8e d5 f1 cd bf b5 67 54 d7 28 12 53 6b 7a e8 c7 0a d9 e5 ab fc 3e f8 c4 19 d1 03 e7 38 e5 b1 34 19 75 30 e2 c6 3f 5c 7b e2 3e 63 b7 0f 13 03 ae 84 19 b2 a7 93 65 bd 7b 95 97 42 41 b8 61 80 21 31 d1 98 0a 75 40 ea 0e 7b 25 9a 89 cc 79 15 bf 5f 1d 31 fb cd c9 0d 9d 09 c2 f8 c8 38 61 08 36 08 e6 c3 78 b5 21 59 0d 2b a4 a5 47 93 59 af 93 18 2f d4 3c d4 9e b5 5c 0b 61 4e a7 b5 ab ef 0e 6e d7 08 98 fb 91 71 39 d2 73 1b fd e4 29 ec f4 7e b4 99 67 db 1b 2a fe 2a 12 be 67 2d 84 f7 8b f2 97 86 78 eb 4b 39 25 ca c0 af e2 41 94 d3 da 31 31 d1 43 4b 86 69 0d 94 04 9d c4 56 62 27 a1 83 18 27 fb 9f 78 3d 18 78 Data Ascii: -"H\|[r_(Y9]{(gT(Skz>84u0?\{>ce{BAa!1u@{%y_18a6x!Y+GY/<\aNnq9s)~g*g-xK9%A11CKiVb''x=x
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 5b 00 65 e3 c3 f9 05 f7 6e 6d 50 e0 51 d8 ea e6 aa e2 2b d0 d8 f6 86 0a 50 ab 24 76 64 ba c8 b8 10 08 3c 19 c1 56 a8 90 7b 88 86 02 82 9c 1a 2d 8d 0d 79 48 b2 a4 9c 21 74 42 19 a8 87 90 35 94 80 3d 7e f7 8d 60 d1 7b fe ed 9d 2e 1b af e7 39 5b b0 0e 61 38 3f 97 87 9b 78 c2 ac 31 7c af 37 75 28 7e ba d9 29 3d c8 61 f2 dc e6 7d 4f 04 89 74 69 5d 44 97 97 59 d3 f8 be 79 6f ee 5a a1 cd ec 68 a8 16 bc 36 46 94 ab c4 28 86 20 64 2c 53 88 7f e1 85 d3 78 b6 9c fa 97 a4 86 82 ab 9c c4 bc c2 e5 eb a7 57 f9 30 bd 7e 34 1c 39 54 61 d4 1d b7 05 0f f7 fe 96 bb 97 a3 6e a0 be 3e ed 07 5a cd 3f 61 81 08 2a c6 ef 35 6a f1 91 12 0f bf 26 e2 96 ae 76 03 38 d7 dd c5 71 51 b8 c8 4c 45 28 af 74 e5 e6 e4 97 5a 86 a5 87 a5 80 c8 26 63 e2 03 4d 97 6c 79 29 8b 3e 1a 2c c2 19 65 11 Data Ascii: [enmPQ+P$vd<V{-yH!tB5=~`{.9[a8?x1\|7u(~)=a}Oti]DYyoZh6F( d,SxW0~49Tan>Z?a*5j&v8qQLE(tZ&cMly)>,e
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 7b fa b6 25 7f e4 72 40 29 23 50 64 00 23 27 dd 3d 13 cb 0b 2b 24 2c 8a 5c cc 10 0e a0 a0 d9 11 45 16 af 55 92 38 09 b5 19 f4 91 49 7a 88 0b 09 40 ab bc e8 d8 1d 8a ec fe 17 f0 c6 7c 50 1c 02 7d 90 68 b5 2a 6d 28 2c 29 b0 5b 9a 09 7e 04 62 7a 46 7e b4 a5 27 8e 50 ec 67 64 6c 86 2c 90 0f 63 9e 9f 7a 70 51 89 d0 91 dc c8 9d 78 ad 12 09 b7 81 25 a5 05 e0 7c 32 02 65 b4 fd 85 63 d6 bb 5e f7 21 9f bd c0 f1 28 13 d3 1a 8c e2 3e 4e e0 f8 eb 72 83 91 a0 af 09 df 52 a8 56 1d 5d 39 62 7b 5a b2 25 a5 16 96 04 87 c1 ea 50 04 52 24 74 85 c3 b1 9a 58 8c 09 79 3d 08 d0 12 92 06 e8 bc c9 ec 31 ed 41 48 c8 75 a3 a7 d7 ce 7b d1 bf 03 99 d8 1f 42 59 96 0c 3c 61 55 a0 db d5 f1 71 19 19 53 00 82 47 84 d1 21 6e 36 59 63 67 09 4f 5f e7 89 b4 17 64 1b ae 13 04 88 b3 9e 29 8a 0a Data Ascii: {%r@)#Pd#'=+$,\EU8Iz@\|P}h*m(,)[~bzF~'Pgdl,czpQx%\|2ec^!(>NrRV]9b{Z%PR$tXy=1AHu{BY<aUqSG!n6YcgO_d)
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 3e b2 f1 54 f9 ba 4c cc 70 4b b4 6a e4 b9 87 82 f7 59 7c 9d be 1d a8 0b b2 9e 0c 8c c5 04 c3 ff b5 d7 4a 1f 46 8b 15 a5 8c 71 80 66 e4 13 c3 bc 89 5f a9 b3 1b 0e b1 a1 c3 45 53 3a a5 77 2f f3 ff 2b fe b5 e2 bf d0 0d b7 bc 48 61 69 41 5c 03 5f 41 5d 20 4b a8 5c d2 8a 10 49 88 ab 09 08 25 94 02 d3 22 11 f7 89 3c b7 63 53 82 4d 30 a6 8c 15 b1 92 ad 38 69 f4 7c 4e 06 2f 0d c7 bb 7f 71 79 d9 d7 d8 0b 1e 82 22 1e 0e b3 1c 25 b2 b6 d5 9b 94 50 79 e3 95 d0 4f 3d b1 f5 c4 4b a9 09 e6 1d e5 cb 94 ad 5f 86 45 e1 9e ef 5e 1c b7 6f 15 80 60 8e c0 8e 5d 6d 44 97 ee 92 66 75 f6 75 bf 7d 9e f5 8b bf bf 2b 5b c0 68 90 12 c5 99 71 a4 38 24 1e 18 4d d0 0e 11 dc a1 ba 0f b3 03 8f be a7 f4 6b 54 7c 7b cb be 81 f6 0e f3 a9 fe 3f e5 bb 48 d0 28 1b b1 a9 b8 81 14 61 08 6c 42 3b Data Ascii: >TLpKjY\|JFqf_ES:w/+HaiA\_A] K\I%"<cSM08i\|N/qy"%PyO=K_E^o`]mDfuu}+[hq8$MkT\|{?H(alB;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.7	49719	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:10 UTC	553	OUT	GET /S/content/common/js/xss.min.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:11 UTC	514	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 28924 Connection: close Last-Modified: Tue, 12 Nov 2019 04:16:51 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:12 GMT ETag: "4947ff982fb69173f95da79b538f254d" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: Qcro2AzZ7gt_H-ZabU3xuLrkrTJd2JCM_elvlwWioVMif_cVGoUMSQ==
2024-09-27 23:47:11 UTC	16384	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 20 65 28 74 2c 6e 2c 72 29 7b 66 75 6e 63 74 69 6f 6e 20 73 28 6f 2c 75 29 7b 69 66 28 21 6e 5b 6f 5d 29 7b 69 66 28 21 74 5b 6f 5d 29 7b 76 61 72 20 61 3d 74 79 70 65 6f 66 20 72 65 71 75 69 72 65 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 72 65 71 75 69 72 65 3b 69 66 28 21 75 26 26 61 29 72 65 74 75 72 6e 20 61 28 6f 2c 21 30 29 3b 69 66 28 69 29 72 65 74 75 72 6e 20 69 28 6f 2c 21 30 29 3b 76 61 72 20 66 3d 6e 65 77 20 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 6d 6f 64 75 6c 65 20 27 22 2b 6f 2b 22 27 22 29 3b 74 68 72 6f 77 20 66 2e 63 6f 64 65 3d 22 4d 4f 44 55 4c 45 5f 4e 4f 54 5f 46 4f 55 4e 44 22 2c 66 7d 76 61 72 20 6c 3d 6e 5b 6f 5d 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 74 5b 6f 5d 5b 30 5d 2e 63 61 Data Ascii: (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].ca
2024-09-27 23:47:11 UTC	1514	IN	Data Raw: 74 68 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 61 63 6b 66 61 63 65 2d 76 69 73 69 62 69 6c 69 74 79 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 61 63 6b 67 72 6f 75 6e 64 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 61 63 6b 67 72 6f 75 6e 64 2d 61 74 74 61 63 68 6d 65 6e 74 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 61 63 6b 67 72 6f 75 6e 64 2d 6f 72 69 67 69 6e 22 5d 3d 74 Data Ascii: th"]=false;whiteList["backface-visibility"]=false;whiteList["background"]=true;whiteList["background-attachment"]=true;whiteList["background-clip"]=true;whiteList["background-color"]=true;whiteList["background-image"]=true;whiteList["background-origin"]=t
2024-09-27 23:47:11 UTC	11026	IN	Data Raw: 22 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 6f 72 64 65 72 2d 74 6f 70 2d 73 74 79 6c 65 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 6f 72 64 65 72 2d 77 69 64 74 68 22 5d 3d 74 72 75 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 6f 74 74 6f 6d 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 62 6f 78 2d 64 65 63 6f 72 Data Ascii: "border-top-color"]=true;whiteList["border-top-left-radius"]=true;whiteList["border-top-right-radius"]=true;whiteList["border-top-style"]=true;whiteList["border-top-width"]=true;whiteList["border-width"]=true;whiteList["bottom"]=false;whiteList["box-decor

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.7	49716	104.17.24.14	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:10 UTC	619	OUT	GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:10 UTC	919	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:10 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03ed9-14d38" Last-Modified: Mon, 04 May 2020 16:12:09 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 341902 Expires: Wed, 17 Sep 2025 23:47:10 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XgJIpk1tNJa91R4d4HXbRh9gmIzUddySAfbFSz6kQuNvXg5pM2%2FfGefcKu8p2iDu%2B%2B2DF4QvYwzgTnZUiDCWmy8hsQEp%2BP9zx24dkGKADry%2BYkiKo2fSlR0rBKd6YjjNwDilIyDW"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8c9f6098bb6217b1-EWR
2024-09-27 23:47:10 UTC	450	IN	Data Raw: 33 39 38 34 0d 0a 2f 2a 21 0a 20 2a 20 20 4d 61 74 65 72 69 61 6c 20 44 65 73 69 67 6e 20 49 63 6f 6e 69 63 20 46 6f 6e 74 20 62 79 20 53 65 72 67 65 79 20 4b 75 70 6c 65 74 73 6b 79 20 28 40 7a 61 76 6f 6c 6f 6b 6c 6f 6d 29 20 2d 20 68 74 74 70 3a 2f 2f 7a 61 76 6f 6c 6f 6b 6c 6f 6d 2e 67 69 74 68 75 62 2e 69 6f 2f 6d 61 74 65 72 69 61 6c 2d 64 65 73 69 67 6e 2d 69 63 6f 6e 69 63 2d 66 6f 6e 74 2f 0a 20 2a 20 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 3a 2f 2f 7a 61 76 6f 6c 6f 6b 6c 6f 6d 2e 67 69 74 68 75 62 2e 69 6f 2f 6d 61 74 65 72 69 61 6c 2d 64 65 73 69 67 6e 2d 69 63 6f 6e 69 63 2d 66 6f 6e 74 2f 6c 69 63 65 6e 73 65 20 28 46 6f 6e 74 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 53 53 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 0a Data Ascii: 3984/! Material Design Iconic Font by Sergey Kupletsky (@zavoloklom) - http://zavoloklom.github.io/material-design-iconic-font/ * License - http://zavoloklom.github.io/material-design-iconic-font/license (Font: SIL OFL 1.1, CSS: MIT License) */
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 27 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 4d 61 74 65 72 69 61 6c 2d 44 65 73 69 67 6e 2d 49 63 6f 6e 69 63 2d 46 6f 6e 74 2e 74 74 66 3f 76 3d 32 2e 32 2e 30 27 29 20 66 6f 72 6d 61 74 28 27 74 72 75 65 74 79 70 65 27 29 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 7d 0a 2e 7a 6d 64 69 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0a 20 20 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 6e 6f 72 6d 61 6c 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 31 20 27 4d 61 74 65 72 69 61 6c 2d 44 65 73 69 67 6e 2d 49 63 6f 6e 69 63 2d 46 6f 6e 74 27 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 Data Ascii: ') format('woff'), url('../fonts/Material-Design-Iconic-Font.ttf?v=2.2.0') format('truetype'); font-weight: normal; font-style: normal;}.zmdi { display: inline-block; font: normal normal normal 14px/1 'Material-Design-Iconic-Font'; font-size:
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 7a 6d 64 69 2d 73 70 69 6e 20 31 2e 35 73 20 69 6e 66 69 6e 69 74 65 20 6c 69 6e 65 61 72 3b 0a 7d 0a 2e 7a 6d 64 69 2d 68 63 2d 73 70 69 6e 2d 72 65 76 65 72 73 65 20 7b 0a 20 20 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 20 7a 6d 64 69 2d 73 70 69 6e 2d 72 65 76 65 72 73 65 20 31 2e 35 73 20 69 6e 66 69 6e 69 74 65 20 6c 69 6e 65 61 72 3b 0a 20 20 20 20 20 20 20 20 20 20 61 6e 69 6d 61 74 69 6f 6e 3a 20 7a 6d 64 69 2d 73 70 69 6e 2d 72 65 76 65 72 73 65 20 31 2e 35 73 20 69 6e 66 69 6e 69 74 65 20 6c 69 6e 65 61 72 3b 0a 7d 0a 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 7a 6d 64 69 2d 73 70 69 6e 20 7b 0a 20 20 30 25 20 7b 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 30 64 65 67 29 Data Ascii: zmdi-spin 1.5s infinite linear;}.zmdi-hc-spin-reverse { -webkit-animation: zmdi-spin-reverse 1.5s infinite linear; animation: zmdi-spin-reverse 1.5s infinite linear;}@-webkit-keyframes zmdi-spin { 0% { -webkit-transform: rotate(0deg)
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 6f 74 61 74 65 28 32 37 30 64 65 67 29 3b 0a 20 20 20 20 20 20 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 37 30 64 65 67 29 3b 0a 7d 0a 2e 7a 6d 64 69 2d 68 63 2d 66 6c 69 70 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 7b 0a 20 20 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 73 63 61 6c 65 28 2d 31 2c 20 31 29 3b 0a 20 20 20 20 20 20 2d 6d 73 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 73 63 61 6c 65 28 2d 31 2c 20 31 29 3b 0a 20 20 20 20 20 20 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 73 63 61 6c 65 28 2d 31 2c 20 31 29 3b 0a 7d 0a 2e 7a 6d 64 69 2d 68 63 2d 66 6c 69 70 2d 76 65 72 74 69 63 61 6c 20 7b 0a 20 20 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 73 63 61 6c 65 28 31 2c 20 2d 31 29 3b 0a 20 20 20 20 20 20 2d Data Ascii: otate(270deg); transform: rotate(270deg);}.zmdi-hc-flip-horizontal { -webkit-transform: scale(-1, 1); -ms-transform: scale(-1, 1); transform: scale(-1, 1);}.zmdi-hc-flip-vertical { -webkit-transform: scale(1, -1); -
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 65 6e 74 2d 72 65 74 75 72 6e 65 64 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 30 62 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 61 73 73 69 67 6e 6d 65 6e 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 30 63 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 61 74 74 61 63 68 6d 65 6e 74 2d 61 6c 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 30 64 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 61 74 74 61 63 68 6d 65 6e 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 30 65 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 61 75 64 69 6f 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 30 66 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 62 61 64 67 65 2d 63 68 65 63 6b 3a 62 65 Data Ascii: ent-returned:before { content: '\f10b';}.zmdi-assignment:before { content: '\f10c';}.zmdi-attachment-alt:before { content: '\f10d';}.zmdi-attachment:before { content: '\f10e';}.zmdi-audio:before { content: '\f10f';}.zmdi-badge-check:be
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 32 38 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 61 72 64 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 32 39 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 61 73 65 2d 63 68 65 63 6b 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 32 61 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 61 73 65 2d 64 6f 77 6e 6c 6f 61 64 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 32 62 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 61 73 65 2d 70 6c 61 79 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 32 63 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 61 73 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 32 64 27 Data Ascii: fore { content: '\f128';}.zmdi-card:before { content: '\f129';}.zmdi-case-check:before { content: '\f12a';}.zmdi-case-download:before { content: '\f12b';}.zmdi-case-play:before { content: '\f12c';}.zmdi-case:before { content: '\f12d'
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 2d 63 6f 6c 6c 65 63 74 69 6f 6e 2d 69 74 65 6d 2d 34 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 34 34 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 6f 6c 6c 65 63 74 69 6f 6e 2d 69 74 65 6d 2d 35 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 34 35 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 6f 6c 6c 65 63 74 69 6f 6e 2d 69 74 65 6d 2d 36 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 34 36 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 6f 6c 6c 65 63 74 69 6f 6e 2d 69 74 65 6d 2d 37 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 34 37 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 63 6f 6c 6c 65 63 74 69 6f 6e 2d 69 74 65 6d 2d 38 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 Data Ascii: -collection-item-4:before { content: '\f144';}.zmdi-collection-item-5:before { content: '\f145';}.zmdi-collection-item-6:before { content: '\f146';}.zmdi-collection-item-7:before { content: '\f147';}.zmdi-collection-item-8:before { conte
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 35 66 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 66 69 6c 74 65 72 2d 6c 69 73 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 36 30 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 66 69 72 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 36 31 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 66 6c 61 67 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 36 32 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 66 6c 61 72 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 36 33 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 66 6c 61 73 68 2d 61 75 74 6f 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 36 34 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 66 6c 61 73 Data Ascii: content: '\f15f';}.zmdi-filter-list:before { content: '\f160';}.zmdi-fire:before { content: '\f161';}.zmdi-flag:before { content: '\f162';}.zmdi-flare:before { content: '\f163';}.zmdi-flash-auto:before { content: '\f164';}.zmdi-flas
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 7d 0a 2e 7a 6d 64 69 2d 69 6d 61 67 65 2d 61 6c 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 37 64 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 69 6d 61 67 65 2d 6f 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 37 65 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 69 6d 61 67 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 37 66 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 69 6e 62 6f 78 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 38 30 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 69 6e 76 65 72 74 2d 63 6f 6c 6f 72 73 2d 6f 66 66 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 38 31 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 69 6e 76 65 72 74 2d 63 6f 6c 6f 72 73 3a Data Ascii: }.zmdi-image-alt:before { content: '\f17d';}.zmdi-image-o:before { content: '\f17e';}.zmdi-image:before { content: '\f17f';}.zmdi-inbox:before { content: '\f180';}.zmdi-invert-colors-off:before { content: '\f181';}.zmdi-invert-colors:
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 20 27 5c 66 31 39 61 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 6d 6f 72 65 2d 76 65 72 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 39 62 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 6d 6f 72 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 39 63 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 6d 6f 76 69 65 2d 61 6c 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 39 64 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 6d 6f 76 69 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 39 65 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 6e 61 74 75 72 65 2d 70 65 6f 70 6c 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 66 31 39 66 27 3b 0a 7d 0a 2e 7a 6d 64 69 2d 6e 61 74 75 72 65 3a Data Ascii: '\f19a';}.zmdi-more-vert:before { content: '\f19b';}.zmdi-more:before { content: '\f19c';}.zmdi-movie-alt:before { content: '\f19d';}.zmdi-movie:before { content: '\f19e';}.zmdi-nature-people:before { content: '\f19f';}.zmdi-nature:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.7	49717	104.18.11.207	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:10 UTC	626	OUT	GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:10 UTC	920	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:10 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: US Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31919000 ETag: W/"269550530cc127b6aa5a35925a7de6ce" Last-Modified: Mon, 25 Jan 2021 22:04:55 GMT CDN-ProxyVer: 1.04 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 CDN-CachedAt: 09/25/2024 05:10:35 CDN-EdgeStorageId: 871 timing-allow-origin: * cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff CDN-Status: 200 CDN-RequestTime: 0 CDN-RequestId: ec3fe64fc09a1a3e17845c05feb28ffb CDN-Cache: HIT CF-Cache-Status: HIT Age: 46015 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 8c9f6098b84542e7-EWR
2024-09-27 23:47:10 UTC	449	IN	Data Raw: 37 39 31 38 0d 0a 2f 2a 21 0a 20 2a 20 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 34 2e 37 2e 30 20 62 79 20 40 64 61 76 65 67 61 6e 64 79 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 20 2d 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 0a 20 2a 20 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 2f 6c 69 63 65 6e 73 65 20 28 46 6f 6e 74 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 53 53 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 41 77 65 73 6f 6d 65 27 3b 73 72 63 3a 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 65 6f 74 3f 76 3d 34 2e 37 Data Ascii: 7918/! Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License) */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.7
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 66 66 3f 76 3d 34 2e 37 2e 30 27 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 74 74 66 3f 76 3d 34 2e 37 2e 30 27 29 20 66 6f 72 6d 61 74 28 27 74 72 75 65 74 79 70 65 27 29 2c 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 73 76 67 3f 76 3d 34 2e 37 2e 30 23 66 6f 6e 74 61 77 65 73 6f 6d 65 72 65 67 75 6c 61 72 27 29 20 66 6f 72 6d 61 74 28 27 73 76 67 27 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 7d 2e 66 61 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 6f 6e 74 3a 6e 6f 72 6d 61 6c 20 6e 6f 72 6d 61 Data Ascii: ff?v=4.7.0') format('woff'),url('../fonts/fontawesome-webfont.ttf?v=4.7.0') format('truetype'),url('../fonts/fontawesome-webfont.svg?v=4.7.0#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal norma
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 7d 31 30 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 73 70 69 6e 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 7d 31 30 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 35 39 64 65 67 29 7d 7d 2e 66 61 2d 72 6f 74 61 74 65 2d 39 30 7b 2d 6d 73 2d 66 69 6c 74 65 72 3a 22 70 Data Ascii: ;transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}.fa-rotate-90{-ms-filter:"p
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 73 6f 6c 75 74 65 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 66 61 2d 73 74 61 63 6b 2d 31 78 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 2e 66 61 2d 73 74 61 63 6b 2d 32 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 2e 66 61 2d 69 6e 76 65 72 73 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 66 61 2d 67 6c 61 73 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 30 22 7d 2e 66 61 2d 6d 75 73 69 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 31 22 7d 2e 66 61 2d 73 65 61 72 63 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 32 22 7d 2e 66 61 2d 65 6e 76 65 6c 6f 70 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 Data Ascii: solute;left:0;width:100%;text-align:center}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-glass:before{content:"\f000"}.fa-music:before{content:"\f001"}.fa-search:before{content:"\f002"}.fa-envelope-o:before{content
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 34 22 7d 2e 66 61 2d 68 65 61 64 70 68 6f 6e 65 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 35 22 7d 2e 66 61 2d 76 6f 6c 75 6d 65 2d 6f 66 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 36 22 7d 2e 66 61 2d 76 6f 6c 75 6d 65 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 37 22 7d 2e 66 61 2d 76 6f 6c 75 6d 65 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 38 22 7d 2e 66 61 2d 71 72 63 6f 64 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 39 22 7d 2e 66 61 2d 62 61 72 63 6f 64 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 32 61 22 7d 2e 66 61 2d 74 61 67 3a 62 65 66 6f 72 65 Data Ascii: ore{content:"\f024"}.fa-headphones:before{content:"\f025"}.fa-volume-off:before{content:"\f026"}.fa-volume-down:before{content:"\f027"}.fa-volume-up:before{content:"\f028"}.fa-qrcode:before{content:"\f029"}.fa-barcode:before{content:"\f02a"}.fa-tag:before
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 63 6b 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 39 22 7d 2e 66 61 2d 62 61 63 6b 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 61 22 7d 2e 66 61 2d 70 6c 61 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 62 22 7d 2e 66 61 2d 70 61 75 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 63 22 7d 2e 66 61 2d 73 74 6f 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 64 22 7d 2e 66 61 2d 66 6f 72 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 34 65 22 7d 2e 66 61 2d 66 61 73 74 2d 66 6f 72 77 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 35 30 22 7d 2e 66 61 2d 73 74 65 70 2d 66 6f 72 77 61 72 64 3a Data Ascii: ckward:before{content:"\f049"}.fa-backward:before{content:"\f04a"}.fa-play:before{content:"\f04b"}.fa-pause:before{content:"\f04c"}.fa-stop:before{content:"\f04d"}.fa-forward:before{content:"\f04e"}.fa-fast-forward:before{content:"\f050"}.fa-step-forward:
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 66 30 37 30 22 7d 2e 66 61 2d 77 61 72 6e 69 6e 67 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 31 22 7d 2e 66 61 2d 70 6c 61 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 32 22 7d 2e 66 61 2d 63 61 6c 65 6e 64 61 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 33 22 7d 2e 66 61 2d 72 61 6e 64 6f 6d 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 34 22 7d 2e 66 61 2d 63 6f 6d 6d 65 6e 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 35 22 7d 2e 66 61 2d 6d 61 67 6e 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 36 22 7d 2e 66 61 2d 63 68 65 76 72 6f Data Ascii: f070"}.fa-warning:before,.fa-exclamation-triangle:before{content:"\f071"}.fa-plane:before{content:"\f072"}.fa-calendar:before{content:"\f073"}.fa-random:before{content:"\f074"}.fa-comment:before{content:"\f075"}.fa-magnet:before{content:"\f076"}.fa-chevro
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 61 2d 73 71 75 61 72 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 36 22 7d 2e 66 61 2d 62 6f 6f 6b 6d 61 72 6b 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 37 22 7d 2e 66 61 2d 70 68 6f 6e 65 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 38 22 7d 2e 66 61 2d 74 77 69 74 74 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 39 22 7d 2e 66 61 2d 66 61 63 65 62 6f 6f 6b 2d 66 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 66 61 63 65 62 6f 6f 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 61 22 7d 2e 66 61 2d 67 69 74 68 75 62 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 39 62 22 7d 2e 66 61 2d 75 6e 6c 6f 63 6b 3a 62 65 66 6f 72 Data Ascii: a-square-o:before{content:"\f096"}.fa-bookmark-o:before{content:"\f097"}.fa-phone-square:before{content:"\f098"}.fa-twitter:before{content:"\f099"}.fa-facebook-f:before,.fa-facebook:before{content:"\f09a"}.fa-github:before{content:"\f09b"}.fa-unlock:befor
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 70 70 79 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 37 22 7d 2e 66 61 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 38 22 7d 2e 66 61 2d 6e 61 76 69 63 6f 6e 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 72 65 6f 72 64 65 72 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 62 61 72 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 39 22 7d 2e 66 61 2d 6c 69 73 74 2d 75 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 61 22 7d 2e 66 61 2d 6c 69 73 74 2d 6f 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 62 22 7d 2e 66 61 2d 73 74 72 69 6b 65 74 68 72 6f 75 67 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 63 63 22 7d 2e 66 61 2d 75 6e 64 65 72 6c 69 Data Ascii: ppy-o:before{content:"\f0c7"}.fa-square:before{content:"\f0c8"}.fa-navicon:before,.fa-reorder:before,.fa-bars:before{content:"\f0c9"}.fa-list-ul:before{content:"\f0ca"}.fa-list-ol:before{content:"\f0cb"}.fa-strikethrough:before{content:"\f0cc"}.fa-underli
2024-09-27 23:47:10 UTC	1369	IN	Data Raw: 65 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 63 6c 69 70 62 6f 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 61 22 7d 2e 66 61 2d 6c 69 67 68 74 62 75 6c 62 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 62 22 7d 2e 66 61 2d 65 78 63 68 61 6e 67 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 63 22 7d 2e 66 61 2d 63 6c 6f 75 64 2d 64 6f 77 6e 6c 6f 61 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 64 22 7d 2e 66 61 2d 63 6c 6f 75 64 2d 75 70 6c 6f 61 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 65 65 22 7d 2e 66 61 2d 75 73 65 72 2d 6d 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 30 22 7d 2e 66 61 2d 73 74 65 74 68 6f 73 63 6f 70 65 3a 62 Data Ascii: e:before,.fa-clipboard:before{content:"\f0ea"}.fa-lightbulb-o:before{content:"\f0eb"}.fa-exchange:before{content:"\f0ec"}.fa-cloud-download:before{content:"\f0ed"}.fa-cloud-upload:before{content:"\f0ee"}.fa-user-md:before{content:"\f0f0"}.fa-stethoscope:b

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.7	49718	13.32.121.127	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:10 UTC	540	OUT	GET /tapfiliate.js HTTP/1.1 Host: script.tapfiliate.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:11 UTC	509	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 11592 Connection: close Last-Modified: Wed, 12 Oct 2022 12:34:24 GMT Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 03:55:46 GMT ETag: "ddbb39a9e8e67d5067145f8aa76b938d" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P1 X-Amz-Cf-Id: Gjyrz7MII0zK3AHwVbOnMxPoEbFDE3myO1pRlA28AcLdVhzJEJLHdQ== Age: 71485 Vary: Origin
2024-09-27 23:47:11 UTC	9594	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 77 69 6e 64 6f 77 2c 76 3d 77 69 6e 64 6f 77 2e 54 61 70 66 69 6c 69 61 74 65 4f 62 6a 65 63 74 7c 7c 22 74 61 70 22 2c 72 3d 64 5b 76 5d 26 26 64 5b 76 5d 2e 71 7c 7c 5b 5d 3b 69 66 28 21 64 5b 76 5d 7c 7c 21 64 5b 76 5d 2e 6c 6f 61 64 65 64 29 7b 64 5b 76 5d 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 65 2c 6f 2c 69 2c 72 29 7b 76 61 72 20 61 3d 64 5b 76 5d 5b 74 5d 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 61 29 74 68 72 6f 77 27 46 75 6e 63 74 69 6f 6e 20 22 27 2b 74 2b 27 22 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 27 3b 61 28 6e 2c 65 2c 6f 2c 69 2c 72 29 7d 2c 64 5b 76 5d 2e 71 3d 72 2c 64 5b 76 5d 2e 6c 6f 61 64 65 64 3d 21 30 2c 64 5b 76 5d 2e 62 61 73 65 55 72 6c 3d Data Ascii: !function(){var d=window,v=window.TapfiliateObject\|\|"tap",r=d[v]&&d[v].q\|\|[];if(!d[v]\|\|!d[v].loaded){d[v]=function(t,n,e,o,i,r){var a=d[v][t];if("function"!=typeof a)throw'Function "'+t+'" not supported';a(n,e,o,i,r)},d[v].q=r,d[v].loaded=!0,d[v].baseUrl=
2024-09-27 23:47:11 UTC	1998	IN	Data Raw: 5d 29 2c 72 2e 73 70 6c 69 63 65 28 6f 2c 31 29 2c 22 63 72 65 61 74 65 22 3d 3d 3d 69 26 26 28 65 3d 21 30 29 29 7d 7d 28 29 7d 66 75 6e 63 74 69 6f 6e 20 70 28 74 2c 6e 2c 65 29 7b 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 6e 2c 65 2c 21 31 29 3a 74 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 74 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 22 2b 6e 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 66 28 74 2c 6e 2c 65 29 7b 76 61 72 20 6f 2c 69 2c 72 2c 61 3b 69 66 28 61 3d 2f 5c 5b 5c 5d 24 2f 2c 6e 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 29 66 6f 72 28 69 3d 30 2c 72 3d 6e 2e 6c 65 6e 67 74 68 3b 69 3c 72 3b 69 2b 2b 29 61 2e 74 65 73 74 28 74 29 3f 65 28 74 2c 6e 5b 69 5d 29 3a Data Ascii: ]),r.splice(o,1),"create"===i&&(e=!0))}}()}function p(t,n,e){t.addEventListener?t.addEventListener(n,e,!1):t.attachEvent&&t.attachEvent("on"+n,e)}function f(t,n,e){var o,i,r,a;if(a=/\[\]$/,n instanceof Array)for(i=0,r=n.length;i<r;i++)a.test(t)?e(t,n[i]):

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.7	49721	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:10 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 23:47:11 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=233902 Date: Fri, 27 Sep 2024 23:47:10 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-27 23:47:11 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.7	49722	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:11 UTC	570	OUT	GET /S2/content/common/js/shop-topnav2.7e1fed6bdf.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:12 UTC	579	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 7249 Connection: close Last-Modified: Fri, 20 Sep 2024 07:35:11 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: F0bOVc4XuNNSbDFmx4.hPDiCNX580MBz Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:13 GMT ETag: "7e1fed6bdfc0657c0dedc6e6c19553fa" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: xLJf7OC8b4_bCFmjlczkWA6WURa75NEin3LtWxCBKNaJZPWD4srbmw==
2024-09-27 23:47:12 UTC	7249	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 67 65 74 43 75 72 72 65 6e 74 43 6f 75 6e 74 72 79 32 4e 61 6d 65 28 65 29 7b 72 65 74 75 72 6e 20 63 75 72 72 65 6e 74 43 6f 75 6e 74 72 79 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 72 65 64 69 72 65 63 74 54 6f 41 6c 6c 53 65 61 72 63 68 52 65 73 75 6c 74 28 65 2c 74 29 7b 76 61 72 20 72 2c 6e 3d 63 68 65 63 6b 43 75 72 72 65 6e 74 55 72 6c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69 67 69 6e 2c 22 63 6f 64 61 73 68 6f 70 2e 63 6f 6d 22 29 2c 61 3d 63 68 65 63 6b 43 75 72 72 65 6e 74 55 72 6c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69 67 69 6e 2c 22 63 6f 64 61 73 68 6f 70 2d 74 65 73 74 2d 6e 65 77 22 29 3b 24 28 22 62 Data Ascii: "use strict";function getCurrentCountry2Name(e){return currentCountry=e.toLowerCase()}function redirectToAllSearchResult(e,t){var r,n=checkCurrentUrl(window.location.origin,"codashop.com"),a=checkCurrentUrl(window.location.origin,"codashop-test-new");$("b

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.7	49723	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	624	OUT	GET /S/content/mobile/images/codashop-logo.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:12 UTC	638	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2191 Connection: close Last-Modified: Tue, 21 May 2019 00:56:00 GMT x-amz-meta-sha256: 5fdf464d02d5be0bcfd2f1ad32c75aeed1f03232c2033f399df2ce78a289d8f7 x-amz-meta-s3b-last-modified: 20190509T041738Z x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:12 GMT ETag: "ef72958375f5891863e9e027d910fe6f" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: CU3dVbgTuLbSEaQwniIfDzH_iByo0GH_Al4rBXQ86z0LLB-9LUaGIQ== Age: 53010
2024-09-27 23:47:12 UTC	2191	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 9d 00 00 00 1c 08 06 00 00 00 7b ca bd ab 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 08 31 49 44 41 54 78 da ec 5c 5f 68 5b 55 18 3f 37 ad da ad 9d bb 65 6e a8 43 96 fa a2 82 ba db b7 89 83 dd 80 3e ec 41 96 3c 08 ea cb 92 07 9f 14 db 20 88 03 b1 0d 28 88 30 d3 ca 7c 94 24 2f 22 28 34 9b 0f 7b 50 c8 2d 4c 9c 2f 36 45 d1 0d 64 89 88 8a c3 3f 99 d6 d1 f5 4f ae df 97 7e 37 3b 3d 3b e7 dc 73 d3 74 0e b9 1f 1c 72 9b 9c ef fc fd 9d df f7 e7 9e cd 62 06 b2 fc fe bd 49 7f cd 72 fd 95 c4 11 7f 75 20 09 9f 6c a3 0c e0 67 d3 5f 4d 2c 42 a9 8e 9e fa ba c9 62 89 25 44 2c dd 8f 2b 1f ee 75 fd b5 c4 04 00 2b 0d a0 62 9d b2 01 34 1e 74 fc b3 Data Ascii: PNGIHDR{tEXtSoftwareAdobe ImageReadyqe<1IDATx\_h[U?7enC>A< (0\|$/"(4{P-L/6Ed?O~7;=;strbIru lg_M,Bb%D,+u+b4t

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.7	49711	157.240.251.9	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	543	OUT	GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:12 UTC	1451	IN	HTTP/1.1 200 OK Vary: Accept-Encoding Content-Type: application/x-javascript; charset=utf-8 timing-allow-origin: * reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-security-policy: default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; document-policy: force-load-at-top
2024-09-27 23:47:12 UTC	1700	IN	Data Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewpor
2024-09-27 23:47:12 UTC	1	IN	Data Raw: 2f Data Ascii: /
2024-09-27 23:47:12 UTC	14683	IN	Data Raw: 2a 2a 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 37 2d 70 72 65 73 65 6e 74 2c 20 46 61 63 65 62 6f 6f 6b 2c 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 2a 0a 2a 20 59 6f 75 20 61 72 65 20 68 65 72 65 62 79 20 67 72 61 6e 74 65 64 20 61 20 6e 6f 6e 2d 65 78 63 6c 75 73 69 76 65 2c 20 77 6f 72 6c 64 77 69 64 65 2c 20 72 6f 79 61 6c 74 79 2d 66 72 65 65 20 6c 69 63 65 6e 73 65 20 74 6f 20 75 73 65 2c 0a 2a 20 63 6f 70 79 2c 20 6d 6f 64 69 66 79 2c 20 61 6e 64 20 64 69 73 74 72 69 62 75 74 65 20 74 68 69 73 20 73 6f 66 74 77 61 72 65 20 69 6e 20 73 6f 75 72 63 65 20 63 6f 64 65 20 6f 72 20 62 69 6e 61 72 79 20 66 6f 72 6d 20 66 6f 72 20 75 73 65 0a 2a 20 69 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 77 69 74 Data Ascii: * Copyright (c) 2017-present, Facebook, Inc. All rights reserved. You are hereby granted a non-exclusive, worldwide, royalty-free license to use,* copy, modify, and distribute this software in source code or binary form for use* in connection wit
2024-09-27 23:47:12 UTC	16384	IN	Data Raw: 3d 6e 75 6c 6c 26 26 61 21 3d 6e 75 6c 6c 26 26 64 21 3d 6e 75 6c 6c 3f 7b 64 6f 6d 61 69 6e 5f 75 72 69 3a 62 2c 65 76 65 6e 74 5f 74 79 70 65 3a 63 2c 65 78 74 72 61 63 74 6f 72 5f 74 79 70 65 3a 64 2c 69 64 3a 61 7d 3a 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 67 28 61 29 7b 69 66 28 61 3d 3d 6e 75 6c 6c 7c 7c 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 69 28 61 29 29 21 3d 3d 22 6f 62 6a 65 63 74 22 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 61 3d 61 2e 65 78 74 72 61 63 74 6f 72 5f 63 6f 6e 66 69 67 3b 69 66 28 61 3d 3d 6e 75 6c 6c 7c 7c 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 69 28 61 29 29 21 3d 3d 22 6f 62 6a 65 63 74 22 Data Ascii: =null&&a!=null&&d!=null?{domain_uri:b,event_type:c,extractor_type:d,id:a}:null}function g(a){if(a==null\|\|(typeof a==="undefined"?"undefined":i(a))!=="object")return null;a=a.extractor_config;if(a==null\|\|(typeof a==="undefined"?"undefined":i(a))!=="object"
2024-09-27 23:47:12 UTC	16384	IN	Data Raw: 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 6b 2e 65 78 70 6f 72 74 73 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 61 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 54 79 70 65 64 22 29 2c 62 3d 61 2e 54 79 70 65 64 3b 61 2e 63 6f 65 72 63 65 3b 61 2e 65 6e 66 6f 72 63 65 3b 61 3d 62 2e 61 72 72 61 79 4f 66 28 62 2e 6f 62 6a 65 63 74 57 69 74 68 46 69 65 6c 64 73 28 7b 61 6c 6c 6f 63 61 74 69 6f 6e 3a 62 2e 6e 75 6d 62 65 72 28 29 2c 63 6f 64 65 3a 62 2e 73 74 72 69 6e 67 28 29 2c 6e 61 6d 65 3a 62 2e 73 74 72 69 6e 67 28 29 2c 70 61 73 73 52 61 74 65 3a 62 2e 6e 75 6d 62 65 72 28 29 7d 29 29 3b 6b 2e 65 78 70 6f 72 74 73 3d 61 7d 29 28 29 3b 72 Data Ascii: ={exports:{}};k.exports;(function(){"use strict";var a=f.getFbeventsModules("SignalsFBEventsTyped"),b=a.Typed;a.coerce;a.enforce;a=b.arrayOf(b.objectWithFields({allocation:b.number(),code:b.string(),name:b.string(),passRate:b.number()}));k.exports=a})();r
2024-09-27 23:47:12 UTC	16384	IN	Data Raw: 3d 3d 22 6f 62 6a 65 63 74 22 26 26 28 6a 3d 66 29 3b 66 3d 67 21 3d 6e 75 6c 6c 26 26 74 79 70 65 6f 66 20 67 3d 3d 3d 22 73 74 72 69 6e 67 22 3f 67 3a 6e 75 6c 6c 3b 67 3d 7b 7d 3b 68 21 3d 6e 75 6c 6c 26 26 28 74 79 70 65 6f 66 20 68 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 69 28 68 29 29 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 28 67 3d 68 29 3b 72 65 74 75 72 6e 20 61 21 3d 6e 75 6c 6c 26 26 63 21 3d 6e 75 6c 6c 3f 5b 61 2c 63 2c 6a 2c 66 2c 67 5d 3a 6e 75 6c 6c 7d 63 3d 6e 65 77 20 61 28 67 29 3b 6c 2e 65 78 70 6f 72 74 73 3d 63 7d 29 28 29 3b 72 65 74 75 72 6e 20 6c 2e 65 78 70 6f 72 74 73 7d 28 61 2c 62 2c 63 2c 64 29 7d 29 3b 0a 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c 65 52 65 67 69 73 74 65 72 65 64 28 22 73 Data Ascii: =="object"&&(j=f);f=g!=null&&typeof g==="string"?g:null;g={};h!=null&&(typeof h==="undefined"?"undefined":i(h))==="object"&&(g=h);return a!=null&&c!=null?[a,c,j,f,g]:null}c=new a(g);l.exports=c})();return l.exports}(a,b,c,d)});f.ensureModuleRegistered("s
2024-09-27 23:47:12 UTC	1700	IN	Data Raw: 63 74 69 6f 6e 20 70 28 61 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 65 2c 61 29 3f 65 5b 61 5d 3a 61 7d 66 75 6e 63 74 69 6f 6e 20 71 28 61 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 68 2c 61 29 3f 68 5b 61 5d 3a 61 7d 66 75 6e 63 74 69 6f 6e 20 72 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 29 72 65 74 75 72 6e 20 61 3b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 20 69 73 4e 61 4e 28 61 29 3f 76 6f 69 64 20 30 3a 61 3b 74 72 79 7b 72 65 74 75 72 6e 20 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 Data Ascii: ction p(a){return Object.prototype.hasOwnProperty.call(e,a)?e[a]:a}function q(a){return Object.prototype.hasOwnProperty.call(h,a)?h[a]:a}function r(a){if(typeof a==="string")return a;if(typeof a==="number")return isNaN(a)?void 0:a;try{return JSON.stringif
2024-09-27 23:47:12 UTC	14684	IN	Data Raw: 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 63 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 6d 61 70 21 3d 6e 75 6c 6c 26 26 61 20 69 6e 20 63 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 6d 61 70 3f 63 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 6d 61 70 5b 61 5d 3a 6e 75 6c 6c 7d 29 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 21 3d 6e 75 6c 6c 7d 29 3b 66 2e 6c 65 6e 67 74 68 3e 30 26 26 28 74 68 69 73 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 68 61 73 68 21 3d 6e 75 6c 6c 26 26 61 2e 61 70 70 65 6e 64 28 22 68 6d 65 22 2c 74 68 69 73 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 68 61 73 68 29 2c 61 2e 61 70 70 65 6e 64 28 22 65 78 5f 6d 22 2c 66 2e 6a 6f 69 6e 28 22 2c 22 29 29 29 7d 7d 5d 29 3b 72 65 Data Ascii: ion(a){return c.moduleEncodings.map!=null&&a in c.moduleEncodings.map?c.moduleEncodings.map[a]:null}),function(a){return a!=null});f.length>0&&(this.moduleEncodings.hash!=null&&a.append("hme",this.moduleEncodings.hash),a.append("ex_m",f.join(",")))}}]);re
2024-09-27 23:47:12 UTC	16384	IN	Data Raw: 73 46 42 45 76 65 6e 74 73 53 65 6e 64 58 48 52 22 29 3b 62 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 45 76 65 6e 74 73 22 29 3b 76 61 72 20 6c 3d 62 2e 66 69 72 65 64 3b 66 75 6e 63 74 69 6f 6e 20 6d 28 61 2c 62 29 7b 76 61 72 20 63 3d 21 30 2c 64 3d 21 31 2c 65 3d 76 6f 69 64 20 30 3b 74 72 79 7b 66 6f 72 28 76 61 72 20 66 3d 62 5b 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3a 22 40 40 69 74 65 72 61 74 6f 72 22 5d 28 29 2c 62 3b 21 28 63 3d 28 62 3d 66 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 29 3b 63 3d 21 30 29 7b 62 3d 62 2e 76 61 6c 75 65 3b 6c 2e 74 72 69 67 67 65 72 28 61 2c 62 29 7d 7d 63 61 74 Data Ascii: sFBEventsSendXHR");b=f.getFbeventsModules("SignalsFBEventsEvents");var l=b.fired;function m(a,b){var c=!0,d=!1,e=void 0;try{for(var f=b[typeof Symbol==="function"?Symbol.iterator:"@@iterator"](),b;!(c=(b=f.next()).done);c=!0){b=b.value;l.trigger(a,b)}}cat
2024-09-27 23:47:12 UTC	16384	IN	Data Raw: 28 7b 7d 2c 65 2c 62 28 64 5b 65 5d 29 29 29 7d 2c 7b 7d 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 79 28 61 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 3d 3d 6e 75 6c 6c 3f 6e 75 6c 6c 3a 61 28 62 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 7a 28 62 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 64 3d 42 28 65 2c 49 2e 6f 62 6a 65 63 74 28 29 29 3b 65 3d 63 28 4f 62 6a 65 63 74 2e 6b 65 79 73 28 62 29 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 65 29 7b 69 66 28 63 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 61 72 20 66 3d 62 5b 65 5d 2c 67 3d 64 5b 65 5d 3b 66 3d 66 28 67 29 3b 72 65 74 75 72 6e 20 61 28 7b 7d 2c 63 2c 6c 28 7b 7d 2c 65 2c 66 29 29 7d 2c 7b 7d 29 3b 72 65 74 75 72 6e 20 65 Data Ascii: ({},e,b(d[e])))},{})}}function y(a){return function(b){return b==null?null:a(b)}}function z(b){return function(e){var d=B(e,I.object());e=c(Object.keys(b),function(c,e){if(c==null)return null;var f=b[e],g=d[e];f=f(g);return a({},c,l({},e,f))},{});return e

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.7	49725	104.26.9.22	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	426	OUT	GET /v2/image1/Y29tLm5lcHR1bmUuZG9taW5vX2ljb25fMTU1OTA0NjkyOV8wODc/icon.png?w=170&fakeurl=1 HTTP/1.1 Host: image.winudf.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:12 UTC	805	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:12 GMT Content-Type: image/png Content-Length: 51462 Connection: close Cf-Bgj: imgq:100,h2pri Cf-Polished: origSize=63628 Vary: Accept etag: 337c5a6c strict-transport-security: max-age=15724800; includeSubDomains x-cache: MISS Cache-Control: max-age=31536000 CF-Cache-Status: HIT Age: 45794 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPq5VIi0DCskan7AMWTo9K7iCtR9g4SX1Pr0Kogt5uhEpmDEfD7cMqSQwmzRuGDTFI6mub9cWFdMaiWzs9XVYQN0HGBi6%2FwDV8kUnvcNULRoWYS%2BHJTnETHyq5lBKFBEf%2Fo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Access-Control-Allow-Origin: * Timing-Allow-Origin: * Server: cloudflare CF-RAY: 8c9f60a36ef68c05-EWR
2024-09-27 23:47:12 UTC	564	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 aa 00 00 00 aa 08 06 00 00 00 3d 76 d4 82 00 00 c8 cd 49 44 41 54 78 da e4 bd 07 98 25 57 79 e7 fd 3b e7 54 d5 4d 9d 27 f4 e4 a0 30 1a 8d d2 28 23 82 04 12 60 93 04 88 68 1b a3 35 fe d6 ac bd ac d7 61 9d f7 5b 7b bd c6 1f f6 fa 59 6c 7f 4e 18 e3 75 22 d8 44 63 32 48 20 84 82 25 01 12 ca 48 a3 91 26 77 4f 77 4f a7 1b 2a 9c f3 7e d5 a7 ea 52 33 d3 ad 19 3d c2 e6 33 cf d6 e8 d5 a9 ae aa 7b fb f6 ad 5f fd cf 9b ea 5e 95 5c fa 57 73 40 04 08 df e3 45 56 d8 20 9c fe 38 59 be f2 74 c7 54 eb d5 86 53 1f eb 80 40 81 52 90 3a dc 42 82 38 87 d9 3c 44 f4 c6 73 a8 bf 7d 37 2a d2 20 14 c7 70 d2 83 95 26 db f7 6d e2 bf f9 3d d4 91 83 a8 6e 07 8c 41 9a 2d d4 ee ab a8 bf e5 e7 50 41 04 22 cb 1f ef 2c 28 bd 7c 3b 80 Data Ascii: PNGIHDR=vIDATx%Wy;TM'0(#`h5a[{YlNu"Dc2H %H&wOwO~R3=3{_^\Ws@EV 8YtTS@R:B8<Ds}7 p&m=nA-PA",(\|;
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 80 ea 78 e5 ed 7b 00 e8 a9 20 15 80 ef 85 8a 1a 0d 80 6b a7 c8 42 82 1e a9 11 5c b7 99 e8 0d e7 10 be 68 3b d5 f4 0e 64 0e 55 6f c1 85 e7 23 87 a6 90 87 0e 20 df 7c 1c 86 9b a8 8d 6b 60 e3 5a d4 c0 10 15 1d 1a b4 2a 00 ac 90 42 05 21 cb 97 0a bc f6 6f fc 1c d9 5d 0f a3 ea ab a0 de c0 01 4c 4f c3 fe 90 85 77 fe 0a 43 9b 36 11 5e 74 19 7d b0 8f 5f c2 28 20 4b 2d 82 ab 4e a8 fa 57 82 54 ca 6d ea bb 81 b4 52 52 75 d2 f3 a8 65 be 9d 52 c1 ff 51 2a aa 55 a1 a0 89 c3 cd f4 3c 80 fa ac 11 a2 b7 5f 48 f4 9a 1d e8 6d 85 fa b9 a9 29 b2 89 a3 05 6f c3 83 98 f1 0d 50 8f 3c 94 b9 15 ea 38 33 8f ec 9f c4 3d 3e 09 0f ec 43 0d d6 61 c3 2a d4 a6 1c da e1 61 d0 06 50 a5 d2 9e ca b1 2a 15 58 29 af 9a f1 cc 7e 98 9f 07 57 81 c0 cc 34 d1 35 57 e7 ea be 63 65 02 1d 28 db 45 39 Data Ascii: x{ kB\h;dUo# \|k`ZB!o]LOwC6^t}_( K-NWTmRRueRQU<_Hm)oP<83=>CaaPX)~W45Wce(E9
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 86 88 83 dc bc ff f9 1d 05 4d 11 e7 70 52 55 72 58 82 d8 09 ae 5e 47 5a 0d bf e3 d9 9e 47 0f be 2b 01 55 8a ce 94 e3 e8 37 1c 33 df b4 b4 9f 12 e2 49 c1 25 82 58 05 7d f7 39 c4 83 da da aa 18 dd 6d 18 bb 4c 33 b4 a1 98 ed 92 94 62 d1 cf 08 d2 6a 71 20 7c 17 a0 0a c0 f7 52 45 1d 65 ee d3 e2 66 12 f4 ae 55 44 af 3b 87 f0 55 67 a2 d7 b6 40 a0 7f f2 b3 7b ee 64 f1 a7 fe 03 6e cf 04 ca 1a b4 09 50 51 1d 7b d6 06 d2 4f 7f 84 fa 3b 7e 8e e0 da 97 82 ad 94 b5 0f 9a 1e 1a 22 38 7b 0d 1c 99 f7 99 02 14 85 9a f5 f6 83 4d 50 5b 7e 90 e5 8b a2 0f 6e 78 f9 6e e4 c9 87 21 5d 02 49 01 14 b0 4d 4c a2 2f b9 00 bd 76 9c ea 31 54 a3 15 c4 16 29 26 e7 62 1f 04 81 20 ce 7a 40 8f f7 41 9d 95 42 3d 4b 40 9d 0f ae 1c e4 80 aa 56 93 f6 3d df c0 76 f7 33 fa c6 33 71 e9 69 3d d4 e5 Data Ascii: MpRUrX^GZG+U73I%X}9mL3bjq \|REefUD;Ug@{dnPQ{O;~"8{MP[~nxn!]IML/v1T)&b z@AB=K@V=v33qi=
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 5a 7d 59 d6 60 e5 88 c0 82 a4 58 0f 67 0f f1 80 4a 09 68 86 4b e3 42 3d b3 9e 57 ca d2 07 2d 22 77 38 11 d0 81 16 f1 be 83 cc fd c5 07 59 b8 f9 4e 6c 77 09 d0 01 5c a3 41 96 a4 a4 62 49 32 47 0f e1 40 6f 9e c1 24 a9 02 a3 00 da 73 c2 a7 ff a0 c3 e1 6f 39 6a a1 a2 3e 08 17 bc 32 62 fb e5 01 63 5b 35 87 9e b4 0c 0c 84 ac de 6c 88 7b 82 cd 20 8c 40 80 30 54 ac dd 12 f0 92 1f 19 e0 e2 17 37 f8 c0 1f cd 71 e4 60 46 6b 40 17 45 15 ad e8 43 ad fb b0 02 5a 43 68 20 4e f1 be 3a 4b 60 5b 85 5e 05 5f fd fb 14 dd 80 2b 5f 15 d0 8e 8b 63 85 d3 b3 17 7c af 54 14 a3 0a a5 8c 6d 91 ff ac 19 f4 a5 e3 04 af dd 41 78 dd 56 d4 68 7d c5 52 4a 04 34 9d 78 f5 49 bb f3 a4 9d 39 52 51 98 68 09 da dc 02 85 52 09 8a 12 5a 8e 57 da d3 75 da 4a 09 b6 a3 fd cb 3f 49 76 e7 23 48 34 0a Data Ascii: Z}Y`XgJhKB=W-"w8YNlw\AbI2G@o$so9j>2bc[5l{ @0T7q`Fk@ECZCh N:K`[^_+_c\|TmAxVh}RJ4xI9RQhRZWuJ?Iv#H4
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 13 06 86 15 77 dd 91 72 e1 f3 02 7c 8a d9 82 00 4a c0 01 f4 c1 2d 2d f8 2e 55 b4 f2 3d 3b 59 d1 8b 59 0b d0 97 8c 13 de b0 a3 52 4f 29 d4 b3 3f cd 12 54 af 02 07 66 64 15 e1 ae 2d d8 af 3f 88 69 0d 80 18 94 04 a0 73 b3 47 71 d9 3c e1 79 e7 01 55 ef 66 f5 f8 f2 2a ae 0d d1 a8 0f 21 59 42 da 9d cd 6d 81 b8 23 e8 a8 8e 89 8a 00 4c 69 87 f2 6e 41 8a a2 80 16 2a a5 25 93 aa c4 59 26 0f ab 32 a9 20 d2 2b e0 74 29 e2 01 b5 85 5f 5a 74 32 15 53 fb 12 a0 99 07 b4 5f 49 aa 54 d4 b9 ca 07 1d 1d 20 9d 9c 62 ee 63 9f 65 e1 0b 5f 23 9b 5d 40 96 00 1d 1a f4 3e 68 e6 6c 6e ce 07 4a f3 76 09 d0 1e b6 d7 62 b8 bb 8d 11 bb da 67 40 08 14 01 11 81 8e 08 75 03 31 11 91 6a d0 87 2c 15 21 45 c8 42 61 df d1 cc c3 10 46 86 af dd d1 e5 8b b7 ce 33 32 66 98 8f 33 8c 51 28 a7 48 54 Data Ascii: wr\|J--.U=;YYRO)?Tfd-?isGq<yUf!YBm#LinA%Y&2 +t)_Zt2S_IT bce_#]@>hlnJvbg@u1j,!EBaF32f3Q(HT
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 76 6e 9e f9 8f 7c 8a f9 7f fa 32 e9 e4 b4 07 54 96 b6 2f c1 69 53 32 6b 73 13 7a 59 ca 9c ed 32 9f 0a 61 6f 2d eb e3 cd 34 68 82 f7 98 0c 81 f6 0a ea c7 12 52 0f 6c 0e 68 6e 26 37 8d f6 34 87 b8 45 8b 02 d2 9e 70 f9 05 75 b6 6e 33 3c f2 64 4c 54 53 64 99 e3 03 37 cd 52 1b 35 b8 86 29 04 a5 a1 71 35 8d e4 eb b6 a6 08 f2 91 8a d4 02 d4 35 01 6a 77 93 6f d4 35 4f 2e 58 b6 0d 1a ef 2e 04 4a f1 e2 17 0c 70 c7 b1 39 1a c0 c4 be d8 57 a1 5c a0 89 72 cb 81 5e e6 a1 75 14 f4 22 85 89 20 00 5f fb 7f 62 c6 72 2d e1 72 06 9f 36 ea af 6e ed f0 60 c8 64 1b b7 6d 00 fd d6 1d 44 af 59 52 cf 1c 1a 80 54 60 d1 42 d3 90 4e 4f 32 9d 37 1b 2f 7c f9 76 64 62 86 50 85 84 9b 36 13 5d 7c 26 83 2f bf 8e c6 f3 5e 00 c9 29 ba e3 a5 00 dd f5 ba cc bf e7 af 58 fc f4 17 70 07 26 08 32 Data Ascii: vn\|2T/iS2kszY2ao-4hRlhn&74Epun3<dLTSd7R5)q55jwo5O.X.Jp9W\r^u" _br-r6n`dmDYRT`BNO27/\|vdbP6]\|&/^)Xp&2
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 31 ba 85 74 f1 18 ed a9 bd 74 26 f7 fa ac 01 2a c0 8c 8e 21 36 a3 f3 a9 2f b2 f8 a9 25 40 8f 20 ad a6 57 50 0f 68 5c 28 68 66 0b 15 ed da 1e 73 59 4c 2f 6d 51 4b ce 62 d4 ae 21 50 06 0c 7d 40 cb 69 be 9c e2 55 31 c5 1b ef 87 06 1e 4a 8d 9f e6 fd 3a 68 c0 03 5a 05 15 81 26 3b d6 23 de 33 4b 6d eb 30 4a ac f7 25 9b 75 c5 ef bf 63 3d 3f f2 3f f6 33 1b 5b 9a 2d 8d d3 1e b2 fe 7b ed 41 d4 85 7b 7f fc e2 b7 c7 69 e1 ea e0 a0 93 39 be b0 3f f1 a0 f6 97 8b 47 03 b6 37 35 7b 3b 96 86 51 a4 be 09 05 02 b5 1c d4 0e 42 aa a4 50 4e 27 98 48 d1 e9 09 ff ed 8b 6d fe f7 eb 87 58 3d a8 7d fd 5f 2d 8b fa 8f 4f dc 1f eb e1 de b2 13 d9 3e 8c eb 74 21 2a ee fd 51 e2 30 38 fc 6f 97 e2 aa a6 eb 68 5e fa 3c d6 fe f2 7f 25 fb f4 fb 09 e7 16 d0 a9 ab 6e 76 ab 07 b8 f3 af a7 f9 a3 Data Ascii: 1tt&!6/%@ WPh\(hfsYL/mQKb!P}@iU1J:hZ&;#3Km0J%uc=??3[-{A{i9?G75{;QBPN'HmX=}_-O>t!Q08oh^<%nv
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: ca 43 6a 0a 05 f5 11 bd 26 b7 2a 58 02 c0 8f 2b 42 5a 72 88 aa 19 e2 83 8b 2c e6 aa 3a fa b2 ed be 31 46 07 7d 5f 56 d8 b9 29 62 78 40 93 4a 19 b4 20 fe 22 70 50 06 58 aa 52 c1 e3 41 35 0a eb 8f 87 66 a4 b8 65 22 e1 91 1c ca 9d 39 a0 a9 2b 32 02 af de 1c 71 d7 54 4a 2b 00 2d 2b 66 10 3d a8 38 a1 7f e7 cf b0 d1 9c 37 1a 00 f0 a6 0b ea fc f4 dd 31 9f 39 6c b9 71 6b c8 d1 54 50 cb da fc 84 e2 84 ec 99 c3 76 63 94 2b 3a cf 95 aa 82 1e eb 5c 6e 60 74 71 b5 8b 12 5c 05 2c 15 65 06 90 a7 af cd 56 04 55 51 7b 2b c0 2d b4 89 ef 7b 94 f8 a9 fd 90 24 84 eb c7 89 b6 6e 21 dc ba 15 2c d5 5d 9c 48 15 00 49 01 a9 78 68 ab 8a 92 d2 41 79 48 86 d8 2e 12 29 54 ad 81 3b 36 43 f2 95 9b 89 97 54 74 ef 11 a4 31 e8 01 6d bd 22 57 d0 f3 cf ea 03 5a bd d8 a6 c1 1e 9d 62 f1 0b 5f Data Ascii: Cj&*X+BZr,:1F}_V)bx@J "pPXRA5fe"9+2qTJ+-+f=8719lqkTPvc+:\n`tq\,eVUQ{+-{$n!,]HIxhAyH.)T;6CTt1m"WZb_
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 8d bb 40 6b fa 79 d2 38 13 46 1a 86 1b 9f 37 c8 6f 7c 61 96 f5 35 45 4f 84 f5 a3 86 5f 7c fe 30 80 2f 7f 6a af c0 b0 aa ae 79 f9 96 1a 1f 7a a2 c7 b0 52 94 f8 79 1f 77 28 50 7c 6d 22 e1 5d df 5a e4 57 2e 1c 20 b1 e2 03 a4 3f b8 6a 90 f7 3d dc e9 23 d5 87 d5 ef 9f ee 38 1c f0 8e 8b 06 f8 a5 cb 9b cc 24 29 35 a3 68 05 8a bf de 93 d0 73 8a ba 08 81 12 2a 0f 15 d4 c2 ee ff dd 01 1a 80 88 51 2a cf a5 22 2f dd 0a 7f 7a 0d 6e 72 1a a7 2d 49 dc f1 aa 2a 2e 43 c4 fb 28 be 10 10 46 75 82 a8 81 d1 51 99 b2 f2 f4 7b 58 8d d6 28 fc ab f4 a3 c6 78 a5 05 43 1f d8 a2 dc 51 63 fa 5d bf 42 ef 1f 3e 8c a9 ad 41 59 41 f7 a1 41 70 4a 23 d2 c5 6d 18 60 fc 3d 1f 25 18 5d 07 69 02 5a 23 c7 03 5a 8f 50 a6 e6 bf 4d a4 f7 99 5b e8 7c 25 07 f4 50 0e 68 6b 94 c6 15 bb 19 ba fe 5a ea Data Ascii: @ky8F7o\|a5EO_\|0/jyzRyw(P\|m"]ZW. ?j=#8$)5hsQ"/znr-I*.C(FuQ{X(xCQc]B>AYAApJ#m`=%]iZ#ZPM[\|%PhkZ
2024-09-27 23:47:12 UTC	1369	IN	Data Raw: 59 c1 a8 00 96 8f c5 6a 95 7b ad 29 45 27 13 3a a9 30 5a d3 8c 37 8d 7f 7e 07 1c ed 0a 07 bb 16 e5 14 6b bc 68 15 4a ec 94 b0 98 0a 33 99 b0 7b 3c e0 0f ae 6e e5 8f d3 2c 26 a0 1c b8 fe 37 f7 cd ee fe cb 0e 25 a8 2e df 92 91 a2 ad e6 21 77 07 93 83 f7 33 42 0d 49 12 a2 9d 67 b1 ea 8d af 60 f8 aa 4b 40 04 3b b7 00 80 09 74 f9 62 29 4d 0a 60 c3 30 b7 1a fd a0 4b 51 2a 2c 14 11 a8 36 a8 52 71 d5 92 51 80 8f 00 68 40 55 57 b4 71 48 14 f9 e7 49 1f db 4b fb 13 5f a2 7d eb dd f4 a6 e6 70 ad 21 9a 39 a0 63 af 7f 09 ad 4b ce 01 c0 75 3c a0 45 34 8d 40 a5 06 15 44 a7 01 e8 24 24 fd 7b a0 ea 35 54 ad c6 4a 8b af e8 15 49 e6 67 ae d8 54 3f 57 44 f8 b3 e7 95 c4 ab 6c 04 00 9d 6f 4f 73 f4 23 8f 30 f5 89 c7 e9 3e 36 e7 81 0e 96 54 36 d4 b8 d4 ad 78 53 9c df 66 94 07 be Data Ascii: Yj{)E':0Z7~khJ3{<n,&7%.!w3BIg`K@;tb)M`0KQ*,6RqQh@UWqHIK_}p!9cKu<E4@D$${5TJIgT?WDloOs#0>6T6xSf

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.7	49726	13.32.121.127	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	358	OUT	GET /tapfiliate.js HTTP/1.1 Host: script.tapfiliate.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:12 UTC	509	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 11592 Connection: close Last-Modified: Wed, 12 Oct 2022 12:34:24 GMT Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 03:55:46 GMT ETag: "ddbb39a9e8e67d5067145f8aa76b938d" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P1 X-Amz-Cf-Id: SAD34MAIw3PpHCabxMoGGsvtXAkyK4GBXYdeM8UZ-4TvidsnI58wpg== Age: 71487 Vary: Origin
2024-09-27 23:47:12 UTC	11592	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 64 3d 77 69 6e 64 6f 77 2c 76 3d 77 69 6e 64 6f 77 2e 54 61 70 66 69 6c 69 61 74 65 4f 62 6a 65 63 74 7c 7c 22 74 61 70 22 2c 72 3d 64 5b 76 5d 26 26 64 5b 76 5d 2e 71 7c 7c 5b 5d 3b 69 66 28 21 64 5b 76 5d 7c 7c 21 64 5b 76 5d 2e 6c 6f 61 64 65 64 29 7b 64 5b 76 5d 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 65 2c 6f 2c 69 2c 72 29 7b 76 61 72 20 61 3d 64 5b 76 5d 5b 74 5d 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 61 29 74 68 72 6f 77 27 46 75 6e 63 74 69 6f 6e 20 22 27 2b 74 2b 27 22 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 27 3b 61 28 6e 2c 65 2c 6f 2c 69 2c 72 29 7d 2c 64 5b 76 5d 2e 71 3d 72 2c 64 5b 76 5d 2e 6c 6f 61 64 65 64 3d 21 30 2c 64 5b 76 5d 2e 62 61 73 65 55 72 6c 3d Data Ascii: !function(){var d=window,v=window.TapfiliateObject\|\|"tap",r=d[v]&&d[v].q\|\|[];if(!d[v]\|\|!d[v].loaded){d[v]=function(t,n,e,o,i,r){var a=d[v][t];if("function"!=typeof a)throw'Function "'+t+'" not supported';a(n,e,o,i,r)},d[v].q=r,d[v].loaded=!0,d[v].baseUrl=

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.7	49728	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	648	OUT	GET /S/content/common/images/grab.29dad06670f873936002ddb910253a4b.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	472	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 61755 Connection: close Date: Fri, 27 Sep 2024 23:47:14 GMT Last-Modified: Tue, 05 May 2020 03:32:54 GMT ETag: "29dad06670f873936002ddb910253a4b" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: aU2kG1H6w7JPMoFSl9xNrTeYDXAK_ALRIyTy43R9V5F3imbBjEAb4A==
2024-09-27 23:47:13 UTC	1557	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 07 d0 00 00 03 20 08 06 00 00 00 7b e5 f9 73 00 00 f1 02 49 44 41 54 78 9c ec dd e1 75 db 48 b2 f6 f1 87 f7 dc ef cb 37 82 e5 44 30 70 04 43 45 d0 74 04 43 45 30 52 04 96 23 90 1c 81 38 11 08 1d 81 38 11 18 8e c0 d8 08 2e 36 02 be 1f 9a 34 25 5b b2 29 09 dd d5 e8 fe ff ce f1 f1 d8 33 8b ae b5 25 10 e8 ea aa 92 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: PNGIHDR {sIDATxuH7D0pCEtCE0R#88.64%[)3%
2024-09-27 23:47:13 UTC	16384	IN	Data Raw: 1f 24 d0 01 e0 54 de 2d 74 4c 6a 2f f7 3f 3f 4c 82 cf f5 7c 42 3c 07 0b 8d 95 94 f7 ee e1 af b6 0f fe b9 d7 21 09 bf 53 af d9 b7 84 3d 49 77 00 00 00 00 00 00 00 00 90 3d 12 e8 00 70 70 ac 18 3f fc fc c7 fe e7 46 21 39 8e a7 2d 9f fc dd d9 77 bf 0e 49 f7 41 c7 8a f6 4e d2 7f bf 25 da 77 1a b4 f2 9d 00 00 00 00 00 00 00 00 00 8c 90 40 07 50 0f ef e6 92 1a ed b4 d0 4c 0b 49 bf 2b 24 c6 97 76 41 55 67 ae e3 9f 77 f8 f9 90 68 9f e9 61 65 fb 76 ff f3 3f 3a 24 dd 49 b0 03 00 00 00 00 00 00 00 80 c8 48 a0 03 28 cf b1 d5 fa 52 d2 bf 1f fc 73 f0 7d 65 34 72 b4 fc ee e7 87 09 f6 7e ff a3 93 f4 5f 85 64 7b 2f e7 fb 44 b1 01 00 00 00 00 00 00 00 80 42 91 40 07 30 5d 87 8a f2 f0 e3 77 7d 9f 28 47 a9 16 7a fc 77 fd 41 d2 21 b9 be 55 a8 58 ff a2 90 60 ef 48 ac 03 00 00 Data Ascii: $T-tLj/??L\|B<!S=Iw=pp?F!9-wIAN%w@PLI+$vAUgwhaev?:$IH(Rs}e4r~_d{/DB@0]w}(GzwA!UX`H
2024-09-27 23:47:13 UTC	1024	IN	Data Raw: d1 0c 0a 63 8f 06 b3 08 48 9e 9f 62 50 38 e4 70 65 1c c7 69 0e cf 16 33 7d 16 c9 73 8c eb f8 fe 34 95 cf a2 50 65 fd 4e e1 b0 12 8e e6 aa 6b a4 72 36 ea 48 a0 97 ff 62 bb 49 b8 d6 9f 09 d7 b2 34 48 fa 68 1d 04 00 00 78 a3 90 7c 6d 8c a3 c8 c9 20 e9 2c fb 53 e8 24 ce f1 bc 85 a4 7b 79 77 3f 89 04 53 70 2d ee 43 cf e9 24 fd 96 fd 9c 60 12 e7 48 6b ad a9 24 d2 9d 1f f6 15 d6 f9 1f ca b3 32 d3 b5 5a d7 58 87 81 51 bc cf a0 d0 86 e4 f9 cf 75 0a 55 9a 5b e3 38 7e 8d 67 0b a4 33 ad 44 3a 07 f4 9e d3 c8 3b 5a dc 27 56 7e 0b f7 50 9d 50 f2 e9 8c 4e ce bf 4b b2 52 5d 33 fb a6 d5 e6 07 00 00 fc 28 6c 3a 7f b5 0e 23 23 83 76 3a 9b 40 a2 ea 4a b4 6a c7 e9 3e 2a 74 8e 1a ac 03 79 52 f9 e3 c4 de 62 a3 dc e7 9d d3 aa 1d 79 b8 51 d8 a3 18 8c e3 f8 b9 b0 67 44 d7 9f a7 a5 Data Ascii: cHbP8pei3}s4PeNkr6HbI4Hhx\|m ,S${yw?Sp-C$`Hk$2ZXQuU[8~g3D:;Z'V~PPNKR]3(l:##v:@Jj>*tyRbyQgD
2024-09-27 23:47:13 UTC	16384	IN	Data Raw: 79 9e 4f 42 f1 20 54 62 d0 ae 1d 63 fb 98 59 62 96 c3 21 8f b5 ca b1 13 c6 b1 32 6c 65 1b 08 30 8a f9 b7 b6 ee 79 6e 76 9f 67 75 d0 29 0f 6c 78 e7 6d 23 e7 6f cc 56 f7 6e ae 99 ee c5 f3 c4 f7 06 ed f4 2e cb 51 30 e1 90 30 87 f2 50 92 95 42 5b f7 0b e3 38 7e 74 4c a2 6f 6c 03 c9 42 23 3a 5d 44 55 6e 02 3d 9c d4 9b 1b 47 11 53 ca f6 ed eb 84 6b 59 fa 64 1d 00 00 00 78 93 0b b1 61 91 5f f2 fc 58 75 4e 25 06 c6 d6 4b ba 31 8e e1 28 cc a1 6b 8c a3 c8 c9 46 ce db ce 8e fd 5e eb 1a ee 47 28 d8 52 b9 6e 76 af fc 86 24 fa 23 73 71 e8 33 57 9d 24 bb ea e6 70 b0 82 e4 f9 8f 3a 49 bf 65 76 68 32 08 cf 7f 9f c5 a1 3c 94 67 2e e9 3a cb 03 7a 61 54 0c 5d 6e 82 8b 6c db ee 17 a0 dc 04 fa ac f8 ca 96 36 c9 2a a1 ad d4 3c c9 5a b6 b6 a6 ad 99 00 00 c0 db 84 17 ba da 4f de Data Ascii: yOB TbcYb!2le0ynvgu)lxm#oVn.Q00PB[8~tLolB#:]DUn=GSkYdxa_XuN%K1(kF^G(Rnv$#sq3W$p:Ievh2<g.:zaT]nl6*<ZO
2024-09-27 23:47:13 UTC	9594	IN	Data Raw: 5a e9 c6 6c e6 64 90 74 26 e7 07 e3 38 a4 50 79 de bc ea 7f 99 6e 6f 1d 00 50 90 72 12 e8 bb 82 67 a5 cd 92 55 4e 97 3e 07 7d 65 1d 00 00 20 6b 8d 75 00 00 00 00 00 80 67 75 72 3e 6d 35 b4 77 2b 49 17 49 d7 cc c3 a0 5d 26 c9 f3 f0 77 b0 7e f5 ff 7e c6 61 79 00 c0 cb 95 93 40 2f b9 02 3d d5 1c f4 5d f1 15 e8 73 4e 1c 02 00 0a 35 58 07 00 00 00 00 00 11 0d 4a 3f f7 7c 21 55 da 36 7c a7 4b ad 7c 67 1d 46 d5 7f 07 00 00 53 e5 24 d0 73 f8 40 8f a7 49 b2 4a f8 33 1c 92 ac 65 65 a6 3f ad 43 00 00 20 82 ce 3a 00 00 00 00 00 88 c8 62 ee f9 9d ea 1c f5 75 a3 95 df 58 07 b1 57 eb df 01 00 c0 58 39 09 f4 60 6b 1d 40 24 8b fd 69 bb 14 da 44 eb 58 59 59 07 00 00 00 00 00 00 00 e0 64 16 73 cf 6f 55 e7 98 af 36 79 9b fc e7 78 77 a5 71 fe 0e 96 23 5c 03 00 50 99 d2 12 e8 Data Ascii: Zldt&8PynoPrgUN>}e kugur>m5w+II]&w~~ay@/=]sN5XJ?\|!U6\|K\|gFS$s@IJ3ee?C :buXWX9`k@$iDXYYdsoU6yxwq#\P
2024-09-27 23:47:13 UTC	379	IN	Data Raw: 31 95 33 12 e8 e9 94 b6 19 cb e9 a2 4b 30 f9 99 c7 b5 b6 3a 15 49 f4 43 cd 44 35 3a f0 3a 6b d9 7e a3 f2 1f 6e 73 68 95 fb 61 b6 be ea f3 41 6d 38 01 20 2b 7b 7f 5d 39 47 91 ce 28 e3 e7 61 88 8d ea be 90 70 a8 a9 48 a2 03 40 ff 6d 75 56 d4 73 98 9d 31 4c bd c3 f8 85 85 4b d1 8d ed 41 6e b3 af 5b 82 91 ee ba 91 81 c0 71 0d 3b 79 de 74 ef 2b e9 d5 5d 7d 5e 73 b7 b7 9f 90 40 4f c5 7e 18 57 ce 51 78 ba 73 3f 5c b0 24 fa 90 2f 32 bc d5 58 56 8d fe 2d 73 55 0b 50 3e fb 99 b8 57 99 33 c9 3c 5c 3b cc 8b bb 50 5d 17 17 06 b5 e1 04 80 ec b6 8a de 21 24 94 fb 20 fb 5a 5c 4c 96 2c c1 f1 9d 67 25 00 e8 ad 4b cd e3 da 3b 88 1f 2c c1 72 e1 1c c5 a1 bc 2a 29 87 bc 07 59 90 44 c7 51 0d 3b 79 2e 51 7d 7e 0c ad 43 37 52 57 24 d0 d3 1a 72 f2 76 2c ef 79 e8 92 b5 d3 df 0e b4 Data Ascii: 13K0:ICD5::k~nshaAm8 +{]9G(apH@muVs1LKAn[q;yt+]}^s@O~WQxs?\$/2XV-sUP>W3<\;P]!$ Z\L,g%K;,r*)YDQ;y.Q}~C7RW$rv,y
2024-09-27 23:47:13 UTC	8459	IN	Data Raw: 1e ba b4 3b 3c 1b f2 65 86 f7 ba 90 55 58 2c 9c e3 00 7c c4 30 51 0c f7 aa f7 d6 e0 7b b4 92 ce 1c d6 fd 2c aa cf 01 00 6f b7 f4 0e 20 a1 bc 07 d9 21 5e c9 e6 c6 c2 f6 24 f7 3c 27 a1 18 31 5c 49 fa ee 3e 4a 0f 28 57 2b 9f e7 d8 d7 f4 71 34 9c cf d9 88 5d 3e 5f b9 ac 5d 86 a9 6c df 31 75 8e 03 7d 65 9d 0c 16 de 61 38 da 28 ef 38 88 9a cf 91 07 77 a9 9a 04 7a 7a b7 1a f6 41 83 ff 3c 74 49 dd 2d d3 a5 73 14 7d 34 ee e6 ee b0 51 c3 b0 ec 0e a1 ea bd 31 f8 5e e7 d9 e7 c5 59 72 e0 22 eb 9a e9 2d bd 03 00 80 41 d8 56 7f 61 29 f7 e1 cc 90 2b c0 7e c6 7c 52 78 8b 61 fc e4 c2 ef d4 31 1a a0 64 a5 cd 3d bf 52 3f cf 1a 7c aa d0 cd b9 ea ee 2c f4 2b 53 3a e0 e0 cd f6 fb 84 85 77 28 ce 2e b3 7d 06 d4 5d 7d de 38 8c f3 74 47 02 3d 35 fb e1 1c 7a f5 f3 5d 11 ed c4 42 3c Data Ascii: ;<eUX,\|0Q{,o !^$<'1\I>J(W+q4]>_]l1u}ea8(8wzzA<tI-s}4Q1^Yr"-AVa)+~\|Rxa1d=R?\|,+S:w(.}]}8tG=5z]B<
2024-09-27 23:47:14 UTC	7974	IN	Data Raw: 11 62 ba f3 d0 7a f6 c3 92 74 dd 8d aa 40 9f d5 f4 b3 9b 9e cd 8f ae a9 38 83 4b 7d b5 68 25 2d b5 d5 df bd ff fe b4 f7 a4 2f e2 59 e8 25 6b d9 59 4b eb 1c 07 44 02 1d ef c1 81 4f 4a ad a4 bf 78 40 d1 ee fb 6c 2e e9 77 71 1b 0d d6 7e 6a 25 e9 eb 60 93 a2 b6 c1 bc 11 15 6b bf 66 0f bc 4b ef 30 06 a9 9e 03 43 12 e8 87 21 81 0e bc 17 87 d9 87 a8 eb 10 7b 7f 61 f8 0f f1 7c 53 83 61 24 cd 1f aa e9 7d 8b 04 fa a1 48 a0 d7 62 15 16 5d 17 3b fc 5a 2b fb de bf 75 8e e3 f8 ec 7d fc 0f 51 b8 d4 27 2b 49 7f 57 73 16 5a d7 67 64 0a ad a4 93 c1 15 8b 15 8c 04 3a de c7 92 9b 5f c4 cd b5 54 36 da ea 9a 04 50 c7 da ba cc b4 4f a6 4f fd 82 41 26 1b 49 8d b6 fa aa 91 9a 41 6f 1c ec fb ff b3 a4 0b df 40 7a 63 a9 10 cf bd 83 18 ac 7a 1e 86 48 a0 1f 86 04 3a f0 11 1c 66 1f ea Data Ascii: bzt@8K}h%-/Y%kYKDOJx@l.wq~j%`kfK0C!{a\|Sa$}Hb];Z+u}Q'+IWsZgd:_T6POOA&IAo@zczH:f

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.7	49727	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	561	OUT	GET /S/content/common/js/jquery.mask.min.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	539	IN	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 7448 Connection: close Last-Modified: Thu, 20 Dec 2018 08:04:35 GMT Content-Disposition: attachment x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:14 GMT ETag: "35d9db48e3112f35d81e70b98457aa42" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: vUppsveq2nuVYnGdm7ABYPLsQlRnsjyr_oD8-nJyUwRy2_XFtaGnYA==
2024-09-27 23:47:13 UTC	7448	IN	Data Raw: 2f 2f 20 6a 51 75 65 72 79 20 4d 61 73 6b 20 50 6c 75 67 69 6e 20 76 31 2e 31 34 2e 31 30 0a 2f 2f 20 67 69 74 68 75 62 2e 63 6f 6d 2f 69 67 6f 72 65 73 63 6f 62 61 72 2f 6a 51 75 65 72 79 2d 4d 61 73 6b 2d 50 6c 75 67 69 6e 0a 76 61 72 20 24 6a 73 63 6f 6d 70 3d 7b 73 63 6f 70 65 3a 7b 7d 2c 66 69 6e 64 49 6e 74 65 72 6e 61 6c 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 66 2c 63 29 7b 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 74 72 69 6e 67 26 26 28 61 3d 53 74 72 69 6e 67 28 61 29 29 3b 66 6f 72 28 76 61 72 20 6c 3d 61 2e 6c 65 6e 67 74 68 2c 67 3d 30 3b 67 3c 6c 3b 67 2b 2b 29 7b 76 61 72 20 62 3d 61 5b 67 5d 3b 69 66 28 66 2e 63 61 6c 6c 28 63 2c 62 2c 67 2c 61 29 29 72 65 74 75 72 6e 7b 69 3a 67 2c 76 3a 62 7d 7d 72 65 74 75 72 6e 7b 69 3a 2d 31 2c 76 3a 76 Data Ascii: // jQuery Mask Plugin v1.14.10// github.com/igorescobar/jQuery-Mask-Pluginvar $jscomp={scope:{},findInternal:function(a,f,c){a instanceof String&&(a=String(a));for(var l=a.length,g=0;g<l;g++){var b=a[g];if(f.call(c,b,g,a))return{i:g,v:b}}return{i:-1,v:v

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.7	49732	172.217.23.100	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	621	OUT	GET /recaptcha/api.js HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Fri, 27 Sep 2024 23:47:12 GMT Date: Fri, 27 Sep 2024 23:47:12 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:13 UTC	641	IN	Data Raw: 35 39 61 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 Data Ascii: 59a/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.g
2024-09-27 23:47:13 UTC	800	IN	Data Raw: 41 41 43 51 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 64 76 62 32 64 73 5a 53 35 6a 62 32 30 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 6f 6e 4c 61 62 65 6c 29 7b 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 6f 6e 4c 61 62 65 6c 2e Data Ascii: AACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.
2024-09-27 23:47:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.7	49730	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	566	OUT	GET /S2/content/mobile/js/freefire.4a7a9740bc.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	578	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 520 Connection: close Last-Modified: Fri, 20 Sep 2024 07:35:11 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: wrfV2OCm6zCFC.D6sQiqjGri_u2hUTPK Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:14 GMT ETag: "4a7a9740bcf8062898a69cb939b84746" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: jbuAI3leeMNiSqOTc0_Fjmn1h2g8m4o5bMlrpn_sDuryM2vnXVj1Dw==
2024-09-27 23:47:13 UTC	520	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 43 4f 44 41 3d 43 4f 44 41 7c 7c 7b 7d 3b 43 4f 44 41 2e 46 52 45 45 46 49 52 45 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 72 29 7b 72 65 74 75 72 6e 7b 70 6c 61 79 65 72 49 64 3a 6e 75 6c 6c 7d 7d 28 30 2c 6a 51 75 65 72 79 29 2c 24 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 29 7b 24 28 22 69 6e 70 75 74 5b 6e 61 6d 65 3d 27 66 72 65 65 66 69 72 65 2e 75 73 65 72 49 64 27 5d 22 29 2e 6d 61 73 6b 28 22 30 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 22 29 3b 76 61 72 20 65 3d 24 2e 63 6f 6f 6b 69 65 28 22 66 72 65 65 66 69 72 65 5f 70 6c 61 79 65 72 69 64 22 29 3b 6e 75 6c 6c 21 3d 65 26 26 28 43 4f 44 41 2e 46 52 45 45 46 49 52 45 2e 70 6c 61 79 65 Data Ascii: "use strict";var CODA=CODA\|\|{};CODA.FREEFIRE=function(e,r){return{playerId:null}}(0,jQuery),$(document).ready(function(){$("input[name='freefire.userId']").mask("0999999999999999999999999");var e=$.cookie("freefire_playerid");null!=e&&(CODA.FREEFIRE.playe

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.7	49729	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	576	OUT	GET /S2/content/common/js/third_party_common.0859f0e010.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	578	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 278 Connection: close Last-Modified: Tue, 24 Sep 2024 02:57:05 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: TTIN3.R6kVEEuvtuDHbKNkboFgLAG3wk Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:14 GMT ETag: "0859f0e01014515a05f1738b1ad2975d" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: 78Gg_z-UUtQBOmXkNwXz3Qp_S9Q0kkFfubCG1zYKn03LQ-UJ3OEs6w==
2024-09-27 23:47:13 UTC	278	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 67 65 6e 56 4e 56 6f 75 63 68 65 72 52 65 6d 69 6e 64 65 72 4d 73 67 28 65 2c 6e 2c 72 29 7b 76 61 72 20 74 3d 22 22 3b 69 66 28 31 3d 3d 72 2e 69 73 54 68 69 72 64 50 61 72 74 79 4d 65 72 63 68 61 6e 74 26 26 22 31 50 61 79 22 3d 3d 72 2e 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 29 7b 24 28 22 2e 63 6f 6e 66 69 72 6d 2d 63 6f 6e 74 65 6e 74 22 29 2e 63 73 73 28 22 68 65 69 67 68 74 22 2c 22 33 35 30 70 78 22 29 3b 74 3d 65 2b 22 20 22 2b 72 2e 63 68 61 6e 6e 65 6c 50 72 69 63 65 2b 22 2e 3c 62 72 2f 3e 22 2c 74 2b 3d 22 3c 62 72 2f 3e 22 2b 6e 2b 22 3c 62 72 2f 3e 3c 62 72 2f 3e 22 7d 65 6c 73 65 20 24 28 22 2e 63 6f 6e 66 69 72 6d 2d 63 6f 6e 74 65 6e 74 22 29 2e 63 73 73 28 22 68 65 69 Data Ascii: "use strict";function genVNVoucherReminderMsg(e,n,r){var t="";if(1==r.isThirdPartyMerchant&&"1Pay"==r.paymentChannel){$(".confirm-content").css("height","350px");t=e+" "+r.channelPrice+".<br/>",t+="<br/>"+n+"<br/><br/>"}else $(".confirm-content").css("hei

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.7	49731	52.222.206.175	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:12 UTC	639	OUT	GET /S/content/mobile/images/google_play_coda.png HTTP/1.1 Host: d1qgcmfii0ptfa.cloudfront.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	491	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2631 Connection: close Last-Modified: Mon, 17 Jul 2017 08:47:31 GMT Content-Disposition: attachment Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:13 GMT ETag: "e7ebc6c74ec20ea3614970e178217c10" X-Cache: Hit from cloudfront Via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P3 X-Amz-Cf-Id: dCrYItvh2GX6vmQWr_qkhLLuEbH28xvQTJgqrlj1SBooqCGE2-vWzA== Age: 19386
2024-09-27 23:47:13 UTC	2631	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 8a 00 00 00 29 08 03 00 00 00 dd d1 41 16 00 00 02 fd 50 4c 54 45 00 00 00 07 07 07 00 00 00 70 70 70 42 42 42 1c 1c 1c 4c 4c 4c 63 63 63 88 88 88 58 58 58 6f 6f 6f 83 83 83 6a 6a 6a 67 67 67 7b 7b 7b 96 96 96 89 89 89 97 97 97 94 94 94 90 90 90 94 94 94 96 96 96 92 92 92 7b 7b 7b 90 90 90 92 92 92 90 90 90 71 71 71 73 73 73 77 77 77 78 78 78 63 63 63 7c 7c 7c 71 71 71 32 32 32 00 00 00 14 14 14 03 03 03 17 17 17 08 08 08 f7 f7 f7 01 01 00 0e 0d 0e 00 0b 0c fb fb fb 11 11 11 aa aa aa 00 f0 75 02 02 02 05 05 05 d8 d8 d8 e4 e4 e4 f1 f1 f1 0a 0a 0a 2b 2b 2b bf bf bf 1c 1c 1c 32 32 32 36 36 36 f4 f4 f4 0c 0c 0c cc cc cc 19 19 19 8a 8a 8a 00 cc ff 1e 1e 1e 22 22 22 bc bc bc d1 d1 d1 e5 e5 e5 2a 2a 2a 92 Data Ascii: PNGIHDR)APLTEpppBBBLLLcccXXXooojjjggg{{{{{{qqqssswwwxxxccc\|\|\|qqq222u+++222666"""***

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.7	49738	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	578	OUT	GET /S/content/common/css/jquery-ui-1.12.1.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:14 UTC	533	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 35973 Connection: close Last-Modified: Thu, 20 Dec 2018 07:52:04 GMT Content-Disposition: attachment x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:14 GMT ETag: "c4a88ec0cb998929a670c0c58d7dc526" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: mjd63n7FYfqrz0ArCdG6Kz_dJxnJ8VcZGVj9PmU61YJ-P5-xQiEiVA==
2024-09-27 23:47:14 UTC	16384	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 55 49 20 2d 20 76 31 2e 31 32 2e 31 20 2d 20 32 30 31 36 2d 30 39 2d 31 34 0a 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 75 69 2e 63 6f 6d 0a 2a 20 49 6e 63 6c 75 64 65 73 3a 20 63 6f 72 65 2e 63 73 73 2c 20 61 63 63 6f 72 64 69 6f 6e 2e 63 73 73 2c 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 2e 63 73 73 2c 20 6d 65 6e 75 2e 63 73 73 2c 20 62 75 74 74 6f 6e 2e 63 73 73 2c 20 63 6f 6e 74 72 6f 6c 67 72 6f 75 70 2e 63 73 73 2c 20 63 68 65 63 6b 62 6f 78 72 61 64 69 6f 2e 63 73 73 2c 20 64 61 74 65 70 69 63 6b 65 72 2e 63 73 73 2c 20 64 69 61 6c 6f 67 2e 63 73 73 2c 20 64 72 61 67 67 61 62 6c 65 2e 63 73 73 2c 20 72 65 73 69 7a 61 62 6c 65 2e 63 73 73 2c 20 70 72 6f 67 72 65 73 73 62 61 72 2e 63 73 73 2c 20 73 65 6c 65 63 74 61 Data Ascii: /! jQuery UI - v1.12.1 - 2016-09-14 http://jqueryui.com* Includes: core.css, accordion.css, autocomplete.css, menu.css, button.css, controlgroup.css, checkboxradio.css, datepicker.css, dialog.css, draggable.css, resizable.css, progressbar.css, selecta
2024-09-27 23:47:14 UTC	16384	IN	Data Raw: 3a 20 30 3b 0a 09 6c 65 66 74 3a 20 30 3b 0a 09 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 7d 0a 2e 75 69 2d 73 65 6c 65 63 74 6d 65 6e 75 2d 6d 65 6e 75 20 2e 75 69 2d 6d 65 6e 75 20 7b 0a 09 6f 76 65 72 66 6c 6f 77 3a 20 61 75 74 6f 3b 0a 09 6f 76 65 72 66 6c 6f 77 2d 78 3a 20 68 69 64 64 65 6e 3b 0a 09 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 3b 0a 7d 0a 2e 75 69 2d 73 65 6c 65 63 74 6d 65 6e 75 2d 6d 65 6e 75 20 2e 75 69 2d 6d 65 6e 75 20 2e 75 69 2d 73 65 6c 65 63 74 6d 65 6e 75 2d 6f 70 74 67 72 6f 75 70 20 7b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 35 3b 0a 09 70 61 64 64 69 6e 67 3a 20 32 70 78 20 30 2e 34 65 Data Ascii: : 0;left: 0;display: none;}.ui-selectmenu-menu .ui-menu {overflow: auto;overflow-x: hidden;padding-bottom: 1px;}.ui-selectmenu-menu .ui-menu .ui-selectmenu-optgroup {font-size: 1em;font-weight: bold;line-height: 1.5;padding: 2px 0.4e
2024-09-27 23:47:14 UTC	3205	IN	Data Raw: 70 78 3b 20 7d 0a 2e 75 69 2d 69 63 6f 6e 2d 73 65 65 6b 2d 73 74 61 72 74 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 2d 38 30 70 78 20 2d 31 36 30 70 78 3b 20 7d 0a 2f 2a 20 75 69 2d 69 63 6f 6e 2d 73 65 65 6b 2d 66 69 72 73 74 20 69 73 20 64 65 70 72 65 63 61 74 65 64 2c 20 75 73 65 20 75 69 2d 69 63 6f 6e 2d 73 65 65 6b 2d 73 74 61 72 74 20 69 6e 73 74 65 61 64 20 2a 2f 0a 2e 75 69 2d 69 63 6f 6e 2d 73 65 65 6b 2d 66 69 72 73 74 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 2d 38 30 70 78 20 2d 31 36 30 70 78 3b 20 7d 0a 2e 75 69 2d 69 63 6f 6e 2d 73 74 6f 70 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 2d 39 36 70 78 20 2d 31 36 30 70 78 3b 20 7d 0a 2e 75 69 2d 69 63 6f Data Ascii: px; }.ui-icon-seek-start { background-position: -80px -160px; }/* ui-icon-seek-first is deprecated, use ui-icon-seek-start instead */.ui-icon-seek-first { background-position: -80px -160px; }.ui-icon-stop { background-position: -96px -160px; }.ui-ico

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.7	49739	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	371	OUT	GET /S/content/common/js/xss.min.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	515	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 28924 Connection: close Last-Modified: Tue, 12 Nov 2019 04:16:51 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:12 GMT ETag: "4947ff982fb69173f95da79b538f254d" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: EVBdpOC7VKbQpXxKEnwqij-ujvFQ5kgHmhtEHwSmuFISQ2-CfqYQZA== Age: 2
2024-09-27 23:47:13 UTC	15869	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 20 65 28 74 2c 6e 2c 72 29 7b 66 75 6e 63 74 69 6f 6e 20 73 28 6f 2c 75 29 7b 69 66 28 21 6e 5b 6f 5d 29 7b 69 66 28 21 74 5b 6f 5d 29 7b 76 61 72 20 61 3d 74 79 70 65 6f 66 20 72 65 71 75 69 72 65 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 72 65 71 75 69 72 65 3b 69 66 28 21 75 26 26 61 29 72 65 74 75 72 6e 20 61 28 6f 2c 21 30 29 3b 69 66 28 69 29 72 65 74 75 72 6e 20 69 28 6f 2c 21 30 29 3b 76 61 72 20 66 3d 6e 65 77 20 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 6d 6f 64 75 6c 65 20 27 22 2b 6f 2b 22 27 22 29 3b 74 68 72 6f 77 20 66 2e 63 6f 64 65 3d 22 4d 4f 44 55 4c 45 5f 4e 4f 54 5f 46 4f 55 4e 44 22 2c 66 7d 76 61 72 20 6c 3d 6e 5b 6f 5d 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 74 5b 6f 5d 5b 30 5d 2e 63 61 Data Ascii: (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].ca
2024-09-27 23:47:13 UTC	13055	IN	Data Raw: 65 4c 69 73 74 5b 22 61 6c 69 67 6e 2d 73 65 6c 66 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 61 6c 69 67 6e 6d 65 6e 74 2d 61 64 6a 75 73 74 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 61 6c 69 67 6e 6d 65 6e 74 2d 62 61 73 65 6c 69 6e 65 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 61 6c 6c 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 61 6e 63 68 6f 72 2d 70 6f 69 6e 74 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 61 6e 69 6d 61 74 69 6f 6e 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 22 5d 3d 66 61 6c 73 65 3b 77 68 69 74 65 4c 69 73 74 5b 22 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 22 5d 3d 66 61 6c Data Ascii: eList["align-self"]=false;whiteList["alignment-adjust"]=false;whiteList["alignment-baseline"]=false;whiteList["all"]=false;whiteList["anchor-point"]=false;whiteList["animation"]=false;whiteList["animation-delay"]=false;whiteList["animation-direction"]=fal

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.7	49740	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	382	OUT	GET /S/content/mobile/images/codashop-logo.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	638	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2191 Connection: close Last-Modified: Tue, 21 May 2019 00:56:00 GMT x-amz-meta-sha256: 5fdf464d02d5be0bcfd2f1ad32c75aeed1f03232c2033f399df2ce78a289d8f7 x-amz-meta-s3b-last-modified: 20190509T041738Z x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:12 GMT ETag: "ef72958375f5891863e9e027d910fe6f" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: _NmxSVxwWCHHfiLamL0tLaY1MhpBJccm-uK4fWBebb0i1u7EsER-_g== Age: 53011
2024-09-27 23:47:13 UTC	2191	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 9d 00 00 00 1c 08 06 00 00 00 7b ca bd ab 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 08 31 49 44 41 54 78 da ec 5c 5f 68 5b 55 18 3f 37 ad da ad 9d bb 65 6e a8 43 96 fa a2 82 ba db b7 89 83 dd 80 3e ec 41 96 3c 08 ea cb 92 07 9f 14 db 20 88 03 b1 0d 28 88 30 d3 ca 7c 94 24 2f 22 28 34 9b 0f 7b 50 c8 2d 4c 9c 2f 36 45 d1 0d 64 89 88 8a c3 3f 99 d6 d1 f5 4f ae df 97 7e 37 3b 3d 3b e7 dc 73 d3 74 0e b9 1f 1c 72 9b 9c ef fc fd 9d df f7 e7 9e cd 62 06 b2 fc fe bd 49 7f cd 72 fd 95 c4 11 7f 75 20 09 9f 6c a3 0c e0 67 d3 5f 4d 2c 42 a9 8e 9e fa ba c9 62 89 25 44 2c dd 8f 2b 1f ee 75 fd b5 c4 04 00 2b 0d a0 62 9d b2 01 34 1e 74 fc b3 Data Ascii: PNGIHDR{tEXtSoftwareAdobe ImageReadyqe<1IDATx\_h[U?7enC>A< (0\|$/"(4{P-L/6Ed?O~7;=;strbIru lg_M,Bb%D,+u+b4t

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.7	49741	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	588	OUT	GET /S2/content/common/css/shared-topnav2.5566e671b1.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:14 UTC	493	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 6861 Connection: close Date: Fri, 27 Sep 2024 23:47:14 GMT Last-Modified: Thu, 26 Nov 2020 09:41:30 GMT ETag: "5566e671b1a56ed10ee4665797bca5ba" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: K9EfViMwBDZZR68ZJ7hg0-n52iZmPAwWovyGJPoNCj6Y7ukjMsoyug==
2024-09-27 23:47:14 UTC	6861	IN	Data Raw: 2e 6c 6f 67 6f 2d 69 6d 61 67 65 2c 2e 73 65 61 72 63 68 2d 69 63 6f 6e 2d 2d 70 72 6f 64 75 63 74 70 61 67 65 2c 2e 73 65 61 72 63 68 2d 69 63 6f 6e 2d 63 6f 6e 74 61 69 6e 65 72 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 74 6f 70 2d 6e 61 76 62 61 72 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 32 70 78 20 31 70 78 20 30 20 72 67 62 61 28 32 2c 32 2c 32 2c 2e 32 35 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 74 6f 70 2d 6e 61 76 62 61 72 2e 74 6f 70 2d 6e 61 76 2d 2d 70 72 6f 64 75 63 74 70 61 67 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 74 6f 70 2d 6e 61 76 2d 63 6f 6e 74 61 69 6e 65 72 7b 77 69 64 74 68 3a 31 30 30 25 3b 70 6f 73 69 74 69 Data Ascii: .logo-image,.search-icon--productpage,.search-icon-container{cursor:pointer}body{margin:0!important}.top-navbar{box-shadow:0 2px 1px 0 rgba(2,2,2,.25);background-color:#fff}.top-navbar.top-nav--productpage{display:none}.top-nav-container{width:100%;positi

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.7	49742	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	388	OUT	GET /S2/content/common/js/shop-topnav2.7e1fed6bdf.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	580	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 7249 Connection: close Last-Modified: Fri, 20 Sep 2024 07:35:11 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: F0bOVc4XuNNSbDFmx4.hPDiCNX580MBz Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:13 GMT ETag: "7e1fed6bdfc0657c0dedc6e6c19553fa" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: advf7PLblDj3QHT4J5L0BbZ6mcB56FcASlXRrCTs-nA178SZTfHi4w== Age: 1
2024-09-27 23:47:13 UTC	7249	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 67 65 74 43 75 72 72 65 6e 74 43 6f 75 6e 74 72 79 32 4e 61 6d 65 28 65 29 7b 72 65 74 75 72 6e 20 63 75 72 72 65 6e 74 43 6f 75 6e 74 72 79 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 72 65 64 69 72 65 63 74 54 6f 41 6c 6c 53 65 61 72 63 68 52 65 73 75 6c 74 28 65 2c 74 29 7b 76 61 72 20 72 2c 6e 3d 63 68 65 63 6b 43 75 72 72 65 6e 74 55 72 6c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69 67 69 6e 2c 22 63 6f 64 61 73 68 6f 70 2e 63 6f 6d 22 29 2c 61 3d 63 68 65 63 6b 43 75 72 72 65 6e 74 55 72 6c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69 67 69 6e 2c 22 63 6f 64 61 73 68 6f 70 2d 74 65 73 74 2d 6e 65 77 22 29 3b 24 28 22 62 Data Ascii: "use strict";function getCurrentCountry2Name(e){return currentCountry=e.toLowerCase()}function redirectToAllSearchResult(e,t){var r,n=checkCurrentUrl(window.location.origin,"codashop.com"),a=checkCurrentUrl(window.location.origin,"codashop-test-new");$("b

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.7	49745	157.240.253.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	361	OUT	GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	1451	IN	HTTP/1.1 200 OK Vary: Accept-Encoding Content-Type: application/x-javascript; charset=utf-8 timing-allow-origin: * reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-security-policy: default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; document-policy: force-load-at-top
2024-09-27 23:47:13 UTC	1702	IN	Data Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewpor
2024-09-27 23:47:13 UTC	1	IN	Data Raw: 2f Data Ascii: /
2024-09-27 23:47:13 UTC	14681	IN	Data Raw: 2a 2a 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 37 2d 70 72 65 73 65 6e 74 2c 20 46 61 63 65 62 6f 6f 6b 2c 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 2a 0a 2a 20 59 6f 75 20 61 72 65 20 68 65 72 65 62 79 20 67 72 61 6e 74 65 64 20 61 20 6e 6f 6e 2d 65 78 63 6c 75 73 69 76 65 2c 20 77 6f 72 6c 64 77 69 64 65 2c 20 72 6f 79 61 6c 74 79 2d 66 72 65 65 20 6c 69 63 65 6e 73 65 20 74 6f 20 75 73 65 2c 0a 2a 20 63 6f 70 79 2c 20 6d 6f 64 69 66 79 2c 20 61 6e 64 20 64 69 73 74 72 69 62 75 74 65 20 74 68 69 73 20 73 6f 66 74 77 61 72 65 20 69 6e 20 73 6f 75 72 63 65 20 63 6f 64 65 20 6f 72 20 62 69 6e 61 72 79 20 66 6f 72 6d 20 66 6f 72 20 75 73 65 0a 2a 20 69 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 77 69 74 Data Ascii: * Copyright (c) 2017-present, Facebook, Inc. All rights reserved. You are hereby granted a non-exclusive, worldwide, royalty-free license to use,* copy, modify, and distribute this software in source code or binary form for use* in connection wit
2024-09-27 23:47:13 UTC	16384	IN	Data Raw: 63 21 3d 6e 75 6c 6c 26 26 61 21 3d 6e 75 6c 6c 26 26 64 21 3d 6e 75 6c 6c 3f 7b 64 6f 6d 61 69 6e 5f 75 72 69 3a 62 2c 65 76 65 6e 74 5f 74 79 70 65 3a 63 2c 65 78 74 72 61 63 74 6f 72 5f 74 79 70 65 3a 64 2c 69 64 3a 61 7d 3a 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 67 28 61 29 7b 69 66 28 61 3d 3d 6e 75 6c 6c 7c 7c 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 69 28 61 29 29 21 3d 3d 22 6f 62 6a 65 63 74 22 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 61 3d 61 2e 65 78 74 72 61 63 74 6f 72 5f 63 6f 6e 66 69 67 3b 69 66 28 61 3d 3d 6e 75 6c 6c 7c 7c 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 69 28 61 29 29 21 3d 3d 22 6f 62 6a 65 63 Data Ascii: c!=null&&a!=null&&d!=null?{domain_uri:b,event_type:c,extractor_type:d,id:a}:null}function g(a){if(a==null\|\|(typeof a==="undefined"?"undefined":i(a))!=="object")return null;a=a.extractor_config;if(a==null\|\|(typeof a==="undefined"?"undefined":i(a))!=="objec
2024-09-27 23:47:13 UTC	16384	IN	Data Raw: 20 6b 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 6b 2e 65 78 70 6f 72 74 73 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 61 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 54 79 70 65 64 22 29 2c 62 3d 61 2e 54 79 70 65 64 3b 61 2e 63 6f 65 72 63 65 3b 61 2e 65 6e 66 6f 72 63 65 3b 61 3d 62 2e 61 72 72 61 79 4f 66 28 62 2e 6f 62 6a 65 63 74 57 69 74 68 46 69 65 6c 64 73 28 7b 61 6c 6c 6f 63 61 74 69 6f 6e 3a 62 2e 6e 75 6d 62 65 72 28 29 2c 63 6f 64 65 3a 62 2e 73 74 72 69 6e 67 28 29 2c 6e 61 6d 65 3a 62 2e 73 74 72 69 6e 67 28 29 2c 70 61 73 73 52 61 74 65 3a 62 2e 6e 75 6d 62 65 72 28 29 7d 29 29 3b 6b 2e 65 78 70 6f 72 74 73 3d 61 7d 29 28 29 Data Ascii: k={exports:{}};k.exports;(function(){"use strict";var a=f.getFbeventsModules("SignalsFBEventsTyped"),b=a.Typed;a.coerce;a.enforce;a=b.arrayOf(b.objectWithFields({allocation:b.number(),code:b.string(),name:b.string(),passRate:b.number()}));k.exports=a})()
2024-09-27 23:47:13 UTC	16384	IN	Data Raw: 29 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 28 6a 3d 66 29 3b 66 3d 67 21 3d 6e 75 6c 6c 26 26 74 79 70 65 6f 66 20 67 3d 3d 3d 22 73 74 72 69 6e 67 22 3f 67 3a 6e 75 6c 6c 3b 67 3d 7b 7d 3b 68 21 3d 6e 75 6c 6c 26 26 28 74 79 70 65 6f 66 20 68 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 69 28 68 29 29 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 28 67 3d 68 29 3b 72 65 74 75 72 6e 20 61 21 3d 6e 75 6c 6c 26 26 63 21 3d 6e 75 6c 6c 3f 5b 61 2c 63 2c 6a 2c 66 2c 67 5d 3a 6e 75 6c 6c 7d 63 3d 6e 65 77 20 61 28 67 29 3b 6c 2e 65 78 70 6f 72 74 73 3d 63 7d 29 28 29 3b 72 65 74 75 72 6e 20 6c 2e 65 78 70 6f 72 74 73 7d 28 61 2c 62 2c 63 2c 64 29 7d 29 3b 0a 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c 65 52 65 67 69 73 74 65 72 65 64 28 Data Ascii: )==="object"&&(j=f);f=g!=null&&typeof g==="string"?g:null;g={};h!=null&&(typeof h==="undefined"?"undefined":i(h))==="object"&&(g=h);return a!=null&&c!=null?[a,c,j,f,g]:null}c=new a(g);l.exports=c})();return l.exports}(a,b,c,d)});f.ensureModuleRegistered(
2024-09-27 23:47:13 UTC	1702	IN	Data Raw: 75 6e 63 74 69 6f 6e 20 70 28 61 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 65 2c 61 29 3f 65 5b 61 5d 3a 61 7d 66 75 6e 63 74 69 6f 6e 20 71 28 61 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 68 2c 61 29 3f 68 5b 61 5d 3a 61 7d 66 75 6e 63 74 69 6f 6e 20 72 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 29 72 65 74 75 72 6e 20 61 3b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 20 69 73 4e 61 4e 28 61 29 3f 76 6f 69 64 20 30 3a 61 3b 74 72 79 7b 72 65 74 75 72 6e 20 4a 53 4f 4e 2e 73 74 72 69 6e 67 Data Ascii: unction p(a){return Object.prototype.hasOwnProperty.call(e,a)?e[a]:a}function q(a){return Object.prototype.hasOwnProperty.call(h,a)?h[a]:a}function r(a){if(typeof a==="string")return a;if(typeof a==="number")return isNaN(a)?void 0:a;try{return JSON.string
2024-09-27 23:47:14 UTC	14682	IN	Data Raw: 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 63 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 6d 61 70 21 3d 6e 75 6c 6c 26 26 61 20 69 6e 20 63 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 6d 61 70 3f 63 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 6d 61 70 5b 61 5d 3a 6e 75 6c 6c 7d 29 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 21 3d 6e 75 6c 6c 7d 29 3b 66 2e 6c 65 6e 67 74 68 3e 30 26 26 28 74 68 69 73 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 68 61 73 68 21 3d 6e 75 6c 6c 26 26 61 2e 61 70 70 65 6e 64 28 22 68 6d 65 22 2c 74 68 69 73 2e 6d 6f 64 75 6c 65 45 6e 63 6f 64 69 6e 67 73 2e 68 61 73 68 29 2c 61 2e 61 70 70 65 6e 64 28 22 65 78 5f 6d 22 2c 66 2e 6a 6f 69 6e 28 22 2c 22 29 29 29 7d 7d 5d 29 3b 72 65 Data Ascii: ion(a){return c.moduleEncodings.map!=null&&a in c.moduleEncodings.map?c.moduleEncodings.map[a]:null}),function(a){return a!=null});f.length>0&&(this.moduleEncodings.hash!=null&&a.append("hme",this.moduleEncodings.hash),a.append("ex_m",f.join(",")))}}]);re
2024-09-27 23:47:14 UTC	16384	IN	Data Raw: 61 6c 73 46 42 45 76 65 6e 74 73 53 65 6e 64 58 48 52 22 29 3b 62 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 45 76 65 6e 74 73 22 29 3b 76 61 72 20 6c 3d 62 2e 66 69 72 65 64 3b 66 75 6e 63 74 69 6f 6e 20 6d 28 61 2c 62 29 7b 76 61 72 20 63 3d 21 30 2c 64 3d 21 31 2c 65 3d 76 6f 69 64 20 30 3b 74 72 79 7b 66 6f 72 28 76 61 72 20 66 3d 62 5b 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3a 22 40 40 69 74 65 72 61 74 6f 72 22 5d 28 29 2c 62 3b 21 28 63 3d 28 62 3d 66 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 29 3b 63 3d 21 30 29 7b 62 3d 62 2e 76 61 6c 75 65 3b 6c 2e 74 72 69 67 67 65 72 28 61 2c 62 29 7d 7d 63 Data Ascii: alsFBEventsSendXHR");b=f.getFbeventsModules("SignalsFBEventsEvents");var l=b.fired;function m(a,b){var c=!0,d=!1,e=void 0;try{for(var f=b[typeof Symbol==="function"?Symbol.iterator:"@@iterator"](),b;!(c=(b=f.next()).done);c=!0){b=b.value;l.trigger(a,b)}}c
2024-09-27 23:47:14 UTC	16384	IN	Data Raw: 2c 6c 28 7b 7d 2c 65 2c 62 28 64 5b 65 5d 29 29 29 7d 2c 7b 7d 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 79 28 61 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 3d 3d 6e 75 6c 6c 3f 6e 75 6c 6c 3a 61 28 62 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 7a 28 62 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 64 3d 42 28 65 2c 49 2e 6f 62 6a 65 63 74 28 29 29 3b 65 3d 63 28 4f 62 6a 65 63 74 2e 6b 65 79 73 28 62 29 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 65 29 7b 69 66 28 63 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 61 72 20 66 3d 62 5b 65 5d 2c 67 3d 64 5b 65 5d 3b 66 3d 66 28 67 29 3b 72 65 74 75 72 6e 20 61 28 7b 7d 2c 63 2c 6c 28 7b 7d 2c 65 2c 66 29 29 7d 2c 7b 7d 29 3b 72 65 74 75 72 6e Data Ascii: ,l({},e,b(d[e])))},{})}}function y(a){return function(b){return b==null?null:a(b)}}function z(b){return function(e){var d=B(e,I.object());e=c(Object.keys(b),function(c,e){if(c==null)return null;var f=b[e],g=d[e];f=f(g);return a({},c,l({},e,f))},{});return

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.7	49744	157.240.251.9	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	1372	OUT	GET /signals/config/916139058437464?v=2.9.169&r=stable&domain=www.card.xn--6qq986b3xl&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1 Host: connect.facebook.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:13 UTC	1439	IN	HTTP/1.1 200 OK Vary: Accept-Encoding Content-Type: application/x-javascript; charset=utf-8 timing-allow-origin: * reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-security-policy-report-only: default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
2024-09-27 23:47:13 UTC	1959	IN	Data Raw: 63 6f 6e 74 65 6e 74 2d 73 65 63 75 72 69 74 79 2d 70 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 73 65 6c 66 27 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 2a 3b 73 63 72 69 70 74 2d 73 72 63 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 20 2a 2e 66 62 63 64 6e 2e 6e 65 74 20 2a 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 20 31 32 37 2e 30 2e 30 2e 31 3a 2a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 62 6c 6f 62 3a 20 64 61 74 61 3a 20 27 73 65 6c 66 27 20 68 74 74 70 73 3a 2f 2f 2a 2e 67 6f 6f 67 6c 65 2d 61 6e 61 6c 79 74 69 63 73 2e 63 6f 6d 20 2a 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 3b 73 74 79 6c 65 2d 73 72 63 20 64 61 74 61 3a 20 62 6c 6f 62 3a 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 2a 3b 63 6f 6e 6e 65 63 74 2d 73 72 63 20 2a Data Ascii: content-security-policy: default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src
2024-09-27 23:47:13 UTC	400	IN	Data Raw: 53 74 72 69 63 74 2d 54 72 61 6e 73 70 6f 72 74 2d 53 65 63 75 72 69 74 79 3a 20 6d 61 78 2d 61 67 65 3d 33 31 35 33 36 30 30 30 3b 20 70 72 65 6c 6f 61 64 3b 20 69 6e 63 6c 75 64 65 53 75 62 44 6f 6d 61 69 6e 73 0d 0a 58 2d 46 42 2d 44 65 62 75 67 3a 20 6c 54 49 6f 38 51 51 53 5a 53 76 4b 34 67 71 54 32 72 53 5a 6f 78 56 39 6e 30 42 2b 2b 4a 68 76 73 52 41 62 44 38 36 4c 5a 77 79 31 75 2b 62 4f 31 62 4a 69 53 7a 2f 4c 66 61 64 53 36 63 6a 31 44 6d 4e 43 71 4d 62 61 35 37 36 7a 2b 4c 7a 70 6d 2b 70 53 77 41 3d 3d 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 37 20 53 65 70 20 32 30 32 34 20 32 33 3a 34 37 3a 31 33 20 47 4d 54 0d 0a 58 2d 46 42 2d 43 6f 6e 6e 65 63 74 69 6f 6e 2d 51 75 61 6c 69 74 79 3a 20 47 4f 4f 44 3b 20 71 3d 30 2e 37 2c 20 72 74 74 3d 39 Data Ascii: Strict-Transport-Security: max-age=31536000; preload; includeSubDomainsX-FB-Debug: lTIo8QQSZSvK4gqT2rSZoxV9n0B++JhvsRAbD86LZwy1u+bO1bJiSz/LfadS6cj1DmNCqMba576z+Lzpm+pSwA==Date: Fri, 27 Sep 2024 23:47:13 GMTX-FB-Connection-Quality: GOOD; q=0.7, rtt=9
2024-09-27 23:47:13 UTC	1100	IN	Data Raw: 2f 2a 2a 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 37 2d 70 72 65 73 65 6e 74 2c 20 46 61 63 65 62 6f 6f 6b 2c 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 2a 0a 2a 20 59 6f 75 20 61 72 65 20 68 65 72 65 62 79 20 67 72 61 6e 74 65 64 20 61 20 6e 6f 6e 2d 65 78 63 6c 75 73 69 76 65 2c 20 77 6f 72 6c 64 77 69 64 65 2c 20 72 6f 79 61 6c 74 79 2d 66 72 65 65 20 6c 69 63 65 6e 73 65 20 74 6f 20 75 73 65 2c 0a 2a 20 63 6f 70 79 2c 20 6d 6f 64 69 66 79 2c 20 61 6e 64 20 64 69 73 74 72 69 62 75 74 65 20 74 68 69 73 20 73 6f 66 74 77 61 72 65 20 69 6e 20 73 6f 75 72 63 65 20 63 6f 64 65 20 6f 72 20 62 69 6e 61 72 79 20 66 6f 72 6d 20 66 6f 72 20 75 73 65 0a 2a 20 69 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 77 69 Data Ascii: /* Copyright (c) 2017-present, Facebook, Inc. All rights reserved. You are hereby granted a non-exclusive, worldwide, royalty-free license to use,* copy, modify, and distribute this software in source code or binary form for use* in connection wi
2024-09-27 23:47:13 UTC	1500	IN	Data Raw: 7d 7d 3b 65 2e 65 78 70 6f 72 74 73 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 66 3d 61 2e 66 62 71 3b 66 2e 65 78 65 63 53 74 61 72 74 3d 61 2e 70 65 72 66 6f 72 6d 61 6e 63 65 26 26 61 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 26 26 61 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 3b 69 66 28 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 62 3d 61 2e 70 6f 73 74 4d 65 73 73 61 67 65 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 69 66 28 21 66 29 7b 62 28 7b 61 63 74 69 6f 6e 3a 22 46 42 5f 4c 4f 47 22 2c 6c 6f 67 54 79 70 65 3a 22 46 61 63 65 62 6f 6f 6b 20 50 69 78 65 6c 20 45 72 72 6f 72 22 2c 6c 6f 67 4d 65 73 73 61 67 65 3a 22 50 69 78 65 6c 20 63 6f 64 65 20 69 73 20 6e 6f 74 20 69 6e 73 74 61 6c 6c 65 64 20 63 6f 72 72 65 63 Data Ascii: }};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correc
2024-09-27 23:47:13 UTC	1500	IN	Data Raw: 29 7b 69 66 28 21 61 29 74 68 72 6f 77 20 6e 65 77 20 52 65 66 65 72 65 6e 63 65 45 72 72 6f 72 28 22 74 68 69 73 20 68 61 73 6e 27 74 20 62 65 65 6e 20 69 6e 69 74 69 61 6c 69 73 65 64 20 2d 20 73 75 70 65 72 28 29 20 68 61 73 6e 27 74 20 62 65 65 6e 20 63 61 6c 6c 65 64 22 29 3b 72 65 74 75 72 6e 20 62 26 26 28 74 79 70 65 6f 66 20 62 3d 3d 3d 22 6f 62 6a 65 63 74 22 7c 7c 74 79 70 65 6f 66 20 62 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 3f 62 3a 61 7d 66 75 6e 63 74 69 6f 6e 20 69 28 61 2c 62 29 7b 69 66 28 74 79 70 65 6f 66 20 62 21 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 62 21 3d 3d 6e 75 6c 6c 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 53 75 70 65 72 20 65 78 70 72 65 73 73 69 6f 6e 20 6d 75 73 74 20 65 69 74 68 65 72 20 62 Data Ascii: ){if(!a)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return b&&(typeof b==="object"\|\|typeof b==="function")?b:a}function i(a,b){if(typeof b!=="function"&&b!==null)throw new TypeError("Super expression must either b
2024-09-27 23:47:13 UTC	1500	IN	Data Raw: 70 61 72 61 6d 43 6f 6e 66 69 67 2e 71 75 65 72 79 2e 6c 6f 63 61 6c 65 43 6f 6d 70 61 72 65 28 62 2e 70 61 72 61 6d 43 6f 6e 66 69 67 2e 71 75 65 72 79 29 7d 29 3b 62 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 61 2e 70 61 72 61 6d 43 6f 6e 66 69 67 2e 70 72 65 66 69 78 2c 65 3d 61 2e 70 61 72 61 6d 43 6f 6e 66 69 67 2e 65 62 70 5f 70 61 74 68 3b 61 3d 61 2e 70 61 72 61 6d 56 61 6c 75 65 21 3d 6e 75 6c 6c 3f 61 2e 70 61 72 61 6d 56 61 6c 75 65 3a 22 22 3b 65 3d 3d 3d 63 3f 64 3d 61 2b 64 3a 62 21 3d 22 22 26 26 61 21 3d 22 22 26 26 28 64 2b 3d 22 5f 22 2b 62 2b 22 5f 22 2b 61 29 7d 29 3b 72 65 74 75 72 6e 20 64 3d 3d 3d 22 22 3f 6e 75 6c 6c 3a 64 7d 66 75 6e 63 74 69 6f 6e 20 69 28 61 2c 63 29 7b 76 61 72 20 65 3d 22 Data Ascii: paramConfig.query.localeCompare(b.paramConfig.query)});b.forEach(function(a){var b=a.paramConfig.prefix,e=a.paramConfig.ebp_path;a=a.paramValue!=null?a.paramValue:"";e===c?d=a+d:b!=""&&a!=""&&(d+="_"+b+"_"+a)});return d===""?null:d}function i(a,c){var e="
2024-09-27 23:47:13 UTC	1500	IN	Data Raw: 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6a 2c 62 2c 63 2c 64 29 7b 76 61 72 20 65 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 65 2e 65 78 70 6f 72 74 73 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 61 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 45 76 65 6e 74 73 22 29 2c 63 3d 61 2e 63 6f 6e 66 69 67 4c 6f 61 64 65 64 3b 61 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 45 76 65 6e 74 73 22 29 3b 76 61 72 20 64 3d 61 2e 67 65 74 43 75 73 74 6f 6d 50 61 72 61 6d 65 74 65 72 73 2c 6b 3d 61 2e 67 65 74 43 6c 69 63 6b 49 44 46 72 6f Data Ascii: ",function(){return function(j,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("SignalsFBEventsEvents"),c=a.configLoaded;a=f.getFbeventsModules("SignalsFBEventsEvents");var d=a.getCustomParameters,k=a.getClickIDFro
2024-09-27 23:47:13 UTC	650	IN	Data Raw: 6c 7d 66 75 6e 63 74 69 6f 6e 20 44 28 29 7b 76 61 72 20 61 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 30 26 26 61 72 67 75 6d 65 6e 74 73 5b 30 5d 21 3d 3d 76 6f 69 64 20 30 3f 61 72 67 75 6d 65 6e 74 73 5b 30 5d 3a 6a 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 2c 63 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 31 26 26 61 72 67 75 6d 65 6e 74 73 5b 31 5d 21 3d 3d 76 6f 69 64 20 30 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 6e 75 6c 6c 2c 64 3d 61 72 67 75 6d 65 6e 74 73 5b 32 5d 2c 65 3d 63 3b 28 65 3d 3d 6e 75 6c 6c 7c 7c 65 2e 74 72 69 6d 28 29 3d 3d 22 22 29 26 26 28 65 3d 6f 28 61 2c 64 29 2c 28 65 3d 3d 6e 75 6c 6c 7c 7c 65 2e 74 72 69 6d 28 29 3d 3d 22 22 29 26 26 28 65 3d 6f 28 62 2e 72 65 66 65 72 72 65 72 2c 64 29 29 29 3b 69 Data Ascii: l}function D(){var a=arguments.length>0&&arguments[0]!==void 0?arguments[0]:j.location.href,c=arguments.length>1&&arguments[1]!==void 0?arguments[1]:null,d=arguments[2],e=c;(e==null\|\|e.trim()=="")&&(e=o(a,d),(e==null\|\|e.trim()=="")&&(e=o(b.referrer,d)));i
2024-09-27 23:47:13 UTC	1500	IN	Data Raw: 5f 5f 7c 7c 4f 62 6a 65 63 74 2e 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 28 62 29 29 2e 63 61 6c 6c 2e 61 70 70 6c 79 28 61 2c 5b 74 68 69 73 5d 2e 63 6f 6e 63 61 74 28 69 29 29 29 2c 63 29 2c 63 2e 64 72 6f 70 4f 72 52 65 66 72 65 73 68 43 6c 69 63 6b 49 44 43 6f 6f 6b 69 65 3d 43 2c 63 2e 64 72 6f 70 4f 72 52 65 66 72 65 73 68 44 6f 6d 61 69 6e 53 63 6f 70 65 64 42 72 6f 77 73 65 72 49 44 43 6f 6f 6b 69 65 3d 45 2c 63 2e 64 72 6f 70 4f 72 52 65 66 72 65 73 68 46 62 63 43 6f 6f 6b 69 65 3d 44 2c 65 29 2c 68 28 63 2c 64 29 7d 72 65 74 75 72 6e 20 62 7d 28 61 29 3b 65 2e 65 78 70 6f 72 74 73 3d 6e 65 77 20 6d 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 65 3d 6e 75 6c 6c 3b 6b 2e 6c 69 73 74 65 6e 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 65 3d Data Ascii: __\|\|Object.getPrototypeOf(b)).call.apply(a,[this].concat(i))),c),c.dropOrRefreshClickIDCookie=C,c.dropOrRefreshDomainScopedBrowserIDCookie=E,c.dropOrRefreshFbcCookie=D,e),h(c,d)}return b}(a);e.exports=new m(function(a,b){var e=null;k.listen(function(a){e=
2024-09-27 23:47:13 UTC	1500	IN	Data Raw: 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 3d 7b 7d 2c 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 5b 61 5d 7c 7c 28 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 5b 61 5d 3d 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 5b 61 5d 28 29 29 3b 72 65 74 75 72 6e 20 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 5b 61 5d 7d 2c 66 2e 66 62 49 73 4d 6f 64 75 6c 65 4c 6f 61 64 65 64 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 21 21 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 5b 61 5d 7d 2c 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c Data Ascii: solvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModul

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.7	49746	142.250.184.196	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	439	OUT	GET /recaptcha/api.js HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:14 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Fri, 27 Sep 2024 23:47:13 GMT Date: Fri, 27 Sep 2024 23:47:13 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:14 UTC	641	IN	Data Raw: 35 39 61 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 Data Ascii: 59a/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.g
2024-09-27 23:47:14 UTC	800	IN	Data Raw: 41 41 43 51 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 64 76 62 32 64 73 5a 53 35 6a 62 32 30 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 6f 6e 4c 61 62 65 6c 29 7b 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 6f 6e 4c 61 62 65 6c 2e Data Ascii: AACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.
2024-09-27 23:47:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.7	49747	52.222.206.228	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:13 UTC	397	OUT	GET /S/content/mobile/images/google_play_coda.png HTTP/1.1 Host: d1qgcmfii0ptfa.cloudfront.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:14 UTC	491	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2631 Connection: close Last-Modified: Mon, 17 Jul 2017 08:47:31 GMT Content-Disposition: attachment Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:13 GMT ETag: "e7ebc6c74ec20ea3614970e178217c10" X-Cache: Hit from cloudfront Via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P3 X-Amz-Cf-Id: w567piHAqbhFKZcClmxSUsHXxxrPKtjO8Ju6-4OfmqIhGYrZKVzuFg== Age: 19387
2024-09-27 23:47:14 UTC	2631	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 8a 00 00 00 29 08 03 00 00 00 dd d1 41 16 00 00 02 fd 50 4c 54 45 00 00 00 07 07 07 00 00 00 70 70 70 42 42 42 1c 1c 1c 4c 4c 4c 63 63 63 88 88 88 58 58 58 6f 6f 6f 83 83 83 6a 6a 6a 67 67 67 7b 7b 7b 96 96 96 89 89 89 97 97 97 94 94 94 90 90 90 94 94 94 96 96 96 92 92 92 7b 7b 7b 90 90 90 92 92 92 90 90 90 71 71 71 73 73 73 77 77 77 78 78 78 63 63 63 7c 7c 7c 71 71 71 32 32 32 00 00 00 14 14 14 03 03 03 17 17 17 08 08 08 f7 f7 f7 01 01 00 0e 0d 0e 00 0b 0c fb fb fb 11 11 11 aa aa aa 00 f0 75 02 02 02 05 05 05 d8 d8 d8 e4 e4 e4 f1 f1 f1 0a 0a 0a 2b 2b 2b bf bf bf 1c 1c 1c 32 32 32 36 36 36 f4 f4 f4 0c 0c 0c cc cc cc 19 19 19 8a 8a 8a 00 cc ff 1e 1e 1e 22 22 22 bc bc bc d1 d1 d1 e5 e5 e5 2a 2a 2a 92 Data Ascii: PNGIHDR)APLTEpppBBBLLLcccXXXooojjjggg{{{{{{qqqssswwwxxxccc\|\|\|qqq222u+++222666"""***

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.7	49750	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	610	OUT	GET /S2/content/mobile/css/productPage/responsive-product-page2.7ec2b81ede.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	500	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 26941 Connection: close Last-Modified: Fri, 04 Sep 2020 02:37:43 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:16 GMT ETag: "7ec2b81ede93e59a3c985e6656b87427" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: WL4d3kKuP1wBpkI9hUsnEbbnIE5x_Tc06iHD_wIY92jvEi_lwzj-Eg==
2024-09-27 23:47:15 UTC	16384	IN	Data Raw: 2e 63 69 72 63 6c 65 2c 2e 69 63 6f 2d 71 75 65 73 74 69 6f 6e 2c 2e 76 6f 75 63 68 65 72 2d 6c 69 73 74 2d 65 6c 65 6d 65 6e 74 3e 61 7b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 73 75 62 70 69 78 65 6c 2d 61 6e 74 69 61 6c 69 61 73 65 64 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 67 72 61 79 73 63 61 6c 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 66 6f 6f 74 65 72 2d 74 65 78 74 2d 64 69 76 69 64 65 72 2c 2e 66 6f 72 6d 2d 66 69 65 6c 64 2d 77 72 61 70 70 65 72 2c 2e 66 6f 72 6d 2d 69 6e 70 75 74 2c 2e 68 6f 77 49 74 57 6f 72 6b 73 2c 2e 69 63 6f 2d 71 75 65 73 74 69 6f 6e 2c 2e 76 6f 75 63 68 65 72 2d 6c 69 73 74 2d 65 6c 65 6d 65 6e 74 3e 61 7b 76 65 72 74 69 63 61 6c Data Ascii: .circle,.ico-question,.voucher-list-element>a{-webkit-font-smoothing:subpixel-antialiased!important;-moz-osx-font-smoothing:grayscale!important}.footer-text-divider,.form-field-wrapper,.form-input,.howItWorks,.ico-question,.voucher-list-element>a{vertical
2024-09-27 23:47:15 UTC	10557	IN	Data Raw: 36 64 36 64 36 64 3b 70 61 64 64 69 6e 67 3a 30 21 69 6d 70 6f 72 74 61 6e 74 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 31 30 25 3b 6c 65 66 74 3a 31 30 70 78 3b 72 69 67 68 74 3a 31 30 70 78 3b 6d 61 78 2d 77 69 64 74 68 3a 33 36 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 7a 2d 69 6e 64 65 78 3a 31 30 30 30 7d 2e 63 6f 6e 66 69 72 6d 2d 75 73 65 72 2d 64 69 61 6c 6f 67 5f 5f 63 6f 6e 74 61 69 6e 65 72 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 30 7d 2e 75 69 2d 77 69 64 67 65 74 2d 6f 76 65 72 6c 61 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 30 30 3b 6f 70 61 63 69 74 79 3a 2e 36 35 7d 23 63 6f 6e 66 69 72 6d 2d 75 Data Ascii: 6d6d6d;padding:0!important;overflow:hidden;margin:auto;position:fixed;top:10%;left:10px;right:10px;max-width:360px;background-color:#fff;z-index:1000}.confirm-user-dialog__container:focus{outline:0}.ui-widget-overlay{background:#000;opacity:.65}#confirm-u

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.7	49749	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	581	OUT	GET /S2/content/mobile/css/infoBar.662b8f1b5f.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	535	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 960 Connection: close Date: Fri, 27 Sep 2024 23:47:16 GMT Last-Modified: Tue, 24 Sep 2024 02:57:05 GMT ETag: "662b8f1b5f919912c1df4b367bff2cc1" x-amz-server-side-encryption: AES256 x-amz-version-id: CSqor1C3rr10daQDiPJt4thwoXinZkmR Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: Y7ZC6LIEWB79xit5rvvxRZdgVbDvndry-FSf2aPKMU5bgwad6cxAYQ==
2024-09-27 23:47:15 UTC	960	IN	Data Raw: 2e 70 72 6f 6d 6f 2d 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 33 38 35 30 37 32 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 61 6c 65 72 74 2d 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 34 45 33 42 32 3b 63 6f 6c 6f 72 3a 23 33 33 33 7d 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 62 61 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 6f 77 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 62 65 74 77 65 65 6e 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 6d 61 78 2d 77 69 64 74 68 3a 31 32 38 30 70 78 7d Data Ascii: .promo-bar{background:#385072;color:#fff}.alert-bar{background:#F4E3B2;color:#333}.notification-bar{text-align:center;padding:15px;display:flex;flex-direction:row;justify-content:space-between;font-size:16px;position:relative;margin:auto;max-width:1280px}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.7	49754	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	394	OUT	GET /S2/content/common/js/third_party_common.0859f0e010.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:14 UTC	579	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 278 Connection: close Last-Modified: Tue, 24 Sep 2024 02:57:05 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: TTIN3.R6kVEEuvtuDHbKNkboFgLAG3wk Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:14 GMT ETag: "0859f0e01014515a05f1738b1ad2975d" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: wyTvNGV_a9pi5S9r37W7amvsDTtzMRhaXRdb8yaB3V4Rh2uDDWeuRw== Age: 1
2024-09-27 23:47:14 UTC	278	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 67 65 6e 56 4e 56 6f 75 63 68 65 72 52 65 6d 69 6e 64 65 72 4d 73 67 28 65 2c 6e 2c 72 29 7b 76 61 72 20 74 3d 22 22 3b 69 66 28 31 3d 3d 72 2e 69 73 54 68 69 72 64 50 61 72 74 79 4d 65 72 63 68 61 6e 74 26 26 22 31 50 61 79 22 3d 3d 72 2e 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 29 7b 24 28 22 2e 63 6f 6e 66 69 72 6d 2d 63 6f 6e 74 65 6e 74 22 29 2e 63 73 73 28 22 68 65 69 67 68 74 22 2c 22 33 35 30 70 78 22 29 3b 74 3d 65 2b 22 20 22 2b 72 2e 63 68 61 6e 6e 65 6c 50 72 69 63 65 2b 22 2e 3c 62 72 2f 3e 22 2c 74 2b 3d 22 3c 62 72 2f 3e 22 2b 6e 2b 22 3c 62 72 2f 3e 3c 62 72 2f 3e 22 7d 65 6c 73 65 20 24 28 22 2e 63 6f 6e 66 69 72 6d 2d 63 6f 6e 74 65 6e 74 22 29 2e 63 73 73 28 22 68 65 69 Data Ascii: "use strict";function genVNVoucherReminderMsg(e,n,r){var t="";if(1==r.isThirdPartyMerchant&&"1Pay"==r.paymentChannel){$(".confirm-content").css("height","350px");t=e+" "+r.channelPrice+".<br/>",t+="<br/>"+n+"<br/><br/>"}else $(".confirm-content").css("hei

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.7	49753	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	384	OUT	GET /S2/content/mobile/js/freefire.4a7a9740bc.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:14 UTC	579	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 520 Connection: close Last-Modified: Fri, 20 Sep 2024 07:35:11 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: wrfV2OCm6zCFC.D6sQiqjGri_u2hUTPK Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:14 GMT ETag: "4a7a9740bcf8062898a69cb939b84746" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: bvG7-mqLyvxi48zRrFQk8XBpXXy0de7qk3vo-dHtnhY64UfyS65kTQ== Age: 1
2024-09-27 23:47:14 UTC	520	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 43 4f 44 41 3d 43 4f 44 41 7c 7c 7b 7d 3b 43 4f 44 41 2e 46 52 45 45 46 49 52 45 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 72 29 7b 72 65 74 75 72 6e 7b 70 6c 61 79 65 72 49 64 3a 6e 75 6c 6c 7d 7d 28 30 2c 6a 51 75 65 72 79 29 2c 24 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 29 7b 24 28 22 69 6e 70 75 74 5b 6e 61 6d 65 3d 27 66 72 65 65 66 69 72 65 2e 75 73 65 72 49 64 27 5d 22 29 2e 6d 61 73 6b 28 22 30 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 39 22 29 3b 76 61 72 20 65 3d 24 2e 63 6f 6f 6b 69 65 28 22 66 72 65 65 66 69 72 65 5f 70 6c 61 79 65 72 69 64 22 29 3b 6e 75 6c 6c 21 3d 65 26 26 28 43 4f 44 41 2e 46 52 45 45 46 49 52 45 2e 70 6c 61 79 65 Data Ascii: "use strict";var CODA=CODA\|\|{};CODA.FREEFIRE=function(e,r){return{playerId:null}}(0,jQuery),$(document).ready(function(){$("input[name='freefire.userId']").mask("0999999999999999999999999");var e=$.cookie("freefire_playerid");null!=e&&(CODA.FREEFIRE.playe

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.7	49752	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	379	OUT	GET /S/content/common/js/jquery.mask.min.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:14 UTC	540	IN	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 7448 Connection: close Last-Modified: Thu, 20 Dec 2018 08:04:35 GMT Content-Disposition: attachment x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:14 GMT ETag: "35d9db48e3112f35d81e70b98457aa42" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: wLK0my23n0YBWEUs6E9bMUi5f61jeOlsM3EOzHGusME6pTPTfLc2YQ== Age: 1
2024-09-27 23:47:14 UTC	7448	IN	Data Raw: 2f 2f 20 6a 51 75 65 72 79 20 4d 61 73 6b 20 50 6c 75 67 69 6e 20 76 31 2e 31 34 2e 31 30 0a 2f 2f 20 67 69 74 68 75 62 2e 63 6f 6d 2f 69 67 6f 72 65 73 63 6f 62 61 72 2f 6a 51 75 65 72 79 2d 4d 61 73 6b 2d 50 6c 75 67 69 6e 0a 76 61 72 20 24 6a 73 63 6f 6d 70 3d 7b 73 63 6f 70 65 3a 7b 7d 2c 66 69 6e 64 49 6e 74 65 72 6e 61 6c 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 66 2c 63 29 7b 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 74 72 69 6e 67 26 26 28 61 3d 53 74 72 69 6e 67 28 61 29 29 3b 66 6f 72 28 76 61 72 20 6c 3d 61 2e 6c 65 6e 67 74 68 2c 67 3d 30 3b 67 3c 6c 3b 67 2b 2b 29 7b 76 61 72 20 62 3d 61 5b 67 5d 3b 69 66 28 66 2e 63 61 6c 6c 28 63 2c 62 2c 67 2c 61 29 29 72 65 74 75 72 6e 7b 69 3a 67 2c 76 3a 62 7d 7d 72 65 74 75 72 6e 7b 69 3a 2d 31 2c 76 3a 76 Data Ascii: // jQuery Mask Plugin v1.14.10// github.com/igorescobar/jQuery-Mask-Pluginvar $jscomp={scope:{},findInternal:function(a,f,c){a instanceof String&&(a=String(a));for(var l=a.length,g=0;g<l;g++){var b=a[g];if(f.call(c,b,g,a))return{i:g,v:b}}return{i:-1,v:v

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.7	49751	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	593	OUT	GET /S2/content/common/css/shared-shop-content.e6202b83de.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	559	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 3237 Connection: close Date: Fri, 27 Sep 2024 23:47:16 GMT Last-Modified: Tue, 24 Sep 2024 02:57:05 GMT ETag: "e6202b83defd6474350841e595260599" x-amz-server-side-encryption: AES256 x-amz-version-id: TOUfd7_1XRAqsw.PZhF98Fxhfl6hiKSR Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: 3azop5leCxjVJ1XElXQCRsI7LaBfRRvSJIFTjfGfcoPKqjQQfV_8sg==
2024-09-27 23:47:15 UTC	3237	IN	Data Raw: 2e 73 68 6f 70 2d 63 6f 6e 74 65 6e 74 2d 2d 70 61 72 61 67 72 61 70 68 7b 6d 61 72 67 69 6e 3a 31 35 70 78 20 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 32 70 78 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 4c 61 74 6f 2d 52 65 67 75 6c 61 72 2c 4e 6f 74 6f 53 61 6e 73 2d 52 65 67 75 6c 61 72 2c 73 61 6e 73 2d 73 65 72 69 66 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 61 72 74 69 63 6c 65 3e 2e 73 68 6f 70 2d 63 6f 6e 74 65 6e 74 2d 2d 70 61 72 61 67 72 61 70 68 3a 6e 74 68 2d 63 68 69 6c 64 28 31 29 7b 6d 61 72 67 69 6e 3a 30 7d 2e 66 6f 72 6d 5f 5f 66 69 65 6c 64 2d 69 6e 73 74 72 75 63 74 69 6f 6e 2d 74 65 78 74 20 2e 73 68 6f 70 2d 63 6f 6e 74 65 6e 74 2d 2d 70 61 72 61 67 72 61 70 68 7b 6d 61 Data Ascii: .shop-content--paragraph{margin:15px 0;line-height:22px;font-family:Lato-Regular,NotoSans-Regular,sans-serif;position:relative;overflow:hidden}article>.shop-content--paragraph:nth-child(1){margin:0}.form__field-instruction-text .shop-content--paragraph{ma

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.7	49755	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	590	OUT	GET /S2/content/common/css/shared-fontfaces.b6c83d3582.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	559	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 2784 Connection: close Date: Fri, 27 Sep 2024 23:47:16 GMT Last-Modified: Tue, 24 Sep 2024 02:57:05 GMT ETag: "b6c83d3582430126098676cc14c0b7ae" x-amz-server-side-encryption: AES256 x-amz-version-id: ewcS.EklwGJ2FyAOWSufrqmCURke5UTL Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: bQWeS8IQfXOTDB2LrBjJZgNkopUgJoPZVpa2wZFKvgrZlPdbW6uzOQ==
2024-09-27 23:47:15 UTC	2784	IN	Data Raw: 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 4c 61 74 6f 2d 42 6f 6c 64 3b 73 72 63 3a 6c 6f 63 61 6c 28 27 4c 61 74 6f 20 42 6f 6c 64 27 29 2c 6c 6f 63 61 6c 28 27 4c 61 74 6f 2d 42 6f 6c 64 27 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 63 64 6e 31 2e 63 6f 64 61 73 68 6f 70 2e 63 6f 6d 2f 53 2f 63 6f 6e 74 65 6e 74 2f 66 6f 6e 74 73 2f 4c 61 74 6f 2f 4c 61 74 6f 2d 42 6f 6c 64 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 2c 75 72 6c 28 68 74 74 70 73 3a 2f 2f 63 64 6e 31 2e 63 6f 64 61 73 68 6f 70 2e 63 6f 6d 2f 53 2f 63 6f 6e 74 65 6e 74 2f 66 6f 6e 74 73 2f 4c 61 74 6f 2f 4c 61 74 6f 2d 42 6f 6c 64 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 73 Data Ascii: @font-face{font-family:Lato-Bold;src:local('Lato Bold'),local('Lato-Bold'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff2) format('woff2'),url(https://cdn1.codashop.com/S/content/fonts/Lato/Lato-Bold.woff) format('woff');font-display:s

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.7	49756	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	406	OUT	GET /S/content/common/images/grab.29dad06670f873936002ddb910253a4b.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	479	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 61755 Connection: close Date: Fri, 27 Sep 2024 23:47:14 GMT Last-Modified: Tue, 05 May 2020 03:32:54 GMT ETag: "29dad06670f873936002ddb910253a4b" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: ahU1bDeCqTQ_U4SnzHDcnVSNr0mhdQhbJpKGf_w5JWia9NOQoDUZOw== Age: 1
2024-09-27 23:47:15 UTC	15449	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 07 d0 00 00 03 20 08 06 00 00 00 7b e5 f9 73 00 00 f1 02 49 44 41 54 78 9c ec dd e1 75 db 48 b2 f6 f1 87 f7 dc ef cb 37 82 e5 44 30 70 04 43 45 d0 74 04 43 45 30 52 04 96 23 90 1c 81 38 11 08 1d 81 38 11 18 8e c0 d8 08 2e 36 02 be 1f 9a 34 25 5b b2 29 09 dd d5 e8 fe ff ce f1 f1 d8 33 8b ae b5 25 10 e8 ea aa 92 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: PNGIHDR {sIDATxuH7D0pCEtCE0R#88.64%[)3%
2024-09-27 23:47:15 UTC	16384	IN	Data Raw: 89 e1 d9 62 4c 5b ed 74 99 cd df 2d 10 43 48 a4 5f 4b 5a d9 06 32 79 3c 4f 4c 4c bd 09 f4 f0 4d ff d5 3a 8c 04 d2 ce e4 ae e3 50 c2 f7 68 dd 0e 00 40 49 c2 c6 f3 bd a4 c6 36 90 49 fb 28 e9 26 9b 0a 1b 60 aa d8 e0 1e 13 f7 a5 97 0a 87 c9 e6 fb 5f 2d 1f fc 9b 7f e9 e9 cf c8 85 4e 9f c5 dd ef 7f 7c af 93 f4 df fd 3f 0f fb 5f 4b 3b 0d 24 27 5e 88 aa b1 b1 b1 e9 5d 0a 8b bd cb 9c 0a 6f 78 b6 18 4b 2f e9 9c f1 54 2f 14 3e 9b 16 92 a4 9d 16 9a 3d 7a 6e f8 e3 89 ff c5 5c a7 bf 97 0f 3a 3c 37 3c d6 e9 f8 6c 21 49 db fd fa 3c 5b bc 54 28 9e fc a0 fa f2 3f 63 e2 79 62 42 6a 4e a0 5f a8 fc f9 71 bd 9c ff 2d d9 6a 75 56 9f d3 ba 1d 00 80 d2 78 f7 59 24 cf 5f ab 55 98 73 de 1b c7 31 7d e1 20 47 f3 a2 ff 0d 9b 40 65 61 83 7b 2c 1b d1 52 f5 47 c7 7b cc e1 e7 7f 2b 6c 68 Data Ascii: bL[t-CH_KZ2y<OLLM:Ph@I6I(&`_-N\|?_K;$'^]oxK/T/>=zn\:<7<l!I<[T(?cybBjN_q-juVxY$_Us1} G@ea{,RG{+lh
2024-09-27 23:47:15 UTC	16384	IN	Data Raw: 9f d2 dc 3a 80 09 d8 ca f9 ab e4 ab 7a b7 92 f4 21 f9 ba 79 b9 d1 ca 6f ac 83 00 f0 2a ad 75 00 a3 db 51 85 7e b2 89 1e f2 26 81 8e 92 cc ad 03 00 00 00 38 d1 d2 3a 80 91 74 d6 01 a0 70 13 7d d1 fe 85 d8 63 0f 4a 6c 79 5f 62 5b 69 20 67 a5 7d bf 2d 23 5f bf 8b 7c fd b4 ca fc ec 1d cb 20 e9 7d f2 55 43 95 e3 6d f2 75 f3 d2 ca f9 4b eb 20 00 bc 5a 69 cf 16 d2 4c bf 47 5e a1 9c c2 8e dd 34 0f c5 4f 35 81 de 59 07 10 c1 3c d1 3a 43 a2 75 2c 34 d6 01 00 00 00 3e 8f 2b d3 5b 07 80 e2 cd ad 03 88 60 1b f9 fa 4d e4 eb db 28 af ad 34 90 af 5d 71 df 6f b1 c7 26 fe 27 f2 f5 91 0f cb b9 e7 73 83 75 73 d1 49 3a b7 0e 02 c0 1b 84 ee c8 83 71 14 63 5b 46 be 7e 17 f9 fa e9 cc 48 a0 a7 34 58 07 10 41 93 68 9d 2e d1 3a 00 00 a0 4e 73 eb 00 46 b2 8d 76 e5 98 73 b2 d2 8b 5d Data Ascii: :z!yo*uQ~&8:tp}cJly_b[i g}-#_\| }UCmuK ZiLG^4O5Y<:Cu,4>+[`M(4]qo&'susI:qc[F~H4XAh.:NsFvs]
2024-09-27 23:47:15 UTC	13538	IN	Data Raw: 9f 6e 9a d6 ba 7d 96 7d dd dc b6 83 18 71 f6 66 54 a0 97 e9 5c dc 6a de 1b e9 4e ab a0 a2 6e c0 58 72 e4 5c 31 fc 47 43 68 df d1 6f 33 ed 92 ea 31 48 f6 90 d2 68 ab 7f 34 52 43 b5 c6 11 d9 25 85 a9 a4 df 44 85 79 89 fc 93 e7 e6 8b ea fd 7c 6b 45 92 00 00 fa 66 28 55 e8 9f b5 0a 2b 97 aa bd 10 2f bb c4 ee 3c fb da c3 31 ed 7e dd 28 86 b5 a4 bf b5 55 53 41 95 66 3e 56 1d 36 93 7e 74 cb 1a 7b 86 03 e0 27 ad 6c ae 75 1d b6 fa 6b 00 1d 5a fc f6 1e 0f cd e3 52 ab a0 01 fc 79 e7 30 96 8d d4 bc e8 3a e1 ac b4 d5 df ee 5f e3 52 ec f7 12 7f 88 ce b5 c7 b6 76 39 d3 1c 4a eb 76 aa cf 5f 44 02 bd 44 21 b6 8a e1 5c 96 64 80 54 66 12 5d 92 42 bc d2 2a 6c 34 d2 8d 78 c0 ee 8b a9 6c 9e 8f 89 a1 95 25 d5 bf 6a ab 8d a4 35 1b bf 5f b0 0a e2 a9 f6 c9 f2 dd ef 51 ae 32 92 e7 Data Ascii: n}}qfT\jNnXr\1GCho31Hh4RC%Dy\|kEf(U+/<1~(USAf>V6~t{'lukZRy0:_Rv9Jv_DD!\dTf]B*l4xl%j5_Q2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.7	49759	157.240.253.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	1190	OUT	GET /signals/config/916139058437464?v=2.9.169&r=stable&domain=www.card.xn--6qq986b3xl&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 HTTP/1.1 Host: connect.facebook.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	1451	IN	HTTP/1.1 200 OK Vary: Accept-Encoding Content-Type: application/x-javascript; charset=utf-8 timing-allow-origin: * reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-security-policy: default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; document-policy: force-load-at-top
2024-09-27 23:47:15 UTC	1703	IN	Data Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewpor
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 2f 2a 2a 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 37 2d 70 72 65 73 65 6e 74 2c 20 46 61 63 65 62 6f 6f 6b 2c 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 2a 0a 2a 20 59 6f 75 20 61 72 65 20 68 65 72 65 62 79 20 67 72 61 6e 74 65 64 20 61 20 6e 6f 6e 2d 65 78 63 6c 75 73 69 76 65 2c 20 77 6f 72 6c 64 77 69 64 65 2c 20 72 6f 79 61 6c 74 79 2d 66 72 65 65 20 6c 69 63 65 6e 73 65 20 74 6f 20 75 73 65 2c 0a 2a 20 63 6f 70 79 2c 20 6d 6f 64 69 66 79 2c 20 61 6e 64 20 64 69 73 74 72 69 62 75 74 65 20 74 68 69 73 20 73 6f 66 74 77 61 72 65 20 69 6e 20 73 6f 75 72 63 65 20 63 6f 64 65 20 6f 72 20 62 69 6e 61 72 79 20 66 6f 72 6d 20 66 6f 72 20 75 73 65 0a 2a 20 69 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 77 69 Data Ascii: /* Copyright (c) 2017-present, Facebook, Inc. All rights reserved. You are hereby granted a non-exclusive, worldwide, royalty-free license to use,* copy, modify, and distribute this software in source code or binary form for use* in connection wi
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 75 72 6e 21 30 7d 28 29 29 72 65 74 75 72 6e 3b 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 7c 7c 28 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 3d 7b 7d 2c 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 3d 7b 7d 2c 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 5b 61 5d 7c 7c 28 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 5b 61 5d 3d 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 5b 61 5d 28 29 29 3b 72 65 74 75 72 6e 20 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 64 4d 6f 64 75 6c 65 73 5b 61 5d 7d 2c 66 Data Ascii: urn!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 3b 62 26 26 28 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3f 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 28 61 2c 62 29 3a 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 62 29 7d 66 75 6e 63 74 69 6f 6e 20 6a 28 61 29 7b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 29 7b 66 6f 72 28 76 61 72 20 62 3d 30 2c 63 3d 41 72 72 61 79 28 61 2e 6c 65 6e 67 74 68 29 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 62 2b 2b 29 63 5b 62 5d 3d 61 5b 62 5d 3b 72 65 74 75 72 6e 20 63 7d 65 6c 73 65 20 72 65 74 75 72 6e 20 41 72 72 61 79 2e 66 72 6f 6d 28 61 29 7d 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 7c 7c 28 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 3d 7b 7d 2c 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f Data Ascii: ;b&&(Object.setPrototypeOf?Object.setPrototypeOf(a,b):a.__proto__=b)}function j(a){if(Array.isArray(a)){for(var b=0,c=Array(a.length);b<a.length;b++)c[b]=a[b];return c}else return Array.from(a)}f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsReso
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 3d 6e 75 6c 6c 26 26 28 63 2e 71 75 65 72 79 3d 3d 3d 64 3f 65 3d 66 2b 65 3a 63 2e 70 72 65 66 69 78 21 3d 22 22 26 26 66 21 3d 22 22 26 26 28 65 2b 3d 22 5f 22 2b 63 2e 70 72 65 66 69 78 2b 22 5f 22 2b 66 29 29 7d 29 7d 72 65 74 75 72 6e 20 65 3d 3d 3d 22 22 3f 6e 75 6c 6c 3a 65 7d 65 2e 65 78 70 6f 72 74 73 3d 7b 63 6f 6d 62 69 6e 65 46 62 63 50 61 72 61 6d 73 46 72 6f 6d 55 72 6c 41 6e 64 45 42 50 3a 68 2c 63 6f 6d 62 69 6e 65 46 62 63 50 61 72 61 6d 73 46 72 6f 6d 55 72 6c 3a 69 2c 67 65 74 55 6e 69 71 75 65 46 62 63 50 61 72 61 6d 43 6f 6e 66 69 67 41 6e 64 56 61 6c 75 65 3a 67 7d 7d 29 28 29 3b 72 65 74 75 72 6e 20 65 2e 65 78 70 6f 72 74 73 7d 28 61 2c 62 2c 63 2c 64 29 7d 29 3b 0a 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c 65 52 65 67 69 73 74 65 72 Data Ascii: =null&&(c.query===d?e=f+e:c.prefix!=""&&f!=""&&(e+="_"+c.prefix+"_"+f))})}return e===""?null:e}e.exports={combineFbcParamsFromUrlAndEBP:h,combineFbcParamsFromUrl:i,getUniqueFbcParamConfigAndValue:g}})();return e.exports}(a,b,c,d)});f.ensureModuleRegister
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 55 52 4c 55 74 69 6c 22 29 2c 6e 3d 6d 2e 67 65 74 55 52 4c 50 61 72 61 6d 65 74 65 72 3b 6d 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 46 62 63 43 6f 6d 62 69 6e 65 72 22 29 3b 76 61 72 20 6f 3d 6d 2e 63 6f 6d 62 69 6e 65 46 62 63 50 61 72 61 6d 73 46 72 6f 6d 55 72 6c 2c 70 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 73 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 53 68 6f 75 6c 64 4e 6f 74 44 72 6f 70 43 6f 6f 6b 69 65 22 29 3b 6d 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 50 69 78 65 6c 43 6f 6f 6b 69 65 55 74 69 6c 73 22 29 3b 76 61 Data Ascii: ntsModules("SignalsFBEventsURLUtil"),n=m.getURLParameter;m=f.getFbeventsModules("SignalsFBEventsFbcCombiner");var o=m.combineFbcParamsFromUrl,p=f.getFbeventsModules("signalsFBEventsShouldNotDropCookie");m=f.getFbeventsModules("SignalsPixelCookieUtils");va
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 72 6e 20 73 28 75 2c 66 29 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 45 28 29 7b 76 61 72 20 61 3d 71 28 77 29 3b 69 66 28 61 29 7b 73 28 77 2c 61 29 3b 72 65 74 75 72 6e 20 61 7d 61 3d 42 28 29 3b 72 65 74 75 72 6e 20 72 28 77 2c 61 29 7d 6d 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 28 62 2c 61 29 3b 66 75 6e 63 74 69 6f 6e 20 62 28 29 7b 76 61 72 20 61 2c 63 2c 64 3b 67 28 74 68 69 73 2c 62 29 3b 76 61 72 20 65 3b 66 6f 72 28 76 61 72 20 66 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 69 3d 41 72 72 61 79 28 66 29 2c 6a 3d 30 3b 6a 3c 66 3b 6a 2b 2b 29 69 5b 6a 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 6a 5d 3b 72 65 74 75 72 6e 20 64 3d 28 65 3d 28 63 3d 68 28 74 68 69 73 2c 28 61 3d 62 2e 5f 5f 70 72 6f 74 6f 5f 5f 7c 7c 4f Data Ascii: rn s(u,f);return null}function E(){var a=q(w);if(a){s(w,a);return a}a=B();return r(w,a)}m=function(a){i(b,a);function b(){var a,c,d;g(this,b);var e;for(var f=arguments.length,i=Array(f),j=0;j<f;j++)i[j]=arguments[j];return d=(e=(c=h(this,(a=b.__proto__\|\|O
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 6c 20 63 6f 64 65 20 69 73 20 6e 6f 74 20 69 6e 73 74 61 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 20 6f 6e 20 74 68 69 73 20 70 61 67 65 22 7d 2c 22 2a 22 29 3b 22 65 72 72 6f 72 22 69 6e 20 63 6f 6e 73 6f 6c 65 26 26 63 6f 6e 73 6f 6c 65 2e 65 72 72 6f 72 28 22 46 61 63 65 62 6f 6f 6b 20 50 69 78 65 6c 20 45 72 72 6f 72 3a 20 50 69 78 65 6c 20 63 6f 64 65 20 69 73 20 6e 6f 74 20 69 6e 73 74 61 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 20 6f 6e 20 74 68 69 73 20 70 61 67 65 22 29 3b 72 65 74 75 72 6e 21 31 7d 72 65 74 75 72 6e 21 30 7d 28 29 29 72 65 74 75 72 6e 3b 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 7c 7c 28 66 2e 5f 5f 66 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 3d 7b 7d 2c 66 2e 5f 5f 66 62 65 76 65 6e 74 73 52 65 73 6f 6c 76 65 Data Ascii: l code is not installed correctly on this page"},"*");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolve
2024-09-27 23:47:15 UTC	1500	IN	Data Raw: 6f 20 6c 65 61 72 6e 20 6d 6f 72 65 22 29 29 7d 29 7d 29 7d 29 28 29 3b 72 65 74 75 72 6e 20 65 2e 65 78 70 6f 72 74 73 7d 28 61 2c 62 2c 63 2c 64 29 7d 29 3b 65 2e 65 78 70 6f 72 74 73 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 2e 70 6c 75 67 69 6e 73 2e 70 72 6f 68 69 62 69 74 65 64 73 6f 75 72 63 65 73 22 29 3b 66 2e 72 65 67 69 73 74 65 72 50 6c 75 67 69 6e 26 26 66 2e 72 65 67 69 73 74 65 72 50 6c 75 67 69 6e 28 22 66 62 65 76 65 6e 74 73 2e 70 6c 75 67 69 6e 73 2e 70 72 6f 68 69 62 69 74 65 64 73 6f 75 72 63 65 73 22 2c 65 2e 65 78 70 6f 72 74 73 29 3b 0a 66 2e 65 6e 73 75 72 65 4d 6f 64 75 6c 65 52 65 67 69 73 74 65 72 65 64 28 22 66 62 65 76 65 6e 74 73 2e 70 6c 75 67 69 6e 73 Data Ascii: o learn more"))})})})();return e.exports}(a,b,c,d)});e.exports=f.getFbeventsModules("SignalsFBEvents.plugins.prohibitedsources");f.registerPlugin&&f.registerPlugin("fbevents.plugins.prohibitedsources",e.exports);f.ensureModuleRegistered("fbevents.plugins
2024-09-27 23:47:15 UTC	358	IN	Data Raw: 61 6c 73 46 42 45 76 65 6e 74 73 43 6f 6e 66 69 67 53 74 6f 72 65 22 29 2c 67 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 4c 6f 67 67 69 6e 67 22 29 3b 61 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 50 6c 75 67 69 6e 22 29 3b 76 61 72 20 68 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 53 69 67 6e 61 6c 73 46 42 45 76 65 6e 74 73 55 74 69 6c 73 22 29 2c 69 3d 66 2e 67 65 74 46 62 65 76 65 6e 74 73 4d 6f 64 75 6c 65 73 28 22 73 68 61 32 35 36 5f 77 69 74 68 5f 64 65 70 65 6e 64 65 6e 63 69 65 73 5f 6e 65 77 22 29 3b 68 2e 65 61 63 68 3b 76 61 72 20 6a 3d 68 2e 6d 61 70 2c 6b 3d 21 31 3b 66 2e 67 Data Ascii: alsFBEventsConfigStore"),g=f.getFbeventsModules("SignalsFBEventsLogging");a=f.getFbeventsModules("SignalsFBEventsPlugin");var h=f.getFbeventsModules("SignalsFBEventsUtils"),i=f.getFbeventsModules("sha256_with_dependencies_new");h.each;var j=h.map,k=!1;f.g

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.7	49758	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:14 UTC	588	OUT	GET /S2/content/common/css/shared-footer2.2ce4d6e299.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	565	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 3650 Connection: close Last-Modified: Tue, 24 Sep 2024 02:57:05 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: QajK4M.wz2DtEDvXnEWLVWDMtWpXaHaM Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:16 GMT ETag: "2ce4d6e2994e655224b0aa48265ae15a" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: -i6GOK82UEZHwqurZSF4bnKVPJ-t5_nWvgL00MsNEYEQHApbIURIiA==
2024-09-27 23:47:15 UTC	3650	IN	Data Raw: 2e 63 6f 6e 74 61 63 74 2d 74 65 78 74 2c 2e 66 6f 6f 74 65 72 5f 5f 67 6f 6f 67 6c 65 2d 63 6f 70 79 72 69 67 68 74 7b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 72 6d 61 6c 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 77 6f 72 64 7d 2e 63 75 73 74 6f 6d 2d 2d 67 72 61 62 20 2e 66 6f 6f 74 65 72 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 69 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 63 75 73 74 6f 6d 2d 2d 67 72 61 62 20 2e 66 6f 6f 74 65 72 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 72 69 67 68 74 2d 62 6c 6f 63 6b 73 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 63 75 73 74 6f 6d 2d 2d 67 72 61 62 20 2e 66 6f 6f 74 65 72 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 6f 63 69 61 6c 73 2d 63 6f 6e 74 61 69 6e 65 72 7b 64 69 73 70 6c 61 79 3a 6e 6f Data Ascii: .contact-text,.footer__google-copyright{white-space:normal;word-break:break-word}.custom--grab .footer-container .international-container,.custom--grab .footer-container .right-blocks-container,.custom--grab .footer-container .socials-container{display:no

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.7	49757	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:15 UTC	567	OUT	GET /S/content/common/css/flags.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:15 UTC	494	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 12399 Connection: close Date: Fri, 27 Sep 2024 23:47:16 GMT Last-Modified: Thu, 20 Dec 2018 04:54:20 GMT ETag: "48625f4127086c12c9db05064a6bab03" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: btVJtzXAOGC6D94n9t_Kb2lGmYFJAIK_1nUoQZgzxJb7vAOO-CohOw==
2024-09-27 23:47:15 UTC	12399	IN	Data Raw: 2f 2a 0a 20 20 57 6f 72 6c 64 20 46 6c 61 67 73 0a 20 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0a 20 20 40 64 65 73 63 3a 20 43 73 73 20 53 70 72 69 74 65 20 57 6f 72 6c 64 20 46 6c 61 67 73 0a 20 20 40 61 75 74 68 6f 72 3a 20 41 6c 61 6e 20 4d 75 73 65 6c 6a 69 63 0a 20 20 40 74 77 69 74 74 65 72 3a 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 77 69 74 74 65 72 2e 63 6f 6d 2f 5f 75 6c 6f 67 61 0a 20 20 40 73 6f 75 72 63 65 3a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 64 65 63 6f 72 61 74 6f 72 2e 69 6f 2f 77 6f 72 6c 64 66 6c 61 67 73 0a 20 20 40 63 6f 70 79 72 69 67 68 74 3a 20 41 6c 61 6e 20 4d 75 73 65 6c 6a 69 63 0a 20 20 40 6c 69 63 65 6e 63 65 3a 20 4d 49 54 0a 5c 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d Data Ascii: /* World Flags --------------------- @desc: Css Sprite World Flags @author: Alan Museljic @twitter: https://www.twitter.com/_uloga @source: http://www.decorator.io/worldflags @copyright: Alan Museljic @licence: MIT\-----------------------

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.7	49762	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	634	OUT	GET /S/content/common/images/mno/higgs_domino640x241.jpg HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:17 UTC	606	IN	HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 67398 Connection: close Date: Fri, 27 Sep 2024 23:47:18 GMT Last-Modified: Thu, 20 Jun 2019 09:07:08 GMT ETag: "1825a826736d50f007a25988bf1a86c9" x-amz-meta-sha256: 95dcbc02618ac287b3f9388c5f3ea2953ba74dbac74b8c902cbaf3e892c93c96 x-amz-meta-s3b-last-modified: 20190524T032947Z x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: CenN1MFaJ_elOaS4qFW1HZc3KBXEOO-kpsJUcFXah2mlhqOYaHg4wg==
2024-09-27 23:47:17 UTC	10339	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 02 02 02 02 02 01 02 02 02 02 03 02 02 03 03 06 04 03 03 03 03 07 05 05 04 06 08 07 09 08 08 07 08 08 09 0a 0d 0b 09 0a 0c 0a 08 08 0b 0f 0b 0c 0d 0e 0e 0f 0e 09 0b 10 11 10 0e 11 0d 0e 0e 0e 01 02 03 03 03 03 03 07 04 04 07 0e 09 08 09 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e ff c2 00 11 08 00 f1 02 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 00 01 04 03 01 01 01 00 00 00 00 00 00 00 00 00 06 04 05 07 08 02 03 09 01 00 0a ff da 00 08 01 01 00 00 00 00 a8 99 e5 96 c2 1b 25 24 95 15 8d 8f 98 c2 75 cb 3c f3 54 b5 56 f5 2a 5c e4 4c f7 db 0c d1 33 32 b6 26 f5 16 f5 3b 1b 52 Data Ascii: JFIF"%$u<TV*\L32&;R
2024-09-27 23:47:17 UTC	8459	IN	Data Raw: 14 83 5e 1a e5 24 b0 dc c7 58 b2 d0 c7 20 c1 14 25 24 91 8c 32 c2 32 46 f6 28 34 fd 37 e9 0a e9 0a e9 0a e9 fd dd 29 e5 a9 55 87 af 5e 5a 76 d8 ba 1d 10 5d 10 5d 10 51 49 52 7b 32 c3 1f 44 17 44 17 44 17 44 13 c5 a9 19 9b a4 2b a2 0b a2 0b a2 0b a2 0a bc 95 6d 01 14 16 ad d1 a7 28 47 3d 59 e9 dd 89 ce bf 48 55 8c 9e 39 ac 10 28 a3 17 ae 32 c7 62 5a d5 2a 3c d6 2b df a1 6a 62 8a 29 74 ee a6 bd 4a 1b 05 19 c7 d1 96 11 92 33 2a e1 64 21 22 08 c6 37 22 af 73 1b 34 e0 09 a9 c6 cc ae 4d 42 9c c3 1c dd 38 2c b3 5a a7 20 56 28 ba b6 23 2c 54 92 08 46 d5 6b 27 b1 8c ad 33 43 2d 62 ea 9c f1 bd ab 51 84 af 1c 75 5f 75 76 ae 0e b5 2b 55 7f e7 8a 9a df 97 a8 52 3d ab f0 dd c7 74 e6 ee cf a7 75 5e 4e 9d f8 8d 6f 4b 7d d7 32 f6 60 6d 3a da 81 84 35 3c a1 3c 93 b3 b9 b3 Data Ascii: ^$X %$22F(47)U^Zv]]QIR{2DDDD+m(G=YHU9(2bZ<+jb)tJ3d!"7"s4MB8,Z V(#,TFk'3C-bQu_uv+UR=tu^NoK}2`m:5<<
2024-09-27 23:47:17 UTC	15360	IN	Data Raw: d5 4b 75 60 37 0f d4 33 28 f4 da 10 69 c4 cc cf ec f6 46 86 95 8c a2 51 29 09 72 be a1 ad 94 b3 59 69 61 7c d9 94 bf ad 11 49 3c bf ac 36 53 b5 6c b8 b8 6e 77 9a d4 2e 23 55 02 f7 2e 2b 75 9b cc b6 5b cc cf 2c 1c a4 4e 68 07 0a 55 b9 ec 81 fd 33 cf 70 c5 6c f8 8c 1c fd 4c a5 de d2 c3 1a c5 a8 19 f2 f0 4d a3 11 18 ef 7f 44 7a e9 a1 ee 8b 3f 72 9b 2c c5 92 9c ac 8c bb 5a c3 c4 1b 95 52 c6 f4 ea 6a 82 00 e4 eb d4 60 e1 24 d3 de 15 a4 cb 33 f2 4c bc 3f 42 03 39 82 85 7b c9 9a 23 58 69 18 c8 25 0b 14 cd 50 aa f2 6d 05 4d 99 25 35 9d 5f 13 93 36 ac b5 35 a8 95 76 e0 5d 2e 61 20 6d cc a3 77 03 a9 66 9c 93 3d 56 3f 48 00 d4 05 81 ec 4c 6b 2e b5 fa d4 f9 ef 4b cc df 87 ec 2f 88 f6 65 ed ab f3 99 71 cd f7 59 8f e6 15 21 75 a0 d2 08 e8 4a 1b 73 28 34 1d ad e3 19 78 Data Ascii: Ku`73(iFQ)rYia\|I<6Slnw.#U.+u[,NhU3plLMDz?r,ZRj`$3L?B9{#Xi%PmM%5_65v].a mwf=V?HLk.K/eqY!uJs(4x
2024-09-27 23:47:17 UTC	8949	IN	Data Raw: 0f 10 34 43 71 8a eb d2 25 39 12 ca f6 08 9a 07 8a 4f 76 35 d9 ac dc 06 4b b5 c1 16 1a 3a 75 83 48 60 d4 06 83 e0 4d 10 71 5f f5 29 7d 30 4a 76 47 36 21 96 1c 0a 98 b8 07 1f 11 8f 4a 4b 18 6f 81 d6 b1 35 6a a6 a2 05 05 12 c2 aa 15 64 d2 33 8c 65 99 7a 95 ea 13 27 d9 99 1c 2a d1 fc 7f 62 25 37 f5 c6 da 63 cc ef 03 70 74 9c c1 d1 3f b8 5e 5e 97 be b3 01 4e ec 79 8e 25 3c 47 a5 10 d1 39 1a 42 74 cf fc 5c f4 8a bf ae eb fc 1d 88 ae 5d a6 e8 0f d9 05 66 bf 53 a9 fe a2 86 f4 24 7f d4 a9 20 cd c1 5b 0f 8d ef 09 b0 f3 fc d4 43 0c 5a fa 15 16 33 1f cc 31 02 61 d3 87 4a 59 1b 96 a5 c7 94 3e 92 c6 a2 30 58 db dc 4a 97 89 ca e5 dc 32 bd e3 6e 59 bc ba 8b 01 e5 e4 80 b0 09 9f 36 83 e8 89 8c 5d 0b 8d ed b0 47 b0 61 95 8e 90 19 fa 31 29 79 79 82 43 a0 c5 58 de 20 26 b2 Data Ascii: 4Cq%9Ov5K:uH`Mq_)}0JvG6!JKo5jd3ez'*b%7cpt?^^Ny%<G9Bt\]fS$ [CZ31aJY>0XJ2nY6]Ga1)yyCX &
2024-09-27 23:47:17 UTC	8459	IN	Data Raw: 0e 98 8d 28 b7 27 a7 a1 98 9e 12 ad a6 99 09 82 63 c7 1d 3c 55 e3 18 e5 88 cb a0 bf 0a e7 19 ca b4 32 62 9c 71 f0 5f c3 9c 04 cc 96 b8 6e a4 91 1c 4a b0 0c b2 70 ac 1a e0 28 33 e3 e6 8c 34 0c 11 04 ac 1d 5e f3 d8 c9 1f 01 e8 bc 80 f2 f8 93 a4 27 c5 99 cb ef b2 3d ed 26 38 2b 49 6d 2f 13 c7 80 56 90 f9 24 0e b5 56 f5 76 34 c2 9e a8 cb 75 c7 b9 3c 81 9d 3b 95 a3 a0 7c b4 c7 c3 7e f8 47 e5 6d 78 92 53 a1 aa 0e c6 cb 4e 8a c5 a3 fa 42 63 44 6e 00 77 c6 3c f9 42 f7 47 87 5e 3b cc 51 38 9d f0 3c fe e8 c1 d7 ec 50 21 d8 52 a0 ce ed d3 54 d8 76 be bd 4a ab a3 e2 b1 32 7b 01 34 26 84 c0 9a 3b 93 02 68 05 3b 60 41 05 ee b8 61 e8 9d c7 8f 5c 14 f5 cd 38 00 9b 78 f7 0e b9 2b 21 ec ce ee aa ad 40 e3 f7 0a d2 f6 83 a0 13 1b 74 e1 22 bd e2 11 02 71 20 57 bc cc 70 01 0e Data Ascii: ('c<U2bq_nJp(34^'=&8+Im/V$Vv4u<;\|~GmxSNBcDnw<BG^;Q8<P!RTvJ2{4&;h;`Aa\8x+!@t"q Wp
2024-09-27 23:47:17 UTC	10776	IN	Data Raw: 3f 78 07 97 08 24 e7 04 47 b6 fe 33 8f ce 85 3f 01 95 91 22 11 3e 9c 30 a8 b0 3c 1d 7d e1 06 e3 54 07 b7 bc 8c 8d 44 8f 91 c4 a3 cb e2 d0 10 e9 a9 4f bc 4c 54 ef 2f 64 2c 0e 00 3e 57 0c 08 a0 14 4f 18 3a 01 4e a0 5d a0 b4 d6 6c 33 1d 9b 1b 15 bd 1a fa c3 65 8d 86 27 54 34 9d 26 33 0c 84 ab cf ce 14 78 7b c3 c9 71 48 84 11 1d 88 f2 26 14 94 94 91 50 2c 03 82 4b 01 d9 85 06 c9 a0 90 0e e0 46 3f 78 44 4e 8c af 8f c0 2b e8 c2 76 22 11 ca 54 81 ac ab 6e 35 f0 d8 48 60 33 b0 8a 77 e8 94 03 72 75 52 00 37 e8 31 61 58 f2 2a 50 54 05 88 70 4c 32 9b 41 61 4b d3 19 82 9b 87 bc 19 bc 30 e5 86 a8 35 5e 82 eb 69 81 20 98 da 44 42 a0 d5 d4 e3 23 94 c5 8d 1b c1 db e7 10 5c 4e e9 89 ac 05 79 10 ef 0d 19 03 8b f0 10 30 d0 9c 21 87 eb 8e 40 05 4b e8 18 2d c5 b8 ec 11 de 00 Data Ascii: ?x$G3?">0<}TDOLT/d,>WO:N]l3e'T4&3x{qH&P,KF?xDN+v"Tn5H`3wruR71aX*PTpL2AaK05^i DB#\Ny0!@K-
2024-09-27 23:47:17 UTC	5056	IN	Data Raw: 46 81 7f 4a b9 90 61 a2 b5 b7 d2 f2 73 d2 0b 36 99 50 f8 c7 3c 7f d8 3b 54 fb c0 85 87 83 2e fc 4a d9 d8 5f 6d 5c 47 f2 99 55 65 0e 6f 86 5d 3e 8c f4 5e 86 3e 3a 5b 36 07 55 73 f5 ed d6 29 86 c0 1b 7a 2e bf 7e 60 0c 20 2a d9 57 5d df 81 38 95 71 dd c1 f7 05 fd d4 07 1c 6f 07 37 15 61 33 d4 47 91 8b 56 4b b2 95 fc c2 ab ce d5 c1 08 28 69 05 85 40 40 0d 70 73 e2 58 d4 d9 42 82 1c 72 83 8a 14 9a 11 cb dc 69 44 55 bb 0d 00 05 61 83 52 23 2a c8 83 84 29 d5 83 0f 10 10 38 b2 b2 83 76 4e 0e 0a 6a 13 60 2b ec 76 9c 99 33 9e 21 44 c6 98 c3 c2 b5 4f 15 8d 66 e2 81 18 56 39 5a f6 d3 e3 d5 b5 e3 3f 52 f2 f3 5d e7 13 03 af b9 46 18 f5 77 ea b0 16 0a 26 25 46 5a 47 55 36 af e6 e6 78 0a 64 f0 1a c7 bc 49 56 3c d3 f5 af c4 6a 73 dd 7e fa fc 43 20 8d 67 75 ef 02 ae 65 41 Data Ascii: FJas6P<;T.J_m\GUeo]>^>:[6Us)z.~` W]8qo7a3GVK(i@@psXBriDUaR#)8vNj`+v3!DOfV9Z?R]Fw&%FZGU6xdIV<js~C gueA

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.7	49763	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	570	OUT	GET /P/airtime/w/css/airtime_v1.0a.css HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:17 UTC	499	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 2692 Connection: close Last-Modified: Fri, 13 Mar 2020 03:56:02 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:18 GMT ETag: "753a330f95a906499abe488e677662d3" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: NXZbGZIfvRY27debVDZHPtVRTr7IIbvyLZxsRLz4-eyoCAQ4JQVTGA==
2024-09-27 23:47:17 UTC	2692	IN	Data Raw: 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 53 61 6e 63 68 65 7a 2d 52 65 67 75 6c 61 72 27 3b 0a 20 20 20 73 72 63 3a 20 6c 6f 63 61 6c 28 27 53 61 6e 63 68 65 7a 20 52 65 67 75 6c 61 72 27 29 2c 20 6c 6f 63 61 6c 28 27 53 61 6e 63 68 65 7a 2d 52 65 67 75 6c 61 72 27 29 2c 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 63 64 6e 31 2e 63 6f 64 61 70 61 79 6d 65 6e 74 73 2e 63 6f 6d 2f 57 2f 70 75 62 2f 6d 6f 62 69 6c 65 2d 77 65 62 2f 66 6f 6e 74 2d 73 61 6e 63 68 65 7a 2f 53 61 6e 63 68 65 7a 2d 52 65 67 75 6c 61 72 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 3b 0a 7d 0a 2e 61 69 72 74 69 6d 65 5f 63 6c 6f 73 65 2d 62 74 6e 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 53 61 6e 63 68 65 7a 2d Data Ascii: @font-face { font-family: 'Sanchez-Regular'; src: local('Sanchez Regular'), local('Sanchez-Regular'), url(https://cdn1.codapayments.com/W/pub/mobile-web/font-sanchez/Sanchez-Regular.woff) format('woff');}.airtime_close-btn { font-family: 'Sanchez-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.7	49761	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	565	OUT	GET /S2/content/common/js/infoBar.38acc407b3.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:17 UTC	507	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 2106 Connection: close Date: Fri, 27 Sep 2024 23:47:18 GMT Last-Modified: Fri, 04 Sep 2020 02:37:42 GMT ETag: "38acc407b31daa48fafd99a877c64b5d" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: 9_eqxvwwdD9eXzJMHdfH3nkwPOJ38AxIvF9_bVig5-8Dx6_twbqJqg==
2024-09-27 23:47:17 UTC	2106	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 5f 73 6c 69 63 65 64 54 6f 41 72 72 61 79 28 74 2c 6e 29 7b 72 65 74 75 72 6e 20 5f 61 72 72 61 79 57 69 74 68 48 6f 6c 65 73 28 74 29 7c 7c 5f 69 74 65 72 61 62 6c 65 54 6f 41 72 72 61 79 4c 69 6d 69 74 28 74 2c 6e 29 7c 7c 5f 6e 6f 6e 49 74 65 72 61 62 6c 65 52 65 73 74 28 29 7d 66 75 6e 63 74 69 6f 6e 20 5f 6e 6f 6e 49 74 65 72 61 62 6c 65 52 65 73 74 28 29 7b 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 61 74 74 65 6d 70 74 20 74 6f 20 64 65 73 74 72 75 63 74 75 72 65 20 6e 6f 6e 2d 69 74 65 72 61 62 6c 65 20 69 6e 73 74 61 6e 63 65 22 29 7d 66 75 6e 63 74 69 6f 6e 20 5f 69 74 65 72 61 62 6c 65 54 6f 41 72 72 61 79 4c 69 6d 69 74 28 74 2c 6e 29 Data Ascii: "use strict";function _slicedToArray(t,n){return _arrayWithHoles(t)\|\|_iterableToArrayLimit(t,n)\|\|_nonIterableRest()}function _nonIterableRest(){throw new TypeError("Invalid attempt to destructure non-iterable instance")}function _iterableToArrayLimit(t,n)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.7	49760	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	561	OUT	GET /S2/content/common/js/faq.7a04e34b3d.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:17 UTC	512	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 824 Connection: close Last-Modified: Fri, 04 Sep 2020 02:37:42 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:18 GMT ETag: "7a04e34b3d63def624af82ba6df461ba" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: qw3FVCp9w9R-3idv6LLC5dTCITk5G-KAyjlrNgxZvSxujsxtQhDulQ==
2024-09-27 23:47:17 UTC	824	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 72 65 6e 64 65 72 46 41 51 53 65 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 24 28 22 2e 61 63 63 6f 72 64 69 6f 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 29 2c 6e 3d 43 4f 44 41 2e 53 68 6f 70 2e 66 61 71 44 61 74 61 2e 66 61 71 2c 65 3d 22 22 3b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 6e 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 61 2c 63 29 7b 76 61 72 20 74 3d 6e 5b 61 5d 2e 71 75 65 73 74 69 6f 6e 2c 6f 3d 6e 5b 61 5d 2e 61 6e 73 77 65 72 3b 65 2b 3d 22 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 27 61 63 63 6f 72 64 69 6f 6e 2d 73 65 63 74 69 6f 6e 27 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 63 6c 61 73 73 3d 27 66 61 71 2d 73 77 69 Data Ascii: "use strict";function renderFAQSection(){var a=$(".accordion-container"),n=CODA.Shop.faqData.faq,e="";Object.keys(n).forEach(function(a,c){var t=n[a].question,o=n[a].answer;e+="<section class='accordion-section'>\n <input class='faq-swi

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.7	49766	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	643	OUT	GET /S/content/fonts/Lato/Lato-Light.woff2 HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:16 UTC	546	IN	HTTP/1.1 200 OK Content-Length: 207880 Connection: close Date: Fri, 27 Sep 2024 14:36:15 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST Last-Modified: Thu, 09 Apr 2020 14:21:48 GMT ETag: "01b5dcc68aff09201f8e83a5e1c568ee" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Origin X-Cache: Hit from cloudfront Via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: 1sWB7LwTXq_cGILa4MpoJQ-XWPvjiv0GrmfKTmSG_fpQD4Uf_4ieBA== Age: 33062
2024-09-27 23:47:16 UTC	8949	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 03 2c 08 00 10 00 00 00 09 d5 cc 00 03 2b a5 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 8c e7 40 1c c8 6c 06 60 00 a9 26 08 81 66 09 97 17 11 08 0a 97 c7 30 94 f5 53 0b de 40 00 01 36 02 24 03 de 3c 04 20 05 ae 7d 07 20 0c 81 39 5b 95 fc d8 b7 9f f1 ff 9b e7 ac ce cc ae d7 e4 0e ef 5d 8d 3b 8a d1 a0 c0 95 77 57 fc 3c 35 1a a3 d5 06 fa 49 34 a5 b5 b6 a1 f4 a7 b4 a5 f9 c4 62 3f e8 4c 86 9d 1a 80 a4 a9 ab ea f6 7f 9e 14 30 09 71 4a 67 bf 53 a7 29 c0 98 7f 3f a4 c3 07 a5 aa b6 bd 6b 9e 07 ff 4b c6 de 67 a0 a8 d1 72 73 57 d9 3a bc d1 5b d2 f4 59 ac b2 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b7 2c ff 79 be 36 bd f7 bc ff b8 f7 bd f7 ff fc 99 f9 33 8c 83 Data Ascii: wOF2,+@l`&f0S@6$< } 9[];wW<5I4b?L0qJgS)?kKgrsW:[Y,y63
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 42 f6 8d 7d 05 16 c7 7b 23 ee d1 89 8b 3b 27 6f 76 f7 b8 c9 af 7d c9 6b be ec b8 4f 3b e9 f3 fe d3 17 fc 97 fe ce 27 9c 3a 1b 75 87 0f 26 0f 63 ba 96 6c 71 d9 ca 6f ab 3f bc 60 e8 72 dd b0 54 76 9f 0b 7d b5 2f 85 3e df 37 42 5f 68 44 64 22 2d 6e 54 de 44 87 17 2d 20 b7 6d 63 52 f2 a7 d8 27 ca f2 99 ee a3 bc 2b dc da ca 0a 0f fe c3 3c e0 b3 6d f0 62 01 df 6f ab ab ab f1 9f 3e f1 c7 17 35 7a 9f fa c4 ac 0b a3 45 01 76 01 57 31 20 08 5e 2e 1d 3d 43 95 22 b1 96 15 80 60 04 c5 6c 38 41 ae aa 18 9d 98 94 75 12 c7 0b a2 74 5c e5 f1 00 d5 18 8d 6e e0 80 db aa f2 91 4e a0 9b c0 05 81 c2 e0 08 24 6a d5 20 e9 0f 16 57 bc 01 04 22 e9 17 2c bb 93 51 7f 6c a0 f6 ad c3 52 c6 58 6b dc 5a 6c 26 32 79 b6 c3 9f 70 4e bb 3c 88 3b 3c bc f3 3e 7d 3c 9c 64 30 cc b8 4c 66 8b d5 Data Ascii: B}{#;'ov}kO;':u&clqo?`rTv}/>7B_hDd"-nTD- mcR'+<mbo>5zEvW1 ^.=C"`l8Aut\nN$j W",QlRXkZl&2ypN<;<>}<d0Lf
2024-09-27 23:47:16 UTC	10463	IN	Data Raw: ce 39 e7 9c 24 49 92 24 49 92 24 49 92 bc 33 16 7d 3c 49 2c 3f ad 2c 72 85 52 a5 d6 68 75 ee 7a 0f 83 d1 34 85 cf e9 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 e5 9d 8c ef 2c e6 58 ce e5 f1 05 00 28 14 89 25 52 19 04 23 28 86 13 24 25 57 bc 76 42 34 24 c2 1e c4 1e 73 75 9b 04 eb 05 41 01 89 49 5e e1 ef b5 bc 2e d0 1b de f4 96 b7 bd 93 77 05 7b af bf cf db 07 67 7d 78 b7 fb 99 62 ff 02 f4 ef f8 8f ff fa 5f be b5 be f3 bd 1f fc 98 9f e8 67 bf f8 b5 fd f6 18 77 64 9b 99 61 56 d6 dd c5 ed 1e 32 47 70 83 ca 46 c0 26 ae 5d b9 77 bb f9 93 de 64 5f 63 ad 66 3f 1c 30 07 fa d6 88 9f cf ff 5c d5 0e 08 56 73 fa 7b a5 0a 0c 53 14 05 00 00 00 00 00 28 00 2c 19 00 00 00 00 00 00 00 80 dd ce 8c 60 45 61 a8 18 25 88 c4 92 a4 7c 64 f2 2a 4e 55 d5 d3 1b 21 da e8 dc c7 Data Ascii: 9$I$I$I3}<I,?,rRhuz4,X(%R#($%WvB4$suAI^.w{g}xb_gwdaV2GpF&]wd_cf?0\Vs{S(,`Ea%\|d*NU!
2024-09-27 23:47:16 UTC	15990	IN	Data Raw: f3 d1 f0 da 04 56 56 c2 d2 a2 81 77 fd 86 17 82 40 07 6c a6 3a 42 8d da 35 4d cc 6c b0 b0 b6 cd 8e 6e f9 ac 76 ad 7a 00 77 f9 ff 5a de 5d e4 53 5a 7c 6a c0 d3 b0 12 d6 77 e9 4d d2 45 08 6c 00 b6 52 ea 21 ca ea 5e 74 3a 5c db 11 a2 51 e8 9b 3e 88 15 94 7e cc 5f 78 3c 9e f0 e4 aa bb c2 33 a7 3c ca 39 9b 51 38 a4 d6 43 ea 18 6a 8d 4d 23 b3 75 9b 05 db 2e 22 56 71 b4 89 4a 41 4c 5f ad 80 0e 9e fb f4 ba e5 f4 f9 ed 95 79 68 0d 9a eb 37 b5 d0 82 40 07 ec 50 95 2e 56 45 4d f3 bb 42 cb 56 1b ba 3b 0e cc 98 2f c1 8c 05 33 41 9a a4 e8 14 71 10 24 01 f4 53 42 a2 d4 7a ca d6 86 2e cb 04 9c 36 a2 e1 b2 c1 9b dd 84 e6 10 71 d3 89 56 6b bd ab 24 75 2b 86 d4 9a a4 c6 32 c3 5c 6f 4b a4 e7 e5 b9 de 1a 07 cf 24 3d ba 83 cd c8 6f 6b e4 b2 c2 66 6e d9 95 e2 34 7d ab 50 5b 82 Data Ascii: VVw@l:B5MlnvzwZ]SZ\|jwMElR!^t:\Q>~_x<3<9Q8CjM#u."VqJAL_yh7@P.VEMBV;/3Aq$SBz.6qVk$u+2\oK$=okfn4}P[
2024-09-27 23:47:16 UTC	394	IN	Data Raw: 47 4d 45 be ec 7e f7 b9 c2 13 74 f5 21 af f8 bc bb fc d1 17 5c 63 eb 72 da 47 3c cd f0 96 7d b8 2a ca 65 d9 c0 0b c9 a4 45 e1 76 ca 47 ed 19 73 18 34 19 2e 1a 3f 69 34 fd 38 40 49 0b 96 62 2b f5 8e b0 59 97 92 36 a4 9c 70 50 a7 41 0d 9a cd 2a 79 41 49 09 af 78 85 be f8 1c bf d7 13 7c 5e 72 c9 26 1b c8 7b 86 0f c9 c7 d4 75 9d 80 61 5d 15 65 c0 d8 cd 6a db 5a 64 d2 9e 62 94 e8 e8 94 8e 97 eb fa a8 39 a3 76 42 9d 00 3a ed 80 09 56 af 68 c3 ac e6 59 31 f6 a0 e1 47 89 e6 28 65 42 50 e3 e4 1d 83 16 33 66 2e b6 86 77 f0 77 8b a2 7c 80 38 39 49 37 07 f4 1b 97 e9 82 d5 bb c6 fc d7 c3 54 b6 03 94 d2 af 6c 13 38 a1 df f1 09 1b 37 6f 8d 5e 57 b9 c3 71 3f b5 d9 e3 fe 12 78 c6 11 b0 1e 51 ef 55 20 10 1b 9e e0 d0 46 54 6d ea 60 50 25 95 ab a3 96 05 84 47 3b cd f5 29 6d Data Ascii: GME~t!\crG<}eEvGs4.?i48@Ib+Y6pPAyAIx\|^r&{ua]ejZdb9vB:VhY1G(eBP3f.ww\|89I7Tl87o^Wq?xQU FTm`P%G;)m
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 13 89 ca f9 4e f0 41 a6 52 01 9b 7b a9 93 91 fb e9 40 cb fb 99 21 c9 37 64 c8 f2 33 05 d5 f9 45 1d cd 8f 13 8d e0 9f 53 74 90 fa c8 d0 09 09 4f 62 b1 ae 03 d7 81 e2 5e e7 af f3 c5 43 9b e1 70 58 3c 1e 45 20 a2 49 00 43 a6 60 a9 54 1c 8d 86 87 60 02 93 49 64 b1 48 88 04 e0 f0 08 92 7c b2 94 14 56 5a 9a 22 2b 4b 96 93 a3 ca 2b d0 14 05 90 50 89 ae ac cc 50 51 81 55 55 99 6a 6a 2c 75 75 44 2f a3 46 33 79 5b 00 bd ad 81 d1 ce e4 d1 85 db 6e 02 af a0 49 63 80 b0 83 04 59 47 53 c6 32 d6 2e 27 10 35 8d 1f ea 66 a9 17 f4 dd 08 75 37 c1 da 03 a0 ef 66 a8 bb 05 d2 1e 18 88 e2 2e b8 ec e0 cc 0f 13 4e cd a9 c5 9e c6 d3 8c 3a 2d a7 15 7d 86 90 fb c3 43 cf 48 cc e9 e0 6b 90 d3 79 ba 30 67 f4 99 88 55 df 59 63 e7 d6 e1 ce fa b3 15 7f b6 11 04 10 5c 70 c1 05 13 87 df 7a Data Ascii: NAR{@!7d3EStOb^CpX<E IC`T`IdH\|VZ"+K+PPQUUjj,uuD/F3y[nIcYGS2.'5fu7f.N:-}CHky0gUYc\pz
2024-09-27 23:47:17 UTC	4842	IN	Data Raw: a8 e0 12 97 d8 10 93 9c 94 a4 26 2d af 92 10 92 78 09 c6 18 6b 9c f1 c9 34 21 59 26 9a 24 d1 64 53 4c 35 2d 4f 1d 4c 80 43 49 4c 52 af d6 7e de 04 20 6a 24 50 0a 85 0a aa a0 52 03 8d 7a 1a 69 85 ae 5b 64 c8 94 25 4f be 02 45 8a 4d 52 62 b2 52 65 ca 4d 57 63 b9 15 56 5a 65 b5 35 d6 5a 67 bd 0d 36 da 64 b3 2d 86 1b 61 a4 51 e2 8c 4e 50 9a 3b f8 7e 70 e3 40 b8 8c 64 fe 0f 87 e1 48 55 cd d7 90 ce 85 f3 76 1e 9c 1d ce 01 e7 84 ed 06 26 1c e0 82 43 e0 50 38 0c ce 02 47 82 55 d9 0b fb e1 20 72 c1 b9 e1 3c 9d 09 47 80 55 80 48 72 cf 70 55 da 72 84 cd ab 66 34 c7 3c f3 2d b0 c8 b2 5a b1 63 3f c6 9f c9 2a a9 56 4b 0b 7f a0 81 67 78 aa 32 04 14 00 61 31 9a 7c f0 75 66 a5 18 dd 64 e3 d8 31 d7 ed be ab 40 cf 11 8c 4b 70 2a 00 ed 62 80 c0 d3 67 1f bb 34 11 3c 2f c1 70 Data Ascii: &-xk4!Y&$dSL5-OLCILR~ j$PRzi[d%OEMRbReMWcVZe5Zg6d-aQNP;~p@dHUv&CP8GU r<GUHrpUrf4<-Zc?VKgx2a1\|ufd1@Kpbg4</p
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 4e 1b 8d 63 14 8e 6b bf f6 6b 3b cd b5 5e e6 5a 56 b4 2c 3b 58 b9 59 78 2e f5 84 68 a8 c6 45 d1 5b d5 ca 76 b7 a0 85 cd 6b 51 8b 3b a9 25 9d dc d2 96 75 50 0b 5a d8 89 d6 c8 eb 60 dd 0a ee fb 2d b6 2c 6d b5 1a 3a 44 9d 7a 8d 1d 6a dc 54 45 9d 95 96 5d b2 4b 7b 3d 6e 4a ad df 85 89 fb ff 3a fe c4 21 10 39 75 c7 ff 40 46 bb 06 b0 35 b1 a1 d6 8a cb 38 b8 c0 83 08 32 28 5f fb b8 a5 6a 43 a9 55 cd f0 52 0f 3b d3 63 5d e8 4c 17 3b db f9 2e 75 b9 53 f5 cc ee f3 a3 51 23 02 26 4d 09 1a 33 6e c2 a0 b3 5a 7a 5c 4f 7e e8 81 48 77 43 bc fd 49 56 ae d1 eb 0f fd e8 bc b1 9a cf ed d7 db 5d 57 99 e5 5b 23 e5 57 4b eb 4d 3d a8 15 45 46 1f 23 9c c1 e0 02 8b b1 01 00 08 40 1c fd e0 2f b7 12 a0 a5 9b 33 a1 c4 9f 63 81 e4 85 c3 12 32 c8 e2 0d af 21 c7 d6 04 5f 55 93 8a 07 07 Data Ascii: Nckk;^ZV,;XYx.hE[vkQ;%uPZ`-,m:DzjTE]K{=nJ:!9u@F582(_jCUR;c]L;.uSQ#&M3nZz\O~HwCIV]W[#WKM=EF#@/3c2!_U
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 28 36 be e8 e9 4b 69 7e 53 51 da a3 9d a4 39 d8 78 4a 40 05 4a aa 0e 67 0e 47 54 97 60 6b a4 3b 47 0d df ba bc a6 77 db 70 3f 75 9c b8 4e 68 7b b7 a2 50 df 4f 8c 52 c5 bc 70 4c 82 9b 18 77 24 85 e8 6f d8 42 fa 5f 49 07 86 e8 56 b0 30 97 fe 79 14 d1 72 42 77 f6 82 53 9e 6f 47 15 ff d1 de 8d 7c 47 b7 e6 de 42 02 4a cf ea 79 78 18 4f 98 7b 8c f6 45 b4 12 b1 7d dd bd d1 d8 92 25 70 5a c3 06 b2 7e cb 36 33 9b a7 0a 84 9e 56 be 4a 2d 60 f0 d1 85 8b 5e 4b 4e 70 5e 5c 1e e8 37 ac 93 6c b3 cf b9 ea 86 6b c7 37 13 89 3a 40 22 1f f1 9e a8 6e e3 20 db fc df 00 37 28 ea 15 ba c0 98 86 bb bc 21 d0 ba ad 4b 92 32 6b a1 03 69 d5 38 82 6c 29 61 89 8e ec f0 70 bd 5e 31 b4 e9 b5 bb a9 38 1b 48 bc 32 56 97 58 5f 31 06 1a dd 67 54 22 11 af 43 cf 06 b2 c8 f1 f1 c5 5f c7 64 e5 Data Ascii: (6Ki~SQ9xJ@JgGT`k;Gwp?uNh{PORpLw$oB_IV0yrBwSoG\|GBJyxO{E}%pZ~63VJ-`^KNp^\7lk7:@"n 7(!K2ki8l)ap^18H2VX_1gT"C_d
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: a4 e2 6e 11 74 65 3c 6f 1f e5 ba f9 b4 4a 51 4d ad b0 0f 24 ad 5b 90 14 f4 33 ae 15 15 f1 ae 56 37 9f 15 e7 b9 4f 70 eb 17 c9 7f 4e 8f 45 81 1b 4e 1c 1e d2 b9 35 9b aa 03 bd 8d 0a e3 39 9e b1 04 67 0d 71 56 93 c2 1c d2 e8 bb d4 3f 71 ec 7a ed d5 11 ca 84 52 08 9f 96 15 0c f0 cd 43 de 47 3a e1 cb d6 78 1f 95 2d c1 eb d6 f6 db bb 2d de 04 73 5a 55 26 be d0 5e 71 9c 95 d9 b2 2c 2b ec a5 9d ce da f2 fc 8b dd 31 aa 6a 86 c2 84 d2 4b c0 18 97 89 9d a0 1b 57 b1 00 ce 39 8a 74 86 3e 84 93 c8 21 7e 21 06 e7 34 90 c3 58 79 f6 ca ca c6 ef c2 ca b1 02 29 d8 c5 03 ce 5e 95 e9 2c 4d a3 97 f5 82 35 3a 50 98 57 05 71 f0 45 01 ca dd 4e 9b e6 71 35 0c 72 b4 4a 36 02 49 aa be cf 0c 08 2c 5f 3f 92 9c d5 da e3 87 f5 73 2d 5e f7 4e eb 94 15 61 af 71 92 e6 32 4e f8 90 34 e7 d8 Data Ascii: nte<oJQM$[3V7OpNEN59gqV?qzRCG:x--sZU&^q,+1jKW9t>!~!4Xy)^,M5:PWqENq5rJ6I,_?s-^Naq2N4

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.7	49767	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	642	OUT	GET /S/content/fonts/Lato/Lato-Bold.woff2 HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:16 UTC	546	IN	HTTP/1.1 200 OK Content-Length: 211160 Connection: close Date: Fri, 27 Sep 2024 14:36:15 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST Last-Modified: Thu, 09 Apr 2020 14:30:12 GMT ETag: "743278852fdad61a73198bc74d529af8" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Origin X-Cache: Hit from cloudfront Via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: z7MBGIPt22TfaiEoFzW6dsEhErJU5C5psfHSWRZ6WFqRIxfxvRjiVg== Age: 33062
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 03 38 d8 00 10 00 00 00 0a 07 24 00 03 38 76 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 8c e8 0e 1c c8 6c 06 60 00 a9 26 08 81 66 09 97 17 11 08 0a 98 aa 20 95 f0 11 0b de 40 00 01 36 02 24 03 de 3c 04 20 05 ae 16 07 20 0c 81 39 5b ba 39 d9 b0 e5 d3 ab db 39 fb 76 df ed be 7d 8e 5f f6 72 ad 73 4d 54 39 6e 29 88 2b b8 80 50 71 04 44 11 3f 89 d2 00 0d a8 05 fd 9b a8 a8 01 54 b5 31 f2 9e 26 49 0b 80 aa fe b6 2d 9d 05 19 32 dc a5 e4 09 af 5d 29 6e aa 1d 23 1c e0 48 7d ad df d8 14 a8 3a b6 f7 78 e9 12 9a 74 8e 6d 89 c8 0d 94 8e 06 c9 fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 7f c7 f2 9f e7 6b d3 7b cf fb 8f 7b df 7b 7f fe 2c 2b db 0c c3 c0 b0 0c ab 20 9b b2 84 Data Ascii: wOF28$8vl`&f @6$< 9[99v}_rsMT9n)+PqD?T1&I-2])n#H}:xtmk{{{,+
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 00 00 00 c0 97 ec 19 e1 e0 4b f1 23 18 29 d1 15 f2 b6 19 72 b4 f5 2f b8 ec 8b ed 4a f6 a8 d8 77 26 90 e9 81 c2 65 96 e3 2d a5 2c 93 c0 fb 69 10 3d 65 40 92 48 51 7a 5b 56 36 df d6 b4 df 3c 72 5f af e1 de fc 44 ee 52 3c 1e c7 60 82 24 09 e5 0d 8a 64 82 79 4c f3 27 05 ad 70 9a a2 60 91 b4 c5 20 4b ce 94 6a 65 30 cb 53 41 65 aa a4 fa 17 35 e3 5a 36 bf 94 b4 2e a8 a1 a5 ea 71 36 24 8d 8a ce ed 4d 6e b5 26 90 0c cd d3 4c b0 2c fe 00 8c 18 b5 3d e5 7c 68 56 46 4e da 39 21 17 2e 7d 2e a7 74 5c 13 88 ab 72 b3 e5 5a 3c 78 cb c7 0c fc 2c 44 3c a8 f2 cb 26 70 56 10 97 90 c5 30 21 11 6a a2 89 ed 8a c3 92 98 24 25 f5 d6 a5 27 9a 21 29 46 b6 d8 24 f3 4c 56 07 a7 f0 f8 12 9e 8d 08 2b 69 cc 85 f7 2e b6 e2 5d 43 e2 1d 96 91 bb d1 92 48 54 fa 2d b2 de 6d 8c 51 39 f3 78 40 Data Ascii: K#)r/Jw&e-,i=e@HQz[V6<r_DR<`$dyL'p` Kje0SAe5Z6.q6$Mn&L,=\|hVFN9!.}.t\rZ<x,D<&pV0!j$%'!)F$LV+i.]CHT-mQ9x@
2024-09-27 23:47:16 UTC	12288	IN	Data Raw: cf 0c dc 30 9f 83 da 10 2f bc e3 99 17 2e 3c 6c ff d5 cf 1a 28 19 5d 80 0c 92 24 49 06 5d 3e f1 94 43 3a d5 52 dc 06 ef d8 c5 d1 35 d7 1f e2 62 e4 14 38 66 05 91 c1 9d c8 d7 fc c0 df 2e 5d 0e 04 84 60 04 c5 70 82 a4 68 86 e5 78 41 94 64 45 d5 f4 06 a3 c9 ec e5 6d b1 da ec 0e 1f a7 ab 0b 89 31 8d 2b 6f 08 b2 92 6c 70 e0 84 03 03 27 ea 66 f7 ce 8f 68 94 cf 04 06 7f 87 3e 85 48 bb 91 8b 01 b0 ae 3f 8c 0e bb a4 33 48 18 8d 89 85 8d 33 22 d2 88 06 78 23 e8 27 c9 3d 59 8d d4 80 5a a3 41 9e ff a6 ee 58 9e 97 4f c6 f2 04 52 4f fd f0 8c 3a 0f a9 1e 3b 98 c7 18 93 c3 8c fc fd 2f 72 56 68 00 b8 15 00 00 00 00 00 00 00 00 40 ed c0 82 a2 b4 69 e3 34 eb 7e 94 44 bd 44 d1 0c cb f1 b2 a2 6a ba 61 5a 36 bb c3 e9 72 7b e1 a5 cf be f8 fa 75 ea e3 f9 eb fd 34 3e 3b be 3b c3 Data Ascii: 0/.<l(]$I]>C:R5b8f.]`phxAdEm1+olp'fh>H?3H3"x#'=YZAXORO:;/rVh@i4~DDjaZ6r{u4>;;
2024-09-27 23:47:16 UTC	8949	IN	Data Raw: 33 2c c7 0b a2 24 2b aa a6 1b 99 52 5d 96 9b bb 87 a7 4b 6c cf fe d5 3e 48 33 17 35 28 c4 51 8c 6a 1c 6a ac e0 31 9e 73 c5 55 fa 95 62 2e 00 00 00 00 00 40 e4 d4 c2 b1 f3 0a fb bc a9 80 3a 3d 4e 4a 01 b5 cc d1 a5 f4 69 d5 20 cc 75 9e 38 79 6f 0a 75 ed 2d fc d8 d9 37 ee b6 6f 4f f9 4c 7e d3 c9 88 4b 84 89 44 94 89 59 20 21 ba 3d b4 be 67 db a6 14 0d 2e 5a c9 7a 48 2c 4f 71 54 da d5 d9 ad 9d 38 8e b8 a8 e8 65 b9 74 d8 4d d4 1a 51 a7 29 cd 3b 9b a4 45 5a 45 2c 6d 48 b4 93 92 e9 68 9d a8 d3 95 6e e9 91 5e e9 73 d2 6f a2 30 a2 2e 46 71 82 83 83 50 05 57 55 ce 82 a5 af 69 d6 0f 1c f0 9a 2b 5a a4 65 6b a3 19 13 50 09 67 ab 24 9c 64 65 f3 c4 a4 78 23 d9 f1 cc 86 55 54 6e a1 e7 44 b1 5c 67 ca a7 12 38 ef 67 3b c2 e8 98 64 77 31 fa 38 61 f5 50 55 66 4e 12 e5 2f 83 Data Ascii: 3,$+R]Kl>H35(Qjj1sUb.@:=NJi u8you-7oOL~KDY !=g.ZzH,OqT8etMQ);EZE,mHhn^so0.FqPWUi+ZekPg$dex#UTnD\g8g;dw18aPUfN/
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: a1 73 60 ea c8 1b 8f 42 34 3c dd d8 ed d2 eb d8 e5 83 c0 f1 d7 b4 21 74 c2 59 81 86 47 e4 9c f9 07 30 a9 ac e4 3d 2b 9a 0e fe 0d d7 f8 48 5d 45 db 4c cb 2a 80 e3 dd ad af 0c 35 6a 02 0b 97 f3 ae 17 a5 e8 fd 85 7b c5 19 de 4a d4 9b c7 4a 6f 0d 9e d4 f4 af 8b 52 c9 fd 52 39 68 f2 18 00 a6 66 5f 9c 48 eb eb 66 43 dc 62 60 91 52 0c 0d 68 71 31 b2 00 5c f8 ba 20 dd 47 d2 66 13 42 7e 66 04 01 37 68 04 8f ea 05 01 76 78 68 53 cc 70 9f 85 b5 7e e1 8b 2e 12 95 08 46 73 fa e1 cc b9 52 4f 17 e1 14 3d 64 b8 4a 63 0d 1b 53 e5 a8 b3 6a cc db 65 ee 4e a0 07 f3 9e 99 3e 47 62 c0 a0 e8 78 ed e9 f1 76 21 7c c7 ef 7f a5 f1 4f 6f ab 13 98 81 b6 87 ec 39 c4 36 eb 21 5c 9c cb f7 7a 73 65 6d 6c 30 71 12 24 4e d2 ae 99 15 f7 60 6d 4b 9b 4b 75 cc fa fc 39 92 be 59 ce 80 8c ca 2d Data Ascii: s`B4<!tYG0=+H]EL*5j{JJoRR9hf_HfCb`Rhq1\ GfB~f7hvxhSp~.FsRO=dJcSjeN>Gbxv!\|Oo96!\zseml0q$N`mKKu9Y-
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: aa ec 9b ef 2e 1e be 2c 9d b0 02 ab 89 b8 4c 8a a3 6f 44 93 45 3f e3 82 38 cf 1e e7 19 70 9e 41 e7 19 71 9e 21 e7 19 76 9e 51 fd 8c 49 e1 3c 13 ce b3 d7 79 a6 f4 33 2d 82 f3 cc 88 01 44 e7 78 72 b3 cf e7 e6 92 e3 50 2f 07 2c 6c f0 e0 15 05 95 52 90 2a 12 d3 8b 42 eb 09 fc 85 00 b8 28 c4 9d 8a 2a 87 a4 d3 50 74 68 44 7d 69 dd ae 97 fd f1 f4 db e4 61 9f 43 4f fa b3 e7 d9 fb ec 7b f6 ef 67 e3 a7 9c 83 c1 e1 70 58 1c 1a c7 8a 63 c3 b1 03 fe 00 02 06 7d 61 cd 8e 17 a9 db c0 7e b6 a3 6c 70 e2 10 38 24 0e 85 83 70 7c 9f e8 38 5d 70 20 78 2b 08 93 66 c2 cf 1c 61 e8 02 c0 91 29 b0 08 60 e0 53 a1 76 54 66 ba 02 4b 00 3e 62 28 fc 30 3c 3a 14 ed 03 02 82 c3 3d d5 68 36 05 90 1d d8 63 99 37 0e 4c 0f 2e 2c 88 3b 3e 13 f5 e9 f8 c6 24 48 b6 80 10 08 04 0a 89 40 ee 05 31 Data Ascii: .,LoDE?8pAq!vQI<y3-DxrP/,lRB(PthD}iaCO{gpXc}a~lp8$p\|8]p x+fa)`SvTfK>b(0<:=h6c7L.,;>$H@1
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: f5 3e 4f d4 9e a3 af 51 3d d9 91 14 d4 5d 5c 1c cd 3e 2b 20 69 4b 42 58 ce c8 0a d9 67 ae 17 4c 5e b5 32 92 5b 4a f4 f3 cd e5 03 cf d2 b0 92 f6 ae a4 b3 03 66 85 6e d0 7c 88 71 b7 94 2c 46 58 5c 55 6b 5d b3 69 ce 5e 87 6b ac 1f 27 f4 38 a5 ab 6f 0a d7 95 5f 66 9d 3e 6f 22 80 fd ea 52 e3 91 b2 25 9b 9f 58 17 87 4a ac cc 42 dd 59 50 3a 07 a4 a5 ac c7 2c 05 63 5a e5 b7 70 ea 17 fb 34 c9 71 e6 7f 28 dc 11 fd 0a ae 49 78 8a bc bc 2e 1c 79 62 34 59 bd d7 4d 2d 44 2f 74 c6 6b 42 b8 8c 0b d8 85 e4 ef f9 72 f6 b9 da 43 07 dd 70 0c cb 50 cb d6 ea 21 de 8f 01 c1 12 b5 1c 1e 83 96 fd 8c e9 79 91 f4 a5 6a d0 b3 f7 a4 5b e0 cd c0 4a 4c c7 ce 5d 0a 14 7b 36 d8 99 67 ea ed 10 1c de 0c e6 9f 49 2f c0 f2 47 d7 89 55 0e 1b cd 23 b2 3a ae 6a 63 f8 fb 0c 03 ad 86 05 7b a5 e4 Data Ascii: >OQ=]\>+ iKBXgL^2[Jfn\|q,FX\Uk]i^k'8o_f>o"R%XJBYP:,cZp4q(Ix.yb4YM-D/tkBrCpP!yj[JL]{6gI/GU#:jc{
2024-09-27 23:47:17 UTC	3028	IN	Data Raw: 59 e4 80 e9 55 63 3a e8 e8 f1 53 06 b3 89 cd e0 ea 13 ef cb 7d ed c7 15 76 fc 79 a7 5e eb df 1f 24 d4 00 dc 70 e8 cf 46 19 ee 02 40 13 fe 1e e9 f2 07 23 08 a8 71 e4 eb 9f 58 3c 79 de 07 e3 32 7c e5 c2 03 4b 3b 3c 09 f1 ca 18 b6 ee 24 08 0c bb 0e ef 7c b1 32 d9 03 25 37 cd 40 2a 7b 72 88 60 cf 70 03 01 da 34 ec c1 43 9b d7 0d a2 4e da 1d 94 cc c3 76 b6 3e 13 7f 66 d2 78 5e 42 47 85 19 df 15 35 3e 51 13 fe 0b 34 3d 1d fe 35 ac 87 fd 4b 55 bb 87 8e e7 42 27 5b 6e 26 61 36 40 99 80 4f cb 37 cf 95 7b 6d 3a 9a 76 5f 15 16 49 b9 4b 08 ff ec 0e 41 fc 40 6f 18 41 cc b4 98 9d 8f a4 ce ea a1 36 18 e0 22 84 08 9f 73 46 7c 8a 70 e8 8e 3b 4f 6b 35 b4 03 72 c2 5e 52 0f ee 85 33 eb 97 10 63 3e 43 64 c0 3d c9 cc fa a6 27 e4 f3 bf b4 52 01 56 ef da f5 8d c7 43 56 c7 87 6b Data Ascii: YUc:S}vy^$pF@#qX<y2\|K;<$\|2%7@*{r`p4CNv>fx^BG5>Q4=5KUB'[n&a6@O7{m:v_IKA@oA6"sF\|p;Ok5r^R3c>Cd='RVCVk
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 85 0e c4 39 5f 82 77 ce 93 5d c5 2f af 53 52 57 55 e4 21 af 35 ec 00 8c 5b 06 a1 8b d3 5f a6 fc d2 3b ef b3 c3 2c 4e 36 f2 76 d3 bc 12 db 40 01 63 90 e7 89 74 70 74 d0 31 cd db 6e 36 14 a7 be 0a e9 83 9e 3c ba 34 0a d8 cd f3 40 5f ff 54 2d fb 58 34 b4 29 78 3d 3b 27 70 db 63 c0 71 e2 e9 ed fd eb b2 8f 43 87 37 6a 3a 27 bb 88 3d 2e 8c 52 b5 70 ef 36 2d 27 fe 96 55 cb e3 55 93 64 33 73 13 b4 69 e4 83 36 10 f9 15 33 8f 1a 14 5e 2e 52 6b b3 1b 17 ab 0b 62 66 82 1e 62 8f 2a f7 9a 25 95 0a b7 49 1e 80 1e f8 5a 57 f5 33 ef 2a 0f d0 86 0d 8b a6 f6 47 4a 4a c3 e0 69 85 4d 1c a8 b4 49 ad 2f 25 9e 27 3d ac 08 8b 69 35 b7 b9 7d ad 8f 2e 24 1b 3d b7 46 fd ad dd f9 3d 2c 01 fe 26 0b 3a 7e fb fa bc 8c dd bd 45 21 e9 d8 5c 2c 70 78 30 1c 34 b7 2a 9d 3c 70 54 46 12 50 51 Data Ascii: 9_w]/SRWU!5[_;,N6v@ctpt1n6<4@_T-X4)x=;'pcqC7j:'=.Rp6-'UUd3si63^.Rkbfb%IZW3GJJiMI/%'=i5}.$=F=,&:~E!\,px04*<pTFPQ
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 21 23 53 88 93 a7 3c f6 d7 4d 4e 4d bd 23 53 04 f2 56 fc d0 f7 22 58 1f 9f 11 0f 56 7c a0 52 57 d0 dc 94 d9 36 1e 59 27 95 cc 52 9e 5f 53 23 59 3a b4 14 ea cf 59 ec 49 c7 b8 27 ed c5 64 b9 0b d1 6a 34 22 5a e4 ce 10 45 2c c9 a1 00 ff 89 e2 75 dd 2a 77 e5 90 29 cb 5f 38 2f 2a de 8e 2c e7 c6 1e df 60 2b aa 38 64 29 5c ae 3a 5e 9d aa ba d0 de 78 48 90 14 dc 20 9a 8f cb 3d bf db ea ea 49 54 70 38 e5 80 12 cd 35 20 6b 8c 1e f6 60 46 d0 11 6a 51 c7 51 aa ab 9c 33 e0 cf 41 d6 70 4d 2a 34 8c 70 0a 47 bc 11 3f d8 3a 9b ef 35 74 cf 70 8f 4f 6a b5 ba 0b 3a ca 14 f3 67 13 2b a7 79 61 fc ac 74 23 69 d6 d7 f7 bc 51 2f 2b 9d 17 5a 6b 49 e0 64 ad 62 26 74 c4 b5 b4 3a 75 8b fd ba a1 0d 76 a1 8c 11 d3 9d 03 66 1a 06 fa 4a 83 b4 07 e2 0f 9b e8 5b 38 8d 69 c4 ca 5f 91 1a 0c Data Ascii: !#S<MNM#SV"XV\|RW6Y'R_S#Y:YI'dj4"ZE,uw)_8/,`+8d)\:^xH =ITp85 k`FjQQ3ApM*4pG?:5tpOj:g+yat#iQ/+ZkIdb&t:uvfJ[8i_

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.7	49764	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	645	OUT	GET /S/content/fonts/Lato/Lato-Regular.woff2 HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:16 UTC	545	IN	HTTP/1.1 200 OK Content-Length: 28440 Connection: close Date: Fri, 27 Sep 2024 14:36:15 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST Last-Modified: Thu, 09 Apr 2020 13:54:30 GMT ETag: "1031840a9580bcc9b1b83a047f2282b4" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Origin X-Cache: Hit from cloudfront Via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: iIpna1Fa6na-X6-q_YoK4_NS4vsP0sjzkpOZL4RYs4JyXHlDyMeoqQ== Age: 33062
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 6f 18 00 10 00 00 00 01 26 60 00 00 6e b9 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b a8 7c 1c 81 7c 06 60 00 82 74 08 2e 09 8d 65 11 0c 0a 83 e1 70 83 c0 69 0b 84 28 00 01 36 02 24 03 88 38 04 20 05 96 6a 07 86 5e 0c 4b 5b 98 12 71 41 dc b5 5f 22 b7 83 9d 66 be 6c b0 82 8d ab d8 6e 67 9b 6e ef c5 80 99 c1 18 e3 00 0c f8 6c 2a fb ff ff b4 a4 32 c6 f6 a1 fb 01 10 b1 b4 54 2e 51 77 78 48 19 81 30 e1 21 38 4a ad a5 a0 75 6d 23 0f ed 3e 8b 72 cc dd ed 21 84 cc c4 f0 20 1f 71 17 0d 51 17 fd 8a b6 ea b6 9a 49 4f ba 89 4a 10 13 95 98 a0 c9 1c 8d 6e 97 20 fb 13 fd 5b 59 91 6c 76 9c f8 23 58 5b 4f 4d 9d 4b 17 54 6c c8 6e ee 81 6a a2 06 8a cd 2e 34 db 6b 7f 88 ff d2 1f 96 53 3a 6e a6 d5 bd 90 6e 91 10 95 Data Ascii: wOF2o&`n\|\|`t.epi(6$8 j^K[qA_"flngnl*2T.QwxH0!8Jum#>r! qQIOJn [Ylv#X[OMKTlnj.4kS:nn
2024-09-27 23:47:16 UTC	12056	IN	Data Raw: 6f 88 57 39 df df b5 7b da 15 f5 f3 b2 ab 18 3f 88 b9 7b 02 80 76 0f ff 31 ba d3 a0 7d 1e 9b 9b 67 e3 38 b0 1f c7 07 b4 12 fb 39 c1 fa 22 ca 6b e0 15 cf 15 8d f7 d3 3c 9e 02 32 f5 1e 65 43 3f 5b bc 1f 27 2a 08 68 f7 d2 d8 2f 03 e2 33 dc a7 16 a8 fe b3 26 d3 7c da 58 6d c0 a3 f7 40 d5 fd 5c 27 67 8d e6 3b 7c c0 fe 02 1a cd bb ce 06 56 70 c8 5e 01 56 7e c8 3e 06 56 28 61 da 21 c2 fd 19 cb c1 44 ab 41 99 ea a3 6c e8 00 fd 37 50 c7 83 80 e6 4b e3 6e ea ff bf 1e d0 c1 d4 00 59 58 18 45 fa ce 8b 35 c4 d3 45 e6 7e 67 39 bd 86 6d c4 ba 4b 2b c9 72 21 df 6a f7 5c 9f 48 0e ff ac 01 dc 0b 9b fe 51 ac d3 08 fc 37 cf 2f 6e a9 fe 97 86 01 d2 f8 1b 88 8f ff b9 d5 de be 60 8f 0f f7 77 b7 37 d7 97 d3 d5 72 ea 9a b2 90 be ee 4b ff f2 c5 11 ce 47 51 ff 44 06 dd e0 26 73 ed Data Ascii: oW9{?{v1}g89"k<2eC?['*h/3&\|Xm@\'g;\|Vp^V~>V(a!DAl7PKnYXE5E~g9mK+r!j\HQ7/n`w7rKGQD&s

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.7	49768	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	646	OUT	GET /S/content/fonts/Lato/Lato-Semibold.woff2 HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:16 UTC	546	IN	HTTP/1.1 200 OK Content-Length: 213284 Connection: close Date: Fri, 27 Sep 2024 14:36:15 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST Last-Modified: Thu, 09 Apr 2020 14:29:03 GMT ETag: "3b2be91477b04924b538786080ff371b" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Origin X-Cache: Hit from cloudfront Via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: aemZh15RzRkPod_25BG17XSrqw3d5DUIHtQDvgwDFeGw7AfU8PL_Sw== Age: 33062
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 03 41 24 00 10 00 00 00 0a 36 2c 00 03 40 c4 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 8c ec 06 1c c8 6c 06 60 00 a9 26 08 81 66 09 97 17 11 08 0a 99 83 1c 96 b4 42 0b de 40 00 01 36 02 24 03 de 3c 04 20 05 af 2a 07 20 0c 81 39 5b 77 5e d9 bb 9f 7d b5 bd 37 30 5d 5b d5 3b d5 33 b4 32 a0 e0 22 0a 88 20 89 31 22 04 c9 aa b0 46 8e e0 1a cc 71 c5 e8 c7 85 e8 ea fd a3 6a 63 e4 09 49 9a 02 28 a8 ef 76 86 14 c8 21 c3 2e 2c 00 76 6a f5 7f 3a c6 c0 03 03 87 42 59 f6 5f 4f 02 4b 19 6b ef 65 b2 f8 61 19 a2 8f 63 0f aa 28 95 f8 ce fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 7f b3 fc e7 f9 da f4 de f3 fe e3 be f7 fe 9f 3f 3b cb 0c 03 33 bb e0 00 a2 20 38 30 b2 Data Ascii: wOF2A$6,@l`&fB@6$< * 9[w^}70][;32" 1"FqjcI(v!.,vj:BY_OKkeac(?;3 80
2024-09-27 23:47:16 UTC	10463	IN	Data Raw: 3e 69 34 98 c3 ec e9 34 e9 87 ab cc 43 07 72 2e 59 34 6d e1 f7 3e 47 19 0b 6c 16 77 e3 02 a1 e3 30 e8 fc 93 99 04 8d f9 44 62 a2 2b 47 77 c7 49 4b 87 99 2e 95 a8 79 e3 25 55 78 39 55 ef a0 1c 86 fe ac 50 b9 5d a3 90 14 16 79 c6 0a 33 ed f2 ba 5b 85 97 77 f0 ce 54 79 db bb c9 74 31 8d 97 97 97 97 97 97 97 97 97 d7 65 06 00 00 00 00 00 00 58 00 00 3c 3f b4 79 9a c2 dc 04 49 d1 8c 4c ae 50 aa d4 1a ad 4e 6f 30 9a 32 43 cf 61 00 42 30 82 62 38 41 52 34 c3 72 bc 20 4a b2 a2 6a 7a 7b 0f da 47 0c 99 82 38 58 e9 02 39 f3 29 cb 5f 70 e1 e4 cc 27 d1 48 57 22 f3 8c 0c bf fe 84 93 99 fd a2 e6 6e 4a 6f 19 51 27 3f 09 14 84 44 a5 49 f1 f1 1a e5 be 3d f9 4d e9 bd f4 d9 32 74 3d a0 80 22 e0 02 e0 da ed a6 8a fb c4 03 cf 69 b4 1c 5e 92 78 4b 81 39 e3 a3 7c 51 f8 c5 9f 80 Data Ascii: >i44Cr.Y4m>Glw0Db+GwIK.y%Ux9UP]y3[wTyt1eX<?yILPNo02CaB0b8AR4r Jjz{G8X9)_p'HW"nJoQ'?DI=M2t="i^xK9\|Q
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: bc 46 dc 14 40 1b c0 7b da 57 07 7e 5d 41 5c 84 26 fa 99 98 bc 2b 01 cc d1 44 51 da aa 0f 2b 5f 67 9d 57 b3 54 d3 3f 95 e9 93 a3 d5 c2 42 cb df cc c5 21 b8 bb b8 ae 7c ed 5e 1e df ea ea e3 72 bf 81 79 91 46 4b 5d f2 4a 64 3b fa 67 6f c9 d8 96 e9 1d 1d b1 c3 df 05 ce 15 a7 15 e4 19 46 01 c2 b4 3f 9b af 05 51 f6 cb 5e dd 6b 5c ad 60 69 ad 42 eb dc b1 fa 69 9f ad 8f 04 1d d0 0c 42 30 82 62 38 61 1b ef 4c 0e 2d 24 2a 1a c3 72 bc 20 4a b2 a2 6a ba 61 5a 18 80 85 fc b5 36 1d 14 33 9a c8 28 34 c3 72 e5 fd 35 1a 46 92 ad b6 de b4 6e 97 63 f7 09 13 63 3f eb 04 79 07 d1 3b 26 d6 b8 d5 d6 aa c1 ae 81 db d1 b7 c7 db 3b e8 52 76 f5 28 57 e0 a2 2d 04 23 28 86 13 24 45 33 2c c7 0b a2 24 2b aa 66 32 5b ac 9e 5e ba 61 77 38 5d a1 21 12 10 4b 00 a9 23 30 88 07 46 d0 56 3c Data Ascii: F@{W~]A\&+DQ+_gWT?B!\|^ryFK]Jd;goF?Q^k\`iBiB0b8aL-$*r JjaZ63(4r5Fncc?y;&;Rv(W-#($E3,$+f2[^aw8]!K#0FV<
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 02 69 24 17 96 9b b7 ea 77 6b f0 d2 66 0b 5a cc 84 74 7f 65 cd 78 77 16 7c 12 52 07 11 63 f2 03 00 00 00 00 00 00 00 24 06 42 9b 85 08 b7 9a 7f 88 6a 7f 50 e1 46 82 a5 69 ef bd dc 6f 07 0e 1d 39 76 e2 d4 99 f3 44 9e 61 1c 54 3e 29 90 0f f3 48 43 d0 27 d0 fa 64 9c e0 35 99 b4 4e 07 91 31 32 57 94 22 8b 05 e1 af 8c 53 c9 c6 69 14 eb 2a 28 14 3c 44 b6 f9 22 a9 d4 f1 46 ef 52 3b ab bc 96 6b 2e 55 3b 6f e7 16 54 dc 2d 4f 11 ee 02 d1 51 55 69 64 3a a2 8c 6c 5c aa 00 00 20 e2 bd bc f2 ba 81 e3 9c 86 aa c2 cc 6d 7d 64 80 06 c3 94 df 4d c4 78 54 67 32 d6 a9 03 2a 20 08 c6 24 38 41 52 74 c5 2c 54 24 00 84 60 04 c5 70 9a 61 39 de 25 88 92 ac a8 9a 6e 98 96 ed f8 57 45 19 9d 74 02 20 18 41 ab 8c 05 6e b1 da 08 92 a2 19 96 e3 05 51 92 ed 3e be 7e 49 31 cb 84 48 b7 6e Data Ascii: i$wkfZtexw\|Rc$BjPFio9vDaT>)HC'd5N12W"Si(<D"FR;k.U;oT-OQUid:l\ m}dMxTg2 $8ARt,T$`pa9%nWEt AnQ>~I1Hn
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 19 d4 bf 21 79 34 2b ea ba c3 fa 1b 65 55 1f 50 ec 40 50 48 d6 a0 a6 21 3f 86 03 f3 79 31 60 07 71 65 96 30 1d dd 48 2e f6 46 e8 b1 6f b2 ef c3 cd ac b3 0d 0b db b3 a9 9f 13 38 91 01 1e e7 05 86 78 69 a9 9b 57 75 8c d7 ab 1e de e4 2d c6 79 a7 ea e3 7d 3e c0 cf 57 f7 0e f2 03 c2 4c a8 c2 c6 2d 35 34 ae 55 c6 bc 3e a2 a2 6d 73 ee 53 29 cd eb 5a b1 5d 90 ce b6 53 b9 9d e7 b6 f1 3e bd 43 45 0f bd 53 92 ae 76 97 6a d0 3d aa a7 7b d5 9a dc 37 19 37 df af 6e f4 a0 ac 5f e7 21 d9 d8 27 25 5b 8f fb e7 07 f5 79 ed 40 fd 30 36 8c ad 6d 84 3e 57 8d 6a ce 6d e3 a6 35 d2 94 cd 79 db b4 fd 62 33 4e 7f 97 cd ba 38 5f e7 1c 3d 25 1e 8c e5 24 3d 9a 03 1e 18 02 06 88 60 10 18 90 0f 09 41 02 64 f4 10 26 80 8a 03 f8 e1 12 00 7b a4 70 90 8f 5a 38 d4 a3 75 12 ca 79 74 0a da 79 Data Ascii: !y4+eUP@PH!?y1`qe0H.Fo8xiWu-y}>WL-54U>msS)Z]S>CESvj={77n_!'%[y@06m>Wjm5yb3N8_=%$=`Ad&{pZ8uyty
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 95 6a c9 d7 ac 4a 0b c2 4c 6c 01 67 f2 ca 5d ce 44 a4 4c a1 98 f2 67 44 e6 87 eb 92 52 d9 88 2f 4f e8 72 ca 6a a0 ab 64 b9 32 90 b7 6c e0 45 e5 70 6f 24 03 f7 29 40 a2 96 07 00 42 fc 6c f4 93 7b 8f 21 18 3d f0 a5 ab a9 08 b3 15 ca 5b 74 62 9d 2c 57 28 be ee aa a5 9c 8e 2e 1c 06 29 fe e1 92 7d 8d 69 1c 99 6f 65 58 e1 f4 a9 40 3f 36 2e ae 6d b3 a5 9a fa 18 55 32 f2 bc fc 85 0e f2 60 69 8a 7c a5 af a0 92 02 9d 04 25 a4 ca 52 9c ad 5d fe 63 8d 94 40 90 8b b3 55 c1 2e 93 3d ab 5d 66 cc 6e b0 6d 38 68 6b 7a f1 67 6e 47 42 a8 a2 dd 55 28 18 0e 9f 4b 69 0c 2c f9 08 04 49 95 34 9e 6d d2 25 a2 80 05 96 52 0b 83 4e 64 cf 7f d0 20 3f d8 be 8a 02 b5 56 af 55 f6 11 cf 87 4f ff 2d 2c e9 ad 95 99 e1 0d 6b d9 65 76 2f 7f e0 77 c7 6f ae 9b 32 40 2c 1f cb fb cb 31 db bd c3 Data Ascii: jJLlg]DLgDR/Orjd2lEpo$)@Bl{!=[tb,W(.)}ioeX@?6.mU2`i\|%R]c@U.=]fnm8hkzgnGBU(Ki,I4m%RNd ?VUO-,kev/wo2@,1
2024-09-27 23:47:16 UTC	15005	IN	Data Raw: 1a c3 b0 29 db 16 97 9f 1f 3c 6d 29 93 13 0e 4f 4a cb d1 7c 8d c1 7b 2c 44 04 e9 a0 91 26 79 1d 3e b7 e8 b5 24 00 37 9f ad 0e 90 65 66 7c 2a 4b 18 b1 f8 37 71 68 f2 85 c4 80 78 85 27 26 54 c3 9e cf 48 2b d8 c1 9c 75 91 e7 bd cb ef cd 60 be ad 18 58 78 78 d2 69 0b 03 36 6a ea f0 c9 50 e8 97 e1 bb 41 0b b9 4e b5 09 5f 6a 8b ac 8b eb 92 bd 0f b8 22 be 8c 59 14 67 99 22 18 5d 99 9e 14 c1 58 c5 19 6d 99 22 d8 5c 8f d3 c7 32 fc 17 f7 68 ab 62 b4 7d 67 a9 7a 84 af 98 b5 48 13 26 e6 08 0a 31 e0 6a d2 79 c5 cf ad d9 e6 a8 9b 50 38 5d 77 6e cc d7 d4 d2 f2 0d 8c 92 c6 84 75 8e 8a 34 40 f7 e6 54 03 75 49 cf f6 1c 5f 5f 7a f7 54 09 2c 4b ba b6 fb 3e 22 92 b6 48 c2 b7 bf 33 ed 1f 5e 5e 0e 24 c1 01 b7 a0 4e 61 d2 36 24 fd d4 ad d7 d7 e9 c0 0e 97 73 d5 48 4b 0e 8f 08 f2 Data Ascii: )<m)OJ\|{,D&y>$7ef\|*K7qhx'&TH+u`Xxxi6jPAN_j"Yg"]Xm"\2hb}gzH&1jyP8]wnu4@TuI__zT,K>"H3^^$Na6$sHK
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 73 5e a0 d9 d9 18 d2 0b ab 4a 35 63 48 ec 8e 67 f0 d0 5e ea 4d ea ca d6 21 84 6b df b7 8e f9 1d ce fa 11 92 1b 98 bb 62 2c 57 83 5f b5 1d 76 cb bb cc 78 2e 3b 83 35 cb ec a7 5a 81 d3 ee 19 4b be 83 48 b2 e4 8f bd 32 88 37 4d b5 63 e6 f7 53 11 21 58 54 06 7a 41 66 24 08 21 43 12 3c b7 6e cf 53 ed a5 48 c7 32 4e 66 c1 a7 e5 4f ff ea 60 ef cd 98 a8 86 ff 17 6e 85 80 fe 75 ce c5 b9 0b 6f 38 f9 ce 28 9a 90 2d e9 ad 0f 9d 8c 5f 88 6e 5d 15 62 c3 e6 9f 79 21 3b 09 5d 3b 06 e0 99 fe 49 62 8c 96 16 64 42 20 a3 50 b7 a8 bb 98 92 76 9f 46 5a 5b 69 9a c2 61 c9 e1 f8 02 b4 47 a8 17 1a cf 65 69 ed 2b c3 1b 09 68 86 34 cf 15 24 bc d2 d8 54 37 51 c7 af d1 09 d9 05 ba 10 c7 98 ea 56 6c 51 0d db ab 0f 96 3d db 9a 8d d6 a6 72 67 cd 47 4f b3 4f d4 02 7b fe ea 60 32 ae d0 70 Data Ascii: s^J5cHg^M!kb,W_vx.;5ZKH27McS!XTzAf$!C<nSH2NfO`nuo8(-_n]by!;];IbdB PvFZ[iaGei+h4$T7QVlQ=rgGOO{`2p
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 90 dc 98 c1 67 0e f8 63 6e 01 b8 20 51 44 6b 83 e6 f5 3a bd 3c 92 32 5c db 75 c7 4b 68 f4 bd 3c 46 13 55 31 95 3d 83 bc c2 fe 0a f5 3f 93 0b 18 fb 07 12 93 96 7c 1c d1 8e d5 d0 73 a6 dd 30 6c 70 e8 a6 44 94 71 21 f3 5d df 70 a0 ea de ed 5d 92 ed 4a 59 2a 04 74 c9 08 4e 55 ac d4 59 02 28 07 6d d0 62 9a 07 7d 9f 56 6f cd 45 5b 37 3c 4a e0 48 90 ca a1 a1 e6 2d b5 2c 04 98 fa b7 5e 78 ac 70 2b 3a 2c 0f c2 10 bb 91 27 0c 22 c9 7c 42 d8 a1 e9 c4 da 4d 81 4d c8 78 2d 1c 65 8d 55 fc 94 17 f6 66 73 47 34 ce 6e c4 2e 75 e4 5e 56 88 13 da 8b 9c f8 19 a1 d4 0a 4c a4 8a d4 b7 3c 49 19 e9 5b 44 42 09 eb a2 91 c6 f3 81 ed 3d c7 e2 e4 da f4 b3 02 4a 0f 36 8a 3e 6b 08 e8 33 b2 bf 6b fd 13 bd d7 1d 33 98 1d e1 6e 27 e8 95 70 e7 26 79 10 e6 19 93 24 09 ec 33 40 44 4c 29 17 Data Ascii: gcn QDk:<2\uKh<FU1=?\|s0lpDq!]p]JY*tNUY(mb}VoE[7<JH-,^xp+:,'"\|BMMx-eUfsG4n.u^VL<I[DB=J6>k3k3n'p&y$3@DL)
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 62 d2 a2 83 00 59 23 bd f6 28 b6 3a c6 52 65 64 43 c5 93 30 92 79 df 74 90 61 ef 09 f3 f1 de f1 63 26 59 b0 97 97 2f 4f 64 4d a0 d5 cf 78 04 2d 8c 18 ba 88 a6 63 9b 2b 9a 85 68 4c 76 a2 2c ef e2 2e 45 12 94 65 cb ae 2f a8 af a8 af d9 12 32 59 d1 e5 76 82 4a 15 63 49 fc fe af af 3d f1 05 50 72 d5 31 a8 c8 04 95 5c cc 55 0d c8 3f 91 55 94 b0 e7 fe c0 8d fc b8 37 07 45 99 35 4a 75 c5 7e 6c 82 85 d3 b2 0e bf 40 f6 53 df 53 b7 97 2f ae 97 9c ba 4c ee 97 df 7f 1c e3 bc 08 36 0d c6 ed 6f 9e 73 ff 85 ab 45 0e ef 82 32 bf 01 ff 18 8d 91 00 8a bc 7c 81 04 fe 09 14 d1 aa 16 48 fd 32 ad f2 64 65 6a 6f 75 c5 c9 8a 34 d3 ce ff fa f6 fa be b3 75 64 96 b3 66 97 91 e0 ce ae 78 e4 b0 cc 27 b7 a3 10 97 60 96 1f e9 ca c2 41 ca ef ca 24 e0 7b 81 2f b3 df 99 b8 16 84 d9 f3 b2 Data Ascii: bY#(:RedC0ytac&Y/OdMx-c+hLv,.Ee/2YvJcI=Pr1\U?U7E5Ju~l@SS/L6osE2\|H2dejou4udfx'`A${/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.7	49765	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	644	OUT	GET /S/content/fonts/Lato/Lato-Italic.woff2 HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:16 UTC	546	IN	HTTP/1.1 200 OK Content-Length: 231712 Connection: close Date: Fri, 27 Sep 2024 14:36:15 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST Last-Modified: Thu, 09 Apr 2020 14:21:48 GMT ETag: "fccd49e77f1d0fe7552d11ec3697a5c7" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Origin X-Cache: Hit from cloudfront Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: GlPI_nS2BeDtqiUXCyWm_EHtxE_NvDKo1u5m2UwitezJt35WBZzSMw== Age: 33062
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 03 89 20 00 10 00 00 00 0b 0a 58 00 03 88 c0 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 8c df 20 1c c8 6c 06 60 00 a9 26 08 81 66 09 97 17 11 08 0a 9c b9 2c 99 c4 48 0b de 40 00 01 36 02 24 03 de 3c 04 20 05 ae 2e 07 20 0c 81 39 5b 9b 1f da a7 9f d2 b7 cd 5b 3a db e9 94 f6 f6 ba b6 4b 20 86 40 6a 38 5c 10 22 88 9a 10 a3 20 09 82 08 fe 50 23 a0 e8 5f 4d 86 79 05 4b 92 9d 18 02 d0 f5 d7 31 01 2c 44 b6 e4 ae fb ae 0c 41 d5 35 24 af 1a 20 02 58 f4 b7 fd fc 12 21 72 dc 5d 11 d9 ac 78 01 3b 47 9b 22 aa 3c 9d 6f fb ec ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 13 cb 7f 9e cf cd ee 3d ef 7f ef 7d 7f cb f2 b3 90 85 d5 10 20 24 40 58 56 21 b2 89 1b a2 22 58 14 54 40 a1 28 Data Ascii: wOF2 X l`&f,H@6$< . 9[[:K @j8\" P#_MyK1,DA5$ X!r]x;G"<o=} $@XV!"XT@(
2024-09-27 23:47:16 UTC	1514	IN	Data Raw: c3 84 d7 9d f1 84 cb b5 67 d2 e1 a5 f4 ce d3 b1 79 3a fd 8e 66 d0 5f 8b d2 4f 3f e9 0f c3 f6 e4 3c 35 a0 ed f1 3c b0 41 02 d2 cf 96 e9 eb 3b da f4 b6 a7 be 11 bf de 51 ff b3 75 ac ef 98 a7 1a b6 ae 29 7f c9 70 c7 4b 70 95 72 e1 79 2c 79 5e bf 96 ac 12 10 96 64 b3 ac 43 1e 0c 62 98 8c d0 cc 37 5d c3 02 3e a7 ec 98 51 13 86 9d c1 a7 23 f0 7b be c0 69 15 3a 6d 42 3b 4a ef 1d c2 1d 63 2f 25 2a 51 25 37 81 dc 04 76 0b 03 27 26 57 69 d6 e9 98 56 13 ce 39 83 76 b9 76 2e 83 26 d6 42 dd f6 84 77 82 d2 31 e3 25 e0 a5 78 55 19 c1 84 45 83 47 07 42 00 93 10 4b 61 20 63 5a 13 b1 bd bf 07 9c ab 60 ec ba e8 73 4c af 76 8d e1 4d 70 5a 06 e3 72 4d 09 0b 65 d3 fe 41 46 7a 65 62 db 8f fb a5 33 78 4b 90 0f cc df 93 90 61 43 77 54 c1 12 7f 93 12 57 d2 07 64 b8 fd 33 d7 66 97 Data Ascii: gy:f_O?<5<A;Qu)pKpry,y^dCb7]>Q#{i:mB;Jc/%*Q%7v'&WiV9vv.&Bw1%xUEGBKa cZ`sLvMpZrMeAFzeb3xKaCwTWd3f
2024-09-27 23:47:16 UTC	16384	IN	Data Raw: 3a b0 cb c4 ac ae 69 e7 74 79 99 3b ed ae 62 71 91 f6 d2 01 a0 f3 a9 83 6e 54 07 e7 42 22 59 0c e7 1c 71 51 31 34 70 d8 ae a0 23 b1 93 01 9a a1 ed 83 ee 9a 71 b3 b3 60 91 b3 f8 c0 13 81 37 e4 64 99 8c 7d 4b e6 6b af f3 1c eb f1 23 e0 16 c4 9f 77 94 f6 8c 58 16 29 15 19 01 25 17 2a 3e 98 9a 8e 5e 85 06 55 2b 6e a3 f6 38 da 0b 23 a9 33 d8 4d d2 60 31 e0 c2 5f 81 18 53 e4 61 12 47 49 de a4 3a c5 30 e6 bb e3 70 e7 b8 5c a4 87 09 0f 8b 6e c6 b8 d2 2b 19 9b 52 fa 49 a7 55 fa b4 31 2e 41 18 ba d2 d8 68 5b 82 97 c3 28 50 20 30 a4 04 a8 0d de 4b 98 50 5c b5 84 8a f8 53 07 89 41 a5 2d 48 57 bd 98 a8 14 5d ce e0 8e b2 dc 22 77 e9 8a 95 cc c4 9d c9 8b af 9a 34 d3 f5 02 c8 ac 28 b7 50 02 14 dd 04 fd 85 9a f1 98 6e bb ad f8 5a 58 09 a6 36 01 58 06 83 02 5d 4a b9 6a 45 Data Ascii: :ity;bqnTB"YqQ14p#q`7d}Kk#wX)%*>^U+n8#3M`1_SaGI:0p\n+RIU1.Ah[(P 0KP\SA-HW]"w4(PnZX6X]JjE
2024-09-27 23:47:16 UTC	10774	IN	Data Raw: 15 bf c5 0e 0c 07 3d e5 90 e7 bd e9 2e 87 49 04 d1 1a f3 6f c7 49 02 68 4d fa 8a b3 a9 29 cb 8c b1 c2 bd c0 03 5c 49 8b 9d a6 66 3c eb ec ab e6 e6 03 e7 3b 05 85 ba 8d 2f fa 85 4b 7e ed 72 ed 99 d0 7c 25 c9 16 87 e9 85 b0 08 7b 3f cc 9c 6e 87 3b e7 09 ae 87 f8 72 d8 ba 57 56 8b f9 82 57 7d 9e 67 0c 5e 1d f1 3c 67 70 ec f3 cc 4b 9d ef af 19 ea ba ce de 3c 47 ff 79 a7 f2 82 ee bc 48 f3 d2 c8 93 f0 a3 83 fa ca 29 e4 bb 66 2d d7 ee c5 7b 02 8e 93 27 fd e1 9e e2 e3 14 4e 8b 62 d3 8c 57 f8 ca f8 14 30 0b c7 b9 aa cf 57 e6 97 e5 ad 0a bc cb 30 7c b2 a3 af ec 68 39 ce 84 fa 98 e7 d7 b1 d7 5d 3e dc 33 2b af 50 46 fd cf fd 3e ae e4 85 72 7c 5a 40 53 21 0d 85 5d 2d 52 33 de e1 1a 70 57 83 99 71 0f f7 23 36 34 ea ad c6 39 99 b0 b8 a8 e7 59 88 af 60 16 f3 10 af 0a 1a Data Ascii: =.IoIhM)\If<;/K~r\|%{?n;rWVW}g^<gpK<GyH)f-{'NbW0W0\|h9]>3+PF>r\|Z@S!]-R3pWq#649Y`
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 1a 8d 46 a3 d1 68 34 1a 8d 46 a3 d1 68 34 1a 8d 46 93 97 97 97 97 97 97 ef d8 14 16 11 15 13 97 80 4a da 92 82 21 90 57 f5 df 8d f2 82 d5 c8 fe b6 e2 03 e8 0f 14 2e 1e 7e 91 cb 3f 05 25 55 a3 1e 14 d9 65 65 cd ea d2 d5 be 76 5e 8f 96 d8 0b cd 66 6c 36 26 36 93 fa 08 63 73 3a 04 0c a7 96 8a 36 be d4 80 9b 0a a6 1f 72 44 9b 22 0a af fb 8d e8 50 14 aa 98 59 c5 0d d3 61 9a 4e d3 74 6b c3 aa cd ba cc ac df f4 3b 4e fb 6c 67 54 87 9f b0 96 67 b4 e4 b9 f4 9f d7 96 17 e4 f2 22 cd 4b 23 8e 17 71 32 6e 9e 1d 5d f7 ff 94 ef 6f cb ab 19 c3 d2 ce 39 ef 0b 5f fa ca d7 c6 5d b6 60 d1 92 65 2b ae bb c1 69 d5 1a 17 b7 75 1e 5e 37 f9 6c b8 25 26 21 63 db 8e ac 9c bc 02 4a 51 a9 95 a7 a1 01 c9 55 a6 59 d7 dc e6 50 0e 73 4f 57 75 2f 3d ac 7a ab 8f f4 2b cf f0 1b 6f b9 b9 7e Data Ascii: Fh4Fh4FJ!W.~?%Ueev^fl6&6cs:6rD"PYaNtk;NlgTg"K#q2n]o9_]`e+iu^7l%&!cJQUYPsOWu/=z+o~
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 73 a1 4d 59 d5 c4 9e eb 7a ad 61 72 d6 82 c8 4d f8 9a b8 28 9b 0f 8f b2 42 1b 42 02 07 9f 04 2f 31 99 fa 7a 38 1a f0 76 10 21 18 14 15 f4 43 63 21 db e4 05 ff d0 36 9c 59 29 c5 c3 35 82 18 a7 1e e3 3b 40 c9 b8 cb ba 7f 48 77 3b 68 98 65 55 7b 9c 45 17 08 4e 46 fb f8 65 8c 39 b5 8a 80 b4 9b 81 2d 08 82 d1 b2 67 59 1d 6a 84 90 a8 0e 0e 73 09 a4 89 42 d3 fc 6a ad 3c de c6 97 a4 af 47 1a e3 22 da f6 ce b9 cd 8a 76 ce 07 ae a8 24 ca f0 37 0f 88 d4 88 32 65 60 40 5f 7c 1a 50 d6 f4 88 e8 85 6a 8e 86 c8 7d 24 65 ce 35 32 31 b8 6d 1f b4 c1 be 3a 64 7a 6e 79 08 2a 65 4e 99 70 43 51 c5 4c b5 7c f8 ff bf 30 14 ff a1 3a 4e 08 0e 84 17 f2 3f ee fb a0 ff 98 9e c6 c0 c2 13 cc 77 00 d4 d8 ab e3 c3 05 92 f8 39 97 64 91 27 27 c1 4c 43 99 e9 8b 76 9a a5 08 09 c8 b4 67 b9 27 Data Ascii: sMYzarM(BB/1z8v!Cc!6Y)5;@Hw;heU{ENFe9-gYjsBj<G"v$72e`@_\|Pj}$e521m:dzny*eNpCQL\|0:N?w9d''LCvg'
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 82 56 5f c1 42 36 e5 a8 67 47 ce f4 7b d8 63 4a 95 21 64 c0 54 b1 24 96 43 3e ac eb 48 b7 ad e5 16 6d 63 b5 9d 05 d9 7c 66 c1 e6 96 a4 00 cf 9f 08 17 7c 75 a1 58 61 f4 a6 3e c8 68 a1 22 3b 6b 8c 06 44 2c 72 bc 85 5b dd 71 4b 18 40 a3 a0 3d b2 0e 1c f6 23 9a 41 55 31 e7 1b 34 06 c0 39 26 2c ae 6d fe 2a 2a 20 8d a0 a1 1f 86 a2 87 d5 66 64 c8 6a 01 0b 5c f2 9d 6b f4 7a bc 8a 5d 34 03 82 6c 0a f3 68 c6 41 54 52 34 30 84 a2 97 a1 0c 4e ed bb 70 b3 99 bc fb 3a 6f ae c1 77 20 2e c0 31 2b 9e c4 22 19 ee 47 8c 28 67 c0 50 b2 d4 e1 ae ec a5 ac a3 9d a4 e1 f4 ee dc e1 ca 54 ae a1 3a 0e 5c 0a be 2a 50 91 06 74 39 91 99 25 e6 38 c4 75 5a 1a 4c 8f 2f e1 12 2f 2f 09 3f 78 5d be d9 1d 05 bf 0f 9d 9f 7f 0c 1f bf 5b be fe 7a b8 16 51 e4 aa 5f 42 b1 4e 21 1d 04 dd 54 ca 7e Data Ascii: V_B6gG{cJ!dT$C>Hmc\|f\|uXa>h";kD,r[qK@=#AU149&,m** fdj\kz]4lhATR40Np:ow .1+"G(gPT:\*Pt9%8uZL///?x][zQ_BN!T~
2024-09-27 23:47:17 UTC	4542	IN	Data Raw: 8b 46 d4 71 2b b7 84 30 2a 7e 23 a2 47 5d a4 5a d3 85 87 bd 5d bc 1d e8 95 9e 84 37 56 98 5d 73 7e cd ce 14 c8 82 f9 39 a1 35 4f 2b a3 2f 50 75 55 36 55 ff d0 7a 0a a8 1a 16 47 75 31 1c 19 70 c6 42 1e 33 ee 68 06 61 40 8a 02 f4 ad fc 6a ca 17 c5 e4 22 3b 7c 2c 2e 42 e7 0c 19 a9 c6 b8 ad ce d1 55 15 35 1f be 94 43 1c 05 79 f1 5c 84 8a 4d 42 f4 1b cb 5f 02 26 2c 03 0e 4d 1d 8c ad 07 fc ff 65 3d 29 00 71 ef 8e 97 df 24 38 fc 9b ff 63 5d 67 a4 c7 5c 2e b5 7b 58 18 d4 81 51 6a 6d aa ab dc d7 fe d2 2e 74 ff b5 84 f2 2e 3d 48 ce cf db 2a 38 fb 7b db f3 d2 df 6c 4c a6 90 c8 d0 56 7e de 3f f8 cd 00 c7 d8 3a 3d c3 a2 57 56 cd 22 6f 29 33 32 9d 72 27 40 1c 4b 31 bc 0c a2 66 60 e8 d9 37 2c da 12 d2 06 c8 af 80 36 1b 28 a8 4e fa bf 70 aa 4f 19 76 51 e5 da 5f 98 64 1d Data Ascii: Fq+0~#G]Z]7V]s~95O+/PuU6UzGu1pB3ha@j";\|,.BU5Cy\MB_&,Me=)q$8c]g\.{XQjm.t.=H8{lLV~?:=WV"o)32r'@K1f`7,6(NpOvQ_d
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 50 1d 11 58 49 2a 70 e1 24 f0 bb a6 3c b2 8f 55 cf 06 ab 26 03 82 01 41 80 62 e3 48 c6 be 34 e9 37 b1 9a 9e 62 93 79 01 de e8 d0 bd be c2 68 3b 46 9b 8c 4e 12 cc fe bf 0b aa f1 fa 9c 75 33 b9 2c 38 79 c6 b2 6b b6 23 40 09 95 83 04 e6 dc 09 18 63 a4 14 50 46 e6 a1 a4 98 07 c2 7d f2 bc a3 50 fe b6 31 57 60 e8 ea 93 33 e9 48 22 ac 3f cd 37 c7 62 d4 ca 7d 4b fc ef 9a f2 c8 db 76 c5 ea 53 a0 b4 c1 2a 8a 60 20 40 45 fc ee a6 51 e9 94 53 c9 5b f0 12 13 77 ec 98 10 32 a1 60 f2 9b 59 4d 57 52 33 53 9e 5c 72 3b 74 ae 11 22 0d 8c 04 6c 08 7e 0b 54 03 ca 47 cf 7a d9 bb 43 cd 8f 42 05 3d 2b 01 ab 62 ed ed 93 bf 20 e1 f2 46 2e d9 0a 82 ea 86 f7 b1 78 b6 7f f3 98 2b ac 6c 44 d8 65 14 56 45 26 04 c6 3e ba e1 89 fe d2 76 47 30 fd dd 75 a3 52 39 35 e3 e0 80 4f 60 20 97 18 Data Ascii: PXIp$<U&AbH47byh;FNu3,8yk#@cPF}P1W`3H"?7b}KvS` @EQS[w2`YMWR3S\r;t"l~TGzCB=+b F.x+lDeVE&>vG0uR95O`
2024-09-27 23:47:17 UTC	16384	IN	Data Raw: 1a 52 a2 8e 24 12 17 3d 1a a5 be 62 40 34 14 f0 86 a7 c0 bf 20 9c 85 85 d9 0d 1b 46 a6 df bb b7 5e 26 7c a8 3d 3b 97 39 43 a7 62 f5 ec 3f 1f da e6 21 f5 1e 7c 29 a8 9a b2 cd 0d 76 bf fd b5 ca c6 e0 ac c5 48 13 a0 36 97 9b be cf 5c b7 83 cd 0f 34 10 e3 cb 5c 6f 43 c1 a6 cf 3e 71 64 49 2e 2b c4 08 b9 f1 f9 91 37 1f f0 4c ed f8 12 c7 49 4a cc bd 08 db 55 4b ed 4e 8e d8 1d c2 aa d2 d0 76 57 1e ea 70 91 35 b0 f0 62 99 de d9 62 a2 58 79 9c 30 bd c9 ed 73 37 f7 67 9a 1d a2 35 bd 57 30 40 4a f7 d2 39 65 59 9d 36 e0 14 a1 24 34 82 d5 98 e5 b1 82 b2 7a be 30 00 a8 31 69 14 13 15 fa 3e 8a c2 e4 e3 0b 02 40 24 eb a7 74 0f 87 e0 78 e0 35 21 37 f6 27 ce 28 22 74 7c d2 c1 52 a7 e7 89 61 2d a9 09 cc bb 82 ef 19 1e ff 7c 3c 8f 57 0d da 40 73 36 c6 e5 42 cd fa df 3f 36 cf Data Ascii: R$=b@4 F^&\|=;9Cb?!\|)vH6\4\oC>qdI.+7LIJUKNvWp5bbXy0s7g5W0@J9eY6$4z01i>@$tx5!7'("t\|Ra-\|<W@s6B?6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.7	49769	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:16 UTC	584	OUT	GET /S2/content/common/js/payment-channel-suggestion.535f3c6f70.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:17 UTC	513	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 1887 Connection: close Last-Modified: Fri, 04 Sep 2020 02:37:42 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:18 GMT ETag: "535f3c6f7015dbae9e6b2a4987192e2b" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: rsyM9MsbRQa5SaayZT85gkpoD34GalLgRbW09gjk3Qgvq91APNC4Ww==
2024-09-27 23:47:17 UTC	1887	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 21 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 28 22 23 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 53 75 67 67 65 73 74 69 6f 6e 4c 69 6e 6b 22 29 2e 63 6c 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6e 28 22 23 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 53 75 67 67 65 73 74 69 6f 6e 4d 6f 64 61 6c 22 29 2e 73 68 6f 77 28 29 2c 6e 28 22 23 6f 76 65 72 6c 61 79 22 29 2e 73 68 6f 77 28 29 7d 29 2c 6e 28 22 23 62 74 6e 49 63 6f 6e 43 6c 6f 73 65 22 29 2e 63 6c 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 28 22 23 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 53 75 67 67 65 73 74 69 6f 6e 4d 6f 64 61 6c 22 29 2e 68 69 64 65 28 29 2c 6e 28 Data Ascii: "use strict";!function(n){n(document).ready(function(){n("#paymentChannelSuggestionLink").click(function(e){n("#paymentChannelSuggestionModal").show(),n("#overlay").show()}),n("#btnIconClose").click(function(){n("#paymentChannelSuggestionModal").hide(),n(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.7	49770	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:17 UTC	645	OUT	GET /S/content/fonts/Lato/Lato-Semibold.woff HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdn1.codashop.com/S2/content/common/css/shared-fontfaces.b6c83d3582.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	535	IN	HTTP/1.1 200 OK Content-Length: 369144 Connection: close Date: Fri, 27 Sep 2024 23:47:19 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST Last-Modified: Mon, 02 Mar 2020 10:46:13 GMT ETag: "c44434d881d9d9c7c21b109b23d7777c" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Origin X-Cache: Miss from cloudfront Via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: GxqcQmouwTb--eh8Y-frCTJN_GVXAhaLjf2uYpkryfoBLe8z3xdZ1w==
2024-09-27 23:47:19 UTC	15849	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 05 a1 f8 00 12 00 00 00 0b 24 d8 00 02 00 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 46 46 54 4d 00 05 a1 dc 00 00 00 1c 00 00 00 1c 7d c4 dd a5 47 44 45 46 00 03 90 30 00 00 01 b0 00 00 02 64 23 81 2a f7 47 50 4f 53 00 03 9e e0 00 02 02 f9 00 03 b3 f4 f8 c6 b4 12 47 53 55 42 00 03 91 e0 00 00 0c fe 00 00 21 cc 3d 5d cb c9 4f 53 2f 32 00 00 02 10 00 00 00 60 00 00 00 60 6b 08 e7 d2 63 6d 61 70 00 00 19 c0 00 00 08 81 00 00 0b 40 82 b1 5d 39 63 76 74 20 00 00 28 90 00 00 00 70 00 00 00 e6 3b b0 b5 39 66 70 67 6d 00 00 22 44 00 00 05 a8 00 00 0b 97 e4 14 db f0 67 61 73 70 00 03 90 28 00 00 00 08 00 00 00 08 00 00 00 10 67 6c 79 66 00 00 46 e0 00 03 0a 02 00 06 41 b0 36 42 7f 9f 68 65 61 64 00 00 01 94 00 00 00 Data Ascii: wOFF$FFTM}GDEF0d#*GPOSGSUB!=]OS/2``kcmap@]9cvt (p;9fpgm"Dgasp(glyfFA6Bhead
2024-09-27 23:47:19 UTC	141	IN	Data Raw: fd 82 79 19 20 ff 00 b5 be 64 2e fe 45 bf 81 62 5f 56 d7 2b 8e 83 f1 ff b7 d8 21 ea 1b aa 27 af 3b 0e a3 ed 30 da 0f 57 63 8a da 46 38 8e 74 3d 8a 66 a9 ea 4f d5 c3 37 70 78 53 8e 37 69 f4 96 b5 d1 67 ac 1f 73 fd b6 fb e1 6d 7d 78 47 9e 77 f4 e8 3f 72 fc 07 c7 ff 38 1f 83 c7 58 7d 7a 57 ec 7b f4 7b 4f 5d e3 c4 8e c7 63 bc 98 f1 fa 35 81 6f c2 fa ff 5a 1a ec 74 bc a7 ca 31 dd de 99 7a 39 1b cf b9 7a f1 a1 f3 f9 7c f3 ed Data Ascii: y d.Eb_V+!';0WcF8t=fO7pxS7igsm}xGw?r8X}zW{{O]c5oZt1z9z\|
2024-09-27 23:47:19 UTC	784	IN	Data Raw: 59 e0 7a a1 be 2f 54 df 42 9a 7d 24 c7 c7 ea ce a4 d7 22 5a 2d 52 57 96 9e 64 e1 94 a5 07 4b 60 66 d3 33 1b a7 65 78 2c 87 b5 4a fc 6a fb 73 cd fb 1a eb 9f eb d3 97 b8 7e ed fc 5b f7 cc 3a 38 df c9 f5 bd eb f5 30 7e d2 97 9f 69 b8 81 c6 1b d5 bf 51 8e 5f 3c 0f fc af 89 6f d2 03 ff 57 e2 9b f5 74 0b 2e fe 5f c4 b7 8a 2d 80 5f 40 9f 6d e2 b7 d1 ca 3b 3e be 43 8d de d3 f1 42 1c 8b 9c 17 c1 f1 5e 8d 7b 7f c6 77 f1 ef d2 d3 62 d7 c5 ee 89 62 be 12 35 95 98 ed dd e6 7e b7 3a 76 c3 d8 23 ef 1e fb 4b cd ea 5e f5 ed 35 47 fb d4 bb 0f c6 3e eb fb d9 01 f6 ab f8 83 fa 78 08 07 ef 8a b8 77 43 fc b0 e3 6f 66 ee 77 f3 f4 bb fd de 03 f1 a3 ee 9f a3 38 7a fe c7 8f d2 f5 a8 d9 3a 2a e6 a8 ba 8f d2 e7 a8 da 8f e1 f0 87 bd 7f 98 8d 72 b5 1f d7 8f 13 9e a1 27 cd f5 49 1c 2a Data Ascii: Yz/TB}$"Z-RWdK`f3ex,Jjs~[:80~iQ_<oWt._-_@m;>CB^{wbb5~:v#K^5G>xwCofw8z:r'I
2024-09-27 23:47:19 UTC	16384	IN	Data Raw: f3 92 9a fe 65 9e ff 65 df 40 7a 0d c2 7b 90 79 1e 44 bf 97 e1 be 2c e7 cb e6 f5 15 78 af c0 1d ec fa df 62 86 e0 39 c4 fa 6b b4 7a cd 1c 0c 55 d3 eb ae 5f 57 c3 30 7c 86 89 1b 06 6b 98 b5 61 66 6b 18 8d 87 db 33 1c ee 70 fe e1 fc c3 f9 87 f3 0f e7 1f ce 9f c2 9f c2 9f c2 9f c2 9f c2 9f c2 9f c2 9f c2 3f 82 7f 04 ff 08 fe 11 fc 23 f8 47 f0 8f e0 1f c1 3f 92 7f 24 ff 48 fe 91 fc 23 f9 47 f2 8f e4 1f c9 3f 8a 7f 14 ff 28 fe 51 fc a3 f8 47 f1 8f e2 1f c5 9f ca 9f ca 9f ca 9f ca 9f ca 9f ca ef dd f3 ff ec 0d eb 6f 58 7f 93 0e 6f e9 e9 68 b3 f8 b6 39 7f a7 30 24 c6 e8 e1 58 b1 ef d9 f3 be b8 f1 b4 1b af b7 13 68 e5 dd 92 98 20 76 a2 7b 67 a2 63 9a 3d 69 e6 76 92 9e 4e 96 cf bb 26 91 0e 7f 8a 99 9c a2 f7 53 c4 4c d5 eb 0f e4 f9 40 dc 34 73 3e 5d 7f 66 b8 9e 69 Data Ascii: ee@z{yD,xb9kzU_W0\|kafk3p?#G?$H#G?(QGoXoh90$Xh v{gc=ivN&SL@4s>]fi
2024-09-27 23:47:19 UTC	1024	IN	Data Raw: da 7b 5c c1 67 b7 2e bb 7b ac 4c 6b 86 bf 64 ad fe 2a d7 e2 7a 5b cd 68 fd eb 45 43 4d be bb 6e dc d7 be bd d5 63 b2 a5 68 1b 71 2a d1 da 6b 8a 96 e4 27 39 1b c6 ea 4b b6 ac 2a 67 d2 c7 37 db 3c 36 83 ba ae ad 7d d5 d2 f6 de aa dd cf 4d e4 91 dc ed a6 f0 31 92 2b 57 0b 8e 47 75 58 96 c6 0a 2b 44 13 06 50 d0 61 63 9a 28 82 00 24 c3 07 29 09 1c cb 70 64 5b 72 a2 71 1c fb 29 82 d8 80 c3 07 3b 34 cd 35 da e5 5d a6 3b 0e 26 a0 62 ee 8a b5 e8 85 64 0e 5e 49 f3 61 47 dc 17 eb 68 f4 17 78 35 91 7e 46 df 5f f1 64 af b2 57 d0 cf ac 48 3f 13 21 fd 4c e3 72 2d 6e f6 2d bb 6b 7d 99 90 77 57 74 99 04 bd 7b 9b 9b 24 41 6d 63 20 5e 39 bb 4e da ba ff c2 16 3e 23 af 65 5e ca 1e d9 7b 24 87 8d d0 cc 06 52 a3 bf 1a 9c 58 b0 7d 0b 6e 47 7b 92 6f 9f 24 39 6f 15 e0 78 48 1a 80 Data Ascii: {\g.{Lkdz[hECMnchqk'9K*g7<6}M1+WGuX+DPac($)pd[rq);45];&bd^IaGhx5~F_dWH?!Lr-n-k}wWt{$Amc ^9N>#e^{$RX}nG{o$9oxH
2024-09-27 23:47:19 UTC	16384	IN	Data Raw: 06 59 2e 92 c9 11 d1 2e 6c 48 9e e0 28 0e 9f 75 c2 71 83 4d e2 d9 bc 8e 95 d1 bc 0e d7 c2 7d 22 59 1e 2b a3 4a 1c 00 be f4 34 8f c9 18 c9 f5 90 5c 3e d7 23 38 9f b1 2d 94 fd b1 71 41 ba be 50 3e c8 7d 0b c8 fb fc fc 0f 47 e1 b2 56 80 17 c9 41 20 f0 5a 29 c0 eb 5e 02 2f 92 8f 47 ea 02 38 c0 48 48 89 dd 11 8a d9 92 10 51 44 9b 5f dc 21 36 2f ef b2 3d a2 49 77 21 89 fa 32 39 77 81 f9 39 77 73 33 ee 2a 1e 59 13 49 b8 5b b1 27 ef 9d 77 62 d3 ed 1e aa 5d 52 73 d3 6b 24 dd ae aa 28 5c c9 99 62 e6 7a 38 3a d7 b5 78 ae 51 3f d3 93 51 7f d2 79 de cf 24 e8 3c ed 51 5d 68 03 af 0b 09 fe 27 7d b4 ff 85 39 fd 27 a3 3a d2 fd 7d bc ed 78 2a fc 14 a9 69 c9 81 6c 1c 1b 4a 23 7d 25 13 72 48 1a 13 0b 35 b9 56 13 83 86 08 23 d3 10 76 39 44 82 fa 01 e2 7b bc 01 d7 a0 d7 a8 e5 Data Ascii: Y..lH(uqM}"Y+J4\>#8-qAP>}GVA Z)^/G8HHQD_!6/=Iw!29w9ws3YI['wb]Rsk$(\bz8:xQ?Qy$<Q]h'}9':}xilJ#}%rH5V#v9D{
2024-09-27 23:47:19 UTC	1024	IN	Data Raw: 5e 4b ca cb b6 54 15 ef aa 73 60 68 ff 42 bf f1 ef a2 0f 33 15 48 bf a3 97 13 fd 4e 47 6c 52 9e 97 38 d3 03 fe ca fb 93 37 0a 7c 71 b2 1b 63 31 09 31 55 2b a2 a9 85 b1 0a 31 89 55 2c 88 51 88 49 8c 02 73 41 22 7d bb 21 c6 71 ff 25 f0 48 82 be 79 4e d0 37 a9 5d 7b 48 6c ee ec fc 27 12 39 87 f0 cf 1f e0 8b 8f 50 ae 87 98 a3 c7 44 18 0b 0f a5 aa 0b 19 67 62 31 89 2a 6e 8d d5 1b 5f 45 63 14 85 8e e4 2d de 0e d3 b2 a0 c6 42 68 39 a2 0c f8 3d 98 79 42 ef 23 40 c4 42 40 92 47 80 aa c5 a9 e2 98 f8 9d e1 ab dc f0 0e 83 b6 91 a8 c4 3f 52 3c b0 bd d1 3c 74 ef 1b eb fb ee 9d 8a cc 15 7c 84 b8 e0 c1 aa 15 75 93 cb 8a 2a db 74 76 b9 4b c4 fc 49 29 af 1e bf a9 e5 85 e8 a5 17 56 16 6d 7c e6 fa 9f ce 41 d1 cf 9d a0 77 cf 8a 8f dd 58 7b e0 cd 5b 46 c6 24 79 bc 3e 1e 7d 8e Data Ascii: ^KTs`hB3HNGlR87\|qc11U+1U,QIsA"}!q%HyN7]{Hl'9PDgb1n_Ec-Bh9=yB#@B@G?R<<t\|utvKI)Vm\|AwX{[F$y>}
2024-09-27 23:47:19 UTC	16384	IN	Data Raw: 16 82 86 35 b7 87 3e 2e 20 64 c5 dc 1f b1 2f 0f f0 bd e9 80 f7 66 36 e5 8b b8 f5 a8 c2 0d e9 d0 34 c9 7d df c2 5f fb 38 0b c8 ae 77 ea e3 f9 eb f1 af 88 eb 4f c8 85 f9 b9 da c9 6d d3 91 0d 67 f6 36 7d 74 c7 6d f5 5b d6 0e e4 7d 84 2e 49 f6 27 0d 7d 41 6d e7 a1 17 d7 7f f6 3e 67 3e 7a 3a b7 6a 45 e9 a5 4b dc 59 7c 37 42 0d 7e 49 f4 7e 6e 12 63 05 99 a9 1e ea a1 88 a9 1b d0 62 73 06 fc 2e 35 70 a1 56 48 e1 3d 5e 56 48 73 14 17 83 73 14 0a 1f 25 12 2c 53 81 ee 90 37 83 50 e1 1e 0f ca 31 cd 61 38 c7 cb b7 9f 4a 6a 8f 4b bf 7a 96 74 b6 47 ea 02 fe c4 62 47 5c fa 25 98 09 62 1b 48 06 7d 35 ea 84 a2 7d a3 81 6c 7b 64 32 a1 24 52 e4 27 5e 80 07 1b 62 0f 15 16 e7 17 bb 1a ac ba 86 e8 2b 49 c0 b0 00 78 fb 8b c2 cb c3 16 00 cc 55 ab 9b ba 36 7b 64 5a 69 a6 d3 da 60 Data Ascii: 5>. d/f64}_8wOmg6}tm[}.I'}Am>g>z:jEKY\|7B~I~ncbs.5pVH=^VHss%,S7P1a8JjKztGbG\%bH}5}l{d2$R'^b+IxU6{dZi`
2024-09-27 23:47:19 UTC	1514	IN	Data Raw: a7 23 e8 85 2a 86 ed 9b 0a 54 3d 72 de 10 7c 93 1f 7b b3 78 1d 96 5e 1f 91 77 67 03 a3 d5 69 2f 54 00 35 15 e7 34 0d 56 e5 75 8b f4 00 8f 3d 34 40 a4 6c 2e c6 24 77 93 4a d9 21 ff da 73 5b 54 ca 09 48 3b a3 d5 9f e5 39 fd 22 46 af df dc 4f eb a0 d3 3e a6 69 cf 67 a9 82 f6 02 8f 55 eb b8 55 a0 55 a5 54 00 ce f6 3c 5e b7 a3 1e 85 67 7b 14 2d 62 f9 c1 7e 03 49 1f 27 57 42 d7 6c 00 30 2b 96 2d 5d b2 78 e1 ec 59 33 06 3a 26 34 35 44 42 38 21 84 02 5d 6d 1c 0d 5d 1d a1 0e 4f 75 e4 24 32 c0 7f 3a 20 eb 28 39 cb 8c 8e 5a d6 f4 f8 7d 5a 09 b2 75 6e 51 73 6b 7c b2 2f 10 6a 6c 90 fe cc 7e ad 14 e6 ba 2d 3d 1a e6 5a 45 45 05 95 59 3d d0 d6 71 c7 c0 55 bb 8b 5c e8 57 b3 d7 95 41 5e ef 6e 9b 14 aa 6c df 37 6f f5 97 a7 54 15 c1 af 6f 8f 9e 0d fc ba 32 3d b9 7d ff 35 70 Data Ascii: #*T=r\|{x^wgi/T54Vu=4@l.$wJ!s[TH;9"FO>igUUUT<^g{-b~I'WBl0+-]xY3:&45DB8!]m]Ou$2: (9Z}ZunQsk\|/jl~-=ZEEY=qU\WA^nl7oTo2=}5p
2024-09-27 23:47:19 UTC	16384	IN	Data Raw: 12 72 c0 51 44 19 71 38 4f b8 27 25 43 4e ad 60 51 fb f5 a1 84 e9 d0 88 d3 cc f3 bd b5 69 71 9b 8d 8f 06 a4 ef 40 bd 68 a3 be c3 ec 1e 80 73 ac 3a 98 79 59 9d 1d 2d 0f 1d 0d 3f 97 7b 86 cf 1e d8 11 ac 69 ae 2a 06 47 6c c6 53 e0 60 8a 77 0a 70 03 18 4d 49 8f 6e 38 18 07 da 8f 05 84 11 6a 34 2b 6a 7f 19 11 ac 1c 71 8a bc ca dd 95 08 3b b4 50 af 51 07 74 e1 84 89 3f 92 fb 9b 68 af 49 36 8a db 74 6a 2e 1a 04 13 48 1f 6b e1 0f c0 69 c4 1f 43 cc ec ac ce 89 e8 8b 91 86 8f f7 3f 91 20 3e 5e 3c 3e 69 5c ae e4 97 a7 d9 bd 36 63 79 ce c1 e2 d8 13 9e 78 a6 16 ca e0 00 07 0d 9a 2f 6b 59 d0 53 87 dc c5 16 a5 87 25 b4 01 9c f6 d4 fb 6b b2 09 9b a3 ad 1a 75 97 b3 d2 de 1e b2 d9 0c 16 0d 3e b8 79 57 a7 f3 a7 ba 02 ab aa eb c5 8b ad 5c 34 00 da 73 ff 11 74 f3 3a 0b e5 ef Data Ascii: rQDq8O'%CN`Qiq@hs:yY-?{i*GlS`wpMIn8j4+jq;PQt?hI6tj.HkiC? >^<>i\6cyx/kYS%ku>yW\4st:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.7	49771	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:18 UTC	633	OUT	GET /S2/content/mobile/images/error-icon.20986d3fe0.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	498	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 802 Connection: close Date: Fri, 27 Sep 2024 23:47:20 GMT Last-Modified: Tue, 14 Dec 2021 02:49:38 GMT ETag: "20986d3fe0ddac454b9f46bc34ce8952" x-amz-version-id: yQvHZsqjV.2CRKMhv5iNVz5bc0xc5Mqc Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: aFybRvMicyLSDImc8SINNTtKFkufJUkf9o3eiAO8kpUK-8EJZDdgcA==
2024-09-27 23:47:19 UTC	802	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 26 00 00 00 26 08 03 00 00 00 9f e3 19 9c 00 00 01 17 50 4c 54 45 00 00 00 ff ff 00 ff aa 2b ff b6 24 ff aa 39 ff b3 33 ff af 30 ff b4 2d ff b8 2b ff b9 2e ff bc 2c ff b6 2e ff b9 2c ff b4 2d ff b6 2c ff b8 2b ff ba 29 ff b5 2f ff b9 2d ff b8 2e ff b9 2d ff b7 2b ff b8 2b ff b5 2a ff b6 2e ff b7 2d ff b7 2c ff b8 2b ff b6 2b ff b8 2d ff b7 2c ff b8 2b ff b6 2b ff b7 2d ff b6 2c ff b8 2d ff b6 2d ff b8 2c ff b8 2d ff b6 2c ff b7 2c ff b6 2d ff b7 2d ff b6 2c ff b6 2d ff b7 2c ff b8 2b ff b6 2c ff b7 2b ff b8 2d ff b6 2c ff b7 2c ff b6 2b ff b7 2b ff b7 2c ff b7 2b ff b7 2d ff b7 2c ff b7 2c ff b7 2c ff b8 2b ff b6 2c ff b7 2b ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b8 2c ff Data Ascii: PNGIHDR&&PLTE+$930-+.,.,-,+)/-.-++*.-,++-,++-,--,-,,--,-,+,+-,,++,+-,,,+,+,,,,,,,,

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.7	49772	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:18 UTC	637	OUT	GET /S/content/social-media-logo/36/socmed-facebook-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:18 UTC	505	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2890 Connection: close Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 17:35:36 GMT ETag: "cf9659fa3891add490cb7d0d099d72ac" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: -u-WobCUzHmbJJEia3uR5taDr-ARq2X60q2KEqdCILQWQuyActGmmw== Age: 22303
2024-09-27 23:47:18 UTC	2890	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 24 00 00 00 24 08 06 00 00 00 e1 00 98 98 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR$$pHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.7	49774	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:18 UTC	636	OUT	GET /S/content/social-media-logo/36/socmed-youtube-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	500	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2216 Connection: close Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:20 GMT ETag: "123c968b7d12fcf714b9d2af208d666a" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: ca0lNlFGPu3SMHF-odnPMJWph2iE6kXJRE4Z6RT4OeLPESiH9Zu4fQ==
2024-09-27 23:47:19 UTC	2216	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 33 00 00 00 24 08 06 00 00 00 24 72 02 09 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR3$$rpHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.7	49776	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:18 UTC	638	OUT	GET /S/content/social-media-logo/36/socmed-instagram-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	504	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 4678 Connection: close Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 22:55:06 GMT ETag: "a91be2e400b7f0dc66247427dfaffcf3" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: slIMlMHOR7nkD8UdvdIJMlvQOPFwiwfEjFfprZrPWSdSU0jEX7T3YQ== Age: 3134
2024-09-27 23:47:19 UTC	4678	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 24 00 00 00 24 08 06 00 00 00 e1 00 98 98 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR$$pHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.7	49775	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:18 UTC	641	OUT	GET /S/content/social-media-logo/36/socmed-facebook-msg-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	471	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2866 Connection: close Date: Fri, 27 Sep 2024 23:47:20 GMT Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT ETag: "e3443d0d8aea42fc61368b9792b6fdc3" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: -d4qwESZqBUQP0slK_WLzBqFTACFH1RHYd1-iEhclec6VmmLHSgDig==
2024-09-27 23:47:19 UTC	2866	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 24 00 00 00 24 08 06 00 00 00 e1 00 98 98 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR$$pHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.7	49777	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:19 UTC	379	OUT	GET /S2/content/common/js/faq.7a04e34b3d.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	513	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 824 Connection: close Last-Modified: Fri, 04 Sep 2020 02:37:42 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:18 GMT ETag: "7a04e34b3d63def624af82ba6df461ba" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: JBk6XCcte0nAK6EiyjhNV6_lCalKTzrwt0CsnFhCpKypWMCcZGdSxQ== Age: 2
2024-09-27 23:47:19 UTC	824	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 72 65 6e 64 65 72 46 41 51 53 65 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 24 28 22 2e 61 63 63 6f 72 64 69 6f 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 29 2c 6e 3d 43 4f 44 41 2e 53 68 6f 70 2e 66 61 71 44 61 74 61 2e 66 61 71 2c 65 3d 22 22 3b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 6e 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 61 2c 63 29 7b 76 61 72 20 74 3d 6e 5b 61 5d 2e 71 75 65 73 74 69 6f 6e 2c 6f 3d 6e 5b 61 5d 2e 61 6e 73 77 65 72 3b 65 2b 3d 22 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 27 61 63 63 6f 72 64 69 6f 6e 2d 73 65 63 74 69 6f 6e 27 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 63 6c 61 73 73 3d 27 66 61 71 2d 73 77 69 Data Ascii: "use strict";function renderFAQSection(){var a=$(".accordion-container"),n=CODA.Shop.faqData.faq,e="";Object.keys(n).forEach(function(a,c){var t=n[a].question,o=n[a].answer;e+="<section class='accordion-section'>\n <input class='faq-swi

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.7	49780	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:19 UTC	383	OUT	GET /S2/content/common/js/infoBar.38acc407b3.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	514	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 2106 Connection: close Date: Fri, 27 Sep 2024 23:47:18 GMT Last-Modified: Fri, 04 Sep 2020 02:37:42 GMT ETag: "38acc407b31daa48fafd99a877c64b5d" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: j28x3tJTr8aFpHe3OmBTvV11-5TG4cQm1jGmnzBvghkdAAM9TfXSoA== Age: 2
2024-09-27 23:47:19 UTC	2106	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 5f 73 6c 69 63 65 64 54 6f 41 72 72 61 79 28 74 2c 6e 29 7b 72 65 74 75 72 6e 20 5f 61 72 72 61 79 57 69 74 68 48 6f 6c 65 73 28 74 29 7c 7c 5f 69 74 65 72 61 62 6c 65 54 6f 41 72 72 61 79 4c 69 6d 69 74 28 74 2c 6e 29 7c 7c 5f 6e 6f 6e 49 74 65 72 61 62 6c 65 52 65 73 74 28 29 7d 66 75 6e 63 74 69 6f 6e 20 5f 6e 6f 6e 49 74 65 72 61 62 6c 65 52 65 73 74 28 29 7b 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 61 74 74 65 6d 70 74 20 74 6f 20 64 65 73 74 72 75 63 74 75 72 65 20 6e 6f 6e 2d 69 74 65 72 61 62 6c 65 20 69 6e 73 74 61 6e 63 65 22 29 7d 66 75 6e 63 74 69 6f 6e 20 5f 69 74 65 72 61 62 6c 65 54 6f 41 72 72 61 79 4c 69 6d 69 74 28 74 2c 6e 29 Data Ascii: "use strict";function _slicedToArray(t,n){return _arrayWithHoles(t)\|\|_iterableToArrayLimit(t,n)\|\|_nonIterableRest()}function _nonIterableRest(){throw new TypeError("Invalid attempt to destructure non-iterable instance")}function _iterableToArrayLimit(t,n)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.7	49778	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:19 UTC	402	OUT	GET /S2/content/common/js/payment-channel-suggestion.535f3c6f70.js HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	514	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 1887 Connection: close Last-Modified: Fri, 04 Sep 2020 02:37:42 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:18 GMT ETag: "535f3c6f7015dbae9e6b2a4987192e2b" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: HHR3w1NKG2tqZj9Qv2zn37rTNE1yDBH0nK7VEUfkRK2Gd8UgF6K5Rg== Age: 2
2024-09-27 23:47:19 UTC	1887	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 21 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 28 22 23 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 53 75 67 67 65 73 74 69 6f 6e 4c 69 6e 6b 22 29 2e 63 6c 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6e 28 22 23 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 53 75 67 67 65 73 74 69 6f 6e 4d 6f 64 61 6c 22 29 2e 73 68 6f 77 28 29 2c 6e 28 22 23 6f 76 65 72 6c 61 79 22 29 2e 73 68 6f 77 28 29 7d 29 2c 6e 28 22 23 62 74 6e 49 63 6f 6e 43 6c 6f 73 65 22 29 2e 63 6c 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 28 22 23 70 61 79 6d 65 6e 74 43 68 61 6e 6e 65 6c 53 75 67 67 65 73 74 69 6f 6e 4d 6f 64 61 6c 22 29 2e 68 69 64 65 28 29 2c 6e 28 Data Ascii: "use strict";!function(n){n(document).ready(function(){n("#paymentChannelSuggestionLink").click(function(e){n("#paymentChannelSuggestionModal").show(),n("#overlay").show()}),n("#btnIconClose").click(function(){n("#paymentChannelSuggestionModal").hide(),n(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.7	49779	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:19 UTC	392	OUT	GET /S/content/common/images/mno/higgs_domino640x241.jpg HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:19 UTC	613	IN	HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 67398 Connection: close Date: Fri, 27 Sep 2024 23:47:18 GMT Last-Modified: Thu, 20 Jun 2019 09:07:08 GMT ETag: "1825a826736d50f007a25988bf1a86c9" x-amz-meta-sha256: 95dcbc02618ac287b3f9388c5f3ea2953ba74dbac74b8c902cbaf3e892c93c96 x-amz-meta-s3b-last-modified: 20190524T032947Z x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: 4K4JnHYvYRTAa1MURoCMeZneP8WWMsEPzxcUT-yKZCqzn8i4eLG_5Q== Age: 2
2024-09-27 23:47:19 UTC	15771	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 02 02 02 02 02 01 02 02 02 02 03 02 02 03 03 06 04 03 03 03 03 07 05 05 04 06 08 07 09 08 08 07 08 08 09 0a 0d 0b 09 0a 0c 0a 08 08 0b 0f 0b 0c 0d 0e 0e 0f 0e 09 0b 10 11 10 0e 11 0d 0e 0e 0e 01 02 03 03 03 03 03 07 04 04 07 0e 09 08 09 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e 0e ff c2 00 11 08 00 f1 02 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 00 01 04 03 01 01 01 00 00 00 00 00 00 00 00 00 06 04 05 07 08 02 03 09 01 00 0a ff da 00 08 01 01 00 00 00 00 a8 99 e5 96 c2 1b 25 24 95 15 8d 8f 98 c2 75 cb 3c f3 54 b5 56 f5 2a 5c e4 4c f7 db 0c d1 33 32 b6 26 f5 16 f5 3b 1b 52 Data Ascii: JFIF"%$u<TV*\L32&;R
2024-09-27 23:47:19 UTC	16384	IN	Data Raw: 83 c4 06 78 65 55 08 fe 03 d6 3e 2b 1c e0 b0 1a 99 b4 70 b1 f8 4e 52 ad 99 b4 02 55 e0 a7 e3 c5 96 19 58 f1 1b 02 57 29 f1 df 75 30 f0 e4 45 c0 30 11 1a 37 d2 2d 86 03 ac e9 3c 53 e5 72 4c b3 7a 8d 61 6a 07 9f 31 2b ad f9 71 42 9f 69 b5 aa 0e 63 ff 00 52 95 4d a4 ff 00 97 29 44 aa 7c 00 58 4d 9d cf a0 97 a4 71 7b c2 d3 c5 ee f4 80 10 a2 58 7c a3 5f ca 37 08 d6 dc a5 32 de b3 df 17 23 fe 44 2f 4d d4 a9 8d 52 a2 7c 05 a0 b2 8d 00 de c0 e5 b8 d9 5d 70 9b 4a fd aa a1 ba a8 5b 5f d6 30 5c 4c 31 5f a4 6e cd 59 70 83 d2 56 57 ec cd d5 50 73 9b 42 76 75 1f 15 d8 71 09 50 0e c5 30 5a a7 39 f8 f5 1b 53 a0 12 81 c0 da da 57 67 a7 f0 da d2 a9 a3 53 0d 8e 57 06 33 3f 6c 38 df 9c da 0d 54 06 f8 70 da f1 d7 05 25 f0 f3 de c0 55 02 d6 3c e5 36 41 d7 94 22 37 d2 51 67 b8 Data Ascii: xeU>+pNRUXW)u0E07-<SrLzaj1+qBicRM)D\|XMq{X\|_72#D/MR\|]pJ[_0\L1_nYpVWPsBvuqP0Z9SWgSW3?l8Tp%U<6A"7Qg
2024-09-27 23:47:19 UTC	16384	IN	Data Raw: 1f bd a0 f9 37 2e 0c 1c e1 da fa 1e 62 aa ef 9d 05 87 cf 7e 59 b1 e9 57 fb ff 00 1d e6 8e 9d 8e c6 2b 60 d1 81 55 0b 6f 35 5b 99 d8 aa 8a ff 00 75 0e d4 19 55 2d 1e 22 fb 4a e4 0c a3 12 5b a7 f5 73 0a aa 9d d8 de 2e f3 de 5a 28 78 49 59 6b 3b 4b eb 17 3a b1 51 79 b7 90 50 98 e6 69 01 12 6b 68 3b cc e9 0f 23 f4 23 8e 03 d4 99 29 1b 61 9d 95 67 d8 20 e0 86 04 06 16 d8 5a 06 50 16 af 26 dc 53 03 1a 87 07 98 7a 3f 23 38 20 90 cb 8c 16 6b 12 1b 65 8a f2 ba f0 c7 b7 91 7e 0f 94 ed c4 c5 d3 72 6b d3 a4 a2 18 d9 88 a3 15 96 f1 88 50 ee 54 f9 82 6a 4d 32 95 b8 7f c7 48 36 8f f7 d2 08 14 58 73 d9 b3 24 b9 ff 00 b4 85 15 73 a6 b3 ee 01 16 03 64 23 9b 4d 91 d4 16 1c 31 35 44 97 38 1e 91 f3 92 f4 05 62 a1 83 de 67 ab 2f 6c c2 5c 6b b5 49 d1 49 01 ed 2d ce e5 3f 48 2a Data Ascii: 7.b~YW+`Uo5[uU-"J[s.Z(xIYk;K:QyPikh;##)ag ZP&Sz?#8 ke~rkPTjM2H6Xs$sd#M15D8bg/l\kII-?H*
2024-09-27 23:47:19 UTC	16384	IN	Data Raw: 02 26 32 7d 12 48 56 41 e0 65 a9 1a d2 91 9a 54 bd 32 1d 69 d6 ff 00 39 0d 15 62 a7 94 34 bd b7 07 06 e9 42 80 3c 26 8f c3 89 51 67 4a 35 5d 1a b5 4e 52 b6 e9 21 f8 70 04 a5 d3 b1 54 06 f5 db 8f be 2b fe 14 11 ed 8b 55 28 9b b8 68 11 e9 44 01 a8 1b 7e 59 a5 69 d7 ce a2 0f da e3 88 ce 7c b6 02 6a 80 80 88 72 15 39 61 2a b9 84 8a 38 14 d2 85 72 e0 45 6b e4 3a 7c 03 3b 64 84 a3 ed 76 e2 a8 21 90 f3 23 ec 27 d3 11 d6 1d f1 fd 02 17 4c aa a0 e2 bb c1 a0 6c 5c 40 aa 1b 2b 55 b6 00 24 a6 dd c8 21 82 80 80 7b cd de 2e cf de 1c a0 8b 38 49 d4 03 71 b5 0e f3 43 f6 47 4e e0 91 74 50 b7 2c 09 99 40 ac 6e 22 c3 46 6e bc 70 c2 4b 36 0e 44 f6 3a 5c 18 f4 67 f2 41 82 08 d9 c5 99 55 3a 34 10 b9 05 d8 51 2f 79 a9 95 60 c8 c5 4d 50 a1 96 e3 2f 7d 6a a8 14 c2 a6 e8 43 00 e8 Data Ascii: &2}HVAeT2i9b4B<&QgJ5]NR!pT+U(hD~Yi\|jr9a*8rEk:\|;dv!#'Ll\@+U$!{.8IqCGNtP,@n"FnpK6D:\gAU:4Q/y`MP/}jC
2024-09-27 23:47:19 UTC	2475	IN	Data Raw: 71 89 e7 ec 3f 32 7e 55 c3 87 15 35 a9 fb b8 f6 c3 a6 48 bc 13 18 0b 89 03 96 21 93 bf 18 a2 62 02 1d 4c c3 16 0a 91 bc 46 9c 45 a1 4f 4d 6a e7 52 e7 0a 61 32 84 e2 8a 72 64 04 19 55 e2 6f 15 2a 86 f1 58 99 0b 5c 04 49 2e 81 15 7e c0 7c e1 30 79 c3 51 80 cb 46 2d 32 d3 a1 fb 98 d1 d1 ad 1f ac 85 e7 8d 2f 76 5b d0 06 02 c2 1b 80 51 88 40 2b 5a 83 12 56 2d a9 98 45 d4 b1 53 a6 63 9c 24 0b 4a 08 22 a5 88 09 aa 80 a1 8c 90 ac 74 75 6c 7f 92 c4 bb c9 91 dd 76 f2 45 15 17 31 cb d6 36 d8 e7 fb b5 60 4b 97 b8 16 22 7c 35 b2 bb 1d e3 1e ed 04 93 b4 53 e6 44 46 9d e2 1a 88 44 29 d0 c5 9e c7 d9 9c c2 10 82 64 4f 91 55 32 d8 60 30 46 d0 a4 00 00 a2 6d 22 22 37 b7 d0 65 30 26 04 47 84 a5 e5 26 42 76 49 3b 2d 94 b0 94 4f 1a 42 84 83 c8 2e 13 88 50 08 0b b1 21 2b b4 5e Data Ascii: q?2~U5H!bLFEOMjRa2rdUo*X\I.~\|0yQF-2/v[Q@+ZV-ESc$J"tulvE16`K"\|5SDFD)dOU2`0Fm""7e0&G&BvI;-OB.P!+^

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.7	49783	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:20 UTC	640	OUT	GET /S/content/common/css/flags32.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://cdn1.codashop.com/S/content/common/css/flags.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:21 UTC	472	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 26399 Connection: close Date: Fri, 27 Sep 2024 23:47:21 GMT Last-Modified: Thu, 20 Dec 2018 04:54:20 GMT ETag: "ee905aeea99aa287b3f5b569fedbd91e" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: Ro_eMHkIYAlgH6vFoobyi3scay-skibN1aSIT5mv2PMK8TCUY_lJIw==
2024-09-27 23:47:21 UTC	15893	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 1e e0 08 03 00 00 00 62 ad 73 e1 00 00 03 00 50 4c 54 45 4c 69 71 00 38 93 00 38 93 00 38 93 00 38 93 00 38 93 00 38 93 00 00 00 00 00 66 00 00 7e 00 00 95 00 00 99 1b 11 03 00 00 ae 0e 17 15 00 00 cd 00 00 ff 3f 11 09 22 0f 69 00 27 67 00 24 7e 0c 1c 8c 00 1e a5 23 27 26 02 2d 62 00 2a 7d 00 29 8e 6b 0b 12 09 2a 88 02 32 7a 00 35 84 00 33 99 00 36 91 00 37 a9 09 38 96 01 37 b8 12 49 2f 06 40 85 70 18 3e 39 38 34 c0 00 00 0d 3d 9d 00 66 00 b0 0c 0a 00 60 34 8b 1d 22 48 30 71 cd 02 02 50 43 09 22 42 8b 06 4d a2 02 52 93 da 01 00 0f 47 af 00 53 a4 c2 0a 27 28 4c 6a 01 51 ba 00 6a 40 00 50 c8 21 5d 36 ad 19 28 00 6a 4d 76 2b 60 00 72 29 00 5d a4 e5 05 14 24 4b a6 17 6f 14 69 42 32 ce 11 26 ff Data Ascii: PNGIHDR bsPLTELiq888888f~?"i'g$~#'&-b})k2z536787I/@p>984=f`4"H0qPC"BMRGS'(LjQj@P!]6(jMv+`r)]$KoiB2&
2024-09-27 23:47:21 UTC	1616	IN	Data Raw: 07 ac ce ed 63 08 17 3a f6 75 77 ef eb b8 c0 16 1c 9d f6 96 b7 1d 4c a1 17 7e b6 bf b3 b3 f3 c2 05 fd 1a a0 f8 8e 73 9d 2d 9d 9d e7 60 20 8c 61 42 16 b1 bd 89 25 c0 10 ce 9d 83 55 e7 56 96 00 21 a0 40 98 30 8d 20 57 21 09 08 0a e8 6c 9d e3 d5 cc c9 33 ca c4 38 38 13 67 57 2e 13 4a 4a e2 2b 57 9e 1e 08 2e 53 01 c2 49 67 24 d6 4a 85 d6 b0 33 7e 56 47 58 f6 f4 e7 03 24 09 42 70 60 fa 15 6c 41 41 20 14 10 c4 ad 8e 50 a2 00 ce 9d fa e8 a3 8f 5e 85 c7 29 96 f0 d1 07 af 96 16 96 be fa c1 47 b2 40 28 f1 92 12 71 2b 50 e1 d0 a1 c3 d5 76 14 96 bd 32 3d 10 04 21 49 06 3e 7f 7a 99 28 7c 70 aa b0 ed d0 a1 59 e1 6c dc 19 6e 05 41 68 8d 45 9c 27 a5 08 87 aa cf a0 10 1c 38 bd 72 25 15 96 ad 3c 9b 70 4a c2 1f 5a b6 a0 a0 1e 18 14 79 e8 f0 ea 0d 58 83 46 b0 b7 74 56 af fe Data Ascii: c:uwL~s-` aB%UV!@0 W!l388gW.JJ+W.SIg$J3~VGX$Bp`lAA P^)G@(q+Pv2=!I>z(\|pYlnAhE'8r%<pJZyXFtV
2024-09-27 23:47:21 UTC	8890	IN	Data Raw: 2a 0e 50 c0 cb 09 67 f1 72 a2 80 d0 b3 78 90 55 0d 26 46 c2 c6 e5 81 11 48 3a f1 60 30 c1 fb 17 48 c2 61 b3 39 12 1c 21 48 a3 06 33 09 37 79 29 3e b5 d9 3e e5 a4 00 23 12 21 ea 22 ff 93 cb 03 23 98 18 87 7f 4f 41 52 e0 39 53 30 85 7b 2f 98 18 07 e9 f5 87 5a f9 f5 87 49 15 a9 d7 1f 3c 2e e9 f5 07 ad 20 bf fe b0 a3 56 7a fd 41 47 10 08 70 b1 ba 3a 4c 28 3a 42 49 ad ab f6 1f ab 7d be 72 ba 53 a2 27 94 80 f0 98 ef cb 9f c1 4e 89 9e 40 28 27 ff be 74 8c 6e 05 ad 20 bf fe b0 67 87 f4 fa 83 56 90 5f 7f f0 78 a4 d7 1f b4 82 fc fa 43 6d ad f4 fa 83 8e a0 3c 61 0a 1c c1 fc 7c d6 7d c3 c6 59 92 24 45 32 75 32 5d 10 9b 62 31 71 c3 16 fc 21 be 10 eb ea 89 f1 84 a4 ff dd e6 10 4f 88 b6 35 37 0f f2 04 7f 5b 5b 5b 57 8c 2d 24 bb ba 20 44 4f 92 29 84 da ba e0 87 f3 db a2 Data Ascii: *PgrxU&FH:`0Ha9!H37y)>>#!"#OAR9S0{/ZI<. VzAGp:L(:BI}rS'N@('tn gV_xCm<a\|}Y$E2u2]b1q!O57[[[W-$ DO)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.7	49787	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:20 UTC	395	OUT	GET /S/content/social-media-logo/36/socmed-facebook-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:20 UTC	505	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2890 Connection: close Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 17:35:36 GMT ETag: "cf9659fa3891add490cb7d0d099d72ac" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: TkCQN8oR9v5vFVpS9rU7AnOTnj7AtgqsHb1bZSxCAgOcGS_0sR4sYw== Age: 22305
2024-09-27 23:47:20 UTC	2890	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 24 00 00 00 24 08 06 00 00 00 e1 00 98 98 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR$$pHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.7	49786	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:20 UTC	391	OUT	GET /S2/content/mobile/images/error-icon.20986d3fe0.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:20 UTC	505	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 802 Connection: close Date: Fri, 27 Sep 2024 23:47:20 GMT Last-Modified: Tue, 14 Dec 2021 02:49:38 GMT ETag: "20986d3fe0ddac454b9f46bc34ce8952" x-amz-version-id: yQvHZsqjV.2CRKMhv5iNVz5bc0xc5Mqc Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: NYc9gBzlxBHc5VFks2EnGKGB8Yha_tScgOuV4OEcC28kfqxN5g5WLA== Age: 1
2024-09-27 23:47:20 UTC	802	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 26 00 00 00 26 08 03 00 00 00 9f e3 19 9c 00 00 01 17 50 4c 54 45 00 00 00 ff ff 00 ff aa 2b ff b6 24 ff aa 39 ff b3 33 ff af 30 ff b4 2d ff b8 2b ff b9 2e ff bc 2c ff b6 2e ff b9 2c ff b4 2d ff b6 2c ff b8 2b ff ba 29 ff b5 2f ff b9 2d ff b8 2e ff b9 2d ff b7 2b ff b8 2b ff b5 2a ff b6 2e ff b7 2d ff b7 2c ff b8 2b ff b6 2b ff b8 2d ff b7 2c ff b8 2b ff b6 2b ff b7 2d ff b6 2c ff b8 2d ff b6 2d ff b8 2c ff b8 2d ff b6 2c ff b7 2c ff b6 2d ff b7 2d ff b6 2c ff b6 2d ff b7 2c ff b8 2b ff b6 2c ff b7 2b ff b8 2d ff b6 2c ff b7 2c ff b6 2b ff b7 2b ff b7 2c ff b7 2b ff b7 2d ff b7 2c ff b7 2c ff b7 2c ff b8 2b ff b6 2c ff b7 2b ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b7 2c ff b8 2c ff Data Ascii: PNGIHDR&&PLTE+$930-+.,.,-,+)/-.-++*.-,++-,++-,--,-,,--,-,+,+-,,++,+-,,,+,+,,,,,,,,

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.7	49788	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:20 UTC	396	OUT	GET /S/content/social-media-logo/36/socmed-instagram-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:20 UTC	504	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 4678 Connection: close Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 22:55:06 GMT ETag: "a91be2e400b7f0dc66247427dfaffcf3" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: dvuXLLu13OTVze76SiiEYnpxZ7PF0whXYGXsB5TYCeshA8M3cBA0sw== Age: 3135
2024-09-27 23:47:20 UTC	3198	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 24 00 00 00 24 08 06 00 00 00 e1 00 98 98 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR$$pHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD
2024-09-27 23:47:20 UTC	1480	IN	Data Raw: 5a c2 7c 85 a4 16 b5 16 f5 cc 0a a5 41 24 01 4e 20 21 40 9c 2b 17 a5 2c 27 94 45 23 de e9 53 c6 31 2b aa de 98 b6 3b a0 e8 94 58 b7 8f e1 4c 49 6c 29 66 97 89 33 7d 18 03 16 c8 a9 c0 db 08 94 28 2d 98 31 25 80 d2 02 19 c1 50 6f 59 21 18 81 06 95 8c 9b a2 92 d0 de cc 72 ee 56 43 ea 6a 40 dd 59 26 56 43 56 84 a2 a1 ec 0c 29 7b 0d 45 7b 14 7f fe 10 53 d5 d5 3b 29 37 3a a1 3d 45 ec 36 84 6a 4c 51 0f 29 ba 23 42 73 82 72 5d a6 77 ed 0e a6 da 83 c7 90 53 67 08 31 03 06 28 ff 4d 11 9c c8 04 11 23 d0 b8 c6 62 62 75 35 a0 aa 47 54 9d 11 45 1c b3 a2 28 87 d4 dd 01 45 35 a6 ec 8e c9 0f 7f 93 a9 b8 69 2b b3 ef b8 1e 3f b0 97 e0 27 09 bd 96 d0 4b a8 9f a6 7d e2 11 e6 f7 bc 81 72 c7 02 53 83 af 7d 17 51 50 8c c0 18 c8 ac 50 4f 28 0e 38 41 5a 04 27 56 c5 58 ab 7a 88 86 Data Ascii: Z\|A$N !@+,'E#S1+;XLIl)f3}(-1%PoY!rVCj@Y&VCV){E{S;)7:=E6jLQ)#Bsr]wSg1(M#bbu5GTE(E5i+?'K}rS}QPPO(8AZ'VXz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.7	49789	104.17.24.14	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:20 UTC	729	OUT	GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:20 UTC	941	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:20 GMT Content-Type: application/octet-stream; charset=utf-8 Content-Length: 38384 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: "5eb03ed9-95f0" Last-Modified: Mon, 04 May 2020 16:12:09 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 601970 Expires: Wed, 17 Sep 2025 23:47:20 GMT Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Of84994D8hRigCwemz5fFP90iO14mWrRHlOFTqf3OLDQcglkIezR7xwd43riauDaaPB%2BDp9ggcc64vJXhxh36GpsBUqMAzVSBbzNOPhO9iOmiCLFSJIAiNzGyT9HPRJ5pauAyFGA"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8c9f60d6c90c8c7d-EWR
2024-09-27 23:47:20 UTC	428	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 95 f0 00 0e 00 00 00 01 83 8c 00 00 95 90 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 06 60 00 82 42 08 04 11 08 0a 85 99 3c 84 95 63 01 36 02 24 03 98 30 0b 8c 1a 00 04 20 05 85 41 07 bd 02 3f 77 65 62 66 06 5b 9f 3a 91 42 c5 c5 76 8a fb 0a 48 e7 d8 36 2d 11 10 0f f1 f2 18 85 b8 1d d8 aa df 7e 57 9d 1d 68 61 e3 00 06 cf b7 63 f6 ff ff ff ff e7 26 8d 31 d6 6d c0 06 20 aa 59 d5 57 df 3f 91 ec 70 54 41 ab a4 c3 58 a2 c7 80 3e c5 d6 4e 3b 69 68 dc a2 c6 46 87 98 42 7c 84 e8 9e 4d b4 1f 70 41 c5 a9 2b 3a b1 81 94 bf 3a 1a 56 b0 1a 28 c9 4a 5e 94 67 75 5c 42 67 88 d9 e6 16 d1 4d 26 02 81 14 0a 81 48 87 f3 0e 8f 46 14 ea 62 56 a2 15 12 95 52 6d 63 55 4d 51 75 26 2b ed 29 70 88 ab 85 7f Data Ascii: wOF2?FFTM`B<c6$0 A?webf[:BvH6-~Whac&1m YW?pTAX>N;ihFB\|MpA+::V(J^gu\BgM&HFbVRmcUMQu&+)p
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 34 6a 8d f1 3e 5a 67 92 7c 93 64 07 b6 db 3b 12 21 30 b0 dd d8 3b 12 3f 4f b9 f9 7f d8 04 c2 3a 21 09 91 80 84 45 20 f7 86 4d 08 2a 5b 06 08 04 08 42 80 99 b0 28 02 2e 58 26 2a b4 b2 a9 e8 8c 4b 35 2e 7b 42 15 17 ac 6d ad 4c 6c d5 5f bb 42 1b 6a bb 8b 5d 13 ba 46 bb fe 3e b1 c6 2e ee 6d 9d 06 08 a8 ff 1f 01 43 34 67 cd 4a 36 bb d9 6c b2 12 25 81 28 52 34 5a bc 25 04 f3 18 5a e4 20 15 23 70 50 a1 ed 09 6d a1 3d 6b a9 51 35 ea 47 7b d6 de 3f 35 d1 f3 ea 9d ff 5f 99 f3 ff 5e b3 bb 05 bb 0e 9a 91 40 0e 33 19 1c 45 c8 ef 3d a7 8c bb bb 80 d9 20 c6 fe 3a fb bf d8 54 6d ab ce db 75 98 d1 20 9c 66 32 42 0e 90 15 c0 29 2a 74 f0 33 1b 87 1f 3a 00 40 80 a7 ff 64 9a fa de ae aa f7 67 54 b2 94 da 9c 71 0a a5 f2 71 e6 ff 03 46 92 8d 1b 9a db b4 d8 16 db 9a e7 90 73 17 Data Ascii: 4j>Zg\|d;!0;?O:!E M[B(.X&K5.{BmLl_Bj]F>.mC4gJ6l%(R4Z%Z #pPm=kQ5G{?5_^@3E= :Tmu f2B)*t3:@dgTqqFs
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 23 ab 68 df b3 e4 7b 00 86 7d c0 a1 f2 14 96 e4 20 8c df ba f9 78 bb 80 0a 5b 0e 52 db 72 ae 41 e4 5a 2d be 10 ce 91 76 ad ed ac 51 b7 3d 3f 10 2e c1 21 0f a8 83 88 a3 45 f4 1a de 1a 95 a4 3f 24 2a 81 a7 bb 49 12 b6 35 b9 38 bc c7 d4 4e e4 b6 12 16 3d ac 49 3b f3 3a 81 f3 a9 01 3b 13 50 94 aa 15 e8 19 20 db bb b2 ef 95 42 c9 7a 59 60 f9 fe 3e fa 95 50 ce fe 33 92 5b d6 a1 d7 17 2d 57 2b 4b f7 70 ad 3d d1 73 ee 2e 39 91 83 b2 7e 8e 56 9e 54 ab 36 ad 79 dd 14 a5 d7 f6 0f 2e d0 41 e4 d5 ac 29 08 3d 98 15 4d c9 96 c5 0e f3 0d e0 e5 a0 9f df e9 2d 01 7b f2 f5 a1 cd 66 d9 ab 16 47 9b 76 b5 f6 c4 9f c4 ce 8c f1 a4 22 bd 21 24 01 4c 18 1d f1 71 19 10 3e 6e 6b bb 21 2b 76 39 ad 26 2f c7 78 2e 91 67 e3 39 6b 41 7b e5 26 45 5f f7 4d 15 9a e2 eb af d5 ac d5 6b 92 4b Data Ascii: #h{} x[RrAZ-vQ=?.!E?$*I58N=I;:;P BzY`>P3[-W+Kp=s.9~VT6y.A)=M-{fGv"!$Lq>nk!+v9&/x.g9kA{&E_MkK
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 78 18 f8 1b 41 8d 00 19 77 f4 16 20 66 a9 31 3e 01 8d 01 31 8f d5 50 86 be a5 77 70 a5 6a 47 46 c1 b2 25 36 a9 f6 63 79 32 24 0b 7c ee 99 c8 f1 9e 4d b1 05 e0 ec 82 3e bf 49 de 96 3b 2c c5 46 c4 0a ac d3 0e de a8 62 a5 7a 35 d8 f3 bd 3f 31 95 12 45 cc b1 6a f9 2b 61 e9 6a 28 38 41 81 5e 30 c3 93 bc 8d 40 62 4b da b2 86 7c aa 3d 1a 21 0d da a8 9c 7f 7c e6 58 88 a3 a0 87 5a 57 ab 50 1b 55 44 18 de 6c 36 6b 9d 90 ff 7f 7b 41 31 ff 47 eb 41 bb 70 62 24 80 a9 a1 e0 f7 83 e8 5d 94 5d 99 1a f7 aa 38 c7 da 3e 0a 06 14 dc 50 7d d0 73 c9 69 5d 06 07 7c 03 95 92 4f e4 75 ea 36 4e da fb e4 d8 d5 19 ea 14 af ec 21 b4 3f 76 cb 47 93 86 1c bf 0d da 45 ed 9e d5 9d 58 1b de 3a 2c bf d8 09 0c 76 fb 53 cb e8 6d d0 0e 62 60 5c e2 86 57 1f c7 93 ac f3 03 b9 7c fb a2 38 6b 65 Data Ascii: xAw f1>1PwpjGF%6cy2$\|M>I;,Fbz5?1Ej+aj(8A^0@bK\|=!\|XZWPUDl6k{A1GApb$]]8>P}si]\|Ou6N!?vGEX:,vSmb`\W\|8ke
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 6f cb 7d 0f 10 e2 2c d2 20 fe ec aa 02 fe db 6b 01 a0 2b 70 35 c7 07 53 03 55 26 24 86 e2 d4 91 b4 46 04 8d 14 12 7d 33 6a 17 e2 61 57 d3 c4 8e 42 61 14 16 45 93 34 a2 e8 3f 1e c6 91 be 0d b6 a6 ae 4c b5 da 4c 4f 77 9e 98 fc ca 72 7f 2f 03 c5 9b a7 a2 9e bd 28 31 14 bb 27 b5 ba bf d5 1a 1a dd da 18 e5 fb 2b 9d 0e 4e ac f0 9c 5e 99 bd 00 5c 01 d7 b0 ad cf 5e 59 de eb 5d 99 61 97 1d 76 56 4e 53 4b b8 9f be 7c 75 1f be ff c4 77 4f ba ff eb 88 96 78 07 65 9e 5a 60 ce fd d1 4a 97 38 3b 77 ec 6a 0f c4 1e 62 fa cd d9 55 18 13 b8 ac 03 45 d3 a8 29 8a 07 80 4d 06 73 d0 82 e9 9e 59 8f f8 04 e5 e0 7e 8c 70 4f 5d 03 f9 a8 e8 5f c2 bf 5c cf 72 6c b7 2d 8d b8 18 14 8d 05 c4 a2 e6 a8 10 86 30 34 41 91 8e 3d 56 8e c7 99 e9 68 d1 f0 2e 02 77 73 50 eb 72 43 af 09 9e 6c 01 Data Ascii: o}, k+p5SU&$F}3jaWBaE4?LLOwr/(1'+N^\^Y]avVNSK\|uwOxeZ`J8;wjbUE)MsY~pO]_\rl-04A=Vh.wsPrCl
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: d6 a3 fd d2 4b 7e 71 26 f6 e9 31 39 15 ce 5a 99 2f 0f ca 8f 45 8c 69 f3 91 5e f1 d5 a8 60 27 8d 13 81 e8 77 46 6c 66 df dd 10 c8 70 d2 14 51 ed 2e c5 9b 93 b1 80 e1 1f 19 6f d2 6f c5 69 57 14 b8 8b 48 3a cc de 7d 4c fe 87 81 c4 88 6b 70 52 56 61 8d 7b 0d 46 cc 37 92 7d 50 1d ed e1 dd 92 27 db 7b fc 06 48 7a 08 c2 7f 9e 1e ce 9d 8a 39 c0 4c 80 97 fe db 5d f7 50 71 b4 e3 50 98 65 8e c0 90 75 95 c9 c1 20 b0 5d 91 f2 1d d4 46 27 17 d5 1c 32 c9 f7 90 b8 27 dc be 3e 11 48 20 98 e4 1b d9 0b 94 8f 63 2d a6 b5 93 8c 97 7d d6 50 a6 f5 d7 82 71 a3 a2 6c 72 53 e6 fe d1 98 8b d9 d2 49 6e 55 d0 d5 81 09 12 b7 c3 2b c0 c8 4a 28 75 ef 90 25 44 ac 8a db 73 3e 2e d7 b8 dd 73 da 98 53 3b 71 b5 a5 26 98 ea c9 c9 01 b2 01 39 d3 92 62 06 bc 39 61 2d 01 40 02 6a 1e 39 f2 65 a2 Data Ascii: K~q&19Z/Ei^`'wFlfpQ.ooiWH:}LkpRVa{F7}P'{Hz9L]PqPeu ]F'2'>H c-}PqlrSInU+J(u%Ds>.sS;q&9b9a-@j9e
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: f0 86 ac ad a8 46 79 d0 d0 5e 7c 03 16 98 32 3a a5 88 e2 4a 74 97 f4 a0 5b e3 76 20 a1 82 d9 c1 4e 25 47 68 5b b2 c0 d1 c8 d7 47 10 b3 29 50 44 42 a4 9d 25 3b 81 5c 26 11 68 30 85 26 d1 ce fb 9c ba e2 b5 ab 61 f7 05 d8 e1 64 8f 41 bc 02 46 88 fe 6f 83 53 d8 49 90 ab 81 72 d3 31 cb 2e 42 22 af c0 a9 8f 23 ba 89 12 f9 69 fe dd a6 96 c1 65 aa d1 96 2d 50 21 74 0f cd 84 14 39 45 00 33 cb 2d df 4f 1e 76 a1 c6 c9 54 a2 8d ae 5c 17 be b3 cb 21 93 cb 8a 0d 2b a2 15 fb a5 8b 75 b4 37 0c 3d 77 8c e3 9d d1 fd fb 89 f3 be 0a 1c 2c f5 a3 9e e9 68 02 b3 60 a3 b5 f8 0f 84 04 1a 4e 4d de 84 91 e4 46 1b 4f ad 2c 2c 94 24 8d 35 82 8a 65 ad a1 6b 60 45 89 0a d9 9b bd 6c b3 ca da 93 c5 84 71 d6 ba ed e3 64 af f1 04 1a a0 12 bc c2 f1 2f 11 d4 23 c3 03 d9 a4 30 f5 33 e3 e4 d4 Data Ascii: Fy^\|2:Jt[v N%Gh[G)PDB%;\&h0&adAFoSIr1.B"#ie-P!t9E3-OvT\!+u7=w,h`NMFO,,$5ek`Elqd/#03
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: cb 4a 98 db 7b f6 5a 07 de 2b 57 77 cc 9d d4 ee 79 5e c7 15 0b bc 6d 23 c6 2a e5 f1 09 b4 f7 0a c5 92 63 c0 83 1c ae 2e 83 4e 53 ba da a9 eb 3b 46 61 e0 9e ee 99 4b bc 35 07 bb dc f5 4a 5b 59 e5 20 02 a3 7f bb 5a 79 10 74 c6 7c a9 8b f8 a5 84 75 f4 ac 5c c0 ad 68 16 af 36 d3 39 03 78 1d df 96 2d 40 ac de 3f ce d9 90 89 f9 fa 2a 3d b0 83 ec 07 4c 25 25 6a 84 44 37 d3 28 e3 32 3f 4f d0 bb 75 10 d7 30 b6 c6 ad ea 2f 3c af f7 0f 05 b1 0c e9 4d 4c 1b 32 8d 26 fa 09 0a 78 de 43 e0 7b ce 04 8f a1 51 35 8d 7c cc ef 1c 18 04 eb 95 96 cc 18 f1 0d 29 33 51 c6 eb ab 30 1f 6d 44 b5 70 25 34 43 39 8c f3 34 20 6a 7a a6 16 f5 50 db 64 23 9a 71 9f 27 b4 75 24 f8 66 c5 ef 6b 11 69 e9 c5 ea 35 d8 28 d7 1a 23 56 a7 c1 e3 bb 5e 1a 95 eb 41 79 4d 5f bd 77 52 ef b3 91 04 99 e5 Data Ascii: J{Z+Wwy^m#c.NS;FaK5J[Y Zyt\|u\h69x-@?=L%%jD7(2?Ou0/<ML2&xC{Q5\|)3Q0mDp%4C94 jzPd#q'u$fki5(#V^AyM_wR
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: ae 8f 10 44 d4 28 f9 7a d8 c9 fd 21 44 09 bb b8 da e8 3e f0 6b cd 5f d6 a3 70 62 46 17 2b be 10 89 98 a8 3c 77 b5 b7 4d 25 92 c5 ce 02 fb 30 7d 44 3a 28 5d 60 7f b6 f2 be 83 ce fc 66 80 56 84 91 59 f5 6c a4 1e 05 06 31 bd f1 d4 fd 04 fc b4 d8 ba 57 f0 49 95 fa a4 a6 76 e4 da 7a 3e 43 7a d0 43 64 da be c9 74 35 f0 64 7d 72 58 54 86 0b 84 2c 5e 46 4a 01 cc 84 76 51 b0 b8 2a 23 c3 82 c7 c0 59 68 2f 23 72 01 54 80 10 6f 52 c3 0c d6 7e 9b 5d 0a 5e 2b f5 ad 67 47 71 94 ef db 11 e5 c9 78 db 0c 72 ed 17 16 99 89 f2 dd 4d 87 23 1e 73 f8 33 cd 65 07 2c a8 af 29 dc c3 9d a7 cd 40 de 7c 14 c4 87 26 0c 09 17 68 a1 35 04 4a 1f 05 19 e8 23 ad af 85 24 94 21 a2 24 89 d2 42 95 84 b8 03 08 cd 65 69 6b e0 8c 8a a8 28 5d 4b a9 51 23 9f 6e 0b 57 4a 53 32 58 e0 2a 30 40 ac 89 Data Ascii: D(z!D>k_pbF+<wM%0}D:(]`fVYl1WIvz>CzCdt5d}rXT,^FJvQ#Yh/#rToR~]^+gGqxrM#s3e,)@\|&h5J#$!$Beik(]KQ#nWJS2X0@
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 18 3e 51 f7 c6 69 5e 18 86 57 af a6 8f 87 d2 3e 5c 58 67 36 1d 77 d0 9e c6 76 3b 08 b4 2d 53 23 d2 c9 87 8b 34 72 49 31 6a c8 cf eb 33 ab 41 20 e0 06 82 2d 51 70 54 f0 ca c9 f4 64 d6 67 33 3b 3a 8f 02 b3 71 45 6a c8 18 43 8b ae b9 94 e4 78 98 e6 c3 12 32 33 e0 2e cd a7 3e c7 28 24 8b c1 d7 8d 96 f3 e9 01 1e 96 2c 17 d8 46 b6 e8 90 3a ee 62 8a e0 60 c0 c8 2e 68 13 b4 bd 47 44 8c 73 ad 36 20 50 7c bc 6d a5 f6 c8 6a 4a 89 ba 3f d5 42 25 20 94 3d 99 92 da 4c af ac fb 68 69 ee 69 bf 89 19 86 81 ec cb 3a 6b 45 16 81 48 d5 cd cf 62 16 fe c5 14 0a e6 77 24 4a ea 4e 89 fe 33 e4 39 a9 dd 87 62 35 7a 30 76 c2 d0 b2 7c 6f 1b 52 fc 54 cc f3 c4 4f 28 d9 2f aa 07 7e d3 42 9d 87 99 db 11 40 2b f7 c1 4c 9b 67 fc 2e 21 3c 99 33 26 43 33 c1 9b 67 5a a8 bf 32 c5 d2 7b 33 0e Data Ascii: >Qi^W>\Xg6wv;-S#4rI1j3A -QpTdg3;:qEjCx23.>($,F:b`.hGDs6 P\|mjJ?B% =Lhii:kEHbw$JN39b5z0v\|oRTO(/~B@+Lg.!<3&C3gZ2{3

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
63	192.168.2.7	49790	104.18.11.207	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:20 UTC	672	OUT	GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 Host: stackpath.bootstrapcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: http://www.card.xn--6qq986b3xl sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:20 UTC	889	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:20 GMT Content-Type: font/woff2 Content-Length: 77160 Connection: close CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: US Access-Control-Allow-Origin: * Cache-Control: public, max-age=31919000 ETag: "af7ae505a9eed503f8b8e6982036873e" Last-Modified: Mon, 25 Jan 2021 22:04:55 GMT CDN-ProxyVer: 1.04 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 CDN-CachedAt: 09/26/2024 19:44:55 CDN-EdgeStorageId: 1029 timing-allow-origin: * cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff CDN-Status: 200 CDN-RequestTime: 0 CDN-RequestId: 098f6e59c6d4dd0369b2821cc3b4320a CDN-Cache: HIT CF-Cache-Status: MISS Accept-Ranges: bytes Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 8c9f60d6de001819-EWR
2024-09-27 23:47:20 UTC	480	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 01 2d 68 00 0d 00 00 00 02 86 98 00 01 2d 0e 00 04 01 cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 06 60 00 85 72 11 08 0a 89 99 28 87 b6 58 01 36 02 24 03 95 70 0b 96 10 00 04 20 05 89 06 07 b4 75 5b 52 09 72 47 61 f7 91 84 2a ba 0d 81 27 ed 3d eb 3a b5 1a 26 d3 cd 3d 72 b7 2a 0a 02 19 e5 1a f1 f6 5d 04 74 07 dc 45 aa 6e a3 b2 ff ff ff ff e4 a4 31 46 db 0e dc 40 e0 d5 f4 fb 7c ad 8a 14 08 66 93 6d 92 60 9b 24 d8 91 a1 40 64 5b 42 51 11 24 28 5b 55 3c 2b 28 ad b8 40 50 d0 35 1e e4 60 81 b0 0e da 3e f6 50 10 1a 3b e1 28 91 d1 31 b3 fd 6c db fe 68 d4 a8 a2 c2 29 9f dc 59 79 94 f2 4a 69 e9 eb 17 ad 85 ce 7c 25 db 81 b7 5e ac 14 47 82 a2 33 b8 12 6e 9e 95 e8 ba da 95 dc 0a c4 cd 90 44 8a 9e Data Ascii: wOF2-h-?FFTM `r(X6$p u[RrGa'=:&=r]tEn1F@\|fm`$@d[BQ$([U<+(@P5`>P;(1lh)YyJi\|%^G3nD
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 24 8c 04 54 14 8b 5b 81 82 62 34 8a 11 cd fc 7f ea ec ef 2c af ce bc d7 ef bd a3 62 6c 36 91 ba 0b 49 4c e9 69 7d db 8c 26 e0 34 e3 94 6d 2c 27 cb 16 cb f3 23 bd d7 a5 b3 7f 52 77 01 a2 62 75 c0 b6 2c 4b 96 0b c6 06 9b e2 76 8b 03 db 08 6d 5f 2d c0 c0 e6 5c 48 8b 9d fb 8e 48 48 fe aa f3 93 ea 07 c6 c2 3f 98 96 d3 6d f3 0b 39 50 88 ad d8 29 39 e7 4a a8 86 24 c6 bd 88 9c e7 b1 f4 38 f8 e8 c7 da ce ce 7e b9 3b c4 72 15 8d 6e bf 3d 24 11 1a b5 1f 94 4e 64 64 6e 1b 21 27 ae a6 f0 e3 3b b3 f4 ac 38 99 bc 27 d9 4e a6 ed 1e 21 7f 2d 18 06 4a 19 ca b6 d3 2e e0 d8 fa 91 ee 58 af 3d 0c 2c 12 04 0e 90 9b 1e 22 60 3a 18 a2 ff 1b 0f 09 09 20 7b 8d ef 9e dc e0 bc 12 cb 4b 21 27 9f 00 a1 2d 46 48 94 9c 09 89 23 24 7e 9b 5a 5f 84 b9 9d 10 12 b5 03 4e 35 56 55 38 46 c8 af Data Ascii: $T[b4,bl6ILi}&4m,'#Rwbu,Kvm_-\HHH?m9P)9J$8~;rn=$Nddn!';8'N!-J.X=,"`: {K!'-FH#$~Z_N5VU8F
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 9d 89 63 e3 0e b9 e4 73 2a d5 a7 73 89 28 35 6d 94 3d 71 c6 ca 8a 65 a2 fb f1 59 91 0b 24 eb 5c 3e 10 66 4e 38 80 71 97 8c 78 ea 23 76 0a a5 36 75 6d ef 09 e0 19 9d b0 60 db 4e 4d 2d 4a 00 5c f4 10 46 b7 c7 72 e9 44 02 80 1e b5 5a d3 30 93 07 23 27 ea a5 88 6e ec 11 d2 47 6a 4c 82 da 86 58 14 1b ca 8c a2 41 aa 9d f1 67 59 73 99 2a b2 59 ca dc 07 c7 5e d9 b5 98 3b 22 d8 1d 24 68 62 7f 3d b9 16 19 cf 9b 13 98 30 de 76 48 3c 97 56 76 7f 81 63 9b 5f 00 5c 59 8a 03 ec a3 e8 77 3b 64 42 16 02 83 8b 03 4e 83 84 33 1b 21 24 ce e7 e7 b4 e7 e2 de 49 7c 50 98 20 7e 13 26 13 e4 03 64 c5 2e c8 03 1b d4 b0 e9 02 2d 61 07 f3 fa 61 19 09 2b 2b c2 13 92 39 ba 2e 6d 52 f8 e9 34 e3 63 79 af 9e b9 23 8b 55 d5 c2 46 57 ee 08 75 bd 0d dc 09 17 69 2f f0 9c af 94 66 7e 80 34 dd Data Ascii: css(5m=qeY$\>fN8qx#v6um`NM-J\FrDZ0#'nGjLXAgYsY^;"$hb=0vH<Vvc_\Yw;dBN3!$I\|P ~&d.-aa++9.mR4cy#UFWui/f~4
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: fa c7 ed 18 90 6a 69 a2 e9 d8 69 6d 3c 55 75 6a 59 a9 5a fa 6a 0e 42 5c 40 8c 67 cb 33 45 6a 66 70 96 f8 98 9f 3a ba da ed ea 10 57 db c7 ae 9f ba d9 df b3 8e 9c 94 ce 70 a5 c4 b3 33 61 6f af fb 11 81 31 88 64 61 8b f8 20 9c 03 b7 dd ab a5 fd 88 99 4a 82 d7 b2 3f 20 6a ce 71 37 ae be 4d c3 e6 ce 66 66 99 59 b5 66 cb 1c d4 73 02 1e b0 1b 24 9b 9c 09 84 95 48 fd 91 14 e6 ac 6c a5 96 f5 b9 bf c0 88 97 28 25 2e 9b 72 06 e3 d2 77 3f 03 f2 be 6d 3d 7e 0b 82 79 b2 63 59 91 62 67 29 3c cb 57 84 20 2f 56 78 16 da 6b a9 b4 92 24 e7 f3 8f 0c 42 f0 72 7e f1 86 01 a7 d3 f0 39 13 de 36 8d 30 d1 26 fe 99 5f 76 4d 00 59 c2 25 84 93 d2 9d 7b e6 45 7f 89 36 3c c3 e9 95 c7 c2 ed db 25 8b 25 ab 34 ad 8b 8e df a0 4f de 40 ef f3 4e e1 f9 08 a1 82 aa 22 5a b7 18 df 4f 44 7b 75 Data Ascii: jiim<UujYZjB\@g3Ejfp:Wp3ao1da J? jq7MffYfs$Hl(%.rw?m=~ycYbg)<W /Vxk$Br~960&_vMY%{E6<%%4O@N"ZOD{u
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 5e d0 60 97 4e 33 4f f2 8c a2 0f fa 86 83 ac 5b f1 1d 76 3a e0 ca 84 3a d9 e8 5e da 9c 72 d7 bf e7 11 40 ea d2 ec 0a 8d 46 c5 5f ae d7 11 e5 01 08 4e 63 cc 42 d2 17 f1 fd c3 38 70 a3 5c 69 af a2 b5 d7 37 cf ee 8b 67 e5 ad 03 2a ee 8f d1 cd fd 2c 83 43 ab 9d 1a c2 0e e1 5b 87 36 b4 54 92 3f ba ba b5 16 85 25 f2 7a fb c5 40 01 06 18 6a 41 70 42 4e 35 f0 9e 22 34 54 9e a5 e0 f4 22 96 7d 30 75 4a f4 87 8f 9e 96 c8 9c 7e 33 f6 1e d9 0e d1 7b 7d 02 75 57 f6 8c e0 ee 4d 93 1e 6a fa 39 c8 2d 82 5d 13 f5 ab 9d 11 99 27 6c 53 b2 20 2f f0 52 3e 3c a5 2b e7 4f 9f 95 db d8 1f 65 42 23 95 42 63 d2 1a d9 c0 02 e8 6a 4c 5c 11 12 a3 c4 2d be 5a 68 95 5b d7 fa 49 3c 8d aa fc 0f f1 84 18 71 a8 76 de 7e 96 6b 5d 9b 47 c3 ce d5 54 44 bf 3f 53 a9 cb d9 d6 2f 1a c6 2d d4 d7 25 Data Ascii: ^`N3O[v::^r@F_NcB8p\i7g*,C[6T?%z@jApBN5"4T"}0uJ~3{}uWMj9-]'lS /R><+OeB#BcjL\-Zh[I<qv~k]GTD?S/-%
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 09 ee c8 18 f8 89 1f a7 8f 29 2d 09 be 06 3a 4d 24 cb 79 63 a0 ae 45 c0 25 41 69 95 92 05 32 5d 96 98 08 cc 6c e5 b6 a8 90 89 1c 9a 19 cd 38 86 49 1a bc 79 b2 d2 05 5a 17 47 4a b3 83 1a a2 06 ae 5c d5 1e 32 1a d6 99 58 62 18 bf 4c be f6 f0 9f 49 c2 41 2d fd 47 72 52 00 21 cd 30 a0 13 a0 db 4c 2b c0 51 68 aa 53 f3 59 d4 d2 13 d7 f2 53 bf 35 fd 5f 1e d8 28 a5 06 0e 70 6f 46 9a a7 54 89 87 11 af 23 6b 1c 4e db be ea 6c 7c 72 87 6e 06 b3 64 d7 48 a0 07 1e 96 dc 79 13 db 8a e6 f9 ee e4 c8 26 db 86 17 78 e3 70 b0 c1 f7 e1 e5 5b e9 16 38 47 1a 86 fe d9 64 74 ac a2 ac a3 b1 7a ec b0 83 d9 a6 06 09 38 b4 b4 42 bd ae 4b 50 22 40 32 65 8c 65 03 e6 94 0b ac 79 e6 1e 78 e7 a7 1e da 6a bd b8 9c 06 95 4a 4b c2 88 68 c1 58 c5 ac 42 ec 7d ea 11 a6 36 08 f9 c3 a2 ff b5 60 Data Ascii: )-:M$ycE%Ai2]l8IyZGJ\2XbLIA-GrR!0L+QhSYS5_(poFT#kNl\|rndHy&xp[8Gdtz8BKP"@2eeyxjJKhXB}6`
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 94 48 26 a3 6f 8f 1b a1 1b 6b c4 89 4c 44 de 57 a1 4f fb 86 c2 f9 94 eb ca 2a 4a 33 73 5b 19 ce 36 9d 6a 31 f0 40 d9 d8 6e 72 3c ae ce be db 87 86 23 89 cd d2 40 09 88 30 bf 9b 63 06 09 a2 9d 1f 05 99 3f ef b5 9d 3c 32 8a 44 d5 d3 a6 09 bf e8 7d af b0 54 73 cd d9 53 ce fd d0 22 e2 0b 52 cd 0a ae 95 a4 2e 7d df 6f 5a de cd 18 e3 87 f9 46 6f 2a 98 95 a7 dd 97 87 b6 ff b7 96 b5 3a dd f4 d6 1b c1 93 bc c1 37 c9 ed f7 48 c2 f2 e4 8d 9a 0e a5 78 a1 b4 5d c5 db c7 61 19 36 1e 76 35 ed 12 52 fd a0 cc be 65 31 87 ed 24 58 4c 85 9b ba c3 0a 4a 89 61 61 9a 11 13 dd 86 2c c6 f3 ec 84 90 cc 1a 22 33 2d cf 47 e4 21 1c cb a5 38 b3 b7 f2 38 0a 7c e0 54 3a 53 de 50 93 8c 02 1f b8 b6 f5 f1 70 1c 4d 52 ae 59 de 62 f4 e6 a5 7b ef 2b bb 4f fd 65 db 9b 32 f6 f2 d7 67 05 a7 a9 Data Ascii: H&okLDWOJ3s[6j1@nr<#@0c?<2D}TsS"R.}oZFo:7Hx]a6v5Re1$XLJaa,"3-G!88\|T:SPpMRYb{+Oe2g
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 9a b2 72 1b bb 72 21 d2 4b 86 39 d1 8f 38 70 d9 7d 51 bf ec bd 8d 8b e7 67 fb 2d 84 2a 0f 73 6d b5 7e c5 58 06 d7 50 1a 30 64 f8 4d 5e 08 b5 f0 3f 44 c5 18 64 49 82 6d 3c 86 a8 70 3b a1 7f 06 79 8e 06 2c 22 db a6 a6 36 ad e4 76 ca 70 07 54 5c 5e ca 6e f4 db f7 be 7f 05 33 6d a4 3e 38 a4 65 43 ae f1 dc 4e 7d 10 ad cd ea ed 63 c3 a0 e6 d9 ad 24 73 37 db bc 13 fa 9c 23 d5 b5 3c 53 46 2d 41 ba a7 a0 14 e4 86 f9 7a ac d2 e2 89 b1 13 cf 0a 80 42 81 09 2a 7b b8 06 36 63 67 1d 89 87 b1 54 7a ad 47 07 58 1f 32 2b 93 82 cd f6 d9 19 ff 61 07 b6 9c 30 9b 01 1b 86 a4 ff 07 3b e6 1c 20 9d 45 45 61 47 98 64 f1 ce 98 00 06 d7 bf c0 5b ef aa 4d 00 bc ab 06 e1 0a ae 69 f0 1b 9e d3 0f 67 f4 d2 3a 42 88 5b c4 09 55 fa b9 ad 12 33 bd 19 4a 39 dd 0d 30 08 ca 0f 9a 49 06 be 32 Data Ascii: rr!K98p}Qg-sm~XP0dM^?DdIm<p;y,"6vpT\^n3m>8eCN}c$s7#<SF-AzB{6cgTzGX2+a0; EEaGd[Mig:B[U3J90I2
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: de 68 00 c7 e1 79 a2 7f 80 14 61 d1 ce 7b 9e 32 3e af fe 43 50 ae 89 90 b0 4c c5 0f 10 20 9a 6a 3f d1 6e 08 74 67 e5 9e d8 d3 5d 03 a6 16 e1 53 88 b8 f8 f8 7b e1 b5 55 d3 87 05 91 28 27 b3 b5 62 e7 a3 27 66 8f e6 67 30 d3 83 dd ea 18 95 c4 4c 50 41 a5 4d 74 64 15 07 cc 29 e3 b3 32 c3 ba e3 59 21 d6 76 00 8e 26 60 6f 85 af fe 32 12 50 5b 0b 1b 9d 61 de 94 84 bb 35 fb c0 0c 53 87 7c 23 2b 80 b2 01 37 4a 05 a4 8a 0a 23 1b c8 b8 cc 5f ab d5 64 55 a9 a4 36 23 56 19 44 ae 86 c0 9b 42 22 4b 83 f7 d6 7c a2 1a b8 c0 c1 19 16 80 29 02 6f 90 d0 10 aa 74 6b fd 6c 03 9a e6 c8 2c ae 14 fb 6c 11 e8 a1 eb 0f f3 55 1f ec 29 dd b9 65 98 35 81 3c 41 ba 08 b0 1e 5c 30 9c eb 9e 5f ec 37 d8 d9 f6 ed 5e 7e 7b d8 24 0d 71 52 82 ce b0 66 93 13 01 fb eb 50 0a 10 61 1a 21 66 97 b4 Data Ascii: hya{2>CPL j?ntg]S{U('b'fg0LPAMtd)2Y!v&`o2P[a5S\|#+7J#_dU6#VDB"K\|)otkl,lU)e5<A\0_7^~{$qRfPa!f
2024-09-27 23:47:20 UTC	1369	IN	Data Raw: 12 c4 97 cb 9c dd 58 a8 81 a2 0e 5f 27 01 c4 12 f2 c3 35 f5 c7 15 5d 1a 4a 84 b8 fc 32 50 d2 08 39 32 b0 a8 43 cd 89 fa d4 ff 0c fd 40 f1 99 a6 43 a5 a0 86 f9 9b 18 36 14 45 9f 65 d1 00 42 40 8b 0b 06 e8 ac df 41 91 39 94 df 87 c3 02 e7 e6 c7 b4 e8 79 06 5d 00 f5 05 48 f1 09 07 89 03 2d 1c e0 20 db 62 b6 a8 39 0d d1 f0 4f 1e f5 19 30 0c 75 77 a7 ac 49 e2 c8 f1 a6 02 37 4a a6 78 95 c5 ab 32 af f3 5c ca 19 56 66 3d 6e 56 91 56 80 ab a4 d0 22 23 39 93 ac d6 76 38 78 0a fb b6 6d 15 0f 14 70 41 68 f6 d3 13 e8 79 e2 91 33 82 bb 70 51 09 0e 25 e4 d0 74 5e af 91 d8 20 7c 83 c2 82 5d 9d 59 42 38 6a 43 d7 ac 6e c4 23 07 26 cb c9 87 0b ee fc bd f0 ca b4 76 ac cb 92 50 a1 3e 15 96 4f 03 7f a1 a9 a7 04 93 93 af 03 89 79 b5 55 41 74 32 d0 5f b7 e0 fd ee f1 d1 ee 03 0b Data Ascii: X_'5]J2P92C@C6EeB@A9y]H- b9O0uwI7Jx2\Vf=nVV"#9v8xmpAhy3pQ%t^ \|]YB8jCn#&vP>OyUAt2_

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
64	192.168.2.7	49794	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:21 UTC	394	OUT	GET /S/content/social-media-logo/36/socmed-youtube-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:21 UTC	501	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2216 Connection: close Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 23:47:20 GMT ETag: "123c968b7d12fcf714b9d2af208d666a" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: SIKWKgFjygtIC0TEQj0txjP_gldSqgsnG6x0lB945mTT2G1MOUPPGA== Age: 2
2024-09-27 23:47:21 UTC	2216	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 33 00 00 00 24 08 06 00 00 00 24 72 02 09 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR3$$rpHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
65	192.168.2.7	49793	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:21 UTC	399	OUT	GET /S/content/social-media-logo/36/socmed-facebook-msg-H36.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:21 UTC	478	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2866 Connection: close Date: Fri, 27 Sep 2024 23:47:20 GMT Last-Modified: Fri, 24 Apr 2020 04:39:27 GMT ETag: "e3443d0d8aea42fc61368b9792b6fdc3" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: qY8nVjEr-8LtDnEpiaMZuOS78EKakCxCY7_HmkMhl8la9U2aYEmvgg== Age: 2
2024-09-27 23:47:21 UTC	2866	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 24 00 00 00 24 08 06 00 00 00 e1 00 98 98 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 06 00 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 Data Ascii: PNGIHDR$$pHYsiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
66	192.168.2.7	49795	142.250.184.196	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:21 UTC	946	OUT	GET /recaptcha/api2/anchor?ar=1&k=6Lc8br0ZAAAAAOAZHpdE1Fm9RA9tK85W3ano_l0-&co=aHR0cDovL3d3dy5jYXJkLnhuLS02cXE5ODZiM3hsOjgw&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=52g2s9q59kln HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:22 UTC	1161	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:21 GMT Content-Security-Policy: script-src 'report-sample' 'nonce-7bArXeIZJojatAT01_YfXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:22 UTC	229	IN	Data Raw: 31 63 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 Data Ascii: 1c6d<!DOCTYPE HTML><html dir="ltr"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><style type="text/css">/* cyrillic-ext */@font-face { font-f
2024-09-27 23:47:22 UTC	1390	IN	Data Raw: 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 32 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 2c 20 55 2b 32 44 45 30 2d 32 44 46 46 2c 20 55 2b 41 36 34 30 2d 41 36 39 46 2c 20 55 2b 46 45 32 45 2d 46 45 32 46 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 Data Ascii: amily: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;}/* cyrillic
2024-09-27 23:47:22 UTC	1390	IN	Data Raw: 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 47 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 30 2d 30 32 41 46 2c 20 55 2b 30 33 30 34 2c 20 55 2b 30 33 30 38 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 30 30 2d 31 45 39 46 2c 20 55 2b 31 45 46 32 2d 31 45 46 46 2c 20 55 2b 32 30 32 30 2c 20 55 2b 32 30 41 30 2d Data Ascii: font-family: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2) format('woff2'); unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-
2024-09-27 23:47:22 UTC	1390	IN	Data Raw: 75 39 32 46 72 31 4d 6d 45 55 39 66 43 42 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 31 46 30 30 2d 31 46 46 46 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 35 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 45 55 39 66 42 78 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 Data Ascii: u92Fr1MmEU9fCBc4EsA.woff2) format('woff2'); unicode-range: U+1F00-1FFF;}/* greek */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 500; src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2) format('
2024-09-27 23:47:22 UTC	1390	IN	Data Raw: 55 2b 32 31 32 32 2c 20 55 2b 32 31 39 31 2c 20 55 2b 32 31 39 33 2c 20 55 2b 32 32 31 32 2c 20 55 2b 32 32 31 35 2c 20 55 2b 46 45 46 46 2c 20 55 2b 46 46 46 44 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 39 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 59 55 74 66 43 52 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 Data Ascii: U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;}/* cyrillic-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 900; src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfCRc4EsA.woff2) format('woff2');
2024-09-27 23:47:22 UTC	1390	IN	Data Raw: 2b 30 31 41 46 2d 30 31 42 30 2c 20 55 2b 30 33 30 30 2d 30 33 30 31 2c 20 55 2b 30 33 30 33 2d 30 33 30 34 2c 20 55 2b 30 33 30 38 2d 30 33 30 39 2c 20 55 2b 30 33 32 33 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 41 30 2d 31 45 46 39 2c 20 55 2b 32 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 39 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 59 55 74 66 43 68 63 34 45 Data Ascii: +01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;}/* latin-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 900; src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfChc4E
2024-09-27 23:47:22 UTC	106	IN	Data Raw: 69 65 73 2f 70 72 69 76 61 63 79 2f 5c 78 32 32 2c 5c 78 32 32 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6e 74 6c 2f 65 6e 2f 70 6f 6c 69 63 69 65 73 2f 74 65 72 6d 73 2f 5c 78 32 32 5d 5d 22 29 3b 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: ies/privacy/\x22,\x22https://www.google.com/intl/en/policies/terms/\x22]]"); </script></body></html>
2024-09-27 23:47:22 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
67	192.168.2.7	49800	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:24 UTC	373	OUT	GET /S/content/common/css/flags32.png HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:24 UTC	479	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 26399 Connection: close Date: Fri, 27 Sep 2024 23:47:21 GMT Last-Modified: Thu, 20 Dec 2018 04:54:20 GMT ETag: "ee905aeea99aa287b3f5b569fedbd91e" x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: m8ZiL20_SFDz2RkR4HcACHUZPFNsNXZeImiUflot0iN7dxaOE5AkXA== Age: 4
2024-09-27 23:47:24 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 1e e0 08 03 00 00 00 62 ad 73 e1 00 00 03 00 50 4c 54 45 4c 69 71 00 38 93 00 38 93 00 38 93 00 38 93 00 38 93 00 38 93 00 00 00 00 00 66 00 00 7e 00 00 95 00 00 99 1b 11 03 00 00 ae 0e 17 15 00 00 cd 00 00 ff 3f 11 09 22 0f 69 00 27 67 00 24 7e 0c 1c 8c 00 1e a5 23 27 26 02 2d 62 00 2a 7d 00 29 8e 6b 0b 12 09 2a 88 02 32 7a 00 35 84 00 33 99 00 36 91 00 37 a9 09 38 96 01 37 b8 12 49 2f 06 40 85 70 18 3e 39 38 34 c0 00 00 0d 3d 9d 00 66 00 b0 0c 0a 00 60 34 8b 1d 22 48 30 71 cd 02 02 50 43 09 22 42 8b 06 4d a2 02 52 93 da 01 00 0f 47 af 00 53 a4 c2 0a 27 28 4c 6a 01 51 ba 00 6a 40 00 50 c8 21 5d 36 ad 19 28 00 6a 4d 76 2b 60 00 72 29 00 5d a4 e5 05 14 24 4b a6 17 6f 14 69 42 32 ce 11 26 ff Data Ascii: PNGIHDR bsPLTELiq888888f~?"i'g$~#'&-b})k2z536787I/@p>984=f`4"H0qPC"BMRGS'(LjQj@P!]6(jMv+`r)]$KoiB2&
2024-09-27 23:47:24 UTC	10015	IN	Data Raw: af 27 54 ee eb ad ae 76 ff 2f 64 a9 ac 5c bb 50 2b d0 14 2d ee 80 bd 52 44 4f 78 6e 51 e3 ff fd e9 bb de e2 4a 66 8a b5 2e d7 b3 56 4f 0d b3 c8 4a 99 77 98 c3 94 b0 8d 4f ea 91 12 3c 70 c0 11 ac a3 7a 8d 28 38 26 60 f7 2a 5d a6 ae a6 af 64 a1 61 78 56 9f d2 ae 40 c0 ea 74 53 98 18 89 cb 5c b2 15 46 f1 91 7e 80 02 9e f9 e6 ca 65 3c 81 02 f2 e7 3f 63 a3 36 05 70 fb 36 f6 1f d5 89 f0 1d 21 df a9 8b fc 30 9d 10 21 21 c5 89 34 c1 1f 8d c6 62 49 7a 1b 63 2c 1a f5 6b 05 30 48 0a 68 d7 08 c0 19 41 6a 16 ce 28 53 20 5d 92 d0 85 67 b2 12 f6 23 43 f4 7b 3b 08 19 4a 3b a5 14 66 48 f0 c8 91 20 99 61 09 ed f1 3e ba e9 8b b7 6b 84 5d 92 00 0d a9 ed ae 74 01 1d 05 bb 24 01 1b d1 c3 33 54 e0 00 82 89 91 f8 17 06 44 e4 2e 0a 62 2b 6c ef 48 c0 d6 2c 85 9f aa 11 9b 67 0f b2 Data Ascii: 'Tv/d\P+-RDOxnQJf.VOJwO<pz(8&`*]daxV@tS\F~e<?c6p6!0!!4bIzc,k0HhAj(S ]g#C{;J;fH a>k]t$3TD.b+lH,g

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
68	192.168.2.7	49801	18.66.102.6	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:25 UTC	618	OUT	GET /S/content/common/images/favicon.ico HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: http://www.card.xn--6qq986b3xl/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:25 UTC	619	IN	HTTP/1.1 200 OK Content-Type: image/vnd.microsoft.icon Content-Length: 16958 Connection: close Last-Modified: Thu, 20 Dec 2018 04:54:32 GMT x-amz-meta-mode: 33204 x-amz-meta-gid: 1000 x-amz-meta-uid: 1000 x-amz-meta-mtime: 1468204972 x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 14:34:59 GMT ETag: "cad7601f1f8c2c359780f4f874276a1a" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: 7n6eM6TMN1yCKl2kKwiBD-s40rarG3_KHPUKagpckN-grrU7VV9HlQ== Age: 33147
2024-09-27 23:47:25 UTC	8949	IN	Data Raw: 00 00 01 00 01 00 40 40 00 00 00 00 20 00 28 42 00 00 16 00 00 00 28 00 00 00 40 00 00 00 80 00 00 00 01 00 20 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: @@ (B(@
2024-09-27 23:47:25 UTC	8009	IN	Data Raw: ff 6a 40 0f ff 6c 43 14 ff 6c 43 14 ff 6c 43 14 ff 6c 43 14 ff 6c 43 14 ff 6c 43 14 ff 6c 43 14 ff 6b 41 12 ff 69 40 11 ff 7e 5c 36 ff ec e8 e3 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cc f0 fd 78 21 c9 fc ff 0c c2 fb ff 11 c0 fc ff 14 be fb ff 16 bb fb ff 19 b9 fa ff 1b b6 f9 ff 1c b4 fa ff 20 b0 f8 ff 21 af f9 ff 21 ac f8 ff 1e a6 f7 ff 7e cb fa ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 12 84 64 47 ff 62 36 Data Ascii: j@lClClClClClClCkAi@~\67x! !!~dGb6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
69	192.168.2.7	49802	18.66.102.4	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:27 UTC	376	OUT	GET /S/content/common/images/favicon.ico HTTP/1.1 Host: cdn1.codashop.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:27 UTC	619	IN	HTTP/1.1 200 OK Content-Type: image/vnd.microsoft.icon Content-Length: 16958 Connection: close Last-Modified: Thu, 20 Dec 2018 04:54:32 GMT x-amz-meta-mode: 33204 x-amz-meta-gid: 1000 x-amz-meta-uid: 1000 x-amz-meta-mtime: 1468204972 x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 27 Sep 2024 14:34:59 GMT ETag: "cad7601f1f8c2c359780f4f874276a1a" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P2 X-Amz-Cf-Id: WQeAm2nvlAYhweUtaTmmsn9PUFAtRHDLd1ElXJ9hsTM-VNdK8qeXGQ== Age: 33149
2024-09-27 23:47:27 UTC	15990	IN	Data Raw: 00 00 01 00 01 00 40 40 00 00 00 00 20 00 28 42 00 00 16 00 00 00 28 00 00 00 40 00 00 00 80 00 00 00 01 00 20 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: @@ (B(@
2024-09-27 23:47:27 UTC	968	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
70	192.168.2.7	49805	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:35 UTC	684	OUT	GET /store/apps/details?id=com.neptune.domino&hl=en HTTP/1.1 Host: play.google.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:35 UTC	4050	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 x-ua-compatible: IE=edge Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:35 GMT P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Strict-Transport-Security: max-age=31536000 Cross-Origin-Opener-Policy: same-origin-allow-popups Cross-Origin-Resource-Policy: same-site Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport Content-Security-Policy: script-src 'report-sample' 'nonce-hbao1ZvT5IX0s8tjpK5MOA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.google.com/js/bg/ https://www.gstatic.com/_/boq-play/_/js/k=boq [TRUNCATED] reporting-endpoints: default="/_/PlayStoreUi/web-reports?context=eJzjytDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgXhJxkfVA4kVWQ4VLrPZArNpzidUYiIskrrA2APGprnusF4DYuuceqyMQ_158j5VxyT1W8VX3WGWBWIiHY3rH3e1sAjterl7NqCSflF8YX5CTWFmaWZxaVJZaFG9kYGRiYGlkqmdoEF9gAAB-ljyG" Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Set-Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw; expires=Sat, 29-Mar-2025 23:47:35 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 38 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 3c 68 65 61 64 3e 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6c 61 79 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 67 73 74 61 74 69 63 2e 63 6f 6d 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6f 72 69 67 69 6e 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d Data Ascii: 8000<!doctype html><html lang="en" dir="ltr"><head><base href="https://play.google.com/"><link rel="preconnect" href="//www.gstatic.com"><meta name="referrer" content="origin"><meta name="viewport" content="width=device-width, initial-scale=1"><meta nam
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 38 30 2c 32 30 2c 31 30 2c 31 34 2c 37 39 2c 34 33 2c 34 32 2c 31 33 39 2c 36 33 2c 31 36 39 2c 31 35 35 5d 5d 5d 2c 5b 5b 37 2c 31 32 32 5d 2c 5b 5b 31 2c 37 33 2c 39 36 2c 31 30 33 2c 39 37 2c 35 38 2c 35 30 2c 39 32 2c 35 32 2c 31 31 32 2c 36 39 2c 31 39 2c 33 31 2c 31 30 31 2c 31 32 33 2c 37 34 2c 34 39 2c 38 30 2c 32 30 2c 31 30 2c 31 34 2c 37 39 2c 34 33 2c 34 32 2c 31 33 39 2c 36 33 2c 31 36 39 2c 31 35 35 5d 5d 5d 2c 5b 5b 37 2c 37 32 5d 2c 5b 5b 31 2c 37 33 2c 39 36 2c 31 30 33 2c 39 37 2c 35 38 2c 35 30 2c 39 32 2c 35 32 2c 31 31 32 2c 36 39 2c 31 39 2c 33 31 2c 31 30 31 2c 31 32 33 2c 37 34 2c 34 39 2c 38 30 2c 32 30 2c 31 30 2c 31 34 2c 37 39 2c 34 33 2c 34 32 2c 31 33 39 2c 36 33 2c 31 36 39 2c 31 35 35 5d 5d 5d 2c 5b 5b 37 2c 37 31 5d 2c 5b Data Ascii: 80,20,10,14,79,43,42,139,63,169,155]]],[[7,122],[[1,73,96,103,97,58,50,92,52,112,69,19,31,101,123,74,49,80,20,10,14,79,43,42,139,63,169,155]]],[[7,72],[[1,73,96,103,97,58,50,92,52,112,69,19,31,101,123,74,49,80,20,10,14,79,43,42,139,63,169,155]]],[[7,71],[
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 34 2c 31 30 5d 5d 5d 2c 5b 5b 31 37 2c 35 35 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 35 2c 31 33 2c 33 31 2c 35 2c 34 31 2c 32 37 2c 38 2c 31 34 2c 31 30 5d 5d 5d 2c 5b 5b 31 37 2c 39 36 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 35 2c 31 33 2c 33 31 2c 35 2c 34 31 2c 32 37 2c 38 2c 31 34 2c 31 30 5d 5d 5d 2c 5b 5b 31 37 2c 31 30 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 35 2c 31 33 2c 33 31 2c 35 2c 34 31 2c 32 37 2c 38 2c 31 34 2c 31 30 5d 5d 5d 2c 5b 5b 31 37 2c 31 32 32 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 35 2c 31 33 2c 33 31 2c 35 2c 34 31 2c 32 37 2c 38 2c 31 34 2c 31 30 5d 5d 5d 2c 5b 5b 31 37 2c 37 32 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 35 2c 31 33 2c 33 31 2c 35 2c 34 31 2c 32 37 2c 38 2c 31 34 2c 31 30 5d 5d 5d 2c 5b 5b 31 37 2c 37 31 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 35 2c 31 Data Ascii: 4,10]]],[[17,55],[[1,7,9,25,13,31,5,41,27,8,14,10]]],[[17,96],[[1,7,9,25,13,31,5,41,27,8,14,10]]],[[17,10],[[1,7,9,25,13,31,5,41,27,8,14,10]]],[[17,122],[[1,7,9,25,13,31,5,41,27,8,14,10]]],[[17,72],[[1,7,9,25,13,31,5,41,27,8,14,10]]],[[17,71],[[1,7,9,25,1
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 39 2c 36 2c 37 2c 32 2c 38 2c 31 2c 31 30 2c 31 31 2c 35 5d 5d 5d 2c 5b 5b 34 34 2c 36 35 5d 2c 5b 5b 33 2c 34 2c 39 2c 36 2c 37 2c 32 2c 38 2c 31 2c 31 30 2c 31 31 2c 35 5d 5d 5d 2c 5b 5b 34 34 2c 31 31 30 5d 2c 5b 5b 33 2c 34 2c 39 2c 36 2c 37 2c 32 2c 38 2c 31 2c 31 30 2c 31 31 2c 35 5d 5d 5d 2c 5b 5b 34 34 2c 31 31 5d 2c 5b 5b 33 2c 34 2c 39 2c 36 2c 37 2c 32 2c 38 2c 31 2c 31 30 2c 31 31 2c 35 5d 5d 5d 2c 5b 5b 34 34 2c 35 36 5d 2c 5b 5b 33 2c 34 2c 39 2c 36 2c 37 2c 32 2c 38 2c 31 2c 31 30 2c 31 31 2c 35 5d 5d 5d 2c 5b 5b 34 34 2c 35 35 5d 2c 5b 5b 33 2c 34 2c 39 2c 36 2c 37 2c 32 2c 38 2c 31 2c 31 30 2c 31 31 2c 35 5d 5d 5d 2c 5b 5b 34 34 2c 39 36 5d 2c 5b 5b 33 2c 34 2c 39 2c 36 2c 37 2c 32 2c 38 2c 31 2c 31 30 2c 31 31 2c 35 5d 5d 5d 2c 5b 5b 34 Data Ascii: 9,6,7,2,8,1,10,11,5]]],[[44,65],[[3,4,9,6,7,2,8,1,10,11,5]]],[[44,110],[[3,4,9,6,7,2,8,1,10,11,5]]],[[44,11],[[3,4,9,6,7,2,8,1,10,11,5]]],[[44,56],[[3,4,9,6,7,2,8,1,10,11,5]]],[[44,55],[[3,4,9,6,7,2,8,1,10,11,5]]],[[44,96],[[3,4,9,6,7,2,8,1,10,11,5]]],[[4
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 2c 31 31 2c 31 39 2c 32 31 2c 31 37 2c 31 35 2c 31 32 2c 31 36 2c 32 30 5d 5d 5d 2c 5b 5b 34 2c 31 31 33 5d 2c 5b 5b 31 2c 33 2c 35 2c 34 2c 37 2c 36 2c 31 31 2c 31 39 2c 32 31 2c 31 37 2c 31 35 2c 31 32 2c 31 36 2c 32 30 5d 5d 5d 2c 5b 5b 34 2c 31 33 39 5d 2c 5b 5b 31 2c 33 2c 35 2c 34 2c 37 2c 36 2c 31 31 2c 31 39 2c 32 31 2c 31 37 2c 31 35 2c 31 32 2c 31 36 2c 32 30 5d 5d 5d 2c 5b 5b 34 2c 31 35 30 5d 2c 5b 5b 31 2c 33 2c 35 2c 34 2c 37 2c 36 2c 31 31 2c 31 39 2c 32 31 2c 31 37 2c 31 35 2c 31 32 2c 31 36 2c 32 30 5d 5d 5d 2c 5b 5b 34 2c 31 36 39 5d 2c 5b 5b 31 2c 33 2c 35 2c 34 2c 37 2c 36 2c 31 31 2c 31 39 2c 32 31 2c 31 37 2c 31 35 2c 31 32 2c 31 36 2c 32 30 5d 5d 5d 2c 5b 5b 34 2c 31 36 35 5d 2c 5b 5b 31 2c 33 2c 35 2c 34 2c 37 2c 36 2c 31 31 2c 31 Data Ascii: ,11,19,21,17,15,12,16,20]]],[[4,113],[[1,3,5,4,7,6,11,19,21,17,15,12,16,20]]],[[4,139],[[1,3,5,4,7,6,11,19,21,17,15,12,16,20]]],[[4,150],[[1,3,5,4,7,6,11,19,21,17,15,12,16,20]]],[[4,169],[[1,3,5,4,7,6,11,19,21,17,15,12,16,20]]],[[4,165],[[1,3,5,4,7,6,11,1
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 2c 5c 22 46 4a 4b 63 50 65 5c 22 5d 2c 5b 34 35 36 34 35 34 35 32 2c 6e 75 6c 6c 2c 66 61 6c 73 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 6a 37 4c 64 49 63 5c 22 5d 2c 5b 34 35 35 38 35 35 31 31 2c 6e 75 6c 6c 2c 66 61 6c 73 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 6e 4b 71 41 4e 63 5c 22 5d 2c 5b 34 35 35 38 35 35 33 32 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 6f 62 6f 43 76 71 35 76 48 30 72 67 65 7a 57 62 72 52 6d 30 50 4d 42 78 36 5a 6f 56 5c 22 2c 6e 75 6c 6c 2c 5c 22 49 4c 37 4a 6c 5c 22 5d 2c 5b 34 35 35 38 35 35 32 35 2c 6e 75 6c 6c 2c 66 61 6c 73 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 41 52 4d 78 71 65 5c 22 5d 2c 5b 34 35 36 32 31 34 38 31 2c 6e 75 6c 6c 2c 74 72 75 65 2c 6e 75 6c 6c Data Ascii: ,\"FJKcPe\"],[45645452,null,false,null,null,null,\"j7LdIc\"],[45585511,null,false,null,null,null,\"nKqANc\"],[45585532,null,null,null,\"oboCvq5vH0rgezWbrRm0PMBx6ZoV\",null,\"IL7Jl\"],[45585525,null,false,null,null,null,\"ARMxqe\"],[45621481,null,true,null
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 5c 22 70 73 58 71 43 66 5c 22 5d 2c 5b 34 35 35 33 32 34 34 39 2c 6e 75 6c 6c 2c 74 72 75 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 51 59 62 35 73 64 5c 22 5d 2c 5b 34 35 36 32 30 32 34 39 2c 6e 75 6c 6c 2c 74 72 75 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 41 38 57 58 62 66 5c 22 5d 2c 5b 34 35 35 38 35 35 34 30 2c 6e 75 6c 6c 2c 74 72 75 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 58 67 34 34 73 66 5c 22 5d 2c 5b 34 35 36 34 36 34 32 34 2c 6e 75 6c 6c 2c 74 72 75 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 66 55 33 77 47 5c 22 5d 2c 5b 34 35 34 35 30 37 32 33 2c 6e 75 6c 6c 2c 66 61 6c 73 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 58 51 6b 45 37 65 5c 22 5d 2c 5b 34 35 36 33 34 30 36 Data Ascii: \"psXqCf\"],[45532449,null,true,null,null,null,\"QYb5sd\"],[45620249,null,true,null,null,null,\"A8WXbf\"],[45585540,null,true,null,null,null,\"Xg44sf\"],[45646424,null,true,null,null,null,\"fU3wG\"],[45450723,null,false,null,null,null,\"XQkE7e\"],[4563406
2024-09-27 23:47:35 UTC	4050	IN	Data Raw: 2c 66 61 6c 73 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 7a 70 39 70 7a 62 5c 22 5d 2c 5b 34 35 36 31 37 34 38 32 2c 6e 75 6c 6c 2c 66 61 6c 73 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 4f 53 5a 4b 5a 64 5c 22 5d 2c 5b 34 35 35 38 35 35 37 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 68 74 74 70 73 3a 2f 2f 70 6c 61 79 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 74 6f 72 65 2f 65 72 65 76 69 65 77 5c 22 2c 6e 75 6c 6c 2c 5c 22 54 6c 46 63 49 65 5c 22 5d 2c 5b 34 35 36 33 32 36 36 31 2c 6e 75 6c 6c 2c 66 61 6c 73 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 77 47 58 79 6d 66 5c 22 5d 2c 5b 34 35 35 38 35 35 34 37 2c 6e 75 6c 6c 2c 74 72 75 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5c 22 68 32 33 79 Data Ascii: ,false,null,null,null,\"zp9pzb\"],[45617482,null,false,null,null,null,\"OSZKZd\"],[45585571,null,null,null,\"https://play.google.com/store/ereview\",null,\"TlFcIe\"],[45632661,null,false,null,null,null,\"wGXymf\"],[45585547,null,true,null,null,null,\"h23y
2024-09-27 23:47:35 UTC	376	IN	Data Raw: 2c 35 32 2c 31 31 32 2c 36 39 2c 31 39 2c 33 31 2c 31 30 31 2c 31 32 33 2c 37 34 2c 34 39 2c 38 30 2c 32 30 2c 31 30 2c 31 34 2c 37 39 2c 34 33 2c 34 32 2c 31 33 39 2c 36 33 2c 31 36 39 2c 31 35 35 5d 5d 5d 2c 5b 5b 39 2c 36 38 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 31 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 33 31 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 31 30 34 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 39 5d 2c 5b 5b Data Ascii: ,52,112,69,19,31,101,123,74,49,80,20,10,14,79,43,42,139,63,169,155]]],[[9,68],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,1],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,31],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,104],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,9],[[
2024-09-27 23:47:35 UTC	814	IN	Data Raw: 33 32 37 0d 0a 5d 2c 5b 5b 39 2c 31 32 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 36 35 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 31 31 30 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 31 31 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 35 36 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c 31 35 2c 32 37 2c 38 2c 31 33 2c 31 30 5d 5d 5d 2c 5b 5b 39 2c 35 35 5d 2c 5b 5b 31 2c 37 2c 39 2c 32 34 2c 31 32 2c 33 31 2c 35 2c Data Ascii: 327],[[9,12],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,65],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,110],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,11],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,56],[[1,7,9,24,12,31,5,15,27,8,13,10]]],[[9,55],[[1,7,9,24,12,31,5,

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
71	192.168.2.7	49813	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:37 UTC	1087	OUT	GET /Fx0NDO3ZlqxtwW9QpsiSOTNGpFrX3tQXnmrDfIbwKPWPl0uUUJUDvlkZiQg-_AXl4d8_=w240-h480-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:37 UTC	535	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 67568 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:24 GMT Expires: Sat, 28 Sep 2024 20:07:24 GMT Cache-Control: public, max-age=86400, no-transform Age: 13213 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:37 UTC	855	IN	Data Raw: 52 49 46 46 e8 07 01 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 ef 00 00 ef 00 00 56 50 38 4c 9f 07 01 00 2f ef c0 3b 10 09 87 8d 24 85 8d f6 0f 0e ec 7b fa 2f d8 24 35 44 f4 7f 02 f2 6f 37 d0 40 92 f0 4d 12 7d d3 dd 88 6b 24 81 f4 26 91 a4 74 23 7f fa 1c a2 00 8c 37 91 94 06 db 20 ce 01 f2 90 d1 9d aa a4 fb 31 32 f6 39 2d a9 3b fb e9 da dd 55 39 46 97 00 48 dd aa 51 5d 95 ec 4a 6c 9b 3a 74 07 40 d2 aa ea ec ea aa 7e 2f df d7 08 c0 cf 18 5c ab d7 c7 b0 df d7 f0 cc 09 c5 f0 ad 3e c3 df f7 81 31 a7 24 7e 56 f9 6f 78 a6 a4 f3 18 03 cf 90 6e 60 db 20 b1 f7 e6 7d c1 0c 49 b6 f9 da 6e 29 64 86 7a 43 a9 f5 13 ec 81 6c f3 95 8d ae 91 14 d6 1a 7b 63 db 9b ef 91 54 3f 96 bd d6 da 35 f0 95 a9 4f a1 3a cf f9 c4 35 e7 9c 7c 96 be 5d a4 f6 b6 81 9c 9a 55 c2 db Data Ascii: RIFFWEBPVP8XVP8L/;${/$5Do7@M}k$&t#7 129-;U9FHQ]Jl:t@~/\>1$~Voxn` }In)dzCl{cT?5O:5\|]U
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: f7 3c ce 3c ce db 7a 6e c0 80 d4 b9 19 6d d1 14 2b e0 71 b4 79 83 c8 46 2b 0d d6 7e a5 1e f6 f2 7a 99 8a 65 af 11 5a 78 ab c9 a0 5a 75 ac 8e 95 a6 da 60 9a dc 0a 1e bb 26 35 33 b0 61 51 6c 06 61 bd 87 b4 ef 7e 2a cb 54 ec f2 dc c2 14 9a 7b d5 e0 ba da e0 a1 37 c7 dc 06 6e 33 02 70 97 43 2a 67 a4 e2 3b 00 c0 ff cd a6 38 c9 6e 47 23 fb 87 fd dc 92 0b ca 86 e9 2c d1 b8 31 4a b3 31 a5 d9 bc 19 61 bf 80 5f d9 0c 00 d0 cd a6 d1 0b 39 fc 71 f1 60 4d cf 73 79 b1 b5 bb b3 b4 63 b5 73 7f 6c 1b 00 50 5b e6 fd 5e 77 67 43 33 ee 59 ec 0d f2 59 f1 96 c5 da 0f 7c 49 9b 24 d7 a7 c3 b9 f2 b6 25 eb e1 7e 2d 5f 0d 55 7d 77 f1 f9 76 f5 c8 fd e4 1e 00 40 b3 a8 6d 99 e2 b8 18 9a 01 a0 32 f9 1f 4d 0a 6f e4 c5 a3 c1 8f db 45 36 c5 49 e4 d3 5a 4d df 8e eb af ea 78 57 4c bb fa 2a Data Ascii: <<znm+qyF+~zeZxZu`&53aQla~T{7n3pCg;8nG#,1J1a_9q`MsycslP[^wgC3YY\|I$%~-_U}wv@m2MoE6IZMxWL*
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 24 d2 8b 0c 9c 18 9f c0 ab 1e b1 4e 1d fc c6 dd 9d 71 b7 7a 32 d6 6b 55 e1 81 93 89 13 f8 8d 53 85 bb 74 e0 2e e3 d2 8b 6a 7c ec 48 17 5e 07 0f 9c 4a 9c c4 f7 3c a3 1a 1f 9f 49 dc 2d 1f 8c bb 26 32 52 8d 27 5e 1b a7 02 77 a8 c0 dd c6 67 8e e0 50 bd 98 7a 30 ee 9a 38 89 07 72 2c 70 0a 7b c0 81 d6 b6 65 73 e3 58 f7 fd 3c ef fb 7d df ff ff f5 17 48 2a 91 2d 5b e6 76 73 77 d2 0e 77 72 c2 c3 73 98 99 99 99 99 99 f9 9c 81 c0 4c 18 86 67 c2 4c ee c4 4d 76 2c 5b b6 85 ae 2a 15 fc f0 c1 fb 3e b7 06 6c db 96 cd 6d a3 fb 7e 9e f7 83 1f 67 e6 1f 10 cb 02 63 38 4e 1b 28 24 a5 4d ca cc 74 1c cc 0c cb cc 5b e6 e5 dd 32 73 17 53 c6 8d 93 4d 1c b0 5d c7 4e 64 c9 92 05 23 18 0d fc f0 c1 fb dc 21 8b b6 95 3a 70 8e 43 c6 92 47 11 0d 92 57 57 bf b5 e8 ff af 5a b7 ec 8c b9 d6 Data Ascii: $Nqz2kUSt.j\|H^J<I-&2R'^wgPz08r,p{esX<}H-[vswwrsLgLMv,[>lm~gc8N($Mt[2sSM]Nd#!:pCGWWZ
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 86 84 4b 6f 9f 87 3c 8d 53 8d 18 6d 65 7c e5 ba a9 6b 29 85 96 a0 62 b8 16 60 e5 73 f8 99 d5 7d 6b 84 ad 19 69 6d da f6 d7 4a a5 42 05 54 26 95 42 b2 fa 22 43 27 26 2f 94 05 b8 09 40 42 81 48 dc 63 c5 f8 c0 85 9e ac 46 58 ef 8f 21 30 09 58 d2 a6 d0 27 33 d6 47 a7 2e b7 af 77 75 eb 63 4b 5e 5b 3c ad 0d a5 00 47 3f 2a 4f 13 94 b2 50 4d 83 e8 4a 1a eb 5a 4a 9b f6 02 47 75 2c d7 b6 d9 f3 36 17 fa d9 ac d8 87 88 18 d0 d1 f8 e9 7a 4d 1c ce c7 94 db 86 5d f3 c9 3c 2b 63 ed ad 15 2a c0 4a b1 54 36 19 90 d0 75 02 3a 33 9c b4 3c ac 79 38 38 08 00 40 a4 08 6c da 44 a1 ed 43 b7 43 bf 79 ba 34 c2 06 12 33 95 90 59 ea 1b 37 4e 5a 1f 3f 15 b5 b6 7b b3 b3 0f e1 6c c2 75 c4 b9 d2 f3 b8 4f 02 57 bc 51 8c 44 90 b6 73 91 f2 4a a0 b4 84 8e d3 38 da 75 e8 85 13 7d e7 0d 67 6b Data Ascii: Ko<Sme\|k)b`s}kimJBT&B"C'&/@BHcFX!0X'3G.wucK^[<G?OPMJZJGu,6zM]<+cJT6u:3<y88@lDCCy43Y7NZ?{luOWQDsJ8u}gk
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 88 86 1d c3 c2 89 78 44 ca 91 f8 06 95 07 71 bd 6d 2e c2 76 7c 50 58 dc f7 9e cc de 6c 7b c4 3b 5f df f0 aa cb d1 c1 38 fd 25 5d 3d f4 ac 67 25 ce ca 34 90 d3 b8 e0 d1 57 0e e1 33 96 5d 97 89 f5 46 de ea 64 b1 ae 54 62 a8 31 31 58 3c 1e 45 3b 99 f1 d4 b6 ba aa f1 5d fb 4c c7 9b 4f 34 7c ff 43 4d 2f 3d b0 0e eb 8e 5f c1 15 48 84 a0 0e 4b 78 ad af 9f 59 99 17 df c2 ec fb 6f ef d3 bb 1c 1e c2 19 22 ce a6 e8 41 b1 2b d6 08 28 8a 03 61 6b 84 c6 50 5b 31 1b b1 4c b4 ad 8f 29 11 ad 97 6a 7e ba 95 84 2b 88 f8 3d a2 a1 ee 91 da 05 8c 91 23 03 37 cb 7c 8e 1f 41 7d bf 53 eb b9 a5 6f 84 2c 04 15 52 9c 2b 1a 8b 91 bd 06 17 a5 cc 3d 69 b5 e7 fb 46 ae 7b 05 ce 86 52 c5 6c 01 a2 69 4e 6b a6 7f 2f 73 56 5e 04 ba 3e 2a c4 76 24 e0 14 a9 23 70 62 b4 27 6e 4e bc ce f5 15 61 Data Ascii: xDqm.v\|PXl{;_8%]=g%4W3]FdTb11X<E;]LO4\|CM/=_HKxYo"A+(akP[1L)j~+=#7\|A}So,R+=iF{RliNk/sV^>*v$#pb'nNa
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: a8 02 ce 32 a2 bf 33 97 cc 32 3a 8c ee 19 2b 7b 54 8d aa 98 30 62 ab 9b 8e d6 2d e4 25 67 23 05 34 da 9e 14 e3 a3 79 84 96 02 e3 af 06 91 3b ff 3d ca 08 f7 16 35 92 2e 24 20 60 5a 97 27 cd 96 5c ac 69 a1 d5 bc 52 7e 9b e0 05 3d 71 9e e2 18 39 f5 7b 28 07 68 ce b3 3f d4 99 a7 be 0c 73 57 9a 21 81 35 db 2e f2 61 47 29 d4 39 8a 81 d8 9c 6c 46 c4 7b a0 6d 5d 30 a1 5e 1b 1d a8 04 eb cd b8 c7 d1 db ad b7 d9 bb 86 c4 6e 5c 2e 90 3f 12 11 0d 53 2b d4 93 25 b0 b8 86 a0 35 78 a3 15 8a f4 53 2f c5 ca 71 dd 52 93 6e d7 e2 60 70 51 9d 2e ed 81 87 d1 1b d6 fe 81 8a 68 e3 01 ed 89 05 59 25 8c 80 63 40 51 ac b1 bf bc da f7 f7 f2 8d ab 7c 33 11 ff 50 e3 d4 9d eb af b0 ca 08 3f 21 0b b7 06 9f 1e d6 23 7b 6e 62 ac 31 1c 2c 1b 34 7e 83 1b 3f 8c 6d 06 eb d7 e2 a3 b3 7d b7 6b Data Ascii: 232:+{T0b-%g#4y;=5.$ `Z'\iR~=q9{(h?sW!5.aG)9lF{m]0^n\.?S+%5xS/qRn`pQ.hY%c@Q\|3P?!#{nb1,4~?m}k
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 6c 2f 37 64 51 70 e8 ca 8a 99 41 7c de 42 c9 38 c0 b6 cb 71 eb ce f6 fb 37 d2 d7 dd 99 f8 37 b5 fa 80 55 84 73 f1 fb 4f ef 5f ee c9 18 08 1e 61 e2 60 6c 22 6c f0 34 d5 72 1d c7 0b 2e 86 88 30 c2 c1 94 d0 30 a1 3b 14 9b a2 89 d4 dc ef a5 93 f4 2b 76 99 f2 cb 04 b7 cb 03 61 e6 14 68 f8 e2 c3 78 98 08 b0 6a af c9 03 bc fa fb e0 a7 f7 a3 bb 17 42 9f 3a c6 f6 8c 06 08 ec 01 90 36 c1 0c ed 30 ab da 0d b2 37 a0 1b ba d6 88 ae 28 82 04 04 31 6e 4a ac 6e 32 c5 8b d6 f2 d7 a5 88 a6 1f 28 0e 1c 0f e9 75 63 f6 ab 16 5e 68 6c 7a 3a 66 1f 0f b2 78 9b 14 c1 61 bf 1a 22 73 12 65 42 b5 a3 53 c3 18 63 aa b3 f9 92 bb 06 ae 7e 8e f7 b1 6c 16 db 72 47 c0 1f 41 73 c9 fd 06 0b db 68 69 fc 65 07 eb 08 e2 ee 59 ed a1 e7 6d df bc 72 3e 49 c1 54 e3 0c a4 00 a2 04 54 97 7d ff 07 e8 Data Ascii: l/7dQpA\|B8q77UsO_a`l"l4r.00;+vahxjB:607(1nJn2(uc^hlz:fxa"seBSc~lrGAshieYmr>ITT}
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 0c 35 07 ba b7 14 ae d4 f2 4d 95 9b df fc e6 1e 38 d2 8e 98 3a 16 39 7a 6e 39 aa 3e 95 4c 37 36 a7 33 42 aa 92 31 9d 14 09 9b 57 8a da 4e 22 56 cf 5c 6e 0e 69 c2 03 3f 6a 05 8d 83 e5 b6 7c de ac 80 8c 76 f7 4c 71 d8 41 c9 54 23 27 09 2c 31 27 50 70 cb 0d ae a0 3a 3f 0f 3b aa d7 2d 0e 64 24 83 31 82 51 4c 60 61 22 0c 26 42 05 d8 88 e7 41 e8 5a e3 3c bc 97 3b e9 c7 87 f7 52 55 81 e2 a2 60 1a b1 92 5a 21 a1 80 5c b7 00 60 52 62 58 0b 1f 83 14 d0 11 d1 41 d9 b9 f7 0a b3 1d d6 47 27 0a e1 18 9f c8 02 3c f8 58 5b ca 3c 32 16 9d fa fe 8e fd 22 27 11 53 c9 02 14 46 c9 23 57 27 fd 59 ff 2d a4 0f 4a cb ac 68 6c 81 06 b1 90 22 5a 78 42 b3 bc 95 63 13 43 8c 62 83 13 70 6e cc da 02 8d db 14 00 05 66 4c 51 57 ac 38 19 87 67 b5 59 57 9b 71 3f 93 95 06 d8 78 4c 4a 01 5e Data Ascii: 5M8:9zn9>L763B1WN"V\ni?j\|vLqAT#',1'Pp:?;-d$1QL`a"&BAZ<;RU`Z!\`RbXAG'<X[<2"'SF#W'Y-Jhl"ZxBcCbpnfLQW8gYWq?xLJ^
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 02 63 ed bf fd f6 3d 83 87 67 86 4d cf 6e 5d df 3b da 6f ca 36 18 dd 56 b5 64 99 a0 50 b9 04 05 93 08 f4 34 5e 73 c0 a4 4e 1a 9c 56 dc 08 b0 c0 c0 49 35 6e 84 a2 58 2c 13 5d a9 6b e3 48 94 ea 2a 89 44 18 a4 34 e6 19 0a fa 31 13 86 14 de 81 e5 86 cd 70 50 85 1b c1 89 f8 7c 21 35 72 e1 a3 e3 81 47 8b d1 f8 46 5a b3 ad ef 0e 8d 5d 42 23 2a 1c f1 85 61 c3 12 30 12 52 40 0d 8a 02 69 63 a5 78 6d 05 d0 88 08 56 0f bb 7d 37 13 4f ad f0 10 be 5b b9 1a 12 05 af 2c 42 a4 e3 37 86 02 3c 32 9d b0 ee 63 d2 8e 8f 8b 45 af 10 9d b8 93 35 a8 7c 04 6d e0 54 14 87 fa c8 3a fe 0c fb bc 8b fe bf 8b 05 55 c1 09 40 44 50 3b 4a 64 0c 50 51 2f 57 c5 29 28 06 48 1b a8 e7 fa 6d 07 85 43 ee e1 2d 15 f1 30 89 36 a9 f6 57 8c b7 ae 9f 37 bb f9 38 3f 0d 33 7b dd d7 96 01 1b 5b 77 be 78 Data Ascii: c=gMn];o6VdP4^sNVI5nX,]kHD41pP\|!5rGFZ]B#a0R@icxmV}7O[,B7<2cE5\|mT:U@DP;JdPQ/W)(HmC-06W78?3{[wx
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: a1 3f 2e 25 a3 f0 21 ca 43 1b a1 bc 6b 2e 27 e6 8a 54 7a 42 8f 62 88 94 a0 18 c4 a1 03 13 bf 3f 0e e7 a3 b1 4d 11 bd f4 98 7e 09 e0 9a 47 a5 57 fe 45 52 5a 03 07 e2 87 1e 28 10 46 88 c4 5a 21 08 91 e4 e4 14 56 10 d6 59 16 b3 4d 18 13 10 fd b8 c8 8a 2c 4d 84 a6 4c d3 57 52 d6 40 2e 90 26 16 0a b9 a1 32 ae 85 42 e0 9b 15 5b fe 7f 48 7a af a5 8b b8 40 76 10 7d 1d 63 7f 59 31 36 74 ca 46 5e 80 31 51 5a aa 81 00 bc 90 bb 32 31 bc 8a a8 a2 93 a0 80 42 62 02 dd ea 1f fc 6b ae be 67 25 a0 c3 90 46 28 81 69 c4 e2 5a 9c 8a f5 c0 3c d2 a3 23 f2 26 20 ac 8c 65 11 a2 35 43 8c 60 ba 88 0f 3f f4 88 fc aa 55 f3 27 45 27 18 0c 92 22 09 81 c7 a9 96 fa 5f be b8 55 fe e3 91 fd df bc a3 ba 99 0c bc eb 77 cf b3 cb 9c e0 2e f9 52 0f 7b 55 60 02 37 9b c7 89 c7 e6 35 75 e1 72 7d Data Ascii: ?.%!Ck.'TzBb?M~GWERZ(FZ!VYM,MLWR@.&2B[Hz@v}cY16tF^1QZ21Bbkg%F(iZ<#& e5C`?U'E'"_Uw.R{U`75ur}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
72	192.168.2.7	49811	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:37 UTC	1087	OUT	GET /we0bhS3JiHZckLoz-x8MZ7OBO162eznUU-hdS-a3tfoKR8-fsQjQOBkGhEc-YP8zaine=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:37 UTC	535	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 37386 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13212 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:37 UTC	855	IN	Data Raw: 52 49 46 46 02 92 00 00 57 45 42 50 56 50 38 20 f6 91 00 00 f0 bd 01 9d 01 2a 0e 02 28 01 3e 69 2a 90 45 a4 22 a1 a7 2d 57 4c e8 e0 0d 09 6c 6c 43 db bb 6a 22 5f 9f cc 66 0f ff de f1 ba 4d dc 60 a7 15 bb 30 1b 61 66 cd 39 32 7b 9c 9f f8 ad 91 f5 7f c0 ff 5f fe 6f f7 0b fb af bb 6f 1d f6 89 ed 6f bc ff 9b ff 9b fe 07 e8 03 f7 9d 9d 7c 6f fb bf d9 bf 50 df 62 fe 03 fe cf f9 2f ca 5f 99 1f ef 7f f0 ff 99 f7 51 fd 4b fc b7 fd af cf ff a0 4f e9 5f de ff 61 fd d6 ff d7 fd db f7 ad fe 0b fe 87 a8 af ea 9f e4 bf f8 7f a1 f7 83 ff 81 fb 5d ee a7 fb 67 fb 7f db ff fa 5f 20 5f d6 bf cf 7f e4 f6 c9 ff bb ff db dc fb fc 6f fd df ff ff f9 7e 02 3f a8 ff ae ff ff ed 15 ff 8b f7 4b ff 37 ca df f7 1f fa 9f ba 9f f9 bd ed 3f fb 7b 00 7f fc f6 c1 fe 01 ff db a6 5e 30 fa 73 Data Ascii: RIFFWEBPVP8 (>iE"-WLllCj"_fM`0af92{_ooo\|oPb/_QKO_a]g_ _o~?K7?{^0s
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 79 46 dd 05 5b a2 95 82 63 b2 23 97 99 02 eb 46 6c 9e 35 05 9f 8c e2 35 21 a8 77 a3 23 df e7 67 8c b9 ce e7 30 fa 97 76 5e d1 d2 cb 3c de fb b9 00 b3 0d fb eb 58 a5 00 d3 e0 f8 4b 22 0a 8d a9 fb 9e 56 bf ec 51 4e 61 3e 80 8d 1f a8 74 70 01 36 cb 51 31 c3 6f dc a1 8f 29 26 5a 61 3d 13 1d b7 68 c8 f6 4c fb f4 cc 34 ad 5e 3f ee c9 d3 ab 51 e0 a8 42 4d 7f da 5e e1 f9 6c bf 20 35 dc 09 9e 76 85 1c 17 e9 f8 43 bf 41 a6 70 66 07 b2 54 ac 2f e0 e8 fe 77 ca 1e 5a 2e b7 95 6b fe 87 5a 98 73 f3 12 6d 25 a9 43 d8 e7 0b db 7a 06 cd 86 e7 b2 e4 8b 6b d4 bf 59 37 7e 1a 24 b1 57 34 b6 a8 6c 1e 9e 6a 29 1b b7 31 b7 d1 b8 a1 f5 ae f2 58 85 a7 d7 10 2f fc 48 df 58 cd 3e 89 bc 21 7b 35 ff f8 9a 21 bc ef 0e 8d 0c f6 c2 b5 bf c4 26 09 2d 93 1c d3 fe ba 87 bf 70 6a d3 35 13 6f Data Ascii: yF[c#Fl55!w#g0v^<XK"VQNa>tp6Q1o)&Za=hL4^?QBM^l 5vCApfT/wZ.kZsm%CzkY7~$W4lj)1X/HX>!{5!&-pj5o
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: f8 a5 17 3a ea f6 df fe e3 82 9e 8c 2d 4f 36 47 5a f6 70 95 80 fc 0f e2 9c 6d 55 4d d7 2a ec 97 96 fa c6 ba 8c c7 f3 3a 73 2a d0 46 3e 63 af c0 60 1a 27 2f a7 22 53 2e 70 2b a3 ce 53 f3 8c 7c 86 2e de a5 79 db a8 59 53 d0 cc f0 d0 ea ff ff ae 98 d2 f4 11 a6 cd 8d c5 4c 3c 86 b0 bc 5d b4 fe 44 a3 30 67 32 3c 7e 0b 29 9d e7 99 c4 22 1f 84 47 85 7e 92 30 1f bf c1 ae e3 76 fd 51 7f e9 48 43 0c 1b ee 7a 97 7f 8d 76 ed c1 5a e9 9c e9 80 27 13 59 38 d0 74 04 e8 52 ce c7 25 08 c0 18 70 37 11 22 16 d2 fe 73 12 3b 11 41 89 af 4c 51 c5 a9 7b d0 fe 92 99 7a 6f 57 a6 63 c0 ca 2e 14 ee 68 d9 a0 3e fb 1d 2b 8b a5 e7 6b 99 ac 15 af b4 88 4b a2 14 9b fc ce 41 bc fd 88 b5 59 c1 2c 96 08 d2 d5 38 ee 75 f8 36 06 d6 bf 96 32 a3 05 77 57 97 6d 8d 41 05 75 a7 bc 48 77 f8 ee 0c Data Ascii: :-O6GZpmUM:sF>c`'/"S.p+S\|.yYSL<]D0g2<~)"G~0vQHCzvZ'Y8tR%p7"s;ALQ{zoWc.h>+kKAY,8u62wWmAuHw
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: a4 9e 0b 97 87 fc e5 b5 77 27 c7 8a 77 bf 91 7b f0 bc 5f 0d cd f4 ab 3c 8c 26 b6 5a 3e 34 77 63 c4 d2 e6 08 17 19 18 1e 38 c5 ed 57 cf 33 2b 89 fc e3 b9 88 6c af a3 23 f0 3e a1 f4 03 c9 73 5d a9 ee e9 57 84 01 58 c2 3a 7a c3 fc 33 ca 02 c3 32 96 34 44 e1 86 38 02 32 e7 a6 f4 b5 83 47 d6 75 cf c1 63 79 45 2e 24 66 5e cf aa bb 2c 6b d0 3c e6 a7 76 8f 7b ed c6 38 d1 f1 28 a4 2e 2a d9 c9 a2 b2 b6 14 95 c5 6a cd 48 d8 a2 99 fa ce e3 3a ef 0f be 0b ce fd e5 fb c4 aa ef fb 2f 43 e9 da 32 df 1c 15 97 39 b2 01 9b ba 1c ac f2 3f dd cd ab f6 80 90 1e 2a 7a 53 1f b3 ff 3a 4f 86 ec 9e d5 46 a5 3e d2 f2 95 cb d5 86 cb 3b 77 74 e8 65 8a 06 0a 3b 63 9b 10 9b f8 2a c1 9e f5 7a 64 de a8 77 ec bb b2 55 fc 68 25 e9 df 66 2f 40 5a f0 71 b4 b7 11 5a 32 51 1d d1 69 9b a5 cd e4 Data Ascii: w'w{_<&Z>4wc8W3+l#>s]WX:z324D82GucyE.$f^,k<v{8(.jH:/C29?zS:OF>;wte;c*zdwUh%f/@ZqZ2Qi
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: cf 18 ef e6 db 54 40 cb 65 77 2e 06 6d e0 2f 49 6b 4e 22 5a 11 cd e2 20 c5 dd 04 d0 2c ae b3 cf 37 fc 04 57 aa 21 30 b6 28 a3 62 2b 98 8a 6f 00 77 62 26 f1 15 17 7b ae 82 de 7e 38 f7 8f bb 26 ca fe 98 e9 64 dc 3a f9 20 be 39 67 f3 a5 9e 53 16 c6 f4 7a 33 58 ac 4c 10 36 db f0 66 28 3c 04 1b 66 e2 02 8c 10 50 46 6f 35 42 26 7a 16 af 18 bb 72 5f 3c 50 f2 65 db 74 7e 0d 7d ea 6f 04 30 6a f4 a7 40 64 21 75 59 e0 cd 5c 40 fd 14 a7 bf 64 48 f5 a3 55 8c ce 74 de c7 06 bc 93 2b ba e2 80 78 5f 16 31 8e 20 15 ef dc aa 72 40 37 3e 80 aa 98 7e c4 79 67 ff ed 12 d4 79 62 4c 14 1d b1 28 ca 84 0e b6 a4 71 29 0f 56 e7 39 73 a7 6a a5 e2 38 9f 36 9e 45 d9 c3 ec 1d 0a bb 15 9c 62 d1 6c be 11 76 7a 6b ea e0 c5 11 d4 f2 e1 be f6 b5 79 07 0c 59 ab ab 18 df b5 84 cc cf e0 14 65 Data Ascii: T@ew.m/IkN"Z ,7W!0(b+owb&{~8&d: 9gSz3XL6f(<fPFo5B&zr_<Pet~}o0j@d!uY\@dHUt+x_1 r@7>~ygybL(q)V9sj86EblvzkyYe
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 17 c1 0a 02 f0 23 c8 a2 6c a9 8e 4e cd c6 ba 73 9a 20 06 ef 14 20 bc fc aa ea 02 ed 6d a0 f1 b4 fd c1 60 46 3b 7e cd a0 19 04 b4 f7 2c a2 28 c0 e4 54 99 23 ca ab dc 07 9a ed ac 33 68 ee 16 a0 f9 5b f2 d4 51 83 0f 6b da f0 26 10 8e e9 f0 2f a7 0e 54 f3 60 1b 77 b0 12 81 5d a8 ce b8 e7 3b b6 a2 cb 4d 95 b3 e8 c6 86 6e c0 e0 db 75 49 06 ff 77 af 1f 71 b2 15 18 1d 4b 13 96 68 76 67 f6 86 99 37 be db 34 ab e0 f4 a3 93 f5 c7 3a 31 c2 8e 9b 13 03 b7 d5 68 a5 eb b1 fb 37 75 40 0c 73 3e b8 b8 f6 b7 f7 fe 53 f0 26 f3 73 c4 47 fc 74 96 43 3d 1a 26 42 4b 98 fb 49 59 86 81 ec 6f 47 f1 a2 a0 f4 cd 23 20 7b 13 39 e1 49 96 54 68 78 c8 79 c7 3c 01 b2 4d fa 60 77 14 b9 48 ef 55 bd 1a 7a b5 a1 67 03 b1 4e eb ed b7 1a cc 3f a7 08 1a 29 82 89 24 5c 6c 5f e0 36 9c 3a 6c b5 64 Data Ascii: #lNs m`F;~,(T#3h[Qk&/T`w];MnuIwqKhvg74:1h7u@s>S&sGtC=&BKIYoG# {9IThxy<M`wHUzgN?)$\l_6:ld
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 7b 72 d9 9a 77 2c d9 30 d7 ca 47 75 9d 63 65 c3 2d 07 87 aa 9f 37 7c 1d 74 77 40 d3 b2 f6 1e 6e 57 52 79 9b 7c e0 81 93 54 33 1d d1 fa ae 2f 2d c6 9f 99 58 b7 9d 53 e9 58 a2 ca 34 8d 5c f4 3f 33 cb a8 b5 ab 86 96 df 74 37 d6 5e 6a f3 dc 27 57 33 6c 1f 7b ab ea 6b ac be 3e 8c ba 33 2e aa b3 93 9b bf ac a7 97 53 5f 34 83 90 14 9c ee db 80 6c 74 29 cc bb 72 a4 74 05 fe c3 c5 a9 e6 41 f7 12 3a 50 9a ed fd 37 2d 0b e8 98 dd eb 74 0d 53 21 8e 69 8e 44 41 ec d7 62 d8 9e 05 32 36 67 0c 4a 8c db df 6f ac 40 ac 64 cd 8d cd ce 03 a1 cc cd 15 0e 82 54 fa fc c4 f4 3e f3 38 3b b9 44 ac f4 20 88 11 25 82 85 77 1c f0 25 f2 38 04 eb 4a 5f 57 6e 45 4a 84 08 3a e0 68 11 3e 69 c5 37 3e 81 5b b9 f4 92 66 e4 04 d1 53 79 f6 98 42 f0 4d 5f 59 1c 6b 47 c7 d8 b3 64 b4 0b 5b 79 f3 Data Ascii: {rw,0Guce-7\|tw@nWRy\|T3/-XSX4\?3t7^j'W3l{k>3.S_4lt)rtA:P7-tS!iDAb26gJo@dT>8;D %w%8J_WnEJ:h>i7>[fSyBM_YkGd[y
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 11 f2 60 53 44 d5 ab e6 07 c4 3c a6 aa 0b 8f 71 ac d0 55 d8 f7 cf 1e 40 f8 fa 58 db 05 c2 21 06 45 c6 da c8 47 92 b7 aa ad a1 1b f8 72 47 67 a5 ac 37 9e 70 ad e3 e2 1c 9c 4e cb 62 de 08 1a bf 74 85 a6 28 fd de 97 33 85 12 cf b5 85 fd 19 22 70 a8 87 37 6d 13 16 b9 2b 62 4b 31 4d 32 b0 1a 74 4f 24 d5 5b 07 4b be 77 98 8b b6 df 93 27 75 08 6a 8d 0d 8d a9 65 17 8e ba 92 75 1a f9 5f 63 48 c9 3f e2 ea f2 d2 49 61 dc 37 95 45 93 a5 57 63 89 55 25 f4 df a4 1e f2 9e be 2b ca 4b b8 95 44 4b d3 4f 64 58 26 2e 11 ad b7 a4 9a 58 3c e5 bb 47 ec 23 f2 d9 67 0e 88 c6 c1 8a 6b c4 35 c4 ea 12 67 bb 03 68 2a 23 48 13 31 35 a9 af 88 dd 9e 18 9e 71 89 73 da 14 ec 96 bb 4b e8 87 61 ad 7d cb 34 6a 91 b2 7a 22 a8 bc c7 f5 53 38 2b ec 4b 2f f7 68 b2 5d 04 21 9a 51 20 81 6f 16 5f Data Ascii: `SD<qU@X!EGrGg7pNbt(3"p7m+bK1M2tO$[Kw'ujeu_cH?Ia7EWcU%+KDKOdX&.X<G#gk5gh*#H15qsKa}4jz"S8+K/h]!Q o_
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 5a 3c 1e 05 e7 b9 92 1a eb da 3c db 81 44 5e 85 30 33 51 9f 78 70 50 af a5 2d d2 e9 d8 88 8b be d1 f8 2b 64 81 ab 41 90 9a 5b c7 02 88 eb 57 b0 89 15 42 6f e9 76 0f 10 fd 80 d1 b9 5b 6b a7 13 27 0e 26 38 ee 01 85 9b 2d 8b 9b 7d 12 fd d7 f6 1f 19 12 61 af a1 64 32 28 d0 9a 6c 8d 8b e3 48 fc d1 6c 81 e5 78 d2 d3 b9 dd e2 d8 09 14 97 4f e8 01 ab db c6 ee 5b de 73 93 cb 43 73 a5 79 97 1f 78 72 51 15 3e e3 2f 30 a6 9e f2 af 48 86 13 23 18 e1 53 67 ea c8 a4 5e 76 5e bc 65 b3 97 81 8b f6 d2 b9 c3 74 99 b9 df 57 e2 ad 71 a9 90 25 13 c0 ea 20 77 27 fe cb f6 9f f9 14 f1 86 19 e9 3c 71 84 6c 23 77 f9 9b 12 08 c2 1c 21 bf 04 a3 87 09 12 4f bb ee e4 bb 2c df b9 61 be 08 a0 c7 a6 ba 3e 6a 2e da ce b3 66 89 71 94 96 59 fc 18 a9 7a ea 4b 7b 81 1e 65 b0 4e 27 38 43 49 92 Data Ascii: Z<<D^03QxpP-+dA[WBov[k'&8-}ad2(lHlxO[sCsyxrQ>/0H#Sg^v^etWq% w'<ql#w!O,a>j.fqYzK{eN'8CI
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 6b a5 69 66 82 8f d7 bf b3 47 66 0c b1 42 e6 ec dd 1c 2d 08 2d ac 74 22 ec ed 69 89 2b 89 7d c7 fa 43 37 a1 31 51 9c 0f 26 5e 63 05 3c b5 ce e0 77 8f 4f 54 54 14 b3 3b 4b ed 2b 2d 1f 46 69 b1 b3 15 82 d2 2a 0f ce 6d b6 56 48 cf cf 58 5e 0d 7a 4c a6 ec 8e 17 ed 7e 9b d7 0e 51 9c 92 a9 57 b1 c9 d8 cc e3 7d 44 2a 93 94 ce 37 cc 63 cf 7a 05 9f 25 fb b9 ba f5 bc 9c 1a da 98 c9 97 b5 8d c0 f8 60 65 04 24 db 68 f9 c9 ae 3e a1 d3 39 bf 67 56 2b da e1 b8 7b fb 47 6b 44 19 29 db 99 b1 56 55 67 c6 b2 91 2e ff bf 8d c6 44 90 b2 a6 27 d7 fa c3 98 57 12 5a d1 f8 0a eb 28 09 5b f9 bc 36 33 81 96 13 41 39 e8 03 33 e4 54 f1 d6 47 ce 29 b3 25 ec 9e c5 5a 7c 9d 04 6e 69 b0 19 dc 35 80 9a bf ee 0a fe 5b 76 60 e0 20 d2 d5 a4 68 a8 5b e6 9c 93 0f c8 04 b4 13 c7 37 a7 88 08 cb Data Ascii: kifGfB--t"i+}C71Q&^c<wOTT;K+-FimVHX^zL~QW}D7cz%`e$h>9gV+{GkD)VUg.D'WZ([63A93TG)%Z\|ni5[v` h[7

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
73	192.168.2.7	49810	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:37 UTC	1087	OUT	GET /2jOMA2O_MgQc7r2hA6koqBLZg42SeH6MWJhghpjLxsp_hHomGqsNKx9tygGitPJwp1Dv=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:37 UTC	535	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 33178 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13212 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:37 UTC	855	IN	Data Raw: 52 49 46 46 92 81 00 00 57 45 42 50 56 50 38 20 86 81 00 00 70 a1 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 ab aa 75 1c 81 70 0b 89 6a 6d bd 19 fb 65 08 f5 95 fe 0c 0c 92 93 a5 e6 3d f5 37 ed ff ce fe d8 ff 82 fd b2 f9 90 e3 fe d8 3d 89 f8 2f f2 df ed bf c4 fe e4 7d fa 7f 2b b8 5f 9b ff 71 e6 4d ec 1f bd 7f ca ff 23 fe 5f f6 df e6 4f fb df fc ff e6 fd d6 ff 56 ff 27 ff 5f fc a7 ef 77 d0 2f f4 bf eb 3f f1 7f c0 ff a6 fd 9f fa 4d ff 43 f6 f3 de 7f f6 bf f9 be a2 ff a0 7f 8c ff c9 fe 5b f7 d7 e6 47 fd ef fe 3f f8 3e ed bf ba ff a2 fd a6 ff 69 f2 05 fd 1b fb 77 fe cf 6c df fb df ff fd d0 7f c1 7f d4 ff ff ee 1d fd 0b fd a7 ff 4f 68 ff fb ff b9 ff 0b bf da ff e4 fe e2 ff db f7 a6 ff ef ec 01 ff d3 db 17 f8 07 fe 9e 1a af 46 3f 32 fe 9f fd f7 e5 d7 9f 3e Data Ascii: RIFFWEBPVP8 p*(>](Eupjme=7=/}+_qM#_OV'_w/?MC[G?>iwlOhF?2>
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 15 fd 21 40 a0 f8 05 9a 65 f6 7d a5 10 29 33 c9 64 24 18 52 c7 98 fc d2 f6 45 4e e8 fb 25 7c bb 2b ef d0 e0 66 d6 d1 67 de 2a 68 23 12 70 58 cb 50 02 e4 ed f2 9b 0a 26 de a5 a9 c6 da 07 31 b5 42 f7 32 50 77 a3 65 fe e0 da 16 23 42 95 c8 f2 4c d9 1e e7 17 fe ac 70 56 86 0f 95 6b c4 7a f2 10 fd c7 72 91 6e b5 11 c4 62 1a 52 9c 10 69 3b dc 32 dc 4a 2c 99 9e aa cb f7 a1 9a 53 d9 5a 56 ec 4a 0b 21 2b ed 7e 6f 30 99 72 3d ad a0 29 5e 5b b0 1b 71 4f 63 c3 c4 3c 64 64 b1 6f 20 7f 98 5c 91 3e 8f 63 9c a5 5c 26 f8 84 d8 c0 20 1d a1 62 7a c6 d3 f3 39 90 b9 4d fd dc 13 ec d3 e9 b8 fd 6d 74 33 61 3c 28 77 51 26 1e 54 5b 25 c6 51 6b 6d d4 a9 34 a3 56 ad 94 d1 80 62 37 30 56 87 c8 7e b3 f9 88 53 19 04 74 ea 80 6b 51 f2 42 e2 fe 71 38 e5 c1 28 ee fc 54 42 6a 53 1b 8b e1 Data Ascii: !@e})3d$REN%\|+fg*h#pXP&1B2Pwe#BLpVkzrnbRi;2J,SZVJ!+~o0r=)^[qOc<ddo \>c\& bz9Mmt3a<(wQ&T[%Qkm4Vb70V~StkQBq8(TBjS
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 48 dc dd 37 63 4f 6e fc 68 ec 6e b1 2a 38 a8 06 74 e9 f7 ff 3c 60 23 37 4d ae c0 fe 14 30 45 c7 1f c4 c8 8e 9d c3 e0 2d 02 c2 d7 38 e9 80 76 32 18 f8 f0 20 f1 3f cb b1 5c 1e 4e b1 cd 02 c2 64 d5 cd df 4c f8 7b a3 de 30 2b 9e d2 51 dc 9d a8 4a 1a 25 9b ef 4f 33 27 64 d0 1f ef ac fa 2e 51 12 eb 46 64 3f 5d 1d 87 34 ba 56 39 b0 31 37 60 44 2d 54 b3 8a af 6b c0 55 95 cc 3c ab c9 64 0b 13 3b 26 29 8c 94 d8 c2 31 28 24 a3 03 d4 85 68 28 61 6e 21 5a 27 98 44 e1 f7 e3 dc 7f 84 95 b6 19 7f 67 30 0b c9 5e a3 f3 1c f4 48 25 b6 b2 66 81 97 cb e2 c5 e7 fa f6 23 d3 c9 39 ac 95 c3 c0 1e 9f 4c d0 b8 ca 61 a3 17 26 da 12 16 3f 2c 85 91 36 34 75 cd f4 fb 61 1d c4 48 88 d5 0a c8 ac d9 5e 99 3b 03 b3 af c9 93 03 13 e6 2d 3e 50 21 e6 a6 d0 ea 2b 21 64 11 88 f8 8c 9e 98 a8 66 Data Ascii: H7cOnhn*8t<`#7M0E-8v2 ?\NdL{0+QJ%O3'd.QFd?]4V917`D-TkU<d;&)1($h(an!Z'Dg0^H%f#9La&?,64uaH^;->P!+!df
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 11 27 66 38 56 ca ed 3d cd 78 93 bf 6a 31 92 fc 42 84 e8 23 a8 74 0d 6c ed c0 5c f8 dd e0 ed d9 d4 00 0f 64 71 6a d2 bd 82 8c 5b 92 a4 e8 fe 1a bb 62 24 d6 04 58 7d c5 09 aa a4 69 56 f8 28 bd 0d 7d 89 ff e3 ce 12 4a 5c d4 37 f3 06 4d c1 d3 d0 85 53 3b 39 09 58 77 72 be 7d b8 35 47 fb cd dc 77 37 e8 3e b9 d3 50 bd 44 17 0f 89 da bc f7 68 a6 e0 96 15 3e 5a 65 b7 d1 ea 0e d8 48 fd c7 21 31 60 0f 21 25 39 3b 62 d8 e0 0c 83 ef 8f 8a 56 aa 88 38 35 13 5a 37 52 d9 6f 69 14 0e 15 c6 20 2d 67 ab 12 0e 6b c3 17 ff 4d 3f 1d cb 28 0b 48 df 8b 09 88 67 44 14 37 b7 ce 9f fa 00 ba 3f f9 c6 3f 36 4d 9d 23 57 98 3b a8 d8 69 27 fc cb 2e 28 49 86 4b c3 6f 72 ed 3c 19 2a 5b 4c b2 8d 7e 8a 22 48 54 c5 94 12 64 75 bf d0 57 9c b1 4d 71 1a 31 b1 77 3e aa fa 9e 5d f4 09 a7 e2 0b Data Ascii: 'f8V=xj1B#tl\dqj[b$X}iV(}J\7MS;9Xwr}5Gw7>PDh>ZeH!1`!%9;bV85Z7Roi -gkM?(HgD7??6M#W;i'.(IKor<*[L~"HTduWMq1w>]
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 5b e3 1e 96 e1 e5 c5 47 a0 58 9d b4 df 0a 63 e3 95 c3 eb 89 58 81 34 db 26 ae c1 ba db e1 d4 e9 b0 8c f4 ca 8a aa 39 c8 91 a8 b8 5d 72 68 90 79 97 3e f4 a2 34 25 51 31 da 07 e1 10 fb 45 9a 58 45 38 08 3d d9 14 fe fd dc fb 25 30 fa 54 61 fe 22 31 c3 49 8a 77 7c 43 2a 8a ac 35 a0 94 88 9f de 3b 91 a9 d3 a9 05 f0 59 82 8f 26 19 86 bd 85 d7 cd 3d 49 25 5f 44 22 31 4b c6 3c b9 79 c0 eb 65 68 25 f0 12 c9 3e 6d 61 9b 6c cf a3 e7 4e bd 20 67 55 07 29 89 1d 51 5f 1a 28 44 5b e5 22 79 a9 cb 26 ee 44 9d 7d d0 1c 50 97 2c 7f a7 40 bd 4d f2 07 b4 89 d3 78 4b 69 df 78 ea f9 d9 cd d4 71 14 18 8d e5 86 28 38 f7 d7 85 94 94 46 d1 79 b6 d0 27 e4 42 64 53 cf b6 8a 6f 68 25 c7 1a 50 3d 48 84 0e 9a d4 29 ea bb 31 f1 bf 6f 88 d8 4e f5 f9 1c 07 59 60 35 aa 0a 7a e4 fb f2 ec f8 Data Ascii: [GXcX4&9]rhy>4%Q1EXE8=%0Ta"1Iw\|C*5;Y&=I%_D"1K<yeh%>malN gU)Q_(D["y&D}P,@MxKixq(8Fy'BdSoh%P=H)1oNY`5z
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 3d 7d 8f 31 36 73 0f 5e 2d 90 b9 a8 93 66 da bb d3 43 35 1b 15 8f 14 b4 82 fa b7 72 74 1a 10 07 04 95 98 b5 c7 67 9c cc 4b 2d ba 50 d2 a7 3f 3b 11 eb e0 99 3c d9 e2 c6 db a6 3d 65 97 5a 47 41 e8 14 d7 d8 d9 0d ff 1a bb e4 18 e7 9a 31 5d 1b bb 40 ab be 2b d9 5e 7e cf ca c4 40 ae 36 08 f6 b8 cc 13 a8 f8 d2 05 99 d5 3a 9c 13 8b 49 c7 23 6f 97 bf 28 f1 1f 83 de cd 44 0b c0 73 25 46 9b b6 e2 5c 22 31 5f cb 1b 7c a1 c9 41 c0 55 52 85 8c 4c a1 76 b7 31 bc cc 45 68 d9 35 ba 22 47 bb 04 9c 1c 5e a8 b1 ec e9 4b e5 76 08 08 59 83 f7 70 f6 eb b7 a1 fc 8e 20 c9 69 cd 00 56 bf 22 15 44 9f 75 7c df 29 0e 1b ed c6 9d de 80 df b8 a3 8d 44 d1 26 74 35 4b 79 82 31 29 29 59 76 a6 e5 fa 06 42 2e bd f5 ef 97 a4 07 0b 7f 3b 77 23 11 a9 c6 a8 75 3b 26 cf c6 fd f9 cd b4 86 11 58 Data Ascii: =}16s^-fC5rtgK-P?;<=eZGA1]@+^~@6:I#o(Ds%F\"1_\|AURLv1Eh5"G^KvYp iV"Du\|)D&t5Ky1))YvB.;w#u;&X
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 9c 95 17 73 7b 21 39 1c e5 95 7c ed eb 22 f7 76 58 0f ec 3b f5 2e 16 45 4b f7 7a cf 35 5b d8 62 69 39 21 a1 ab a3 7b 79 83 01 48 11 5e be c7 6e 8f 99 6a 57 4d e5 5e 2d 76 7b c2 db 61 53 89 41 9d 02 58 88 70 e7 d6 23 07 36 e9 2a 89 b5 e0 35 47 0b f3 a2 c0 98 f4 13 f6 36 13 ae 63 45 2f 0f 79 3b cc 65 fa 8c f7 fa 8f d5 dc c7 ce 25 c4 65 6a b5 fb 05 97 c8 13 39 b0 34 96 fc 01 c8 9a 85 10 1b 51 3c 9a 41 10 d6 46 ff c5 67 4d a5 be 9a c1 dd f3 50 3f b0 71 cc 11 6e 65 56 5f 85 ca 76 18 5f cc d1 c4 54 33 93 cd 44 fa f9 37 e9 35 bf ec e0 1f 54 bf 15 be 0e 6d 1f 5a f1 64 ca e7 39 79 1e cd 94 e1 dd ca 13 a4 d5 38 9b 71 54 bb 38 a8 dc ab 5b 40 d3 44 b1 db d8 27 25 fa 72 69 47 3f 40 39 5d d9 17 37 83 e8 94 2b 56 f4 eb 6b 9d a3 d1 85 e5 09 b6 94 7b c7 b8 09 2c 56 0b 9c Data Ascii: s{!9\|"vX;.EKz5[bi9!{yH^njWM^-v{aSAXp#6*5G6cE/y;e%ej94Q<AFgMP?qneV_v_T3D75TmZd9y8qT8[@D'%riG?@9]7+Vk{,V
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 40 cf 7d 35 26 54 39 e0 b1 ee 66 58 23 52 a4 ea 16 ab 09 73 e1 18 34 dc a5 98 58 53 27 f7 2c d9 a1 56 aa c0 10 11 5e 57 23 62 a3 39 d9 a9 3f 4b d8 e9 54 bf b0 65 7b c4 14 dc 1d a1 e1 5f 41 b1 74 24 c1 ac 04 e9 ed 36 4a 83 ad a9 4b 2a 01 17 71 a5 9c cb 7d 61 5f 33 de 20 f1 86 db 30 ef b8 65 90 cb fe f1 37 c7 30 ad e1 83 e7 2c 8a f2 91 73 8f dc c7 db 0e fe 3f c0 59 2f 8d 5f 02 0e 80 72 0f 1a e6 d7 91 78 ed 4c 82 96 7f 3b 6f 7c eb d1 38 db 4e 4d 91 63 82 b0 e0 2a 7a f7 6a 73 e0 1a 3b b9 ba b9 ac 8d 78 b1 5d ee 91 18 4c fc 01 de 82 98 5a 24 8a 93 1b 20 73 34 6e 69 e9 ac 3a 1a d8 b1 ba 37 3c 69 bb 45 d0 b5 07 8e f7 2f 39 f1 f0 ed a6 f5 91 40 90 1e c8 26 2d fc 8b aa d0 51 b4 91 20 2e 6c b6 52 6d f1 90 c0 07 41 e2 49 3d 3f c3 8b a4 b0 0b 80 12 0f 5d e0 df b1 a7 Data Ascii: @}5&T9fX#Rs4XS',V^W#b9?KTe{_At$6JKq}a_3 0e70,s?Y/_rxL;o\|8NMczjs;x]LZ$ s4ni:7<iE/9@&-Q .lRmAI=?]
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: a3 46 0a 69 ef c0 e6 fa c7 9a 2f f4 d2 8e 18 3c 0e 75 d1 0b 32 72 3b 63 c8 1f 7c 78 23 98 3a db 84 14 af d0 4a f5 89 e9 83 01 2f 1c e9 f3 87 fd 29 d5 cb a4 4a 50 5c 83 15 95 de 6a fb 7f 77 86 5d ee 68 43 b2 80 14 65 d5 5b d2 ac a3 5a 9a a3 b5 2e a3 35 60 9c b5 67 94 c6 30 69 ad ed 70 66 44 d5 ac 21 2f 61 77 39 8e fd 9b bc 9d 18 1a 32 6c dc 6b 22 8c ff b6 7b b4 88 57 d7 b3 41 08 29 95 9e c1 8f 93 59 a9 58 e4 e8 62 ce 83 7d 8d 28 3b 66 2e b7 70 e1 91 e3 d7 28 aa 68 e6 67 c6 2d 13 49 83 e8 3a 68 d3 5d e0 82 b6 9a 47 bc 78 24 75 c1 44 a7 ac 0d 64 a3 d7 20 e7 00 06 bc 90 c6 88 cb f3 a2 1d 55 0d 31 c7 f9 5c 6d f0 2c 13 69 c5 7a 90 84 a6 52 a8 72 fd db 4a 35 70 1c 2e ee ea 21 16 0c 02 de 14 d2 c0 cd a0 ba 1f 66 05 13 f6 51 fa ee 08 5d 50 d2 4b bf a3 89 ab b4 99 Data Ascii: Fi/<u2r;c\|x#:J/)JP\jw]hCe[Z.5`g0ipfD!/aw92lk"{WA)YXb}(;f.p(hg-I:h]Gx$uDd U1\m,izRrJ5p.!fQ]PK
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: ae 03 5c 05 35 50 61 21 32 76 dd d8 99 34 a5 e5 95 48 41 49 d4 8e af fe 7f 37 22 55 7a 41 40 73 87 ad b6 33 59 3b 0a 8e 53 23 c6 f8 ee f1 cd 95 7a a8 0a b6 59 da 69 76 04 65 be 08 f3 6c 99 99 0e a1 8f 33 3e 99 c6 4a ec 85 32 e5 75 98 13 1c 0a 04 c0 05 19 fc 67 74 10 04 f1 4e 26 68 da ff b7 40 57 15 fd 84 3c 61 8e 4b dc 5e 91 75 09 d1 cf 53 a1 42 af 3c 3a 9e af 35 98 72 22 44 70 02 0e e9 cd ce f6 01 20 50 aa 58 49 26 12 cc 45 59 96 33 5e 8e 54 9e cf c6 bd 02 a8 92 f6 bb b5 1d 3c ae fb c1 45 44 d9 6d 3d b7 0a 0d 96 92 1f 91 9e 0f 76 96 66 dc 2f 8a 2b 5a 05 5e 52 43 fc e4 be b7 78 92 69 31 4d a8 57 9c 45 6b a2 f1 92 4f fb 2b 81 e2 53 da ce 97 31 20 4c 8a b1 2b 05 86 b2 a9 dc af 92 9c 01 1e dc 4c 1c a1 0c b4 81 14 03 b0 b4 5d 41 34 44 10 f9 40 ec 2f 1a cb 0b Data Ascii: \5Pa!2v4HAI7"UzA@s3Y;S#zYivel3>J2ugtN&h@W<aK^uSB<:5r"Dp PXI&EY3^T<EDm=vf/+Z^RCxi1MWEkO+S1 L+L]A4D@/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
74	192.168.2.7	49809	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:37 UTC	1097	OUT	GET /mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w48-h16-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:37 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 148 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 19:50:02 GMT Expires: Sat, 28 Sep 2024 19:50:02 GMT Cache-Control: public, max-age=86400, no-transform Age: 14255 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:37 UTC	148	IN	Data Raw: 52 49 46 46 8c 00 00 00 57 45 42 50 56 50 38 4c 7f 00 00 00 2f 0f c0 03 10 85 d3 6a db 96 e5 dd e9 9f 00 5d 40 47 80 c4 04 16 35 31 81 bb 43 a2 ba 47 92 33 82 bb 3c e1 fd fe 77 86 88 23 ff 4f 00 a0 f0 b0 d3 7b 15 50 bd d9 ec 49 29 a5 89 88 88 9b 8d ee 54 1f 2f 5d a9 d8 f6 11 a9 b0 7d 1d 11 31 5e f0 8e 7c d1 b6 7e 13 7d d9 a4 42 d9 cd 42 25 c7 8c 4a 50 cb f6 25 d9 ac 5c b2 ce ac 25 c8 e8 b5 24 98 0d 4b fa 59 2c 22 e8 5c 1a 16 2f 3f 23 02 00 Data Ascii: RIFFWEBPVP8L/j]@G51CG3<w#O{PI)T/]}1^\|~}BB%JP%\%$KY,"\/?#

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
75	192.168.2.7	49812	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:37 UTC	1086	OUT	GET /M5V_64F5d7H1jjSpR1rQCHDffGpl0PgyM1bfgSz4n4FzKxXvf4PJKEq2MkiJgeCEFIM=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:37 UTC	535	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 32964 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13212 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:37 UTC	855	IN	Data Raw: 52 49 46 46 bc 80 00 00 57 45 42 50 56 50 38 20 b0 80 00 00 30 8d 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 a1 2a 36 cb f8 70 0b 89 6a 6e 2d e4 ba d4 49 03 12 ff aa 9c 16 9b 5f 3c bd c9 76 d9 e9 81 10 9e f3 fc 4f ed 97 f7 cf db df 98 be 3b ee 2b da 7f 81 fd 73 fe 1b e7 eb fa 3d c2 fc 9f fb af 32 1f 62 fe 0f fe 67 f8 af f2 df b7 1f 33 3f db ff db ff 65 ee 97 fa df f9 9f f9 7f 9f ff 40 ff d3 bf b3 7f d4 ff 0d fe 8b e1 6f fd 1f dd 1f 7a 3f da ff e6 7e 60 7c 0c fe 95 fe 27 ff 4f fa 4f df ff 99 4f f7 7f fa ff ca 7b b2 ff 03 fe e3 f6 d3 fd 57 c8 0f f4 1f f1 df fa fd b4 bf ea ff ff f7 3f fe ed ff 4b ff ff b8 7f f5 2f f4 1f fc ff e8 fb c7 7f dd fd c6 ff db f2 b7 fd bf fe 77 ed e7 b5 37 ff 0f 60 0f fe 9e d6 df c0 3f ff f0 cb 7a 3a f9 97 f4 9f ec 7f 29 7c fb Data Ascii: RIFFWEBPVP8 0(>](E6pjn-I_<vO;+s=2bg3?e@oz?~`\|'OOO{W?K/w7`?z:)\|
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 3d b3 57 0c da 85 bb 32 12 1a 43 da 04 df 6b 56 53 d8 57 20 bd 1f f9 c2 e8 e2 0e 57 82 87 56 66 0b 45 37 91 6f fb 33 6d b6 97 a3 fb 70 c1 b6 e4 79 a4 10 54 c2 42 94 33 13 9a 02 99 f2 39 97 a4 86 48 41 c8 df ae fb 1b c5 d3 ac ec 35 6e 5d c2 38 fd dc a6 3d 7d 54 e9 26 02 72 a8 62 2d 1d a3 7d 64 bb a6 9e cf e8 0f c4 7a 98 d9 51 92 92 94 4b 5e 7b 4d 7b b5 a4 16 51 a4 ac ae cf 85 7b 45 82 58 aa bd 08 3b 4c 4f 91 a9 84 05 50 0b e9 35 ab 17 e3 85 02 70 5d f2 a2 8b 7d 2e 65 f3 4b 28 e8 8d 66 f3 fb d1 96 b2 6d 96 17 b2 09 9d d9 58 7e 28 ad 32 5f f5 5b d1 2c cd ad 62 51 f5 7c 27 84 12 77 01 19 51 91 2d db 83 b5 ca 44 72 c0 f2 7c f0 71 2c 69 e3 70 2f 1b 07 6f a3 fd fe 4d 58 75 df 97 24 ca 0e 65 67 0e 6c 97 59 98 9f 7d 14 9a 71 17 9f d3 8f d1 d5 94 88 21 c2 e7 ca f1 Data Ascii: =W2CkVSW WVfE7o3mpyTB39HA5n]8=}T&rb-}dzQK^{M{Q{EX;LOP5p]}.eK(fmX~(2_[,bQ\|'wQ-Dr\|q,ip/oMXu$eglY}q!
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 5d 2c e8 22 fc 13 d6 4e 4e 6d 4b 3c 73 57 94 20 94 be ec 4f df ba 22 fd f8 45 a2 b6 c7 70 44 da 6b d3 43 71 55 f9 25 61 da 53 4e 02 4c 7b a1 48 fd f8 37 53 b6 9f c9 70 90 06 6c b6 b0 bf 00 b8 ff 59 e4 5d 69 a7 32 5f 2b 6c 58 34 79 03 e4 2e ea d1 0e 44 fb 84 bd d3 68 f8 72 f9 12 96 5d 36 a3 4b e7 18 9f 7b 71 ea ba aa bd ab fa 5f 1d 11 09 19 a1 38 11 a7 9a 46 ff 59 73 13 39 a7 c9 0c 9d dc 21 9c 57 3a 1a 9b d5 ee 98 3d 60 e1 8e 26 d2 21 3a 26 d3 a0 cb 93 2e 02 5f e5 68 9e b8 4e 25 7a 78 37 89 9a 28 36 18 99 5c be c3 d5 e8 89 70 51 41 a2 03 8c d9 c6 fe 6a 1d c3 59 0e d8 c0 08 79 6e 65 81 65 01 7f 46 00 be e8 b6 f7 b7 d3 84 4b fb 81 a1 ce 27 7c d2 77 c6 af 30 d5 e5 7b 04 e0 67 9f b9 51 a3 f7 25 dd 92 fb b2 b9 69 ad 2b 22 a6 be 4c 50 b8 b7 79 a9 a7 81 8a 8b 41 Data Ascii: ],"NNmK<sW O"EpDkCqU%aSNL{H7SplY]i2_+lX4y.Dhr]6K{q_8FYs9!W:=`&!:&._hN%zx7(6\pQAjYyneeFK'\|w0{gQ%i+"LPyA
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 18 9a ac a1 80 a2 51 9f a8 b0 35 09 4d 03 f0 22 9c 2d dd 28 20 c8 36 2d dc 46 06 5b 33 95 f8 2f 56 ca 74 f2 38 4e 64 1a ae 1e 82 2b 22 e5 b7 64 ee 73 39 9a 28 a5 80 24 51 14 f3 e9 f8 29 c5 4e fc b2 35 2b b6 6f 07 49 d8 08 a0 a3 85 6f ed 23 0f 72 96 3e b6 c0 5f 31 32 27 88 1a c9 b3 d8 a9 58 d9 b3 85 ad 12 8b 13 54 e9 60 59 8a 1a 15 0e 0d ea 6a 76 64 02 cb 1b 38 2b 2e b6 20 4c 86 07 cb 49 66 ae 83 4d c6 af 80 10 15 ec 4c 20 b4 07 6a a4 85 69 f2 ef 40 81 21 d2 ff 0f f2 65 89 b5 4c ff 35 a7 49 14 11 26 f9 4f 13 03 e9 fc 2e f5 20 16 1d 02 02 63 b0 56 36 98 9f b1 4e 91 cd d5 bf a9 a2 d7 6b 14 a5 52 e9 2c 2e 12 e1 dd 77 18 e1 45 6f 11 d0 59 63 96 83 6e f0 ff f0 5e d8 5c 61 55 dd 86 45 34 c6 f5 db 05 64 08 a9 c1 ff 9d b1 89 ec 8e 78 77 91 33 d2 87 fb 5c 8a 83 17 Data Ascii: Q5M"-( 6-F[3/Vt8Nd+"ds9($Q)N5+oIo#r>_12'XT`Yjvd8+. LIfML ji@!eL5I&O. cV6NkR,.wEoYcn^\aUE4dxw3\
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: cd 41 64 18 35 2a 37 f3 c7 93 51 c3 25 c2 33 71 1a d6 b1 3f 1b b3 80 9e 37 5a cd 14 58 28 d8 ed df 62 a0 d1 13 43 92 7c a1 c1 42 75 49 9c 94 ed 0d fb 71 40 9d 88 7e ba 43 7f 11 c1 18 9a 61 ff d8 02 1a 58 50 71 09 6d e0 ae 93 47 56 84 66 bf f7 e0 c1 30 48 f2 e7 57 3e 5c 09 b2 7f 6c 83 4a 4d 79 f7 78 49 14 9f dd 9f 57 12 fe 2a 42 66 f3 67 a5 88 73 0d c8 ae 95 90 40 8b 3c 54 ca 6c 7c af e9 f0 e3 ae 25 b1 28 30 d3 ba 5d 93 43 5d e4 eb de 29 93 ec 39 88 9a e2 43 f5 3c 32 0b ca c8 d6 e6 b4 57 3d a8 bb f8 72 64 bb c7 54 2b 97 12 5f db d8 ec f7 37 21 fa ed ae d4 6e f5 d4 5a 9d 15 f2 3a de 19 bc 4a 9f d7 9b 0e 75 b2 04 7d 71 74 bc 96 88 0d 8d 10 29 bf 1a af bb f4 ef 1d 45 4a a5 78 5a 8b b3 05 e2 e8 9c 85 cd 07 c5 e4 02 f9 01 8c 87 0a 1a c0 95 a0 ed af fc fd e9 95 Data Ascii: Ad57Q%3q?7ZX(bC\|BuIq@~CaXPqmGVf0HW>\lJMyxIWBfgs@<Tl\|%(0]C])9C<2W=rdT+_7!nZ:Ju}qt)EJxZ
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: f8 02 3a e3 89 5e 82 90 99 ad 8b 35 a2 99 a1 39 ba e2 de 2c 40 6e 2c 9a 3a 47 4c 44 c8 c5 6a 3b f2 24 8f 14 ff a3 2f 5d ae f5 f6 ca 89 f2 57 50 02 d3 84 89 06 67 b3 f6 26 bf 54 43 a2 57 fa d5 77 05 45 8a 8c 3a 17 65 fa 3e 42 01 e8 22 3e 7c 00 26 47 63 a6 9e a7 c5 52 1b 96 58 b2 65 5b 87 c3 95 6a ef 41 90 de e0 fc 03 5a 41 64 9d 44 67 77 86 49 12 00 33 ed be 73 9f e5 f4 7e a2 17 93 2e 0d 65 99 2a 44 8a 55 a4 e0 f3 a5 7c 77 2d e5 20 96 47 84 fb f7 24 76 1a 95 4b db bb 31 08 5f 28 bc 75 a9 50 11 d1 75 88 47 13 c5 a2 38 6d 9e 49 46 79 ae 0b da d4 1e c1 ff 9d 7d 2d ac fc 9c c6 56 cd f7 0f 62 18 44 aa 7f 27 1c cd 5a 66 4a f8 06 ea c6 62 8f ae 33 ee c3 4b 42 5b 48 a2 b1 c6 bd 3f 02 51 06 3a 3d 92 ed e7 34 ee a6 f1 27 17 ff 7a 11 1d 43 72 72 dc 4b 1f 0d 9a 90 fa Data Ascii: :^59,@n,:GLDj;$/]WPg&TCWwE:e>B">\|&GcRXe[jAZAdDgwI3s~.e*DU\|w- G$vK1_(uPuG8mIFy}-VbD'ZfJb3KB[H?Q:=4'zCrrK
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 4f b5 7a 52 85 57 58 4f 4c 29 35 6f 18 8c 88 b8 e5 43 42 c4 8d ae 22 68 b6 7c ef da 0f f3 10 91 01 77 f6 dd 48 61 65 40 c0 bf 30 3d fd 2c cd 73 2e 2d 68 39 d0 25 b8 85 52 e8 1d bf 12 12 b7 7f 75 cf 25 47 32 06 43 70 4f a5 39 30 11 99 63 8d ac 3b 55 fa e1 a5 40 c2 fc ac b5 19 57 8d 1c d9 46 df ef 25 83 d2 6d 90 c2 cc e6 43 53 92 76 05 e3 c6 2d 6f d8 63 95 09 17 3d 40 a0 5e cb ca 62 eb 3c 64 c3 ee 0d 1f d1 e0 60 f7 d1 a0 13 7c 9d a9 62 aa 03 3f 07 05 65 a5 1c f6 6b de 5b 21 ef 49 40 6a 09 f6 78 d8 f8 90 19 bc 50 40 a2 a4 54 38 bb 0f 00 bb 7e 4d fe 2f 12 4c 67 78 93 f8 af c7 97 e8 c4 74 21 c1 38 1e 19 b4 63 77 f8 a9 e9 7f 1b f1 bf 44 08 e7 a9 29 60 b7 29 c3 b4 d7 2c b2 de 15 42 3d 43 f7 c4 8b 9b b0 7c 39 8a 9b d6 25 b1 03 51 ac 12 4d 89 38 d3 46 97 46 64 33 Data Ascii: OzRWXOL)5oCB"h\|wHae@0=,s.-h9%Ru%G2CpO90c;U@WF%mCSv-oc=@^b<d`\|b?ek[!I@jxP@T8~M/Lgxt!8cwD)`),B=C\|9%QM8FFd3
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 41 cb 3d b3 00 6a e8 6b c8 13 b9 a4 b7 c0 71 18 5b 58 19 6f c3 7b 3f f3 0a af 4c 26 cc 85 e0 d7 7a 95 e7 60 1d 0e e8 5a e5 c4 c0 cd a2 16 a4 98 e3 47 05 70 d1 3d 74 fc 15 da 70 a2 91 b1 c3 e5 8d 74 ba 83 28 d8 01 75 79 3a 2a 54 cd 8e 83 83 d0 b2 27 b1 cb 7c b5 62 4f 8e 14 9d 44 f2 be 8c d1 77 04 2d a4 34 64 44 fd e2 b3 58 88 93 a4 a0 cf b5 4b 14 b9 41 6b 6c e9 c8 aa 12 e0 91 5e 48 23 ef 23 0a 51 a5 af 2c 80 fe 01 8b 13 ac 3d 91 12 da 7c 2c d4 45 95 96 75 20 35 a0 91 6d 71 81 dc 00 22 d1 44 85 9c 40 79 8d d6 ed 75 cc 86 24 ce 4e 4d 99 86 f3 4f ea 01 c4 83 28 ef e9 38 d1 05 f8 8f af fb b9 47 ed b3 67 03 6a 08 e6 5d 53 55 d8 56 ce d2 8b 21 3f cb 3e 3c 98 9d 19 0d c8 7a 2b a9 8b 2c 1d ce e5 d6 d1 55 3b 9a f6 eb e6 bf c3 91 b3 17 e8 5f ad 98 7a 4b 7f 4f 68 c7 Data Ascii: A=jkq[Xo{?L&z`ZGp=tpt(uy:*T'\|bODw-4dDXKAkl^H##Q,=\|,Eu 5mq"D@yu$NMO(8Ggj]SUV!?><z+,U;_zKOh
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 49 3c c2 f2 d7 2c 35 1b 4a 7f 04 58 40 1a 83 55 1e 58 a6 ca 6e f0 7a 11 2b ca 3c eb c4 33 28 94 e9 df 1f 10 f8 01 31 c9 c4 ce 6e 9d eb b1 9e 5b 1f 89 9f 09 59 98 f2 ff 2f 8c 08 17 0a 8e 31 e8 1c d1 ca 5e 0a 98 d6 83 17 00 33 c7 13 76 8f 1a ec 8f b4 dd 86 b5 86 57 7a b4 da 09 1f c8 f6 b2 2b c3 50 59 58 26 77 c2 11 62 00 6e 4f 3f 1c 95 75 2a 05 7b b9 a1 53 82 77 6c ec 39 da 13 de db 60 20 b5 1c f2 46 51 9b 8d 17 a4 91 95 4d 2f c9 f5 f7 5d 04 e4 f6 f0 c2 ff ab a3 d0 19 57 57 20 4c 2e 3b 5a 82 92 9d d2 55 7c b1 cf 71 8c 28 02 fc 42 03 e3 2d 1f 47 6d df fa 0e 7d 39 2d 00 dd 53 89 61 f1 15 fe 99 d4 9c c1 cd ed 14 a9 df 69 1e 35 bc cb e5 c4 00 db 98 9a fc 26 92 c5 be e7 d2 85 08 c0 52 a2 5f 17 c5 34 48 d4 18 53 53 ff 8a c9 aa 98 50 c3 76 d1 0a 7e 13 af 03 73 4b Data Ascii: I<,5JX@UXnz+<3(1n[Y/1^3vWz+PYX&wbnO?u*{Swl9` FQM/]WW L.;ZU\|q(B-Gm}9-Sai5&R_4HSSPv~sK
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 6e 4c d3 2f d0 94 8a e5 75 a1 d1 5e 9d c9 74 8b 36 19 22 16 91 05 6f 78 0b 4c 87 61 d0 7f 21 d0 04 2b 7a 2b e5 98 e9 35 af b8 c4 f9 49 ee 0e 3a 8b a9 19 7f 7a 6f 27 2c 7f 9a 12 f9 2f ca 8b de 1f 5d 02 ed 38 01 4f 3b 4d 38 bc cb 57 b7 67 4f ed 40 f7 34 ec 1d ec d8 71 fa 65 54 56 c9 c8 2e 88 c3 31 76 68 f2 a5 c8 6d 58 8d 73 37 3d 0a b8 3b 7e b3 70 92 e3 4d 8d d9 8f af 4d d0 92 90 6c 8c 9c bc 8c 40 1b f5 91 56 e6 ab 20 7b af a4 01 18 1d 5b 4f 2f b7 ad b3 39 b6 72 e6 ee 92 0e 1e 94 26 bf 1a 1a fc 47 bb 39 4a fa 98 78 28 0a cc b3 ed bf c1 4a 60 49 89 9b e1 ba 7e 51 c4 40 4b 76 a9 94 be 27 ac 36 6e 35 4b c3 b9 71 6f 72 ad 64 8d 94 71 0e 35 5d 4a 69 42 2c 34 a9 df 97 db a6 0f 3b f8 49 26 1e 7c ed a0 ef 10 76 51 c5 a5 c5 ca a8 53 b6 be dc 92 60 e5 1c 17 dc 67 88 Data Ascii: nL/u^t6"oxLa!+z+5I:zo',/]8O;M8WgO@4qeTV.1vhmXs7=;~pMMl@V {[O/9r&G9Jx(J`I~Q@Kv'6n5Kqordq5]JiB,4;I&\|vQS`g

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
76	192.168.2.7	49808	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:37 UTC	1087	OUT	GET /FmQqtyc4yebncKY9K97-_fmJJl2jIq82kXB5nJY_xFEcTSHXjmZf1choL9-04ic2aVlx=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:37 UTC	535	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 34894 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13212 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:37 UTC	855	IN	Data Raw: 52 49 46 46 46 88 00 00 57 45 42 50 56 50 38 20 3a 88 00 00 30 ab 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 95 3a de 64 38 05 c4 b3 36 dc be 56 da 44 23 f7 28 ff f7 2f ee fa 6e e3 df 56 7f 07 fc 87 ee 47 e5 7f cc 37 23 f7 77 f0 3f c2 7e c8 ff 13 f3 dd fc 5e d2 7e 5f fe 07 9a 27 b1 7f 0f ff 2b fc 87 e5 2f cd 2f f9 3f f7 7d 9d ff 5c ff 49 ff 53 f3 ff e8 23 fa 27 f6 af fa 1f e3 7d d6 7f e7 f5 a7 fd d7 fe b7 a8 cf e9 df e4 7f f8 7f 97 ff ad f1 23 ff 47 ff 4f fd 5f 78 3f df 3f db 7f e4 ff 47 fe ab e4 13 fa 67 f8 8f fc 5e bc fe cb 3f de 3f e7 ff ff ff cd f0 0f fc df fd 57 ff 2f 69 3f fb ff b8 bf 0c df db bf e6 ff f1 ff 67 ed 43 ff af d8 03 ff b7 b5 c7 f0 0f ff fc 66 7e 49 7e 67 f6 eb c3 7f 33 fe fd fe 23 f6 d3 fc 67 ed af de 6f e9 19 93 f8 ef ec 7f f1 7a Data Ascii: RIFFFWEBPVP8 :0*(>](E:d86VD#(/nVG7#w?~^~_'+//?}\IS#'}#GO_x??Gg^??W/i?gCf~I~g3#goz
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: b2 e5 6e 1c 96 c0 a3 6c f0 0f db 40 5e 5d 3a 68 6d ed bd 5e 4b f0 d0 00 e6 aa ce 45 77 af aa cc 5a bf aa ac 59 9e 6d 50 bd 9e b2 58 9c 12 55 a7 0c 53 d4 e3 60 d3 52 24 19 ad 8f cf 13 e8 e3 74 fc c8 79 e3 9c b2 bd 96 34 e8 46 18 09 c1 a7 a6 85 64 b0 17 f5 47 3d f6 dd 24 ac ad 9f 5c 33 63 0d 5e af 92 68 86 1d e9 b7 df 28 f4 9d f3 5a b0 1e 97 e4 0f b5 e3 15 9f 3c 4e 89 fb 8c d9 5e 50 e8 bf e5 be fe 87 69 65 3d 47 ac 04 d4 e4 27 73 4a d7 42 40 28 16 b2 f7 4f fb 84 9e 96 fc 7d 26 1d 98 b1 98 b7 59 53 fc 54 66 31 1b 97 fb 04 9f 23 0a 2a f6 74 2f 2c 97 7f 68 ed d8 8a e4 92 e0 c1 fa d8 68 53 97 5e 0a a6 1a e8 5a df 48 41 23 07 eb fe 3c ca 4a 16 05 f9 b7 f4 eb 61 9a 31 1d c9 b5 ce 33 61 e2 cb 86 52 ad de c4 a4 ad 7e a7 da 1e 54 fb 34 d6 69 02 97 bd b1 81 e6 03 aa Data Ascii: nl@^]:hm^KEwZYmPXUS`R$ty4FdG=$\3c^h(Z<N^Pie=G'sJB@(O}&YSTf1#*t/,hhS^ZHA#<Ja13aR~T4i
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: e4 fb ec 2e e8 eb 25 e0 50 c0 f6 c2 2d da 53 92 eb b5 ef 2c 82 90 f7 6a f5 60 7b bc 03 bc d6 52 d6 5b 50 2f 9a fe f2 88 71 08 09 cb e2 4d 0b 56 df 00 8d 7c 76 9d ea 9a c5 95 05 e4 33 27 e9 19 28 99 63 da 08 8b 1e cb 5c 18 10 82 ab 36 0d 3b 4b 90 11 99 c7 d1 61 45 53 9e b7 df d2 df ac 37 9c 2d 08 14 b8 ff 2b f7 2a f4 42 18 31 27 6b 3b 0c 6e 1d 5b ff d1 ae 15 41 da 42 cf 0c be f4 57 b3 2b a0 b1 1c 61 b4 6d 3c 90 bc d3 78 3c 09 d8 2a 8a 28 38 ae ce 3b 3b 6c 5a a1 84 38 73 81 2d 4c 38 63 6c f5 d4 7e 88 8b 94 96 f2 9f c2 f4 d0 70 f8 c0 81 2b 7a d6 86 93 8a 74 0a f0 89 0c 3d a6 8a 9a 97 a5 b5 35 84 1b be 60 20 a9 9e 00 5f 6c 41 08 70 a9 9d 2b fd 0e 2d 30 92 18 3c b8 00 23 bc 2d 63 fc f3 c3 3b 09 04 10 91 b1 ed b8 dd 98 f6 d9 ff 37 d7 a2 7b 72 ee 2c db bd 72 c5 Data Ascii: .%P-S,j`{R[P/qMV\|v3'(c\6;KaES7-+B1'k;n[ABW+am<x<(8;;lZ8s-L8cl~p+zt=5` _lAp+-0<#-c;7{r,r
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 77 f7 3e a7 e7 85 c6 16 d7 06 e2 16 68 98 6f a4 78 90 77 17 26 8d cc 77 90 bd d4 12 1d c9 3f 3d 3f c1 18 0b ef 21 e3 62 a7 7a 3f c0 19 0c fa 05 17 4e 09 f2 56 2d 2d 29 c2 ef e9 c9 cf b6 42 3b 87 cd c8 df b8 48 69 26 98 b8 ca 87 60 08 2e 0e 61 02 9e cd a0 d5 68 4a 6e 94 7e cf d4 28 fb 39 34 a8 2f 24 69 8b 0c 21 0e 6f ca 40 ae 11 d8 f6 ab 04 10 df 27 d7 14 12 c3 ce 72 f9 9e 5d 43 30 45 e8 66 b9 22 94 47 dd 1d 77 8a 8d c8 59 af e2 7a 0f e2 2e 6e 52 3f c1 42 3f 73 e1 63 dc bc e6 1b 2d 6e 31 c9 ae d6 fa 34 f5 af 37 8b 3e d2 11 5c 12 cc cc c2 8b a8 e9 f2 ab 3c c9 a8 c9 81 6a 15 bf 1d 67 00 67 39 b6 dc f7 c4 4e 63 90 84 84 b1 42 11 da 78 92 01 40 51 b2 59 b0 e4 6a 03 25 ce e8 17 5d a8 0b e2 15 00 30 18 cc 2b b3 b8 f1 c9 35 2a 6e c5 d7 5d d7 ae 68 0e 00 b4 ac 20 Data Ascii: w>hoxw&w?=?!bz?NV--)B;Hi&`.ahJn~(94/$i!o@'r]C0Ef"GwYz.nR?B?sc-n147>\<jgg9NcBx@QYj%]0+5*n]h
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: df 3d 69 2a 4a 7a 02 5c ab 02 5f 81 07 eb 3d a8 99 bd 6b b0 e2 dd cc 6a 8f ea f6 52 0f a2 95 de d8 f1 2f e5 3a 38 52 ee 27 9c 1e 9d 97 77 ae ea 66 7c 58 a2 0c 5f b6 79 e1 d2 5e 76 68 92 58 7f 7f 26 ab be 54 0f 43 f6 e5 a8 22 62 5a 89 01 7f 59 d2 25 6c 7f 41 ff 0e ef 2c f7 9e a3 5d 58 da 85 1a 01 b1 70 56 e4 b1 94 92 95 3a 2a 04 f3 ab d5 c7 29 b2 35 2d 7e 24 56 22 2e e1 b8 b0 ee f2 0e 89 00 97 86 73 9f 6d ba 4e 53 a5 50 ce 91 2b cf 40 38 da 42 64 5d 65 21 6b ad 44 73 aa e5 fe d2 32 c3 4b 88 06 eb 7d 79 a5 15 e3 eb e9 2e ca d3 1c e0 32 5e 80 f5 91 27 e2 3c fd 38 ab a2 4c 58 48 99 eb d3 c5 9e 44 39 cd b1 7c 74 4e e0 61 6c 97 da 04 4d d8 dd e5 dc a3 56 65 48 b1 8d ef 09 a3 24 66 c9 26 c8 48 06 c1 26 d9 e0 38 67 4f 95 26 27 37 62 c1 50 fa f8 a9 0b 02 da 87 cd Data Ascii: =iJz\_=kjR/:8R'wf\|X_y^vhX&TC"bZY%lA,]XpV:)5-~$V".smNSP+@8Bd]e!kDs2K}y.2^'<8LXHD9\|tNalMVeH$f&H&8gO&'7bP
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 23 7c c6 da b3 5f 91 dd f9 65 05 f1 5a 0d 00 45 97 cc 02 1b 3c 4a 4a 67 8d 35 36 88 1d d0 91 85 30 b7 27 e6 f9 bb e9 4a 75 cf ad 03 53 a5 f8 ca 98 18 23 98 20 ee 8f 85 86 41 9f ca 09 31 17 a1 9a 1a d2 e6 15 5b 90 91 b9 4a bf f8 e3 88 0f 69 a0 60 26 c1 eb 20 5f d2 26 f0 1c a0 7d c7 81 23 ff b6 5b 47 86 98 82 72 29 85 f1 c1 16 63 b0 8d ae 76 40 43 48 f4 4b a6 3e 12 d3 7e b2 9a 5e 19 b1 96 c9 f5 9a 55 17 6c 74 23 85 33 fd a5 b2 24 55 75 36 e9 56 22 02 89 3b 91 dc b6 07 98 6b 9e 53 09 ae ff 45 1f 41 4a e2 70 9e 1b 2c 00 d4 6e 19 5f ba b0 91 62 62 6d 0a 8a 75 42 b5 ba 11 5d 0e 60 41 04 18 75 bb b4 9d a7 73 3f a4 2d fb 78 b2 62 d4 ca 6e 14 15 79 9d 0b 1c 34 b9 5e 2b 60 34 41 97 2e 8a 22 e1 c4 61 ac ab 92 1c 9e ce 52 b4 b5 5a e8 cb 76 f2 46 2b 86 65 21 25 69 2c Data Ascii: #\|_eZE<JJg560'JuS# A1[Ji`& _&}#[Gr)cv@CHK>~^Ult#3$Uu6V";kSEAJp,n_bbmuB]`Aus?-xbny4^+`4A."aRZvF+e!%i,
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: f4 a7 ef 70 87 30 11 2d 54 0c a1 52 17 1f 4d 38 40 d2 3c 8c be db 2a 7f 2e 2d 7e 23 62 fc 23 1c f2 36 d3 e7 d1 ef 45 33 4e 3b dc 81 fc 23 a6 b3 be a8 22 78 ae 37 99 26 2d c9 00 c3 ce b8 88 f8 c8 3b d8 1d 35 44 90 d9 7e 47 a1 05 2e 05 ee 51 8a 90 e6 a9 b7 1d a9 4b 6c b8 ad 66 33 49 6d 56 8c 91 d5 d2 07 d3 be 47 00 34 eb 17 46 d2 88 bb bb 34 96 4a 4a 22 65 f2 2d f8 e1 b7 7f 5e 65 a3 b9 e1 28 52 93 70 e8 5c 6e 19 73 16 a3 91 51 9d ac 84 a1 2f 27 0e 34 74 fc 8f 58 e4 25 42 59 ab 5e 59 87 63 6d a3 4d dc 5a 8f 86 16 6c d1 c1 28 50 c2 fa 1e 0b 52 2c f1 c6 01 24 a5 33 97 05 dc 30 5a 8d 80 0e d0 f7 04 f2 14 05 bc df 5d 6e 50 db 62 e5 8a 0e 2e f3 c4 bc 1b 2f 79 07 f3 96 0a 43 66 c9 84 fb ee 05 0d 0e f4 4e cc b2 75 f8 0e 7f ab ed 7a 09 48 c4 4e b4 e6 b4 41 1a f0 66 Data Ascii: p0-TRM8@<*.-~#b#6E3N;#"x7&-;5D~G.QKlf3ImVG4F4JJ"e-^e(Rp\nsQ/'4tX%BY^YcmMZl(PR,$30Z]nPb./yCfNuzHNAf
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 6c c6 99 2d 0f ce e9 7a 0d 41 d5 06 fe 37 e9 bd 01 ab 37 c9 e9 9a 5f b6 70 0f 63 7f e5 f3 69 33 80 b3 25 9f 0a c2 4a cb ab b4 24 41 6f c7 af 8c 74 49 7e 39 b5 f6 d9 e0 48 a0 5b ba 13 7c 09 a7 3e 1e 36 9a 10 8d 03 17 96 46 80 56 4c 50 d1 3e 49 23 fc 90 0e d1 a7 22 d4 53 ab 78 54 d4 bb d4 98 83 3d 40 7f 04 7c 69 48 17 ab 22 45 d5 31 9a c8 78 47 74 37 1a 78 16 9a a2 af ea 8e 58 3e 41 23 d4 bd ad 25 89 e7 c3 9a ce 6f 50 55 aa b3 7b 23 2f b4 fd ba 91 24 a3 e8 41 7a 3c c1 23 af 79 24 17 3e c9 2b 05 d5 95 4a 2d b6 5a d1 2d 83 65 de 18 80 71 b2 77 9b a1 4a 20 c5 06 4c 7b 24 2c bc 1d 61 23 ee 9f f5 97 84 ad 9c c4 ab b6 ba cf 17 63 ab dc 13 39 03 f3 ab 69 f8 ec 34 88 fb 06 3f 86 04 e5 9b d1 3f c8 fb 85 36 52 a1 9c b8 86 c4 33 76 0a a6 1d ad 4d 69 5f 88 fb 76 bb 27 Data Ascii: l-zA77_pci3%J$AotI~9H[\|>6FVLP>I#"SxT=@\|iH"E1xGt7xX>A#%oPU{#/$Az<#y$>+J-Z-eqwJ L{$,a#c9i4??6R3vMi_v'
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 73 00 e6 47 e8 cc 27 0c 99 4e c3 2e 82 e6 74 f3 3c 3b 94 fa 11 1b 4f 0d 8a 38 81 47 03 af 58 e5 a1 49 ec bf 9d 42 68 8f c8 4f 41 aa 25 3e 0d f3 e9 3a 31 42 21 9b 4f 35 13 7e d7 69 d5 de 26 33 d0 8a 4a 91 1b 87 55 30 13 58 a8 6e 02 7d a4 45 72 ff 2c 88 b3 a0 c0 1b fc 1c a2 75 00 3c 3f ce 0f a7 25 37 03 51 88 cd d9 2d 31 9d 07 1e 74 01 69 69 b5 90 23 21 03 70 b7 55 08 8c 1a 02 0a fe 1e be 63 e0 a0 08 b8 df ea 62 0f 6f 94 fc 48 d0 2e ce 74 49 1a 4c ca 49 bf 73 91 24 43 19 30 f4 4d ab 35 b8 43 f3 f3 c9 53 41 22 9b 08 3a 70 d0 29 14 87 a9 89 99 01 7e 00 02 c5 7f 52 65 b5 0a 71 61 91 ca f8 5e 37 d1 c3 57 f8 38 4e a8 0e 39 d9 b3 34 20 4a 06 3f d0 ea 83 31 37 84 0b 10 0d 92 c7 2c f2 d3 b6 0d e6 a8 b7 f3 10 ef ad 7f fe a5 9e b4 39 75 83 8d 84 e3 02 a7 4f 1c 8c 8d Data Ascii: sG'N.t<;O8GXIBhOA%>:1B!O5~i&3JU0Xn}Er,u<?%7Q-1tii#!pUcboH.tILIs$C0M5CSA":p)~Reqa^7W8N94 J?17,9uO
2024-09-27 23:47:37 UTC	1390	IN	Data Raw: 60 83 d1 fa 4f fe 79 7f b6 0d c9 e3 cc 27 35 d4 3b 8f 4e a8 3a 28 e2 cd 6b 49 25 1f 3c 4d 5b 91 11 59 69 12 31 cf 22 2f 8b 8c 4b 24 a1 29 96 0c 5c c2 9a 24 27 fd 34 bc 3f 28 98 0e 21 ad 50 e6 73 81 f4 ed cc 19 dd ac 80 74 57 2d 81 db 2a f1 b4 67 03 c3 0a 52 3a ee 58 61 8b fa 6d 8f 47 0c 5b 60 50 de b3 f2 e9 c5 d2 54 eb 1a f6 9d 5c 62 4c 1b 6c 73 a3 0e 18 4c cc 7e 94 8e c5 e1 c1 95 d3 42 f6 b7 bb 31 43 34 47 13 75 10 ec 23 02 cb c2 de ce 4c 47 3b e0 83 55 44 dc cf fc b1 b2 a4 da d0 b6 15 7c 7c 2b a6 5f e6 76 b3 1b bb 7c b1 c4 b6 53 92 e8 58 12 b5 56 35 b0 8a c3 e9 13 47 75 1b 67 14 3a 4f 20 9e 8a 33 86 bd 99 d2 74 b2 4d 8d 41 54 c4 e1 89 1b d3 1e 64 93 50 36 1e dc e9 4f 78 0f 2e f2 b7 13 d7 9f 0b 87 f2 92 54 a4 68 f7 58 42 47 f3 66 cd ea a3 49 cf 46 53 e3 Data Ascii: `Oy'5;N:(kI%<M[Yi1"/K$)\$'4?(!PstW-*gR:XamG[`PT\bLlsL~B1C4Gu#LG;UD\|\|+_v\|SXV5Gug:O 3tMATdP6Ox.ThXBGfIFS

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
77	192.168.2.7	49816	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:38 UTC	1086	OUT	GET /mqmlU6mUH3kD4vLaikeVQOC8gmOCc0kf9YRgnVVw7vLG4oNQ-OQH7vAOaNOzacBbUYE=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	535	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 33844 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13213 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	855	IN	Data Raw: 52 49 46 46 2c 84 00 00 57 45 42 50 56 50 38 20 20 84 00 00 90 a4 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 a4 2b 96 fb f8 80 0b 89 6a 6d 31 20 4f 1b 44 03 79 11 11 11 e9 60 e0 13 20 1a 33 e4 5b e7 df 7e 5a fe 5d fc c5 f1 bf 6d de ca fc 1f f9 6f f8 7f df fe 7a 3f 7b dd 6f c8 7f b6 fa 8e f8 2b f5 ef e1 ff e5 7f 90 ff 2b fb 59 f3 37 fd e7 fe 9f f5 9e ec 7f a9 7f 90 ff a1 fe 37 f7 e7 e8 1f fa 4f f6 0f f9 1f dd ff ca 7e d3 7d 1d ff a7 fb b7 ef 2b fb 47 fd 1f cc 0f 81 9f d3 bf c4 ff e7 ff 5d ef 23 fe ef f6 e3 dd 7f f7 bf f3 7f fa 7f d3 ff b2 f9 02 fe 8f fd e3 fe f7 ae c7 ff ff 73 ef f0 ff f3 3f ff ff f9 f8 0b fe 87 fe 97 ff cf b4 77 fd ff dd 0f 85 df ed bf f4 bf 70 7e 09 ff 6b ff f7 ff b5 f7 00 ff ff ed 99 fc 03 ff c6 b3 ae a0 78 67 f9 4f d5 bf 9b fe f9 Data Ascii: RIFF,WEBPVP8 *(>](E+jm1 ODy` 3[~Z]moz?{o++Y77O~}+G]#s?wp~kxgO
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 5d e9 81 92 0f d3 6d 1e 7e ec 5d df 89 a9 e0 7e 32 5f ef 62 f3 8d 46 d7 6c 73 32 8a ef 43 f1 4a 44 b4 4f 78 f2 70 0f 53 3b b7 64 06 99 97 be f8 69 d5 81 17 19 90 d3 fc b4 c8 9e 8c e8 9c 4d b2 79 ed 46 8b 1f 97 36 1f c9 d1 69 ac d8 29 50 72 a5 72 79 e3 63 6b d4 9b 36 07 b1 62 60 e2 fc 3f c9 ff fc 66 3f 5e 7e 16 bf f9 10 b7 3c a6 7f 2d af 31 6f f3 19 21 10 3f 65 0d 28 23 a0 64 0d c5 a8 71 ab ea ce 87 68 1e 35 69 a9 4e a4 03 81 d2 cf 34 f5 5e b8 5f d0 6d a4 7c 26 89 cd 3a 50 fd f9 33 fd 1f d0 97 27 48 87 0d 39 b6 3d 44 fd 0d ad 3f 2c d2 b3 80 00 c6 3e fd 7a a4 bd 48 92 5b e8 a5 50 58 81 87 eb 32 13 64 09 09 1d 27 01 ad dd df 80 e6 36 14 dd 55 6e 8d 8b d5 51 20 fa e1 50 9f 4d 9e 76 b2 cd 40 60 69 e7 56 50 30 2b 9b 3e f0 e4 dc 09 7f d0 6e 48 ce 76 a5 e1 0e 2e Data Ascii: ]m~]~2_bFls2CJDOxpS;diMyF6i)Prryck6b`?f?^~<-1o!?e(#dqh5iN4^_m\|&:P3'H9=D?,>zH[PX2d'6UnQ PMv@`iVP0+>nHv.
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 64 2a 1d 4f 36 30 59 67 93 24 4e 74 60 2f 1e a6 71 fe 37 de bc 61 d4 86 97 79 8d 90 24 7a 0d 7a f0 3d 9a 75 76 f5 57 80 44 c7 e7 2f 2c 86 70 1a 79 b4 00 ea 6f 8c 91 a2 a5 83 7a e4 83 41 b3 09 82 06 54 57 2c 4f d6 74 dd 4d b9 5f 10 0a c9 16 ac e9 72 8a 53 92 7f bb 1c cb 56 9b e6 84 82 a1 ad b1 17 f2 9a c8 ec d4 31 71 04 ea 13 83 b8 74 2d 3e ff 29 60 a8 89 05 c8 34 8b 9a 05 49 83 89 ed 2c a4 0b dc 2f 7d f4 f4 1d 7c ef 04 ea 5f d9 67 81 a6 f8 39 4a 62 ce 1a ac 5e d6 84 e7 38 d4 70 e0 ef a2 72 e0 79 c0 77 36 4c 53 f2 d3 48 ef 2c ee cf 99 84 aa aa 00 ed e5 f2 d7 3f c6 f6 9e d2 6f 68 23 18 a6 d1 6b 07 ca d4 90 64 58 64 4b 5a 50 46 4f d6 3c f5 82 f7 3e 2f 03 52 11 b0 42 6a 83 0f 6e 74 e9 e1 44 1e b5 5c 70 ff 9e f5 6e 1d 84 b1 fe fa c0 77 a6 54 23 26 21 d8 48 df Data Ascii: d*O60Yg$Nt`/q7ay$zz=uvWD/,pyozATW,OtM_rSV1qt->)`4I,/}\|_g9Jb^8pryw6LSH,?oh#kdXdKZPFO<>/RBjntD\pnwT#&!H
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 60 4b 37 63 ff e1 9b 1d b6 87 43 27 82 05 cc 8a c1 ed a8 a0 35 f4 eb ff c8 dd 42 1b b0 79 25 43 37 b8 8c 1f b9 4c 70 af 52 ff 2d e7 85 13 d9 15 ea 6d c5 1a 99 6f 19 37 74 da bb 63 13 63 84 59 bb 25 69 b0 ec fb fd 77 bd 27 70 45 78 6a a4 ad 37 e2 bf 86 c2 a3 dd 36 20 96 21 8f d5 6e 4d d0 f0 7a 69 07 e2 3b 52 7f 02 85 ad 55 6e 9f ed 8f bb 67 3e 81 19 4c 27 fe 15 ce 1b 40 ab 07 5b cf 41 f0 13 32 98 4b b1 7b f4 61 d9 72 ea 69 ac 2d 33 03 a9 6c e7 0c 8e d0 20 14 90 21 d9 8e 4c e6 c4 8e 37 75 b7 6b b5 08 f4 a7 2d 84 94 74 7b 0e 61 86 1d aa e6 83 53 d1 0e 1f 76 20 49 b0 88 b6 84 0e 1a d5 a6 7e bf 69 66 7d 4e 94 09 5d 68 c2 fa 44 d9 03 e8 ba 0b 67 52 c3 85 3d e6 31 f7 73 a0 14 5a 7d db 01 a4 2e 0c 98 c8 bf cf 18 a1 43 be 7e 78 f8 78 18 6c bd 4a 35 9a db ca 05 12 Data Ascii: `K7cC'5By%C7LpR-mo7tccY%iw'pExj76 !nMzi;RUng>L'@[A2K{ari-3l !L7uk-t{aSv I~if}N]hDgR=1sZ}.C~xxlJ5
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 83 5b 4f 87 1a da 46 95 2b 6a d8 16 29 76 6b 9d e0 ef 9b da 86 d0 47 db 59 c0 2f c0 4a 25 39 fc 90 ad 63 de 95 55 d9 53 4d 93 17 21 44 e4 86 ae 7e 0b 2a ba 95 c0 84 f4 2c f7 14 7a a5 8f a4 bc 84 db 3c 81 a6 87 78 34 45 37 98 bd 51 1a 19 9c 91 6d f3 19 fe 55 4b 9b 09 82 c5 84 06 84 d0 c4 5d 40 da 2f 9d e7 99 2b 4c c4 49 50 79 18 09 77 6b 22 c4 37 65 dc 8e 9a 8b fc f0 24 52 55 d1 b6 46 5f ca 78 a2 7c df 9c 3b 8e 19 5d bf fa 19 2a f5 ee f3 f3 8d ba 6e c8 19 df 44 75 32 09 84 69 da 47 a9 66 03 15 bf 86 56 ba 5f 67 09 0f ef ec 47 49 bb 29 17 0f 5c eb c5 fe 85 de 79 cc 7d d3 ee 61 8f c3 27 dd e5 40 0b 98 24 a0 3d a3 78 8e 27 9b ee 33 92 f8 26 1d 02 87 b4 f1 2e ad dd 81 34 f9 76 92 12 97 b0 7e a7 74 99 55 12 4f 9b 0c a4 dd a2 70 db 10 a6 49 b8 31 c3 0b e8 07 d1 Data Ascii: [OF+j)vkGY/J%9cUSM!D~,z<x4E7QmUK]@/+LIPywk"7e$RUF_x\|;]nDu2iGfV_gGI)\y}a'@$=x'3&.4v~tUOpI1
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: b3 12 20 42 2f be 49 9b 0e b3 3c ed 01 8c f3 de 74 6e 14 e4 46 f3 0c ec f9 1a 15 ec f1 6c b7 6f 45 a3 78 39 18 f1 6c 98 15 07 be d4 9a 7e 5d e6 20 ac 99 17 fe 0a e0 a8 dd b0 66 59 b8 4f cc f7 88 85 93 2c d6 9f f4 d7 dd 3a 03 c5 8f d7 cf 58 b7 86 6e 20 47 7e 51 c9 d8 67 75 41 2e 41 af 6c 80 cc 47 ce b6 0f 71 e9 71 59 c8 9d c5 f9 ea 58 29 05 42 93 67 c0 a5 47 06 4c 56 a1 a1 2c a0 48 ad 06 80 b0 0b bb 03 7f 7d e3 a1 f7 e2 31 54 dd 2f ca 3f f1 7c 57 c4 1c 00 bc a1 44 d5 95 55 02 23 aa ab f6 ab ea 88 6d a8 42 17 b5 dd 7f 14 90 bf 8d 6d bd c8 01 3f 73 bf c9 a7 e9 3b ef 3a 4a 6f d8 36 f5 42 c7 72 a2 60 0b 27 07 ff 06 59 64 71 b0 0c 7b e5 4c 70 4c a5 15 9d 03 b2 81 2f bf f7 27 ac 1a a9 5e c3 32 0b da 2b 86 a1 8a d2 74 4d 39 72 8c 63 f8 b0 23 87 b1 5b 3d 9f 2d 6e Data Ascii: B/I<tnFloEx9l~] fYO,:Xn G~QguA.AlGqqYX)BgGLV,H}1T/?\|WDU#mBm?s;:Jo6Br`'Ydq{LpL/'^2+tM9rc#[=-n
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 32 85 90 ef 53 ca d7 87 7e 72 cb 8d 99 42 49 e2 07 87 e6 b0 9c e9 7b c4 7e fa 32 c4 38 c2 0a 89 ea 49 9d b6 2c d3 9c c5 92 8b 16 ff cd 7f 15 30 65 8e 4a ee 00 59 5f 18 e2 21 1c f0 54 06 e7 1e 4a cb 50 20 07 05 f0 f1 ac 15 ed 17 a1 8b 9b f6 b1 ff 86 18 3e 02 7b 65 c3 e3 55 e0 c3 26 23 11 b2 6d a8 d8 60 cf eb ee 97 bd 46 12 a1 e9 e0 ca 71 98 d1 12 27 89 e3 c8 3f 19 37 c3 70 49 88 6d e6 c5 1b 1e 39 33 d4 6a b5 54 9c a9 80 31 b1 5f 44 ed 0d 0f 88 51 d0 c8 f3 dd 73 4a 62 52 e7 3b 92 4e e4 19 5f da b8 d6 b6 2f 23 4e 5a 8b 64 11 16 5c e7 f4 23 12 92 78 90 e8 64 ce 06 0a 53 c3 cd 6e c3 6d 5a 30 ec 7b bd 5a 80 a9 0a 55 5c a5 c3 44 49 a0 43 07 82 63 84 00 61 80 3e 65 65 b1 a6 1f 27 e6 af d8 e2 8b d2 3b 18 7f f8 71 a8 4b 9b e5 dd 50 b9 1e 3d 2d be 87 9f 0f 1b bc 3b Data Ascii: 2S~rBI{~28I,0eJY_!TJP >{eU&#m`Fq'?7pIm93jT1_DQsJbR;N_/#NZd\#xdSnmZ0{ZU\DICca>ee';qKP=-;
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 80 ca 8c 1d 35 6d cb e5 ae 02 17 f5 20 c4 c1 52 75 f7 b4 8b 9b 1b d1 31 1b ad 31 e9 4e 31 0a a9 41 59 09 3d 40 71 17 6d 8d e4 31 43 e6 17 46 d8 9b 0f f7 6d ae 27 d6 3d 26 57 22 1f 22 b4 34 b0 1a 3f 7f 3a da 8e 2f b5 67 39 5b 6b d8 2e a4 e3 60 4e 1e b0 8a e0 4e 74 0d 74 2e 74 72 bb 50 ec 1c 7a 31 30 1b 3d 6d b6 f1 54 3f fb 06 cc e1 47 c9 1a ae 01 76 2a 3f 3b d7 26 0a 03 67 03 c7 2b 99 2e 71 e9 9b 9c 84 95 9c 2a d2 67 cd 54 73 cc ad 40 30 47 dd dd 99 1d e7 99 96 85 e3 e9 0f ca 18 f8 b1 b8 0a 6b b1 fc e8 3e 43 b2 0d cd e4 7c 5b 60 df 88 a8 d4 ab e1 d4 2a 27 ff 2f fa 0a 61 fe 29 7d 71 0c b9 fa a7 38 26 ce c3 7f 92 5e a2 c2 ec c1 6f d2 97 ee 0d e3 e1 85 a4 df 0e 81 f2 d0 04 e3 8a d7 e5 d9 78 e8 ec 6d d2 36 f9 5c 0e f3 56 c9 72 b4 59 5a f3 02 52 90 37 ea eb ba Data Ascii: 5m Ru11N1AY=@qm1CFm'=&W""4?:/g9[k.`NNtt.trPz10=mT?Gv?;&g+.qgTs@0Gk>C\|[`*'/a)}q8&^oxm6\VrYZR7
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: df fd 56 47 0c 35 21 3d 2b 9e a6 ec 26 09 fb 67 16 b1 a5 46 75 e4 ed e9 d8 61 d5 06 6c 04 f2 e6 be 7c 5b 4f be 5b a8 67 1b 07 40 69 9a ea c3 0c 8c 8e 1a 13 d3 d5 c0 85 d7 2b 02 5b 31 c5 34 51 71 e7 9e 04 b6 0f 92 93 ee 7b c3 7b 30 e1 90 69 4c e1 fb 29 f0 a5 31 67 72 99 d9 40 83 c2 86 27 b2 f2 6f 8a 8f 09 00 ea 97 bf 39 33 9b ff a3 86 e4 39 e1 59 b6 79 c1 75 6c 28 bb 89 5b 8e 96 60 2b 51 ca 4b 49 84 f9 57 74 02 bd ab f5 34 57 cf b5 32 f8 c0 fa d0 49 6a 5c 8d 12 b0 6e 2d d7 55 6f fc 59 a0 4b ea 47 3c 67 38 77 40 a1 ba 63 19 7d 99 51 3b b4 3d f0 53 0f 99 b3 41 13 c3 9d 73 79 99 e5 84 75 ce 8e cc 38 21 53 1e a8 c0 f7 8e 29 1f 7b 97 57 94 20 f0 2d 5d 59 85 1f 36 56 e6 ae 8e 78 6e fa 18 63 9d 30 66 7e 09 72 d8 ea 29 3b 61 48 e1 9b 53 9c 73 ec 8b 11 8c 30 97 37 Data Ascii: VG5!=+&gFual\|[O[g@i+[14Qq{{0iL)1gr@'o939Yyul([`+QKIWt4W2Ij\n-UoYKG<g8w@c}Q;=SAsyu8!S){W -]Y6Vxnc0f~r);aHSs07
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: f7 8c 6d 59 4b 1e 79 45 60 e3 5d ae af 74 18 8e 6b 00 62 04 c7 89 42 41 d8 b6 50 8b aa 15 df 3f dd 35 ae 5f 53 c6 b3 29 9c cf d9 e7 1c 0b cd c5 1a 05 9f ed b9 3e 89 53 6d 78 23 b0 d8 3a d4 6a 97 55 f5 39 8a 77 be e9 ed 07 32 17 7f 56 4a cd 68 e7 85 ff 5e 5b 62 9c a8 69 ab 91 ce 6d 4a 1d cb d8 3b 6e 4b 04 2c 9c e0 52 21 f9 03 04 e7 14 3f 39 32 28 37 a5 78 86 9c 09 8f 81 64 5a 7b 56 04 54 9b 43 c6 4d 48 9b b3 21 2b 0e 26 45 68 4c d7 e3 fa 8c 50 45 d4 22 ca b5 7c 37 c0 c7 5f 1c 5f 6c 71 53 ed 69 40 4c 05 61 e9 df f1 ab 5b f6 65 cc dc 4a c2 6c 83 8a ca 06 5c 88 4c c7 f8 27 c4 41 8c 2f 34 73 b7 0d 26 63 09 2d 1c 0d 2d 23 d6 db af c7 d4 3e 15 da d9 d9 1e e2 98 b6 37 b4 80 33 99 6e f8 e7 78 b4 3b f9 db c2 f9 b2 62 19 ca 8e c0 52 9b 42 e1 b8 65 35 89 4e 88 51 da Data Ascii: mYKyE`]tkbBAP?5_S)>Smx#:jU9w2VJh^[bimJ;nK,R!?92(7xdZ{VTCMH!+&EhLPE"\|7__lqSi@La[eJl\L'A/4s&c--#>73nx;bRBe5NQ

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
78	192.168.2.7	49820	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:38 UTC	1087	OUT	GET /5cp90J10ZQlw83zdlFAZSfBbjkN5XAsTpaRIbiRPfY5AnOgeU8fBI-_Ce_ekXlfVTJ55=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	535	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 28380 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13213 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	855	IN	Data Raw: 52 49 46 46 d4 6e 00 00 57 45 42 50 56 50 38 20 c8 6e 00 00 f0 89 01 9d 01 2a 0e 02 28 01 3e 59 26 8f 45 a3 a2 21 94 6a 3e 5c 38 05 84 b4 36 8a e7 dd 28 fa 5d 33 fe e4 57 59 dc 73 1a b2 1a b6 fe f7 82 18 0e 67 99 68 5a 33 22 7c 45 ff 13 a5 36 3d f5 df f0 bf cb 7e d8 7e 62 7c ca f1 bf 6c 1e dc fb df eb 8f cc df c0 3f e6 f7 01 f2 9f f1 fc cf fd 8b f8 ff f9 df e3 3f 2b be 63 7f be ff bf fe cf dd 8f f5 ef f2 df ee 7f 3e be 82 3f a8 ff 6e ff 99 fe 0f fc a7 ec bf d2 8f fb 7f b7 de f7 ff b9 ff c9 fc bb f8 1b fd 17 fc 6f fe 7f f4 9f f2 bf ff fc ca ff c3 fd af f7 83 fd ef fd c7 ed 2f f9 ef 90 2f ea 3f df ff f5 7a f4 7b 29 ff 83 ff 9f ff ff dc 2b f9 ef fa 8f fe 5e d2 3f f8 3f 75 3f ed fc b4 7f 6f ff 95 fb 79 ff 33 de 8b ff cf fb 7f 70 0f ff fe db 1f c0 3f ff eb 2e Data Ascii: RIFFnWEBPVP8 n*(>Y&E!j>\86(]3WYsghZ3"\|E6=~~b\|l??+c>?no//?z{)+^??u?oy3p?.
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: be e2 a9 7d 7d 3f 9e ac 8b a0 fa 62 56 f4 be 3f 2a 9a 73 aa 2d 1d f2 68 07 03 01 c6 f6 56 71 6f 8c 88 22 70 28 55 46 c5 38 1b 63 1f ab 34 bd 0a 08 93 26 1a 54 41 45 e9 9b 65 16 c9 06 20 c2 cd 8d 0f 33 49 cf 77 ec d8 f1 4c b4 0f 19 ae fc 0d 45 95 0d 43 fa 79 75 48 97 4c c9 d3 77 87 38 76 75 2e f7 9d 7b 0e 67 81 c4 3b 9e c7 44 fa 42 a7 2a 43 71 5a 8c 89 e8 7f ff 20 42 38 5e c7 ff e2 0c 71 89 3c 06 84 de 90 8d 4b 33 2e 96 19 fc 5c d0 3c 4a d7 28 c7 23 de ae 81 51 0b f3 c7 dd 23 4a ce 89 16 88 5b 73 40 69 1e f4 1e fe 60 01 a7 8d 04 00 86 3b 10 cb 43 8f 2a 0a c9 2a af 69 57 63 6f e2 61 70 77 e1 17 85 1e df 98 ee 44 43 f0 19 dc d4 c3 dd f3 64 0b f6 ac 02 32 85 b1 9a 44 9d 25 97 d4 83 da 22 19 e7 e3 f5 03 64 32 b8 cc 98 75 f3 c8 26 c2 18 62 e5 eb ce d3 14 a3 62 Data Ascii: }}?bV?s-hVqo"p(UF8c4&TAEe 3IwLECyuHLw8vu.{g;DBCqZ B8^q<K3.\<J(#Q#J[s@i`;C**iWcoapwDCd2D%"d2u&bb
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 01 8e ea 00 57 a0 d6 4e 0a f6 15 8a 28 8d 8b e6 3b 36 22 3d fe ac 44 a9 d4 60 51 bd 53 8f 2c d9 bc 6e c6 fe 08 be e0 af 0c c5 df 31 f3 d4 cf ff 5f 90 98 51 54 7d 59 9f cc 3e 99 91 f0 02 15 4a a6 86 38 27 d4 ff cc 95 09 c8 d0 27 82 a9 10 0f 9c c0 76 f0 59 fb 96 67 d4 b6 20 6f e4 fc 6f 95 e7 9a 76 bc 29 36 30 3e 01 28 9f b6 68 70 8f ec b8 f4 0d e7 b1 db 99 eb d1 f8 f2 84 63 fe 4c ad 64 49 ee 24 7e cb e8 b0 8a 4e 0b 36 56 71 f7 f7 1e 28 ef 5d 0d c0 db 23 ba 26 07 95 f5 7f 4a a3 d0 ca 37 74 ca ed 6d 0f 12 2c 5c c8 1c cb 42 1e b0 de 9d e2 bb 34 29 07 40 c1 56 c6 14 cf a5 c4 2d ff 03 cb d8 d1 d2 d3 47 85 e0 79 78 ff 40 dd 13 d3 b0 d5 72 fa a4 79 a7 8f 3c 20 cf 74 10 29 27 40 15 63 65 36 77 5b ac 8b 08 70 97 f1 e5 a4 c3 ec ce 34 28 42 d8 62 dc 8e 6f c5 bc 75 5a Data Ascii: WN(;6"=D`QS,n1_QT}Y>J8''vYg oov)60>(hpcLdI$~N6Vq(]#&J7tm,\B4)@V-Gyx@ry< t)'@ce6w[p4(BbouZ
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 14 5f 6e 9c fc 46 a6 87 8e 78 62 7b 5c d9 df fb 74 1b 9a cd a1 4c 98 20 7a 7e 4f 38 dc 8a 4c 81 57 e4 1f 11 f0 93 61 c0 5d 32 30 3d 9b 6e 22 2a 17 6e 03 14 a4 7f a8 c9 63 a9 2b 14 b1 f2 a2 19 1e a5 1d 41 8a 4c 72 73 95 3f 0c 39 37 58 0a b0 11 22 3a 71 fd 4e 2a 54 c9 9f 6c a0 ad 8e 71 d1 29 77 c2 bc 21 aa 89 4a 56 4e 27 2d 7a 86 54 b7 63 45 1c d7 34 31 ac ab 00 d7 bd c0 f2 25 f2 bc ea 1e 8d 07 ff dd 66 46 3b 0b e6 e0 5f ad d2 ad 7b bd 42 41 b0 f7 70 b9 4b 73 6a bc 7e a3 cb e4 f5 f7 5b 59 f7 be bc a3 c4 6f b3 0b 45 69 96 d4 73 0b da a3 50 d5 59 e1 06 8b 29 cf 48 1d a1 0c 05 27 f6 0e 21 44 bd 6a 25 2f 6c 9a 20 8d 5e 02 a1 cf 39 4c 81 f9 8f a3 d1 e4 4c dc de 89 b0 d8 04 37 af 09 7a 73 5b fd d5 a8 16 b7 cb 67 a7 bb 85 8a 91 b2 6b 65 52 89 0b 53 0c f2 0f 0e af Data Ascii: _nFxb{\tL z~O8LWa]20=n"nc+ALrs?97X":qNTlq)w!JVN'-zTcE41%fF;_{BApKsj~[YoEisPY)H'!Dj%/l ^9LL7zs[gkeRS
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 4b dd 37 96 9a 27 34 03 7b c5 bd 5a 34 ab 63 13 78 66 b0 df 64 69 ee db 8a ed c4 2c 1a 15 db e7 7d a9 94 54 28 cc 72 c4 23 67 68 06 34 47 aa 18 5b a3 5f 9a d3 d8 5f d7 b6 2e 2a 62 3c 58 d1 64 4f 81 7a 65 1c 80 bf 79 38 8a 16 97 2b 27 36 f0 d1 b2 6c c5 e9 3a 9f a1 23 4f f2 a2 5c f5 59 9a 62 0b 15 d5 1d 11 77 a5 01 ff 15 78 59 6a 3e c9 08 39 ac 8a c5 ab 88 f6 f3 27 37 c8 70 89 be fa 82 e5 96 35 d9 73 a3 6a 14 e3 bc 7e 27 05 ac f0 7b 95 c1 8c 27 c6 d7 d0 90 14 0d f8 69 cf 4c d4 7f c4 4f 3c d1 b7 e5 f3 75 e1 13 87 7f b9 ee 61 ea 75 7b 5e 4c f7 68 75 75 82 db a3 77 b7 e5 ac 13 72 2d c4 a4 8a 0b a1 a0 24 92 4f cc 56 80 57 58 8d f1 99 c4 e1 43 4f d0 f9 5b 91 30 f7 6e 5c 41 df 8a 2a 87 c2 b2 96 81 0c b7 68 55 30 c9 69 88 c5 cf 7d 5d 76 11 bb c1 99 f9 22 96 68 e5 Data Ascii: K7'4{Z4cxfdi,}T(r#gh4G[__.b<XdOzey8+'6l:#O\YbwxYj>9'7p5sj~'{'iLO<uau{^Lhuuwr-$OVWXCO[0n\AhU0i}]v"h
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 02 65 ad 89 ed ee 5b 23 8d 47 54 5e fd a4 b5 f6 66 0d 0a 8b 25 2c 09 5a 5b d2 99 b6 4b 3c 30 0f 67 aa a7 80 60 7e d9 49 d2 5b a6 cc 42 84 54 0a d3 85 9a 15 95 cc f9 a2 a8 64 8d 62 cd 50 09 8d b2 70 a9 5e 03 3a 53 ab fa 81 52 a7 ca af 1b 41 8d 81 c3 51 4f 35 a0 97 e0 c8 79 4b 53 6d c9 7e 82 93 62 a4 28 64 12 70 c4 06 ab dc a6 58 0d f2 00 38 12 25 00 2e 4e 64 48 ae e3 d8 18 15 05 69 c2 3c 30 f4 04 e0 7a 9b f6 37 2a 94 8d 7e 51 4e 28 3e e1 08 43 19 9a 3e 52 17 44 e9 47 c3 8c ca ce 2b 3c 81 15 f3 49 2a 72 ec cd e9 41 6f b1 f2 d6 8f 2e 58 60 14 c0 b2 d2 1f 07 20 d0 70 78 7b 98 1d 83 00 e9 aa 3d f5 1f e2 33 78 d1 f2 23 d1 ec c5 8b 59 f9 3f e8 73 12 40 d2 7e a8 df a1 48 59 42 41 32 0c 12 f1 84 63 87 19 42 e5 a4 74 6a 29 1e e9 8f 2f d1 3e 3d b7 54 78 65 ea 81 dc Data Ascii: e[#GT^f%,Z[K<0g`~I[BTdbPp^:SRAQO5yKSm~b(dpX8%.NdHi<0z7~QN(>C>RDG+<IrAo.X` px{=3x#Y?s@~HYBA2cBtj)/>=Txe
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: f6 be e9 d9 a2 ed b0 91 97 2a a6 a7 48 f1 fc 3c 7b 87 61 36 58 8c 14 6d dd 34 7a cc d7 d9 93 77 88 02 3f 5b 26 6f b7 0a 39 c2 de bf c6 2b a7 27 00 6e d0 0a 62 11 7e 05 ac 9d 0a 79 75 01 54 49 5a c8 00 2a 96 2f 4f a8 d7 25 87 b5 98 a1 cc 3a 81 76 e9 aa 2f 68 79 24 62 e4 0f eb 75 67 9e 44 f1 57 4b 74 61 61 87 cc 54 3e f7 97 f7 c6 3c d9 76 53 97 5b b2 76 b3 17 67 5f 71 d3 2a 8c 71 f0 6f f2 c7 cd 09 a6 f8 a3 8b e6 32 e2 cb 8f 6e 13 da 8e 85 8a 64 4b d6 f8 20 a7 11 17 62 c2 f2 18 4c e6 9d 40 8b 99 10 cb c2 a2 a9 4b 7b 22 3f 68 d4 48 58 ea 7c 38 9f 95 11 7d 17 11 a5 32 bd 0a 86 0c a2 bc c7 e8 8a d3 4a 00 8e f5 bf cf 43 e8 77 27 7b f2 65 7c 64 cd eb f6 7d 67 f1 4b 4f 59 ca e6 81 fd 3c 03 92 5e ef 97 5a 70 c1 8a 23 cf 5b 4b f9 bd aa dc d9 f1 3c 83 8e c0 56 b6 c5 Data Ascii: H<{a6Xm4zw?[&o9+'nb~yuTIZ/O%:v/hy$bugDWKtaaT><vS[vg_q*qo2ndK bL@K{"?hHX\|8}2JCw'{e\|d}gKOY<^Zp#[K<V
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 14 c5 1b 5d 40 af 2d fa 48 06 25 4c b1 4d 4e 84 80 80 62 2a dc c8 88 c3 25 8f e1 9d d7 61 25 de 7f 68 96 0d 73 fb d2 b3 b8 0a 2a 60 c5 ad fd 94 9a 77 cc 30 44 ef 76 3d ff 66 d8 14 d8 4b ab b9 48 d7 3a b3 79 f6 ba 6a 40 59 d6 60 dd ff aa b1 5f 37 7c ee 5b df bb 67 04 29 ee 29 52 ca 14 59 21 76 2a 84 cf 39 88 f7 0d 76 01 c3 c5 82 77 76 1b ff eb ac 03 22 a2 5a b8 32 45 c6 e1 4a b7 b5 1c 46 40 07 01 a6 02 99 dc 8d e9 d2 5a 33 6f 88 dd c1 2f 1c 78 42 b6 ab 93 e2 f2 5b f9 25 43 fc 35 50 20 c3 06 bc bf 34 9f fe 6c c4 9f 4b 0f 17 90 f2 60 13 b1 e4 c2 20 81 bb 85 aa 8f 09 cf ad 0b 0d 91 2a 41 26 0c f4 db 25 8b fc d3 94 8f 08 d7 ed 8d 80 fe e4 77 24 28 be 3b 12 a0 03 5b 24 1d ab a8 92 d0 62 e2 bc ba de 63 01 7d 3b 1f 1b 2d 36 e4 b1 35 79 bf 54 e6 02 46 a8 17 86 33 Data Ascii: ]@-H%LMNb%a%hs`w0Dv=fKH:yj@Y`_7\|[g))RY!v9vwv"Z2EJF@Z3o/xB[%C5P 4lK` A&%w$(;[$bc};-65yTF3
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 04 90 55 40 03 ca 9b 5d d1 28 ee 04 6f 68 ff 5b 25 2f c3 2e 66 3a 30 1a 56 45 74 97 8a 8b 69 41 7e c2 cd 7f 54 2b 18 45 5b dc e0 15 b6 e1 50 d0 2f 1e 0f b3 17 00 73 25 13 8a 26 f7 ed 2a 57 a4 0d 67 f4 5b 09 07 b5 70 e4 9a 62 8f be f8 3b 0a a9 30 11 2c 78 27 33 87 6c b0 88 0f 13 06 4f 3c 41 5c f4 b7 87 1e 07 56 6e 9a be a2 13 96 5d 38 9d f8 10 f5 e8 0f 2b 4d fb d2 85 85 6f b0 f7 39 da 6f 8d ae ec a8 f1 5d 57 92 44 fd 5c 33 59 53 c1 98 3e b9 8f a9 ff b1 14 da 55 ea bd 4c 4c cd 9c b3 79 05 f9 be f0 a0 2b fa 55 89 2c 9c 65 05 fd ee d1 bb b7 f6 16 05 82 82 2b 79 e5 64 8f 8c 8f df d6 56 aa f7 4a f4 e0 c4 bc 33 78 69 70 67 25 b6 bc 5b 6b ec bb 6f 68 68 bc 94 25 04 7c 99 73 d1 03 56 d9 3b bd ba 0e 17 5f 30 bc bf 08 fc 6b 95 45 ad 2b 08 cc 02 1d 1e 9d 5a eb c3 d6 Data Ascii: U@](oh[%/.f:0VEtiA~T+E[P/s%&*Wg[pb;0,x'3lO<A\Vn]8+Mo9o]WD\3YS>ULLy+U,e+ydVJ3xipg%[kohh%\|sV;_0kE+Z
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 62 ea 31 c8 0f 02 13 f0 e5 0e 71 1a 01 44 0a 42 93 40 56 35 b7 ac be 6f a7 f9 b9 b7 74 0f 42 ae 98 e8 7f a7 0e 08 dd bf 30 39 0e cf 56 a0 75 5f 5a e9 3a f2 01 d7 5c 1d 25 1f bd 5e 39 55 f9 b8 85 20 8c ee f9 3e 76 91 c9 c4 11 2d de 75 ad e1 3e 30 84 72 84 6d 2a eb 7d 95 08 69 50 50 72 68 49 e6 e0 e3 53 74 68 47 0c a3 3b d6 17 2b 71 03 a1 73 66 52 39 ef dc 11 0a bb b7 ad 5e f3 82 00 06 a8 a6 ee a2 6a 23 28 7d 17 fc dc e9 3c ff 28 53 97 be a9 aa 67 66 32 45 da f2 97 8d 00 f1 c7 8a b4 03 29 44 61 41 1c 59 d4 11 60 64 c3 b3 b1 c1 42 af 4f 93 2e a6 67 f3 40 9f 8a 1e 2b 08 47 a6 40 5d fc bf 7b c7 e7 61 aa bc 4d a2 84 62 0b 8a 8b 37 1b 9f 4e 08 73 3d f6 40 2e 14 40 da 6c e1 6a 7e 57 5d 9c 30 a3 2c d1 e5 3d ff 88 a7 16 66 f9 33 0d 5b f0 06 72 da be 01 10 44 ca 6b Data Ascii: b1qDB@V5otB09Vu_Z:\%^9U >v-u>0rm*}iPPrhISthG;+qsfR9^j#(}<(Sgf2E)DaAY`dBO.g@+G@]{aMb7Ns=@.@lj~W]0,=f3[rDk

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
79	192.168.2.7	49817	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:38 UTC	1080	OUT	GET /metlPQbcsgsGldn5bJXm86AwhehBEosXGFuF_Yb5m9ub2M3Hp5-1Kc72ISMCKnCIS44=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	522	IN	HTTP/1.1 200 OK Content-Type: image/webp Vary: Origin Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length ETag: "v1" Expires: Sat, 28 Sep 2024 23:47:39 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Date: Fri, 27 Sep 2024 23:47:39 GMT Server: fife Content-Length: 8406 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	868	IN	Data Raw: 52 49 46 46 ce 20 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 86 20 00 00 2f 3f c0 0f 10 4d 28 6c db b6 4d c2 56 92 2e 37 a2 ff c1 8b a4 d4 c1 85 6a 87 fd e0 d9 ec c0 71 ea 01 38 06 e8 63 60 09 8f 24 7d fd 05 db 48 92 d4 8c 58 f9 07 a4 30 64 32 f3 93 85 71 30 8e 6d 3b c9 4d 82 bb c3 ca e9 bf 16 2a a0 00 97 25 93 05 23 49 92 4d cd ea 1b f7 bf d5 5f 59 fd 6d db fd 0f 32 86 6c f0 4d 3b 50 e1 5c de 89 0d b9 e0 7c a2 ce b7 2d f3 4b fb e2 80 f9 b1 ed 40 df 32 27 c8 ca f3 fa 67 81 81 ea 02 98 9e 4a ab 44 96 b0 11 1d 31 fa 85 1e 01 e2 b1 8e 48 8f 14 e6 f3 90 5f c7 b5 58 10 07 60 9e 88 bb 80 eb 18 49 40 81 c5 80 70 a8 f6 e8 f0 54 eb 7d 82 30 0f c0 16 2f 7f 39 e8 ba 5d 6b 90 e8 39 03 04 fd c2 27 82 aa 59 aa 1a cd 18 0a da b6 Data Ascii: RIFF WEBPVP8X??VP8L /?M(lMV.7jq8c`$}HX0d2q0m;M*%#IM_Ym2lM;P\\|-K@2'gJD1H_X`I@pT}0/9]k9'Y
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: ca ee 3d b3 87 07 0f 86 70 80 f6 ec e9 89 f1 f9 fc 44 33 e3 c6 32 df f9 ae c4 8f 14 27 6c 59 7c fd fe 44 fb fe 3d cf df fd 99 a4 c8 90 30 51 1b fd 55 d6 c2 1a 48 5b 6b f5 3f 54 5e 41 3a a2 02 74 4b 08 94 92 3c 90 86 a8 84 20 05 8a 58 24 21 2e 88 dc 20 90 d3 99 15 5c 7f eb 4c bc c4 57 be 32 9f 7d f4 dc ee 49 2e e0 07 52 fd d6 c6 af 4f cd aa 80 fe 51 8f 25 56 70 66 46 18 13 b6 13 16 db c4 f4 b6 f6 3c 2c 67 f6 82 9d 27 0c 87 f2 01 5f 7b a8 ff 61 c0 07 6b af 57 a7 fd 3e b0 73 cb 2e a9 bc 30 3a 90 83 f5 53 ac 19 1b 53 92 74 8d aa ea 32 06 59 be 31 c1 14 21 d0 95 81 54 92 17 98 56 0b 56 61 11 82 8c 91 20 06 38 55 66 7e ce 5c c9 6d f9 cc 55 af dc 74 4a 35 08 f1 d8 87 e2 d2 58 68 d1 e1 ec 62 11 28 03 00 62 61 46 b6 53 e6 33 d2 71 ea 94 87 1d 53 1a c8 ac cd 10 13 Data Ascii: =pD32'lY\|D=0QUH[k?T^A:tK< X$!. \LW2}I.ROQ%VpfF<,g'_{akW>s.0:SSt2Y1!TVVa 8Uf~\mUtJ5Xhb(baFS3qS
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 65 bb 97 f8 2f 93 5e 3b dc 3c f9 5b 73 9d f1 4d f7 1c 07 2f 71 08 71 c9 1b bb 6e 7a e6 b2 13 cf e1 8b 2b 73 1b 5f c2 11 24 56 9b 1a 74 18 30 3b 05 3e cc ae 59 05 b7 55 ab 0e 51 04 22 90 72 a5 dc 37 40 03 93 d5 40 59 26 a8 5b ba e6 1a ec 50 16 0a ef df 3f bc d4 2b e4 7d ac cc 4c 11 da 04 61 42 00 b4 08 00 04 20 86 91 da b6 d0 0b 52 b0 41 a4 4f 21 75 7a f5 d3 0f d8 bb b1 9c 2e b5 71 7d 9c 77 f9 61 9c 5d af 59 cd d2 16 95 89 ab 0e cf 39 2d 0b 67 bf 72 95 5d e9 76 3f 8c 01 35 56 59 a2 64 f0 40 a1 81 18 75 c5 d3 61 e7 96 6f 71 e5 3f 00 29 10 01 45 ca 44 93 19 21 dd 5a ca 2f 09 40 42 a7 62 44 fb fb ec b3 5e 78 3c 52 4f 29 1a 9c f1 37 fe ec 17 cf 3b 4e 51 48 89 d3 40 2c 9e 02 a4 d0 21 82 88 40 00 22 08 12 69 3a 6f d7 aa 09 de 3b bf 70 fd f4 82 5d 55 98 1c b4 4d Data Ascii: e/^;<[sM/qqnz+s_$Vt0;>YUQ"r7@@Y&[P?+}LaB RAO!uz.q}wa]Y9-gr]v?5VYd@uaoq?)ED!Z/@BbD^x<RO)7;NQH@,!@"i:o;p]UM
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 70 c2 51 0d 0a 16 7d 08 24 50 84 5a 18 a9 62 48 59 53 9b ba 07 ad 25 2b 86 d4 7a 62 b1 48 80 08 2c 9c 36 4c 25 a3 b8 e0 82 43 2d 31 f9 4f e0 18 7a f3 6d bc d8 fd d1 8e 58 63 c7 72 dd 63 9e 16 02 05 96 42 69 7a ff 66 32 6a 5c 80 57 33 da 3c c6 a6 d0 56 fe 81 27 e7 bd cd 9b df bb fb 5d 4a 0d 23 96 d8 dd 80 33 48 5a 52 92 87 3f ee fe 89 33 56 5a 04 96 80 27 06 8b ac 64 04 63 60 59 22 c5 ca 16 50 30 80 c4 42 e7 c6 c4 d6 99 10 b4 53 d5 e4 27 6d 84 0f 3f 72 e0 9d 83 3a 05 40 0e cc 03 69 30 46 70 65 ba e0 f4 0b 55 b4 6f 41 3a 94 71 5c 72 e4 fe ca 70 7f 27 9d 40 06 5c e1 84 3a 7a 3c f8 c2 8a 35 5a 83 31 e4 d7 73 d4 ed 40 ff e7 72 6a ce eb 7f 7a d5 9d 4f fd d5 be 87 f8 36 60 87 83 c6 39 5f cd f3 fe dd e4 8d 00 b7 80 50 62 24 02 90 93 1c 68 58 c1 22 27 32 dc 8e 2f Data Ascii: pQ}$PZbHYS%+zbH,6L%C-1OzmXcrcBizf2j\W3<V']J#3HZR?3VZ'dc`Y"P0BS'm?r:@i0FpeUoA:q\rp'@\:z<5Z1s@rjzO6`9_Pb$hX"'2/
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 89 44 11 c5 23 7b 60 8f 4c 20 4c c5 a8 d3 e1 20 22 aa 19 80 00 11 4d 37 31 c0 43 3c 40 3e 4e d4 cb e8 36 cf 74 8b 0b a6 32 fa 16 47 4b ee eb d1 65 82 41 4c d3 79 ef 15 75 ef 67 5f 3f e3 82 b9 9f 95 b3 31 71 91 13 32 82 02 21 8b 5b 12 08 a6 43 f1 10 61 91 5d ba ba d6 e6 71 1b 4a 4d 88 47 36 08 92 4a a6 e2 74 83 09 0f 71 65 69 63 36 86 6e b7 40 e5 a1 f5 a1 12 05 c2 09 88 14 24 46 8e 19 7b 20 37 12 83 c8 a8 46 d0 2a 00 1e a9 1d 16 41 44 6a 84 b8 a6 29 b1 32 67 76 a3 dc 14 5e 49 ca 8c 82 79 66 87 4b 3b ba e4 ca 25 ba a6 29 bd f5 8d cd 7b ae 7e cf 5b d6 f6 77 36 51 11 10 19 89 2c 3f 3e 90 4c 57 b7 df 52 f9 93 3a f9 a4 cb 0b b3 5b 3c 51 9e 3a 3c 27 ac 57 aa 4d 5e ae c2 d4 38 24 95 e2 1a 49 8d b4 56 da 58 d2 06 1b 03 27 2b c0 de e9 62 e7 70 58 00 82 01 34 98 cc Data Ascii: D#{`L L "M71C<@>N6t2GKeALyug_?1q2![Ca]qJMG6Jtqeic6n@$F{ 7F*ADj)2gv^IyfK;%){~[w6Q,?>LWR:[<Q:<'WM^8$IVX'+bpX4
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 51 57 a1 34 a6 03 75 46 ce d9 ad 90 2b b5 ac 13 6a 93 51 95 60 59 d7 dc 70 2f e8 60 49 36 d5 25 b9 80 23 11 da 1a 5f 47 b6 1b fd 78 82 d7 ae 1a 75 bf 6d 9a 13 41 ac 78 b4 1a 3c 73 c9 3b 97 1f c5 79 8f 6b eb 4f f4 2b 3f b4 6f 41 15 33 0a 11 04 cc c4 d8 e4 d9 78 98 fb a3 f2 75 d4 75 d8 ca 51 1b f8 b8 22 b7 04 9f a6 99 5e 97 23 d4 e4 50 bb fe c1 ad 2b b6 a6 05 4f 93 7e a0 36 03 10 c4 c9 8d e3 5f 3d 4a 32 0a b4 39 0b e5 18 0a 9f e9 f5 e3 72 eb b4 89 10 77 f3 7a cb e3 e8 91 0a 04 6e 67 36 4a 87 0d 3d 72 42 9b 95 f3 f6 57 8f 46 ff 8a 72 4e fa 27 1d a7 3a 7d 6b 0b 2f c0 ad 3e b8 cd 92 aa a4 2b 84 63 1f eb 8f 8e 8f 8f 2c 74 41 02 00 90 6a 42 47 9c 54 6c 31 49 43 22 28 8a ed 9c a7 c9 7c ac df bb ad 8c 96 f5 d6 3f f0 c2 af ad f7 4a f5 49 5a a5 40 1d 44 06 25 c0 25 Data Ascii: QW4uF+jQ`Yp/`I6%#_GxumAx<s;ykO+?oA3xuuQ"^#P+O~6_=J29rwzng6J=rBWFrN':}k/>+c,tAjBGTl1IC"(\|?JIZ@D%%
2024-09-27 23:47:39 UTC	588	IN	Data Raw: 2a c3 8c ca 2c 0c a1 26 ea e5 0e 2c dd e9 f8 cf bb cd d3 ab 87 f0 bf f3 e3 a1 d5 e1 b1 37 cb e9 0a 35 47 22 5a 83 11 1d 70 98 a5 2f d0 65 ec df 71 eb 64 f0 ee bd ed ed 8f b0 7c 73 f6 97 ef f5 7b c1 dc 52 7b 39 3d 19 1a 13 ab 5a 6b 39 24 4e 6a 02 56 d6 ab 98 eb 9c 2d f4 36 9b 83 da 95 31 83 56 d6 06 66 cc 4b ac 1a af 8b fd 80 25 d9 dc 46 67 01 9a 08 2c d0 c0 b0 02 33 0a 03 a4 52 56 c4 c5 0e 8c 6f f7 d3 9f 2c ad 3a ef 0f 23 f8 5f f9 e1 f0 ae 62 74 b5 28 b5 a8 ab 4e d5 37 16 0c a1 e1 6a f3 0e 7c 29 5e b9 eb 81 6a a9 ce e5 c1 d6 85 71 bd fe 2c a9 1c db 3f 7d e1 98 7a ea e7 5a 73 59 53 4e 96 6f 01 07 87 60 9a cf 81 bb 85 de 64 bd 21 bb 57 55 8c ca 18 01 6c 5e 40 2a 96 73 03 80 e5 32 cf a3 33 45 53 06 81 02 05 8b 16 8a 36 ac 0b b2 82 ac 6d f2 79 7e eb 4e 9d 97 Data Ascii: ,&,75G"Zp/eqd\|s{R{9=Zk9$NjV-61VfK%Fg,3RVo,:#_bt(N7j\|)^jq,?}zZsYSNo`d!WUl^@s23ES6my~N

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
80	192.168.2.7	49818	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:38 UTC	1081	OUT	GET /xFT8o4tZjHkrDeLOh3fJsAQ5y0ZD7JJz6tWa_bOU-kU9H_D_iKILb4XAvMfhmSYWXV0F=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 1906 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 21:31:17 GMT Expires: Sat, 28 Sep 2024 21:31:17 GMT Cache-Control: public, max-age=86400, no-transform Age: 8181 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	857	IN	Data Raw: 52 49 46 46 6a 07 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 20 22 07 00 00 30 20 00 9d 01 2a 40 00 40 00 3e 69 28 8e 46 a4 22 a1 21 3b fc 88 00 80 0d 09 6c 00 9d 39 41 7e 01 c5 b5 01 39 4f e3 d7 e5 1f c9 15 4d fb 37 8e 6e 86 39 9b cb 33 9c 79 c7 79 80 7e 9d fe a3 75 aa f3 01 fb 47 eb 1b fd 57 d4 a7 d2 07 c8 07 f3 bf f5 5e 91 de c0 1e 80 1e 5a ff ba 5f 07 1f d9 7f e0 7e d6 fb 46 7f f4 bc b6 fc 07 82 be 3c 3d 89 26 33 87 fa d0 8d f6 4d 6c 2b c0 d5 94 f8 97 d2 35 34 4f 1b 9f 55 7f e3 f7 05 fd 61 f4 cc f6 11 e8 97 fb 2c 55 19 9a f7 29 cf 37 78 94 c6 bc 39 e0 6d 89 aa e4 32 e4 f0 e4 01 cc 07 68 81 d1 00 4a 28 82 48 6f 07 3d e7 26 4f bd 94 21 a7 e1 90 b1 5a f4 06 51 9b 28 68 ed b7 2c 80 90 f3 95 e9 dd 7c 89 c2 1e dd 5b 11 Data Ascii: RIFFjWEBPVP8X??VP8 "0 *@@>i(F"!;l9A~9OM7n93yy~uGW^Z_~F<=&3Ml+54OUa,U)7x9m2hJ(Ho=&O!ZQ(h,\|[
2024-09-27 23:47:39 UTC	1049	IN	Data Raw: 4f 00 ea ca 00 49 05 7a 3c 82 4a eb 16 f7 80 88 dd be fe 9d a2 2c 8e 59 55 4f 94 7e 97 b8 64 70 bf bf d5 08 ae 68 3f cc f0 ce 3e d0 a6 a3 4e 3d e9 01 d6 58 69 2e cf ea d7 85 ba 7c a7 6c 1b 41 ac a5 0f a3 25 09 c9 eb 8e 33 5c c8 95 ea f3 52 56 dc 75 80 b0 2b 0d 85 f7 fc 35 ec fe 5f dc 0f a9 ea e4 07 19 7e b9 fe 1c 68 a3 13 2f 51 5c 10 ec 2d 75 79 54 87 f6 02 ee fa ce d8 33 c1 de 87 74 31 af 7d b7 96 fd 5f 86 03 1f ee d2 c9 d7 0c e4 2d 95 9f 8b 58 a8 8a 74 a8 a2 79 74 cc bc 5a e5 09 bd 5b b5 b7 78 fd a6 25 99 79 55 3c ef 51 7e 1b 6b f5 c4 fd b4 72 73 9a 61 61 b7 b1 53 19 b3 aa 4d 9a 35 0b f3 95 cf 4f f1 f8 f7 19 93 5f 8e 5f 45 f0 44 0a e9 5f 7a 2d f5 97 ef db e7 75 66 06 9f 7e 20 c6 3a d4 13 8d 7a b1 d9 bd 69 66 4e 95 9e 30 20 3c 28 b2 ed 5a b7 f5 30 ef 32 Data Ascii: OIz<J,YUO~dph?>N=Xi.\|lA%3\RVu+5_~h/Q\-uyT3t1}_-XtytZ[x%yU<Q~krsaaSM5O__ED_z-uf~ :zifN0 <(Z02

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
81	192.168.2.7	49821	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:38 UTC	1080	OUT	GET /-NOBBNOtTJ2HI7t9Sy-lx2z9qXaGUI1vCxvB_F737ygDv16b4UY7UqRic0KUwBRy9CA=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	534	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 7952 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13213 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	856	IN	Data Raw: 52 49 46 46 08 1f 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c bf 1e 00 00 2f 3f c0 0f 10 09 06 6d 1b 49 5a 4f a5 fd 97 3f e1 3b 0e 11 fd cf 77 34 47 9d d6 a8 aa de bb 4f ef bd 63 ad 44 4f d6 43 92 3a 3f 04 0b c6 91 64 2b 19 dc e1 db d1 05 f2 0f 8d 33 45 20 ae 23 d9 56 a2 c6 09 81 2f 8a fc 03 73 5d b7 5b 5b 0c 1a 49 52 54 c7 f0 68 80 3c bc 7f 6b 9f fe 07 00 62 94 ac 44 da c8 c3 fe 36 12 05 9a ec 55 ab f7 8c f4 b4 6d 8e 91 e3 de 23 b6 2b b5 cb bd bd 97 00 d9 ab de 1e ff 33 7e 45 62 7a 02 08 9b ff 9e 31 72 4c 87 31 4d 5c 00 f5 e9 79 8a bd b8 1a e3 fb f7 eb 95 c4 49 d4 84 5f 04 71 6f e2 59 cd dc 78 16 31 36 f1 8c ab fe 99 c0 f9 72 be 1e 8f f3 ff 2f 76 1b db da e7 d7 bd 40 2c 99 05 31 5b 0a 33 33 33 33 f3 30 33 87 99 99 Data Ascii: RIFFWEBPVP8X??VP8L/?mIZO?;w4GOcDOC:?d+3E #V/s][[IRTh<kbD6Um#+3~Ebz1rL1M\yI_qoYx16r/v@,1[333303
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: d2 b9 76 0b 2e b9 71 bb 05 3f 00 34 01 be 02 ba 30 53 80 99 01 1f 58 13 d0 ac d9 1b a3 68 84 32 28 3a d4 ef f2 c6 f2 03 98 47 e8 8a db ec 1f a4 da c8 8a 7c 4c 8a 0d 7c ce 8d e0 dc cf 49 cc e7 dc a8 b9 20 c6 21 b3 b5 cb ca 8d 2f 55 a7 48 66 98 51 19 33 dd 76 36 7f 6e 84 35 2e 7c ed af 8a 76 72 f9 ff cb e3 33 93 b2 92 95 20 a3 5d ce da cd 56 2e 25 1d e7 64 b1 cd e5 fe ea d3 4e f8 e7 45 3e c0 80 57 31 0d e0 42 ec ae 88 5c 2f f5 a0 ce 41 c5 8b 2d 5a de 29 40 a9 4d 97 64 a9 14 a8 86 fc e5 80 cf 06 04 60 32 d4 d8 c8 e1 81 d7 9f 2f 5d 94 1d 01 89 f9 cd df 54 f4 ec 98 b1 72 a7 3a f7 42 6d f4 f7 be 30 a3 1b 5c a0 bf 71 d0 e8 17 e4 6e 2c 5a f1 d2 a7 e0 3d be 79 6a b9 b7 27 bb 7e 3d 8a c7 03 f9 4b 01 4b e4 c0 bf 68 dd 77 1a 01 73 dd 57 e4 b2 27 bf 46 96 e3 82 7f 1a Data Ascii: v.q?40SXh2(:G\|L\|I !/UHfQ3v6n5.\|vr3 ]V.%dNE>W1B\/A-Z)@Md`2/]Tr:Bm0\qn,Z=yj'~=KKhwsW'F
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 4f 21 da 7d 61 ce 38 fd 9f 56 3b f0 12 e1 76 aa 74 7b 4b a0 2e 7c a3 72 b2 a3 ba 99 0b a5 b9 6a 45 21 70 9b 5a 97 b3 ab 3f 89 c4 45 a3 71 d5 ec 3f ac 7d f7 0f ba ad 79 96 04 51 92 10 3d 66 03 53 5e b4 1e 1f ee 30 a8 cc 3f 5d 62 2a 20 03 03 31 4d 02 4a 2a a8 dc d2 2e 7a f7 0d 5f 6c 40 9b 0c cc 06 86 ce e0 2d 17 fe 53 49 3b a7 90 15 bf 35 18 f1 9d 72 94 45 c7 95 49 f4 df c4 27 98 82 bc 0b 97 3d d6 0d f8 db 64 c4 ff 27 ad ae 47 c6 65 9d be 7f 25 29 2b 00 20 a9 13 45 a8 97 89 da d1 b7 6c b8 ab f9 23 dd f7 ee 54 50 2f 11 05 a4 45 d3 0d 17 c3 02 48 04 ce 34 97 1f b5 8e 9d dc 97 a3 37 df b0 ac 47 1b 2d 65 03 eb 77 49 07 13 c7 40 e6 98 39 60 52 d2 ba 41 13 c9 ee a3 47 1f 16 86 99 d9 40 be e2 27 e9 33 bd d3 25 5b ef f3 9e 07 bf 08 7c c0 97 b0 7e fa 5d 67 bf f0 07 Data Ascii: O!}a8V;vt{K.\|rjE!pZ?Eq?}yQ=fS^0?]b* 1MJ*.z_l@-SI;5rEI'=d'Ge%)+ El#TP/EH47G-ewI@9`RAG@'3%[\|~]g
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: d6 86 a4 d4 47 44 72 2b c8 aa d3 e6 ff d7 6a 2b ee bb 86 21 eb de 02 ca bd 72 5a a9 b2 9a 53 dd a1 fa 11 ff 2f 6c 89 52 26 94 95 a0 4c 81 e7 63 08 72 5e 52 93 44 37 69 cf 4d 20 32 a7 2b d1 b4 82 6e 22 68 9d 6c 95 6e 3c e4 d2 f6 d0 b9 cd d2 11 1b 79 b9 2c 30 1c d7 6a b0 a0 dd c0 a4 79 4f 45 c7 a7 ec a1 81 3b f9 d1 5b 06 1d 5e 00 93 a5 75 d5 f9 c5 3e 01 17 01 c6 24 d9 c5 b7 9c 96 0f c8 e6 b6 72 5b d6 97 5e 5e 89 49 7e c3 71 4d e3 d8 22 1a d3 0f c6 cd 2d 3b f4 c9 73 5b df 65 22 96 88 c8 a0 ec b1 28 b3 26 11 4f 93 f6 b4 ab 11 70 93 3a a9 5f 7c 4e 13 4e e5 92 9a d6 d0 6e 0a 12 65 a8 72 fd 61 97 be 27 39 2d ca 73 92 5d ed d1 63 6e af f4 32 bb 0c b4 27 ca c1 91 39 21 c9 52 b6 d8 18 42 a5 1e 14 24 c6 05 30 80 34 8c 64 57 98 42 57 95 fc 18 09 b4 fb f7 e3 6c 6e cc Data Ascii: GDr+j+!rZS/lR&Lcr^RD7iM 2+n"hln<y,0jyOE;[^u>$r[^^I~qM"-;s[e"(&Op:_\|NNnera'9-s]cn2'9!RB$04dWBWln
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 93 16 c3 10 05 85 17 27 72 87 cb 78 ea e8 6e 6e 99 c0 85 97 1f 10 95 63 36 4d a2 24 8f 79 eb 64 db b5 1e 81 cc 90 d9 a8 0c 95 a0 3a c8 4e 9e a5 56 d0 04 2a 50 8b 10 72 61 66 32 a7 b5 fb fc c8 3b 1f e7 c5 f4 09 8f dd 4a 61 cd 4e b0 6f 1f 3b bb 29 7e ab 6c 7b fe a2 7b a7 91 51 1f a1 e2 ba 85 aa 23 16 5c b8 e5 9d 87 1a 36 98 d1 12 30 f7 aa 38 e5 ca 38 ac 10 c0 d0 bf 08 0e 71 6c 5c d6 fe 03 08 00 0b 60 20 b3 36 15 bb 13 d5 3a d9 8a 6c a1 5a 7c d8 99 41 25 83 36 f8 0f 74 40 82 4e 24 08 a7 59 33 13 c4 c8 3b 1e 93 64 ed 25 3c ad 09 b0 05 3a 80 dc 72 91 69 81 40 aa f3 8e c5 36 2f ca 1f 2c 8b 13 26 64 a6 bc 99 18 78 ec 88 a8 20 1c 1f 9f 21 8a de 2d a5 9c a7 47 c1 ef b6 29 2b 96 8b 01 47 86 5b b8 11 88 10 8c 16 95 ad a0 75 68 e5 c7 3f 76 1a a8 59 46 29 90 02 3a 90 Data Ascii: 'rxnnc6M$yd:NV*Praf2;JaNo;)~l{{Q#\6088ql\` 6:lZ\|A%6t@N$Y3;d%<:ri@6/,&dx !-G)+G[uh?vYF):
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 7a 2a 26 1c a6 7b 15 6b 0d b8 06 64 26 eb e0 32 8f 61 b3 9d cf 73 f5 d2 c3 56 5a a8 4d 5f 6a 34 d5 73 ff 7f 18 71 ec 07 10 eb e2 e3 73 90 e6 ce b4 2c af 3f 71 d1 e8 87 dc b5 3b 27 99 91 e0 b1 5d 33 ff da 0f 39 77 fe 7b ad b5 04 be 61 77 17 3f 34 9d 5b 6e 01 8d 45 55 eb 9d f7 ff 90 a8 37 c2 8e 80 77 20 14 5b 23 ec 8d fa 6e d1 03 85 5f 98 bd 10 81 ac 3b 6b 1d 40 6f 87 c2 45 5c 66 2e 23 65 a8 2c 7a 26 6e b7 61 ab f3 e9 25 70 7f 44 e2 06 02 1e c9 7d 14 93 3d 06 eb 31 60 db 07 5b 57 2d 6d 22 b3 ba 39 6d 77 e2 94 63 f7 89 82 d6 f5 2e 18 f2 ea 99 30 8d 41 b3 c2 1c e7 ef 93 e3 03 43 ae fc 4a d3 e7 5b da b5 f2 ea 7d 2c 1a 13 43 6a a0 30 7d 66 bd 30 ad 0f e6 d6 3d 50 1a d6 45 21 1a 04 3a 54 1d 08 a3 ab 96 61 62 02 1e 5e f4 aa 8b 0e 19 b2 3d 02 b5 62 eb 85 bc 53 5f Data Ascii: z*&{kd&2asVZM_j4sqs,?q;']39w{aw?4[nEU7w [#n_;k@oE\f.#e,z&na%pD}=1`[W-m"9mwc.0ACJ[},Cj0}f0=PE!:Tab^=bS_
2024-09-27 23:47:39 UTC	146	IN	Data Raw: 46 14 b0 76 ba c4 2e 02 22 62 8a 4c 49 80 4f cc 19 cf 5d 98 00 7c 3a 89 61 10 83 09 75 87 e8 0a d1 44 a8 1e 10 9a 80 d6 24 87 88 28 75 a8 9b a1 e6 36 6a b6 c9 76 0e 39 d2 a2 b7 58 10 d5 52 41 54 0b 05 78 55 00 56 00 2a 00 2f 40 14 9a 58 eb b8 07 c8 10 65 c0 7f 82 ef 3f 0f f1 12 f0 08 70 03 70 97 f9 1b 31 62 00 45 58 49 46 22 00 00 00 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 50 69 63 61 73 61 00 00 Data Ascii: Fv."bLIO]\|:auD$(u6jv9XRATxUV/@Xe?pp1bEXIF"II1Picasa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
82	192.168.2.7	49819	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:38 UTC	1079	OUT	GET /mvFrMMdovquq71B-ta-JVKBdw4Zbs2RmPxe8EVFyGiXAtHAm_p0x3940NqDmFGk6vg=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	534	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8458 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13213 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	856	IN	Data Raw: 52 49 46 46 02 21 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c b9 20 00 00 2f 3f c0 0f 10 4d 38 6a 1b 49 90 d6 d5 f7 cb f0 47 7c 20 22 fa 1f 2a 78 9f bf 3b 4b 96 b1 bd 54 db 23 b5 3d a7 fa 91 ba 05 a3 48 92 14 55 ec fb 44 ac 7f 41 f7 62 66 66 6a 1d 6c 23 49 72 d2 af 50 36 71 50 e4 1f d1 5b 28 4b 53 0c 24 49 32 34 ab bb fb ff 0b eb 6c db fd 8f 49 9f 20 11 57 88 50 c0 45 84 4c 49 f7 e1 c5 1b 21 42 74 12 80 fa d2 09 1d c0 64 ba 0a 6f e1 01 90 11 64 b3 13 76 e6 b9 8b 61 89 2b 09 90 45 b1 76 46 a6 2d 7e 62 3e 00 15 ff 26 93 34 9f dc 0c e9 23 9b 8e dc a8 b9 ad 28 f9 39 e4 f3 49 ff dd df e3 bd b6 7b db 44 b7 70 04 50 92 c9 2f c2 35 6d db 22 39 72 de 2f 33 2b 0b ba aa 49 d8 2d 66 a6 01 8d d6 a3 95 86 99 99 99 99 99 99 99 99 Data Ascii: RIFF!WEBPVP8X??VP8L /?M8jIG\| "*x;KT#=HUDAbffjl#IrP6qP[(KS$I24lI WPELI!Btdodva+EvF-~b>&4#(9I{DpP/5m"9r/3+I-f
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 9e 6a af 35 ce 59 90 f3 57 b2 9d 2c 08 fd e1 bd 0d 04 e0 0a 80 cc 54 7b e3 7b 65 02 14 74 c3 98 c5 94 0c 70 64 9b 03 de ff 1a fb 52 e3 ec 35 78 c3 0f 65 f8 67 4d cb 9d 2e 73 c5 11 54 33 a1 1a 98 72 ac 32 f8 d7 c2 7c b0 cc 16 2e 00 b4 0a 7d 1e a7 a0 a3 39 ab 22 51 81 26 62 d8 03 05 94 1b 66 12 4d f3 39 b4 02 76 dc 64 ad eb eb fa 91 43 7a ee da 4b ee 64 c4 80 89 00 54 be 0c 71 6f 7c 2f 41 c0 1b 23 6e 7c 1e 22 af 46 9d a2 46 4f a1 b6 4f a7 89 77 11 e2 fc af 0b 59 6b 1b a1 55 9f d1 6c e3 0c 62 e7 14 4d 1c 15 1c 5d 55 4f af cd 3a 7d 2d b7 fe 65 8a 6f 37 59 e6 83 08 e2 08 88 09 03 d1 44 23 51 21 83 24 25 c3 c4 87 92 c4 90 09 0a ac 30 d5 06 7a aa f5 53 fb 37 7d 1b 33 7f e3 db fb 26 7d df bb c0 ba 34 94 22 02 90 fc 14 e4 c0 1d 80 e8 b4 20 79 8a 9e 03 16 8e fc cd Data Ascii: j5YW,T{{etpdR5xegM.sT3r2\|.}9"Q&bfM9vdCzKdTqo\|/A#n\|"FFOOwYkUlbM]UO:}-eo7YD#Q!$%0zS7}3&}4" y
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 0a 0d 0f d5 da 0e 17 ba dc 73 6d b1 68 56 5a 67 9f c6 51 cd 01 51 4c b8 23 3d 2c 9f 59 73 56 46 64 59 b1 71 00 41 c0 04 20 43 40 01 d0 8a a0 26 03 de f6 ac 8b 65 eb 4f 1e 53 58 92 65 69 c1 83 25 8e 39 43 3c 32 fb 05 43 0f ff d9 a7 d9 d2 c3 18 0c 81 23 48 54 94 22 ad 59 91 89 79 d1 31 09 1e 81 e0 a1 86 ff 9e 23 02 bf fc 33 06 c7 41 90 2c 34 dc 02 f3 99 e5 8c 06 99 98 a7 aa d3 c0 ba 00 35 20 29 51 c0 83 09 46 c4 ad 7d 94 35 3a e4 6c bb 96 0f 3e 41 4a b1 97 07 26 28 49 06 49 a5 09 11 d2 00 24 1b 3a 79 c5 a2 2b 17 90 3f ac 01 08 10 34 4d 97 7c 96 5f 40 a8 80 8b fe d1 75 d2 ef 5d bd b3 0f 59 f2 a3 0b bc c9 46 11 74 a1 de fd 37 5f 60 49 87 08 36 02 24 80 16 43 60 c8 ec 3d eb 1e 0f a8 11 04 02 c3 21 61 28 48 dd 8e f0 84 8b 8c 51 e8 f8 8c dc 6f 6f c4 26 89 cc 24 Data Ascii: smhVZgQQL#=,YsVFdYqA C@&eOSXei%9C<2C#HT"Yy1#3A,45 )QF}5:l>AJ&(II$:y+?4M\|_@u]YFt7_`I6$C`=!a(HQoo&$
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 21 22 d5 6c a3 6d 5d 2c 83 c5 e3 35 85 1b 7e ab ee ca 9f 0b 78 99 6f 6e 29 22 59 35 90 15 94 60 a0 99 51 35 a1 c2 85 ba 2e 55 c9 67 e9 8a 89 70 f5 38 8d 2d c9 5e 11 be 35 6a 9a 96 40 4d 03 a5 a4 26 92 fa d8 5a 5e 50 e9 8c 5a 23 95 7f 04 48 88 49 4c a8 b0 32 d0 95 ac 9c 28 40 d3 08 02 47 79 33 46 a8 24 90 25 07 9c 8a 96 8c a0 69 da 7d c0 89 f3 bf 7d 44 ff 51 18 33 26 cb 25 37 54 3b 2b b5 5a e4 18 e4 07 1d 30 1f ac 28 48 d6 48 95 93 4a 0a 95 26 ff 24 5d dc 82 b1 63 b0 49 96 2c 0b a8 97 12 ef cd 5b cf 36 12 00 49 18 f7 6a 0c a4 a1 86 3c 88 20 9b f9 c1 48 08 41 38 16 c8 70 eb 5a ab b3 4a 42 09 a5 c0 d6 3d 36 bb a5 68 c4 d0 aa e4 08 af 5b 15 1a 2d 0a 2a 32 86 6c 4e e5 1c 86 89 10 b2 57 34 9e 0d 0b 0d 88 0c 17 03 48 10 43 02 fd 77 d4 93 ff 4c 21 d4 31 91 02 bc Data Ascii: !"lm],5~xon)"Y5`Q5.Ugp8-^5j@M&Z^PZ#HIL2(@Gy3F$%i}}DQ3&%7T;+Z0(HHJ&$]cI,[6Ij< HA8pZJB=6h[-*2lNW4HCwL!1
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 97 29 e3 66 d1 1b e8 a6 a1 91 63 96 7e d2 a3 57 fc 0b 34 c5 34 4d 13 2a 80 0e 2c de 69 35 2f 4c 3d 0f d9 d3 44 03 52 0c 11 03 df 96 a0 20 15 12 28 33 4a a1 1e 6c 42 b2 b8 0b 9b 8b 2e 5b b8 0c 41 a4 93 6c b6 52 e8 9a 87 d4 30 97 9a 01 64 92 52 0c 55 7d 70 59 a2 0c 9f 6a 86 41 54 42 ae 2f b4 29 37 f0 a6 c6 39 b8 e4 4e 11 0b 13 42 93 a4 0a df f2 2d 4f 7e f2 b7 28 83 86 7e 01 94 97 ac 59 ff 43 5b 55 fb 59 ab f1 81 bd 58 0b 88 83 59 09 fc 7a de 34 46 2d b9 92 44 17 d4 3e bf 1f 58 f2 46 68 7f 7f a9 e1 71 f7 c7 b2 48 4c e4 47 1f cf 54 b2 62 a0 04 8b 86 0b b6 fe 83 80 52 40 92 29 15 14 3a 18 67 cd 10 4d 0e 9f de 82 56 7f 01 61 06 70 db 5b d7 81 8d 46 91 c9 0a 29 13 59 aa 80 02 e0 49 3e 84 ca 5e 41 c7 52 6a 76 2d ba 46 2e 5f b1 ed 83 b7 b1 c0 bd 37 32 a1 1c b1 49 Data Ascii: )fc~W44M*,i5/L=DR (3JlB.[AlR0dRU}pYjATB/)79NB-O~(~YC[UYXYz4F-D>XFhqHLGTbR@):gMVap[F)YI>^ARjv-F._72I
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 5c ff 2f a5 54 48 31 e6 eb bd b5 9e c9 f3 1a 7d fb a7 81 1e b1 c6 e3 b7 f3 4d cd 58 65 28 5b 9b e6 90 75 6e ca bf 32 5b 0c ce 18 1c 29 a8 9e 64 49 c0 02 a7 25 9b 88 18 87 07 dd d9 84 54 74 a4 4e 95 b2 f2 21 41 c3 eb 23 4c d8 56 0a 9f ef b8 42 b2 ae 5d 22 aa 70 80 67 f1 10 2b 25 e8 13 5b 24 f5 7d 98 4c 5a 22 ae 3c ac 4e 25 2d 33 60 60 c9 82 63 e7 0b 4b 61 d3 2f 88 33 26 12 82 4a b0 03 4a 98 38 73 a7 84 32 49 1c 38 a8 66 20 42 42 8c 19 42 24 04 1e a5 41 4b 65 f2 0c 77 fe d3 4b 67 ae 58 62 1b 6c 6c f7 40 f3 b1 ac 85 bd f2 b1 ba 17 b7 c4 7e 63 11 f8 b8 0a ca 60 75 49 4c 48 55 23 78 63 95 09 88 20 42 53 e2 5c 89 ba b9 a7 a4 69 3a e6 57 97 d7 a5 d8 b2 d2 63 76 66 fb be 7c 1e 0f 42 5e 4d be eb 68 dc 53 8b 8a 8b 0a 59 20 23 62 67 b5 95 bd a3 a4 c7 96 1d 36 df 71 Data Ascii: \/TH1}MXe([un2[)dI%TtN!A#LVB]"pg+%[$}LZ"<N%-3``cKa/3&JJ8s2I8f BBB$AKewKgXbll@~c`uILHU#xc BS\i:Wcvf\|B^MhSY #bg6q
2024-09-27 23:47:39 UTC	652	IN	Data Raw: a5 9c 3c a4 56 49 fe fb 8f e0 12 21 21 56 71 9a e4 f3 ec b8 69 be a6 7a 1f d8 ed f6 03 37 16 80 ac 28 bb ac d8 18 e8 68 46 00 62 a2 f1 b5 b9 b1 11 d5 a5 3b b2 80 74 4e 89 23 09 96 a0 5a 13 88 6b 45 95 88 14 30 e0 b5 90 9d c0 9d a7 a8 b6 98 14 2f b3 3f 4d 21 cc 2c e5 c4 9c 31 7a 07 36 57 ab 15 42 3a b2 b0 37 a1 d9 35 77 ee 40 e1 32 cd d6 9e d3 91 a5 99 dd 9b 54 54 6e c1 50 2c 4a 4e 54 b8 f0 d5 33 5a be 66 06 34 81 44 98 1a 5c 9e d9 31 2d 04 3c 83 ab 3e ba 4b 6b d4 e6 c1 82 ad 9b 9b 35 8c 8e 63 14 c2 f0 df ff 4d 20 7e ba 12 43 e9 9e 6c 5e 08 88 03 e9 09 6b 29 fb 86 5d 63 59 cb 84 e3 15 f8 80 2c 04 59 29 3d 24 01 e4 22 80 07 59 e8 c7 29 48 fb 52 a2 43 11 06 29 90 e7 e5 2e cc f8 66 36 68 41 c9 5c fc a7 db ac b1 7a dd 4e 73 93 26 f5 30 1f 3b 80 d3 0e 1f 4e c6 Data Ascii: <VI!!Vqiz7(hFb;tN#ZkE0/?M!,1z6WB:75w@2TTnP,JNT3Zf4D\1-<>Kk5cM ~Cl^k)]cY,Y)=$"Y)HRC).f6hA\zNs&0;N

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
83	192.168.2.7	49824	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	529	OUT	GET /mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w48-h16-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	532	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 148 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 21:15:11 GMT Expires: Sat, 28 Sep 2024 21:15:11 GMT Cache-Control: public, max-age=86400, no-transform Age: 9148 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	148	IN	Data Raw: 52 49 46 46 8c 00 00 00 57 45 42 50 56 50 38 4c 7f 00 00 00 2f 0f c0 03 10 85 d3 6a db 96 e5 dd e9 9f 00 5d 40 47 80 c4 04 16 35 31 81 bb 43 a2 ba 47 92 33 82 bb 3c e1 fd fe 77 86 88 23 ff 4f 00 a0 f0 b0 d3 7b 15 50 bd d9 ec 49 29 a5 89 88 88 9b 8d ee 54 1f 2f 5d a9 d8 f6 11 a9 b0 7d 1d 11 31 5e f0 8e 7c d1 b6 7e 13 7d d9 a4 42 d9 cd 42 25 c7 8c 4a 50 cb f6 25 d9 ac 5c b2 ce ac 25 c8 e8 b5 24 98 0d 4b fa 59 2c 22 e8 5c 1a 16 2f 3f 23 02 00 Data Ascii: RIFFWEBPVP8L/j]@G51CG3<w#O{PI)T/]}1^\|~}BB%JP%\%$KY,"\/?#

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
84	192.168.2.7	49826	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	519	OUT	GET /FmQqtyc4yebncKY9K97-_fmJJl2jIq82kXB5nJY_xFEcTSHXjmZf1choL9-04ic2aVlx=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 34894 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:39 GMT Expires: Sat, 28 Sep 2024 23:47:39 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	859	IN	Data Raw: 52 49 46 46 46 88 00 00 57 45 42 50 56 50 38 20 3a 88 00 00 30 ab 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 95 3a de 64 38 05 c4 b3 36 dc be 56 da 44 23 f7 28 ff f7 2f ee fa 6e e3 df 56 7f 07 fc 87 ee 47 e5 7f cc 37 23 f7 77 f0 3f c2 7e c8 ff 13 f3 dd fc 5e d2 7e 5f fe 07 9a 27 b1 7f 0f ff 2b fc 87 e5 2f cd 2f f9 3f f7 7d 9d ff 5c ff 49 ff 53 f3 ff e8 23 fa 27 f6 af fa 1f e3 7d d6 7f e7 f5 a7 fd d7 fe b7 a8 cf e9 df e4 7f f8 7f 97 ff ad f1 23 ff 47 ff 4f fd 5f 78 3f df 3f db 7f e4 ff 47 fe ab e4 13 fa 67 f8 8f fc 5e bc fe cb 3f de 3f e7 ff ff ff cd f0 0f fc df fd 57 ff 2f 69 3f fb ff b8 bf 0c df db bf e6 ff f1 ff 67 ed 43 ff af d8 03 ff b7 b5 c7 f0 0f ff fc 66 7e 49 7e 67 f6 eb c3 7f 33 fe fd fe 23 f6 d3 fc 67 ed af de 6f e9 19 93 f8 ef ec 7f f1 7a Data Ascii: RIFFFWEBPVP8 :0*(>](E:d86VD#(/nVG7#w?~^~_'+//?}\IS#'}#GO_x??Gg^??W/i?gCf~I~g3#goz
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 96 c0 a3 6c f0 0f db 40 5e 5d 3a 68 6d ed bd 5e 4b f0 d0 00 e6 aa ce 45 77 af aa cc 5a bf aa ac 59 9e 6d 50 bd 9e b2 58 9c 12 55 a7 0c 53 d4 e3 60 d3 52 24 19 ad 8f cf 13 e8 e3 74 fc c8 79 e3 9c b2 bd 96 34 e8 46 18 09 c1 a7 a6 85 64 b0 17 f5 47 3d f6 dd 24 ac ad 9f 5c 33 63 0d 5e af 92 68 86 1d e9 b7 df 28 f4 9d f3 5a b0 1e 97 e4 0f b5 e3 15 9f 3c 4e 89 fb 8c d9 5e 50 e8 bf e5 be fe 87 69 65 3d 47 ac 04 d4 e4 27 73 4a d7 42 40 28 16 b2 f7 4f fb 84 9e 96 fc 7d 26 1d 98 b1 98 b7 59 53 fc 54 66 31 1b 97 fb 04 9f 23 0a 2a f6 74 2f 2c 97 7f 68 ed d8 8a e4 92 e0 c1 fa d8 68 53 97 5e 0a a6 1a e8 5a df 48 41 23 07 eb fe 3c ca 4a 16 05 f9 b7 f4 eb 61 9a 31 1d c9 b5 ce 33 61 e2 cb 86 52 ad de c4 a4 ad 7e a7 da 1e 54 fb 34 d6 69 02 97 bd b1 81 e6 03 aa 6c 44 d3 75 Data Ascii: l@^]:hm^KEwZYmPXUS`R$ty4FdG=$\3c^h(Z<N^Pie=G'sJB@(O}&YSTf1#*t/,hhS^ZHA#<Ja13aR~T4ilDu
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: e8 eb 25 e0 50 c0 f6 c2 2d da 53 92 eb b5 ef 2c 82 90 f7 6a f5 60 7b bc 03 bc d6 52 d6 5b 50 2f 9a fe f2 88 71 08 09 cb e2 4d 0b 56 df 00 8d 7c 76 9d ea 9a c5 95 05 e4 33 27 e9 19 28 99 63 da 08 8b 1e cb 5c 18 10 82 ab 36 0d 3b 4b 90 11 99 c7 d1 61 45 53 9e b7 df d2 df ac 37 9c 2d 08 14 b8 ff 2b f7 2a f4 42 18 31 27 6b 3b 0c 6e 1d 5b ff d1 ae 15 41 da 42 cf 0c be f4 57 b3 2b a0 b1 1c 61 b4 6d 3c 90 bc d3 78 3c 09 d8 2a 8a 28 38 ae ce 3b 3b 6c 5a a1 84 38 73 81 2d 4c 38 63 6c f5 d4 7e 88 8b 94 96 f2 9f c2 f4 d0 70 f8 c0 81 2b 7a d6 86 93 8a 74 0a f0 89 0c 3d a6 8a 9a 97 a5 b5 35 84 1b be 60 20 a9 9e 00 5f 6c 41 08 70 a9 9d 2b fd 0e 2d 30 92 18 3c b8 00 23 bc 2d 63 fc f3 c3 3b 09 04 10 91 b1 ed b8 dd 98 f6 d9 ff 37 d7 a2 7b 72 ee 2c db bd 72 c5 d1 0d 02 1e Data Ascii: %P-S,j`{R[P/qMV\|v3'(c\6;KaES7-+B1'k;n[ABW+am<x<(8;;lZ8s-L8cl~p+zt=5` _lAp+-0<#-c;7{r,r
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: e7 85 c6 16 d7 06 e2 16 68 98 6f a4 78 90 77 17 26 8d cc 77 90 bd d4 12 1d c9 3f 3d 3f c1 18 0b ef 21 e3 62 a7 7a 3f c0 19 0c fa 05 17 4e 09 f2 56 2d 2d 29 c2 ef e9 c9 cf b6 42 3b 87 cd c8 df b8 48 69 26 98 b8 ca 87 60 08 2e 0e 61 02 9e cd a0 d5 68 4a 6e 94 7e cf d4 28 fb 39 34 a8 2f 24 69 8b 0c 21 0e 6f ca 40 ae 11 d8 f6 ab 04 10 df 27 d7 14 12 c3 ce 72 f9 9e 5d 43 30 45 e8 66 b9 22 94 47 dd 1d 77 8a 8d c8 59 af e2 7a 0f e2 2e 6e 52 3f c1 42 3f 73 e1 63 dc bc e6 1b 2d 6e 31 c9 ae d6 fa 34 f5 af 37 8b 3e d2 11 5c 12 cc cc c2 8b a8 e9 f2 ab 3c c9 a8 c9 81 6a 15 bf 1d 67 00 67 39 b6 dc f7 c4 4e 63 90 84 84 b1 42 11 da 78 92 01 40 51 b2 59 b0 e4 6a 03 25 ce e8 17 5d a8 0b e2 15 00 30 18 cc 2b b3 b8 f1 c9 35 2a 6e c5 d7 5d d7 ae 68 0e 00 b4 ac 20 b6 d3 4a 5f Data Ascii: hoxw&w?=?!bz?NV--)B;Hi&`.ahJn~(94/$i!o@'r]C0Ef"GwYz.nR?B?sc-n147>\<jgg9NcBx@QYj%]0+5*n]h J_
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 4a 7a 02 5c ab 02 5f 81 07 eb 3d a8 99 bd 6b b0 e2 dd cc 6a 8f ea f6 52 0f a2 95 de d8 f1 2f e5 3a 38 52 ee 27 9c 1e 9d 97 77 ae ea 66 7c 58 a2 0c 5f b6 79 e1 d2 5e 76 68 92 58 7f 7f 26 ab be 54 0f 43 f6 e5 a8 22 62 5a 89 01 7f 59 d2 25 6c 7f 41 ff 0e ef 2c f7 9e a3 5d 58 da 85 1a 01 b1 70 56 e4 b1 94 92 95 3a 2a 04 f3 ab d5 c7 29 b2 35 2d 7e 24 56 22 2e e1 b8 b0 ee f2 0e 89 00 97 86 73 9f 6d ba 4e 53 a5 50 ce 91 2b cf 40 38 da 42 64 5d 65 21 6b ad 44 73 aa e5 fe d2 32 c3 4b 88 06 eb 7d 79 a5 15 e3 eb e9 2e ca d3 1c e0 32 5e 80 f5 91 27 e2 3c fd 38 ab a2 4c 58 48 99 eb d3 c5 9e 44 39 cd b1 7c 74 4e e0 61 6c 97 da 04 4d d8 dd e5 dc a3 56 65 48 b1 8d ef 09 a3 24 66 c9 26 c8 48 06 c1 26 d9 e0 38 67 4f 95 26 27 37 62 c1 50 fa f8 a9 0b 02 da 87 cd a5 ab f2 cb Data Ascii: Jz\_=kjR/:8R'wf\|X_y^vhX&TC"bZY%lA,]XpV:*)5-~$V".smNSP+@8Bd]e!kDs2K}y.2^'<8LXHD9\|tNalMVeH$f&H&8gO&'7bP
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: b3 5f 91 dd f9 65 05 f1 5a 0d 00 45 97 cc 02 1b 3c 4a 4a 67 8d 35 36 88 1d d0 91 85 30 b7 27 e6 f9 bb e9 4a 75 cf ad 03 53 a5 f8 ca 98 18 23 98 20 ee 8f 85 86 41 9f ca 09 31 17 a1 9a 1a d2 e6 15 5b 90 91 b9 4a bf f8 e3 88 0f 69 a0 60 26 c1 eb 20 5f d2 26 f0 1c a0 7d c7 81 23 ff b6 5b 47 86 98 82 72 29 85 f1 c1 16 63 b0 8d ae 76 40 43 48 f4 4b a6 3e 12 d3 7e b2 9a 5e 19 b1 96 c9 f5 9a 55 17 6c 74 23 85 33 fd a5 b2 24 55 75 36 e9 56 22 02 89 3b 91 dc b6 07 98 6b 9e 53 09 ae ff 45 1f 41 4a e2 70 9e 1b 2c 00 d4 6e 19 5f ba b0 91 62 62 6d 0a 8a 75 42 b5 ba 11 5d 0e 60 41 04 18 75 bb b4 9d a7 73 3f a4 2d fb 78 b2 62 d4 ca 6e 14 15 79 9d 0b 1c 34 b9 5e 2b 60 34 41 97 2e 8a 22 e1 c4 61 ac ab 92 1c 9e ce 52 b4 b5 5a e8 cb 76 f2 46 2b 86 65 21 25 69 2c f6 e2 c8 b8 Data Ascii: _eZE<JJg560'JuS# A1[Ji`& _&}#[Gr)cv@CHK>~^Ult#3$Uu6V";kSEAJp,n_bbmuB]`Aus?-xbny4^+`4A."aRZvF+e!%i,
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 87 30 11 2d 54 0c a1 52 17 1f 4d 38 40 d2 3c 8c be db 2a 7f 2e 2d 7e 23 62 fc 23 1c f2 36 d3 e7 d1 ef 45 33 4e 3b dc 81 fc 23 a6 b3 be a8 22 78 ae 37 99 26 2d c9 00 c3 ce b8 88 f8 c8 3b d8 1d 35 44 90 d9 7e 47 a1 05 2e 05 ee 51 8a 90 e6 a9 b7 1d a9 4b 6c b8 ad 66 33 49 6d 56 8c 91 d5 d2 07 d3 be 47 00 34 eb 17 46 d2 88 bb bb 34 96 4a 4a 22 65 f2 2d f8 e1 b7 7f 5e 65 a3 b9 e1 28 52 93 70 e8 5c 6e 19 73 16 a3 91 51 9d ac 84 a1 2f 27 0e 34 74 fc 8f 58 e4 25 42 59 ab 5e 59 87 63 6d a3 4d dc 5a 8f 86 16 6c d1 c1 28 50 c2 fa 1e 0b 52 2c f1 c6 01 24 a5 33 97 05 dc 30 5a 8d 80 0e d0 f7 04 f2 14 05 bc df 5d 6e 50 db 62 e5 8a 0e 2e f3 c4 bc 1b 2f 79 07 f3 96 0a 43 66 c9 84 fb ee 05 0d 0e f4 4e cc b2 75 f8 0e 7f ab ed 7a 09 48 c4 4e b4 e6 b4 41 1a f0 66 19 22 64 81 Data Ascii: 0-TRM8@<*.-~#b#6E3N;#"x7&-;5D~G.QKlf3ImVG4F4JJ"e-^e(Rp\nsQ/'4tX%BY^YcmMZl(PR,$30Z]nPb./yCfNuzHNAf"d
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 0f ce e9 7a 0d 41 d5 06 fe 37 e9 bd 01 ab 37 c9 e9 9a 5f b6 70 0f 63 7f e5 f3 69 33 80 b3 25 9f 0a c2 4a cb ab b4 24 41 6f c7 af 8c 74 49 7e 39 b5 f6 d9 e0 48 a0 5b ba 13 7c 09 a7 3e 1e 36 9a 10 8d 03 17 96 46 80 56 4c 50 d1 3e 49 23 fc 90 0e d1 a7 22 d4 53 ab 78 54 d4 bb d4 98 83 3d 40 7f 04 7c 69 48 17 ab 22 45 d5 31 9a c8 78 47 74 37 1a 78 16 9a a2 af ea 8e 58 3e 41 23 d4 bd ad 25 89 e7 c3 9a ce 6f 50 55 aa b3 7b 23 2f b4 fd ba 91 24 a3 e8 41 7a 3c c1 23 af 79 24 17 3e c9 2b 05 d5 95 4a 2d b6 5a d1 2d 83 65 de 18 80 71 b2 77 9b a1 4a 20 c5 06 4c 7b 24 2c bc 1d 61 23 ee 9f f5 97 84 ad 9c c4 ab b6 ba cf 17 63 ab dc 13 39 03 f3 ab 69 f8 ec 34 88 fb 06 3f 86 04 e5 9b d1 3f c8 fb 85 36 52 a1 9c b8 86 c4 33 76 0a a6 1d ad 4d 69 5f 88 fb 76 bb 27 50 25 13 75 Data Ascii: zA77_pci3%J$AotI~9H[\|>6FVLP>I#"SxT=@\|iH"E1xGt7xX>A#%oPU{#/$Az<#y$>+J-Z-eqwJ L{$,a#c9i4??6R3vMi_v'P%u
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: e8 cc 27 0c 99 4e c3 2e 82 e6 74 f3 3c 3b 94 fa 11 1b 4f 0d 8a 38 81 47 03 af 58 e5 a1 49 ec bf 9d 42 68 8f c8 4f 41 aa 25 3e 0d f3 e9 3a 31 42 21 9b 4f 35 13 7e d7 69 d5 de 26 33 d0 8a 4a 91 1b 87 55 30 13 58 a8 6e 02 7d a4 45 72 ff 2c 88 b3 a0 c0 1b fc 1c a2 75 00 3c 3f ce 0f a7 25 37 03 51 88 cd d9 2d 31 9d 07 1e 74 01 69 69 b5 90 23 21 03 70 b7 55 08 8c 1a 02 0a fe 1e be 63 e0 a0 08 b8 df ea 62 0f 6f 94 fc 48 d0 2e ce 74 49 1a 4c ca 49 bf 73 91 24 43 19 30 f4 4d ab 35 b8 43 f3 f3 c9 53 41 22 9b 08 3a 70 d0 29 14 87 a9 89 99 01 7e 00 02 c5 7f 52 65 b5 0a 71 61 91 ca f8 5e 37 d1 c3 57 f8 38 4e a8 0e 39 d9 b3 34 20 4a 06 3f d0 ea 83 31 37 84 0b 10 0d 92 c7 2c f2 d3 b6 0d e6 a8 b7 f3 10 ef ad 7f fe a5 9e b4 39 75 83 8d 84 e3 02 a7 4f 1c 8c 8d cf 38 9c 66 Data Ascii: 'N.t<;O8GXIBhOA%>:1B!O5~i&3JU0Xn}Er,u<?%7Q-1tii#!pUcboH.tILIs$C0M5CSA":p)~Reqa^7W8N94 J?17,9uO8f
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 4f fe 79 7f b6 0d c9 e3 cc 27 35 d4 3b 8f 4e a8 3a 28 e2 cd 6b 49 25 1f 3c 4d 5b 91 11 59 69 12 31 cf 22 2f 8b 8c 4b 24 a1 29 96 0c 5c c2 9a 24 27 fd 34 bc 3f 28 98 0e 21 ad 50 e6 73 81 f4 ed cc 19 dd ac 80 74 57 2d 81 db 2a f1 b4 67 03 c3 0a 52 3a ee 58 61 8b fa 6d 8f 47 0c 5b 60 50 de b3 f2 e9 c5 d2 54 eb 1a f6 9d 5c 62 4c 1b 6c 73 a3 0e 18 4c cc 7e 94 8e c5 e1 c1 95 d3 42 f6 b7 bb 31 43 34 47 13 75 10 ec 23 02 cb c2 de ce 4c 47 3b e0 83 55 44 dc cf fc b1 b2 a4 da d0 b6 15 7c 7c 2b a6 5f e6 76 b3 1b bb 7c b1 c4 b6 53 92 e8 58 12 b5 56 35 b0 8a c3 e9 13 47 75 1b 67 14 3a 4f 20 9e 8a 33 86 bd 99 d2 74 b2 4d 8d 41 54 c4 e1 89 1b d3 1e 64 93 50 36 1e dc e9 4f 78 0f 2e f2 b7 13 d7 9f 0b 87 f2 92 54 a4 68 f7 58 42 47 f3 66 cd ea a3 49 cf 46 53 e3 26 bb 5e c9 Data Ascii: Oy'5;N:(kI%<M[Yi1"/K$)\$'4?(!PstW-*gR:XamG[`PT\bLlsL~B1C4Gu#LG;UD\|\|+_v\|SXV5Gug:O 3tMATdP6Ox.ThXBGfIFS&^

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
85	192.168.2.7	49823	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	519	OUT	GET /we0bhS3JiHZckLoz-x8MZ7OBO162eznUU-hdS-a3tfoKR8-fsQjQOBkGhEc-YP8zaine=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 37386 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:40 GMT Expires: Sat, 28 Sep 2024 23:47:40 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	859	IN	Data Raw: 52 49 46 46 02 92 00 00 57 45 42 50 56 50 38 20 f6 91 00 00 f0 bd 01 9d 01 2a 0e 02 28 01 3e 69 2a 90 45 a4 22 a1 a7 2d 57 4c e8 e0 0d 09 6c 6c 43 db bb 6a 22 5f 9f cc 66 0f ff de f1 ba 4d dc 60 a7 15 bb 30 1b 61 66 cd 39 32 7b 9c 9f f8 ad 91 f5 7f c0 ff 5f fe 6f f7 0b fb af bb 6f 1d f6 89 ed 6f bc ff 9b ff 9b fe 07 e8 03 f7 9d 9d 7c 6f fb bf d9 bf 50 df 62 fe 03 fe cf f9 2f ca 5f 99 1f ef 7f f0 ff 99 f7 51 fd 4b fc b7 fd af cf ff a0 4f e9 5f de ff 61 fd d6 ff d7 fd db f7 ad fe 0b fe 87 a8 af ea 9f e4 bf f8 7f a1 f7 83 ff 81 fb 5d ee a7 fb 67 fb 7f db ff fa 5f 20 5f d6 bf cf 7f e4 f6 c9 ff bb ff db dc fb fc 6f fd df ff ff f9 7e 02 3f a8 ff ae ff ff ed 15 ff 8b f7 4b ff 37 ca df f7 1f fa 9f ba 9f f9 bd ed 3f fb 7b 00 7f fc f6 c1 fe 01 ff db a6 5e 30 fa 73 Data Ascii: RIFFWEBPVP8 (>iE"-WLllCj"_fM`0af92{_ooo\|oPb/_QKO_a]g_ _o~?K7?{^0s
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 5b a2 95 82 63 b2 23 97 99 02 eb 46 6c 9e 35 05 9f 8c e2 35 21 a8 77 a3 23 df e7 67 8c b9 ce e7 30 fa 97 76 5e d1 d2 cb 3c de fb b9 00 b3 0d fb eb 58 a5 00 d3 e0 f8 4b 22 0a 8d a9 fb 9e 56 bf ec 51 4e 61 3e 80 8d 1f a8 74 70 01 36 cb 51 31 c3 6f dc a1 8f 29 26 5a 61 3d 13 1d b7 68 c8 f6 4c fb f4 cc 34 ad 5e 3f ee c9 d3 ab 51 e0 a8 42 4d 7f da 5e e1 f9 6c bf 20 35 dc 09 9e 76 85 1c 17 e9 f8 43 bf 41 a6 70 66 07 b2 54 ac 2f e0 e8 fe 77 ca 1e 5a 2e b7 95 6b fe 87 5a 98 73 f3 12 6d 25 a9 43 d8 e7 0b db 7a 06 cd 86 e7 b2 e4 8b 6b d4 bf 59 37 7e 1a 24 b1 57 34 b6 a8 6c 1e 9e 6a 29 1b b7 31 b7 d1 b8 a1 f5 ae f2 58 85 a7 d7 10 2f fc 48 df 58 cd 3e 89 bc 21 7b 35 ff f8 9a 21 bc ef 0e 8d 0c f6 c2 b5 bf c4 26 09 2d 93 1c d3 fe ba 87 bf 70 6a d3 35 13 6f 1e b6 d3 19 Data Ascii: [c#Fl55!w#g0v^<XK"VQNa>tp6Q1o)&Za=hL4^?QBM^l 5vCApfT/wZ.kZsm%CzkY7~$W4lj)1X/HX>!{5!&-pj5o
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: ea f6 df fe e3 82 9e 8c 2d 4f 36 47 5a f6 70 95 80 fc 0f e2 9c 6d 55 4d d7 2a ec 97 96 fa c6 ba 8c c7 f3 3a 73 2a d0 46 3e 63 af c0 60 1a 27 2f a7 22 53 2e 70 2b a3 ce 53 f3 8c 7c 86 2e de a5 79 db a8 59 53 d0 cc f0 d0 ea ff ff ae 98 d2 f4 11 a6 cd 8d c5 4c 3c 86 b0 bc 5d b4 fe 44 a3 30 67 32 3c 7e 0b 29 9d e7 99 c4 22 1f 84 47 85 7e 92 30 1f bf c1 ae e3 76 fd 51 7f e9 48 43 0c 1b ee 7a 97 7f 8d 76 ed c1 5a e9 9c e9 80 27 13 59 38 d0 74 04 e8 52 ce c7 25 08 c0 18 70 37 11 22 16 d2 fe 73 12 3b 11 41 89 af 4c 51 c5 a9 7b d0 fe 92 99 7a 6f 57 a6 63 c0 ca 2e 14 ee 68 d9 a0 3e fb 1d 2b 8b a5 e7 6b 99 ac 15 af b4 88 4b a2 14 9b fc ce 41 bc fd 88 b5 59 c1 2c 96 08 d2 d5 38 ee 75 f8 36 06 d6 bf 96 32 a3 05 77 57 97 6d 8d 41 05 75 a7 bc 48 77 f8 ee 0c 95 0c 22 c3 Data Ascii: -O6GZpmUM:sF>c`'/"S.p+S\|.yYSL<]D0g2<~)"G~0vQHCzvZ'Y8tR%p7"s;ALQ{zoWc.h>+kKAY,8u62wWmAuHw"
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 87 fc e5 b5 77 27 c7 8a 77 bf 91 7b f0 bc 5f 0d cd f4 ab 3c 8c 26 b6 5a 3e 34 77 63 c4 d2 e6 08 17 19 18 1e 38 c5 ed 57 cf 33 2b 89 fc e3 b9 88 6c af a3 23 f0 3e a1 f4 03 c9 73 5d a9 ee e9 57 84 01 58 c2 3a 7a c3 fc 33 ca 02 c3 32 96 34 44 e1 86 38 02 32 e7 a6 f4 b5 83 47 d6 75 cf c1 63 79 45 2e 24 66 5e cf aa bb 2c 6b d0 3c e6 a7 76 8f 7b ed c6 38 d1 f1 28 a4 2e 2a d9 c9 a2 b2 b6 14 95 c5 6a cd 48 d8 a2 99 fa ce e3 3a ef 0f be 0b ce fd e5 fb c4 aa ef fb 2f 43 e9 da 32 df 1c 15 97 39 b2 01 9b ba 1c ac f2 3f dd cd ab f6 80 90 1e 2a 7a 53 1f b3 ff 3a 4f 86 ec 9e d5 46 a5 3e d2 f2 95 cb d5 86 cb 3b 77 74 e8 65 8a 06 0a 3b 63 9b 10 9b f8 2a c1 9e f5 7a 64 de a8 77 ec bb b2 55 fc 68 25 e9 df 66 2f 40 5a f0 71 b4 b7 11 5a 32 51 1d d1 69 9b a5 cd e4 25 eb 6f 02 Data Ascii: w'w{_<&Z>4wc8W3+l#>s]WX:z324D82GucyE.$f^,k<v{8(.jH:/C29?zS:OF>;wte;c*zdwUh%f/@ZqZ2Qi%o
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: db 54 40 cb 65 77 2e 06 6d e0 2f 49 6b 4e 22 5a 11 cd e2 20 c5 dd 04 d0 2c ae b3 cf 37 fc 04 57 aa 21 30 b6 28 a3 62 2b 98 8a 6f 00 77 62 26 f1 15 17 7b ae 82 de 7e 38 f7 8f bb 26 ca fe 98 e9 64 dc 3a f9 20 be 39 67 f3 a5 9e 53 16 c6 f4 7a 33 58 ac 4c 10 36 db f0 66 28 3c 04 1b 66 e2 02 8c 10 50 46 6f 35 42 26 7a 16 af 18 bb 72 5f 3c 50 f2 65 db 74 7e 0d 7d ea 6f 04 30 6a f4 a7 40 64 21 75 59 e0 cd 5c 40 fd 14 a7 bf 64 48 f5 a3 55 8c ce 74 de c7 06 bc 93 2b ba e2 80 78 5f 16 31 8e 20 15 ef dc aa 72 40 37 3e 80 aa 98 7e c4 79 67 ff ed 12 d4 79 62 4c 14 1d b1 28 ca 84 0e b6 a4 71 29 0f 56 e7 39 73 a7 6a a5 e2 38 9f 36 9e 45 d9 c3 ec 1d 0a bb 15 9c 62 d1 6c be 11 76 7a 6b ea e0 c5 11 d4 f2 e1 be f6 b5 79 07 0c 59 ab ab 18 df b5 84 cc cf e0 14 65 d4 20 d7 c7 Data Ascii: T@ew.m/IkN"Z ,7W!0(b+owb&{~8&d: 9gSz3XL6f(<fPFo5B&zr_<Pet~}o0j@d!uY\@dHUt+x_1 r@7>~ygybL(q)V9sj86EblvzkyYe
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: f0 23 c8 a2 6c a9 8e 4e cd c6 ba 73 9a 20 06 ef 14 20 bc fc aa ea 02 ed 6d a0 f1 b4 fd c1 60 46 3b 7e cd a0 19 04 b4 f7 2c a2 28 c0 e4 54 99 23 ca ab dc 07 9a ed ac 33 68 ee 16 a0 f9 5b f2 d4 51 83 0f 6b da f0 26 10 8e e9 f0 2f a7 0e 54 f3 60 1b 77 b0 12 81 5d a8 ce b8 e7 3b b6 a2 cb 4d 95 b3 e8 c6 86 6e c0 e0 db 75 49 06 ff 77 af 1f 71 b2 15 18 1d 4b 13 96 68 76 67 f6 86 99 37 be db 34 ab e0 f4 a3 93 f5 c7 3a 31 c2 8e 9b 13 03 b7 d5 68 a5 eb b1 fb 37 75 40 0c 73 3e b8 b8 f6 b7 f7 fe 53 f0 26 f3 73 c4 47 fc 74 96 43 3d 1a 26 42 4b 98 fb 49 59 86 81 ec 6f 47 f1 a2 a0 f4 cd 23 20 7b 13 39 e1 49 96 54 68 78 c8 79 c7 3c 01 b2 4d fa 60 77 14 b9 48 ef 55 bd 1a 7a b5 a1 67 03 b1 4e eb ed b7 1a cc 3f a7 08 1a 29 82 89 24 5c 6c 5f e0 36 9c 3a 6c b5 64 84 82 fe eb Data Ascii: #lNs m`F;~,(T#3h[Qk&/T`w];MnuIwqKhvg74:1h7u@s>S&sGtC=&BKIYoG# {9IThxy<M`wHUzgN?)$\l_6:ld
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 77 2c d9 30 d7 ca 47 75 9d 63 65 c3 2d 07 87 aa 9f 37 7c 1d 74 77 40 d3 b2 f6 1e 6e 57 52 79 9b 7c e0 81 93 54 33 1d d1 fa ae 2f 2d c6 9f 99 58 b7 9d 53 e9 58 a2 ca 34 8d 5c f4 3f 33 cb a8 b5 ab 86 96 df 74 37 d6 5e 6a f3 dc 27 57 33 6c 1f 7b ab ea 6b ac be 3e 8c ba 33 2e aa b3 93 9b bf ac a7 97 53 5f 34 83 90 14 9c ee db 80 6c 74 29 cc bb 72 a4 74 05 fe c3 c5 a9 e6 41 f7 12 3a 50 9a ed fd 37 2d 0b e8 98 dd eb 74 0d 53 21 8e 69 8e 44 41 ec d7 62 d8 9e 05 32 36 67 0c 4a 8c db df 6f ac 40 ac 64 cd 8d cd ce 03 a1 cc cd 15 0e 82 54 fa fc c4 f4 3e f3 38 3b b9 44 ac f4 20 88 11 25 82 85 77 1c f0 25 f2 38 04 eb 4a 5f 57 6e 45 4a 84 08 3a e0 68 11 3e 69 c5 37 3e 81 5b b9 f4 92 66 e4 04 d1 53 79 f6 98 42 f0 4d 5f 59 1c 6b 47 c7 d8 b3 64 b4 0b 5b 79 f3 8c 1a ed 9c Data Ascii: w,0Guce-7\|tw@nWRy\|T3/-XSX4\?3t7^j'W3l{k>3.S_4lt)rtA:P7-tS!iDAb26gJo@dT>8;D %w%8J_WnEJ:h>i7>[fSyBM_YkGd[y
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 44 d5 ab e6 07 c4 3c a6 aa 0b 8f 71 ac d0 55 d8 f7 cf 1e 40 f8 fa 58 db 05 c2 21 06 45 c6 da c8 47 92 b7 aa ad a1 1b f8 72 47 67 a5 ac 37 9e 70 ad e3 e2 1c 9c 4e cb 62 de 08 1a bf 74 85 a6 28 fd de 97 33 85 12 cf b5 85 fd 19 22 70 a8 87 37 6d 13 16 b9 2b 62 4b 31 4d 32 b0 1a 74 4f 24 d5 5b 07 4b be 77 98 8b b6 df 93 27 75 08 6a 8d 0d 8d a9 65 17 8e ba 92 75 1a f9 5f 63 48 c9 3f e2 ea f2 d2 49 61 dc 37 95 45 93 a5 57 63 89 55 25 f4 df a4 1e f2 9e be 2b ca 4b b8 95 44 4b d3 4f 64 58 26 2e 11 ad b7 a4 9a 58 3c e5 bb 47 ec 23 f2 d9 67 0e 88 c6 c1 8a 6b c4 35 c4 ea 12 67 bb 03 68 2a 23 48 13 31 35 a9 af 88 dd 9e 18 9e 71 89 73 da 14 ec 96 bb 4b e8 87 61 ad 7d cb 34 6a 91 b2 7a 22 a8 bc c7 f5 53 38 2b ec 4b 2f f7 68 b2 5d 04 21 9a 51 20 81 6f 16 5f 04 eb e7 e0 Data Ascii: D<qU@X!EGrGg7pNbt(3"p7m+bK1M2tO$[Kw'ujeu_cH?Ia7EWcU%+KDKOdX&.X<G#gk5gh*#H15qsKa}4jz"S8+K/h]!Q o_
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: e7 b9 92 1a eb da 3c db 81 44 5e 85 30 33 51 9f 78 70 50 af a5 2d d2 e9 d8 88 8b be d1 f8 2b 64 81 ab 41 90 9a 5b c7 02 88 eb 57 b0 89 15 42 6f e9 76 0f 10 fd 80 d1 b9 5b 6b a7 13 27 0e 26 38 ee 01 85 9b 2d 8b 9b 7d 12 fd d7 f6 1f 19 12 61 af a1 64 32 28 d0 9a 6c 8d 8b e3 48 fc d1 6c 81 e5 78 d2 d3 b9 dd e2 d8 09 14 97 4f e8 01 ab db c6 ee 5b de 73 93 cb 43 73 a5 79 97 1f 78 72 51 15 3e e3 2f 30 a6 9e f2 af 48 86 13 23 18 e1 53 67 ea c8 a4 5e 76 5e bc 65 b3 97 81 8b f6 d2 b9 c3 74 99 b9 df 57 e2 ad 71 a9 90 25 13 c0 ea 20 77 27 fe cb f6 9f f9 14 f1 86 19 e9 3c 71 84 6c 23 77 f9 9b 12 08 c2 1c 21 bf 04 a3 87 09 12 4f bb ee e4 bb 2c df b9 61 be 08 a0 c7 a6 ba 3e 6a 2e da ce b3 66 89 71 94 96 59 fc 18 a9 7a ea 4b 7b 81 1e 65 b0 4e 27 38 43 49 92 a6 23 c4 c2 Data Ascii: <D^03QxpP-+dA[WBov[k'&8-}ad2(lHlxO[sCsyxrQ>/0H#Sg^v^etWq% w'<ql#w!O,a>j.fqYzK{eN'8CI#
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 82 8f d7 bf b3 47 66 0c b1 42 e6 ec dd 1c 2d 08 2d ac 74 22 ec ed 69 89 2b 89 7d c7 fa 43 37 a1 31 51 9c 0f 26 5e 63 05 3c b5 ce e0 77 8f 4f 54 54 14 b3 3b 4b ed 2b 2d 1f 46 69 b1 b3 15 82 d2 2a 0f ce 6d b6 56 48 cf cf 58 5e 0d 7a 4c a6 ec 8e 17 ed 7e 9b d7 0e 51 9c 92 a9 57 b1 c9 d8 cc e3 7d 44 2a 93 94 ce 37 cc 63 cf 7a 05 9f 25 fb b9 ba f5 bc 9c 1a da 98 c9 97 b5 8d c0 f8 60 65 04 24 db 68 f9 c9 ae 3e a1 d3 39 bf 67 56 2b da e1 b8 7b fb 47 6b 44 19 29 db 99 b1 56 55 67 c6 b2 91 2e ff bf 8d c6 44 90 b2 a6 27 d7 fa c3 98 57 12 5a d1 f8 0a eb 28 09 5b f9 bc 36 33 81 96 13 41 39 e8 03 33 e4 54 f1 d6 47 ce 29 b3 25 ec 9e c5 5a 7c 9d 04 6e 69 b0 19 dc 35 80 9a bf ee 0a fe 5b 76 60 e0 20 d2 d5 a4 68 a8 5b e6 9c 93 0f c8 04 b4 13 c7 37 a7 88 08 cb 72 4a c0 e9 Data Ascii: GfB--t"i+}C71Q&^c<wOTT;K+-FimVHX^zL~QW}D7cz%`e$h>9gV+{GkD)VUg.D'WZ([63A93TG)%Z\|ni5[v` h[7rJ

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
86	192.168.2.7	49827	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	518	OUT	GET /M5V_64F5d7H1jjSpR1rQCHDffGpl0PgyM1bfgSz4n4FzKxXvf4PJKEq2MkiJgeCEFIM=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 32964 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:39 GMT Expires: Sat, 28 Sep 2024 23:47:39 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	859	IN	Data Raw: 52 49 46 46 bc 80 00 00 57 45 42 50 56 50 38 20 b0 80 00 00 30 8d 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 a1 2a 36 cb f8 70 0b 89 6a 6e 2d e4 ba d4 49 03 12 ff aa 9c 16 9b 5f 3c bd c9 76 d9 e9 81 10 9e f3 fc 4f ed 97 f7 cf db df 98 be 3b ee 2b da 7f 81 fd 73 fe 1b e7 eb fa 3d c2 fc 9f fb af 32 1f 62 fe 0f fe 67 f8 af f2 df b7 1f 33 3f db ff db ff 65 ee 97 fa df f9 9f f9 7f 9f ff 40 ff d3 bf b3 7f d4 ff 0d fe 8b e1 6f fd 1f dd 1f 7a 3f da ff e6 7e 60 7c 0c fe 95 fe 27 ff 4f fa 4f df ff 99 4f f7 7f fa ff ca 7b b2 ff 03 fe e3 f6 d3 fd 57 c8 0f f4 1f f1 df fa fd b4 bf ea ff ff f7 3f fe ed ff 4b ff ff b8 7f f5 2f f4 1f fc ff e8 fb c7 7f dd fd c6 ff db f2 b7 fd bf fe 77 ed e7 b5 37 ff 0f 60 0f fe 9e d6 df c0 3f ff f0 cb 7a 3a f9 97 f4 9f ec 7f 29 7c fb Data Ascii: RIFFWEBPVP8 0(>](E6pjn-I_<vO;+s=2bg3?e@oz?~`\|'OOO{W?K/w7`?z:)\|
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: da 85 bb 32 12 1a 43 da 04 df 6b 56 53 d8 57 20 bd 1f f9 c2 e8 e2 0e 57 82 87 56 66 0b 45 37 91 6f fb 33 6d b6 97 a3 fb 70 c1 b6 e4 79 a4 10 54 c2 42 94 33 13 9a 02 99 f2 39 97 a4 86 48 41 c8 df ae fb 1b c5 d3 ac ec 35 6e 5d c2 38 fd dc a6 3d 7d 54 e9 26 02 72 a8 62 2d 1d a3 7d 64 bb a6 9e cf e8 0f c4 7a 98 d9 51 92 92 94 4b 5e 7b 4d 7b b5 a4 16 51 a4 ac ae cf 85 7b 45 82 58 aa bd 08 3b 4c 4f 91 a9 84 05 50 0b e9 35 ab 17 e3 85 02 70 5d f2 a2 8b 7d 2e 65 f3 4b 28 e8 8d 66 f3 fb d1 96 b2 6d 96 17 b2 09 9d d9 58 7e 28 ad 32 5f f5 5b d1 2c cd ad 62 51 f5 7c 27 84 12 77 01 19 51 91 2d db 83 b5 ca 44 72 c0 f2 7c f0 71 2c 69 e3 70 2f 1b 07 6f a3 fd fe 4d 58 75 df 97 24 ca 0e 65 67 0e 6c 97 59 98 9f 7d 14 9a 71 17 9f d3 8f d1 d5 94 88 21 c2 e7 ca f1 32 c8 b4 4c Data Ascii: 2CkVSW WVfE7o3mpyTB39HA5n]8=}T&rb-}dzQK^{M{Q{EX;LOP5p]}.eK(fmX~(2_[,bQ\|'wQ-Dr\|q,ip/oMXu$eglY}q!2L
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: fc 13 d6 4e 4e 6d 4b 3c 73 57 94 20 94 be ec 4f df ba 22 fd f8 45 a2 b6 c7 70 44 da 6b d3 43 71 55 f9 25 61 da 53 4e 02 4c 7b a1 48 fd f8 37 53 b6 9f c9 70 90 06 6c b6 b0 bf 00 b8 ff 59 e4 5d 69 a7 32 5f 2b 6c 58 34 79 03 e4 2e ea d1 0e 44 fb 84 bd d3 68 f8 72 f9 12 96 5d 36 a3 4b e7 18 9f 7b 71 ea ba aa bd ab fa 5f 1d 11 09 19 a1 38 11 a7 9a 46 ff 59 73 13 39 a7 c9 0c 9d dc 21 9c 57 3a 1a 9b d5 ee 98 3d 60 e1 8e 26 d2 21 3a 26 d3 a0 cb 93 2e 02 5f e5 68 9e b8 4e 25 7a 78 37 89 9a 28 36 18 99 5c be c3 d5 e8 89 70 51 41 a2 03 8c d9 c6 fe 6a 1d c3 59 0e d8 c0 08 79 6e 65 81 65 01 7f 46 00 be e8 b6 f7 b7 d3 84 4b fb 81 a1 ce 27 7c d2 77 c6 af 30 d5 e5 7b 04 e0 67 9f b9 51 a3 f7 25 dd 92 fb b2 b9 69 ad 2b 22 a6 be 4c 50 b8 b7 79 a9 a7 81 8a 8b 41 5e b8 6c 52 Data Ascii: NNmK<sW O"EpDkCqU%aSNL{H7SplY]i2_+lX4y.Dhr]6K{q_8FYs9!W:=`&!:&._hN%zx7(6\pQAjYyneeFK'\|w0{gQ%i+"LPyA^lR
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 80 a2 51 9f a8 b0 35 09 4d 03 f0 22 9c 2d dd 28 20 c8 36 2d dc 46 06 5b 33 95 f8 2f 56 ca 74 f2 38 4e 64 1a ae 1e 82 2b 22 e5 b7 64 ee 73 39 9a 28 a5 80 24 51 14 f3 e9 f8 29 c5 4e fc b2 35 2b b6 6f 07 49 d8 08 a0 a3 85 6f ed 23 0f 72 96 3e b6 c0 5f 31 32 27 88 1a c9 b3 d8 a9 58 d9 b3 85 ad 12 8b 13 54 e9 60 59 8a 1a 15 0e 0d ea 6a 76 64 02 cb 1b 38 2b 2e b6 20 4c 86 07 cb 49 66 ae 83 4d c6 af 80 10 15 ec 4c 20 b4 07 6a a4 85 69 f2 ef 40 81 21 d2 ff 0f f2 65 89 b5 4c ff 35 a7 49 14 11 26 f9 4f 13 03 e9 fc 2e f5 20 16 1d 02 02 63 b0 56 36 98 9f b1 4e 91 cd d5 bf a9 a2 d7 6b 14 a5 52 e9 2c 2e 12 e1 dd 77 18 e1 45 6f 11 d0 59 63 96 83 6e f0 ff f0 5e d8 5c 61 55 dd 86 45 34 c6 f5 db 05 64 08 a9 c1 ff 9d b1 89 ec 8e 78 77 91 33 d2 87 fb 5c 8a 83 17 86 01 3c 2e Data Ascii: Q5M"-( 6-F[3/Vt8Nd+"ds9($Q)N5+oIo#r>_12'XT`Yjvd8+. LIfML ji@!eL5I&O. cV6NkR,.wEoYcn^\aUE4dxw3\<.
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 35 2a 37 f3 c7 93 51 c3 25 c2 33 71 1a d6 b1 3f 1b b3 80 9e 37 5a cd 14 58 28 d8 ed df 62 a0 d1 13 43 92 7c a1 c1 42 75 49 9c 94 ed 0d fb 71 40 9d 88 7e ba 43 7f 11 c1 18 9a 61 ff d8 02 1a 58 50 71 09 6d e0 ae 93 47 56 84 66 bf f7 e0 c1 30 48 f2 e7 57 3e 5c 09 b2 7f 6c 83 4a 4d 79 f7 78 49 14 9f dd 9f 57 12 fe 2a 42 66 f3 67 a5 88 73 0d c8 ae 95 90 40 8b 3c 54 ca 6c 7c af e9 f0 e3 ae 25 b1 28 30 d3 ba 5d 93 43 5d e4 eb de 29 93 ec 39 88 9a e2 43 f5 3c 32 0b ca c8 d6 e6 b4 57 3d a8 bb f8 72 64 bb c7 54 2b 97 12 5f db d8 ec f7 37 21 fa ed ae d4 6e f5 d4 5a 9d 15 f2 3a de 19 bc 4a 9f d7 9b 0e 75 b2 04 7d 71 74 bc 96 88 0d 8d 10 29 bf 1a af bb f4 ef 1d 45 4a a5 78 5a 8b b3 05 e2 e8 9c 85 cd 07 c5 e4 02 f9 01 8c 87 0a 1a c0 95 a0 ed af fc fd e9 95 ef a7 0a a0 Data Ascii: 57Q%3q?7ZX(bC\|BuIq@~CaXPqmGVf0HW>\lJMyxIWBfgs@<Tl\|%(0]C])9C<2W=rdT+_7!nZ:Ju}qt)EJxZ
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 89 5e 82 90 99 ad 8b 35 a2 99 a1 39 ba e2 de 2c 40 6e 2c 9a 3a 47 4c 44 c8 c5 6a 3b f2 24 8f 14 ff a3 2f 5d ae f5 f6 ca 89 f2 57 50 02 d3 84 89 06 67 b3 f6 26 bf 54 43 a2 57 fa d5 77 05 45 8a 8c 3a 17 65 fa 3e 42 01 e8 22 3e 7c 00 26 47 63 a6 9e a7 c5 52 1b 96 58 b2 65 5b 87 c3 95 6a ef 41 90 de e0 fc 03 5a 41 64 9d 44 67 77 86 49 12 00 33 ed be 73 9f e5 f4 7e a2 17 93 2e 0d 65 99 2a 44 8a 55 a4 e0 f3 a5 7c 77 2d e5 20 96 47 84 fb f7 24 76 1a 95 4b db bb 31 08 5f 28 bc 75 a9 50 11 d1 75 88 47 13 c5 a2 38 6d 9e 49 46 79 ae 0b da d4 1e c1 ff 9d 7d 2d ac fc 9c c6 56 cd f7 0f 62 18 44 aa 7f 27 1c cd 5a 66 4a f8 06 ea c6 62 8f ae 33 ee c3 4b 42 5b 48 a2 b1 c6 bd 3f 02 51 06 3a 3d 92 ed e7 34 ee a6 f1 27 17 ff 7a 11 1d 43 72 72 dc 4b 1f 0d 9a 90 fa 25 bf 31 64 Data Ascii: ^59,@n,:GLDj;$/]WPg&TCWwE:e>B">\|&GcRXe[jAZAdDgwI3s~.e*DU\|w- G$vK1_(uPuG8mIFy}-VbD'ZfJb3KB[H?Q:=4'zCrrK%1d
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 85 57 58 4f 4c 29 35 6f 18 8c 88 b8 e5 43 42 c4 8d ae 22 68 b6 7c ef da 0f f3 10 91 01 77 f6 dd 48 61 65 40 c0 bf 30 3d fd 2c cd 73 2e 2d 68 39 d0 25 b8 85 52 e8 1d bf 12 12 b7 7f 75 cf 25 47 32 06 43 70 4f a5 39 30 11 99 63 8d ac 3b 55 fa e1 a5 40 c2 fc ac b5 19 57 8d 1c d9 46 df ef 25 83 d2 6d 90 c2 cc e6 43 53 92 76 05 e3 c6 2d 6f d8 63 95 09 17 3d 40 a0 5e cb ca 62 eb 3c 64 c3 ee 0d 1f d1 e0 60 f7 d1 a0 13 7c 9d a9 62 aa 03 3f 07 05 65 a5 1c f6 6b de 5b 21 ef 49 40 6a 09 f6 78 d8 f8 90 19 bc 50 40 a2 a4 54 38 bb 0f 00 bb 7e 4d fe 2f 12 4c 67 78 93 f8 af c7 97 e8 c4 74 21 c1 38 1e 19 b4 63 77 f8 a9 e9 7f 1b f1 bf 44 08 e7 a9 29 60 b7 29 c3 b4 d7 2c b2 de 15 42 3d 43 f7 c4 8b 9b b0 7c 39 8a 9b d6 25 b1 03 51 ac 12 4d 89 38 d3 46 97 46 64 33 90 a3 41 e2 Data Ascii: WXOL)5oCB"h\|wHae@0=,s.-h9%Ru%G2CpO90c;U@WF%mCSv-oc=@^b<d`\|b?ek[!I@jxP@T8~M/Lgxt!8cwD)`),B=C\|9%QM8FFd3A
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 00 6a e8 6b c8 13 b9 a4 b7 c0 71 18 5b 58 19 6f c3 7b 3f f3 0a af 4c 26 cc 85 e0 d7 7a 95 e7 60 1d 0e e8 5a e5 c4 c0 cd a2 16 a4 98 e3 47 05 70 d1 3d 74 fc 15 da 70 a2 91 b1 c3 e5 8d 74 ba 83 28 d8 01 75 79 3a 2a 54 cd 8e 83 83 d0 b2 27 b1 cb 7c b5 62 4f 8e 14 9d 44 f2 be 8c d1 77 04 2d a4 34 64 44 fd e2 b3 58 88 93 a4 a0 cf b5 4b 14 b9 41 6b 6c e9 c8 aa 12 e0 91 5e 48 23 ef 23 0a 51 a5 af 2c 80 fe 01 8b 13 ac 3d 91 12 da 7c 2c d4 45 95 96 75 20 35 a0 91 6d 71 81 dc 00 22 d1 44 85 9c 40 79 8d d6 ed 75 cc 86 24 ce 4e 4d 99 86 f3 4f ea 01 c4 83 28 ef e9 38 d1 05 f8 8f af fb b9 47 ed b3 67 03 6a 08 e6 5d 53 55 d8 56 ce d2 8b 21 3f cb 3e 3c 98 9d 19 0d c8 7a 2b a9 8b 2c 1d ce e5 d6 d1 55 3b 9a f6 eb e6 bf c3 91 b3 17 e8 5f ad 98 7a 4b 7f 4f 68 c7 a1 cf a7 f7 Data Ascii: jkq[Xo{?L&z`ZGp=tpt(uy:*T'\|bODw-4dDXKAkl^H##Q,=\|,Eu 5mq"D@yu$NMO(8Ggj]SUV!?><z+,U;_zKOh
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: d7 2c 35 1b 4a 7f 04 58 40 1a 83 55 1e 58 a6 ca 6e f0 7a 11 2b ca 3c eb c4 33 28 94 e9 df 1f 10 f8 01 31 c9 c4 ce 6e 9d eb b1 9e 5b 1f 89 9f 09 59 98 f2 ff 2f 8c 08 17 0a 8e 31 e8 1c d1 ca 5e 0a 98 d6 83 17 00 33 c7 13 76 8f 1a ec 8f b4 dd 86 b5 86 57 7a b4 da 09 1f c8 f6 b2 2b c3 50 59 58 26 77 c2 11 62 00 6e 4f 3f 1c 95 75 2a 05 7b b9 a1 53 82 77 6c ec 39 da 13 de db 60 20 b5 1c f2 46 51 9b 8d 17 a4 91 95 4d 2f c9 f5 f7 5d 04 e4 f6 f0 c2 ff ab a3 d0 19 57 57 20 4c 2e 3b 5a 82 92 9d d2 55 7c b1 cf 71 8c 28 02 fc 42 03 e3 2d 1f 47 6d df fa 0e 7d 39 2d 00 dd 53 89 61 f1 15 fe 99 d4 9c c1 cd ed 14 a9 df 69 1e 35 bc cb e5 c4 00 db 98 9a fc 26 92 c5 be e7 d2 85 08 c0 52 a2 5f 17 c5 34 48 d4 18 53 53 ff 8a c9 aa 98 50 c3 76 d1 0a 7e 13 af 03 73 4b 96 1b 69 6c Data Ascii: ,5JX@UXnz+<3(1n[Y/1^3vWz+PYX&wbnO?u*{Swl9` FQM/]WW L.;ZU\|q(B-Gm}9-Sai5&R_4HSSPv~sKil
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: d0 94 8a e5 75 a1 d1 5e 9d c9 74 8b 36 19 22 16 91 05 6f 78 0b 4c 87 61 d0 7f 21 d0 04 2b 7a 2b e5 98 e9 35 af b8 c4 f9 49 ee 0e 3a 8b a9 19 7f 7a 6f 27 2c 7f 9a 12 f9 2f ca 8b de 1f 5d 02 ed 38 01 4f 3b 4d 38 bc cb 57 b7 67 4f ed 40 f7 34 ec 1d ec d8 71 fa 65 54 56 c9 c8 2e 88 c3 31 76 68 f2 a5 c8 6d 58 8d 73 37 3d 0a b8 3b 7e b3 70 92 e3 4d 8d d9 8f af 4d d0 92 90 6c 8c 9c bc 8c 40 1b f5 91 56 e6 ab 20 7b af a4 01 18 1d 5b 4f 2f b7 ad b3 39 b6 72 e6 ee 92 0e 1e 94 26 bf 1a 1a fc 47 bb 39 4a fa 98 78 28 0a cc b3 ed bf c1 4a 60 49 89 9b e1 ba 7e 51 c4 40 4b 76 a9 94 be 27 ac 36 6e 35 4b c3 b9 71 6f 72 ad 64 8d 94 71 0e 35 5d 4a 69 42 2c 34 a9 df 97 db a6 0f 3b f8 49 26 1e 7c ed a0 ef 10 76 51 c5 a5 c5 ca a8 53 b6 be dc 92 60 e5 1c 17 dc 67 88 07 89 b8 a2 Data Ascii: u^t6"oxLa!+z+5I:zo',/]8O;M8WgO@4qeTV.1vhmXs7=;~pMMl@V {[O/9r&G9Jx(J`I~Q@Kv'6n5Kqordq5]JiB,4;I&\|vQS`g

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
87	192.168.2.7	49825	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	519	OUT	GET /2jOMA2O_MgQc7r2hA6koqBLZg42SeH6MWJhghpjLxsp_hHomGqsNKx9tygGitPJwp1Dv=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 33178 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:39 GMT Expires: Sat, 28 Sep 2024 23:47:39 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	859	IN	Data Raw: 52 49 46 46 92 81 00 00 57 45 42 50 56 50 38 20 86 81 00 00 70 a1 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 ab aa 75 1c 81 70 0b 89 6a 6d bd 19 fb 65 08 f5 95 fe 0c 0c 92 93 a5 e6 3d f5 37 ed ff ce fe d8 ff 82 fd b2 f9 90 e3 fe d8 3d 89 f8 2f f2 df ed bf c4 fe e4 7d fa 7f 2b b8 5f 9b ff 71 e6 4d ec 1f bd 7f ca ff 23 fe 5f f6 df e6 4f fb df fc ff e6 fd d6 ff 56 ff 27 ff 5f fc a7 ef 77 d0 2f f4 bf eb 3f f1 7f c0 ff a6 fd 9f fa 4d ff 43 f6 f3 de 7f f6 bf f9 be a2 ff a0 7f 8c ff c9 fe 5b f7 d7 e6 47 fd ef fe 3f f8 3e ed bf ba ff a2 fd a6 ff 69 f2 05 fd 1b fb 77 fe cf 6c df fb df ff fd d0 7f c1 7f d4 ff ff ee 1d fd 0b fd a7 ff 4f 68 ff fb ff b9 ff 0b bf da ff e4 fe e2 ff db f7 a6 ff ef ec 01 ff d3 db 17 f8 07 fe 9e 1a af 46 3f 32 fe 9f fd f7 e5 d7 9f 3e Data Ascii: RIFFWEBPVP8 p*(>](Eupjme=7=/}+_qM#_OV'_w/?MC[G?>iwlOhF?2>
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: a0 f8 05 9a 65 f6 7d a5 10 29 33 c9 64 24 18 52 c7 98 fc d2 f6 45 4e e8 fb 25 7c bb 2b ef d0 e0 66 d6 d1 67 de 2a 68 23 12 70 58 cb 50 02 e4 ed f2 9b 0a 26 de a5 a9 c6 da 07 31 b5 42 f7 32 50 77 a3 65 fe e0 da 16 23 42 95 c8 f2 4c d9 1e e7 17 fe ac 70 56 86 0f 95 6b c4 7a f2 10 fd c7 72 91 6e b5 11 c4 62 1a 52 9c 10 69 3b dc 32 dc 4a 2c 99 9e aa cb f7 a1 9a 53 d9 5a 56 ec 4a 0b 21 2b ed 7e 6f 30 99 72 3d ad a0 29 5e 5b b0 1b 71 4f 63 c3 c4 3c 64 64 b1 6f 20 7f 98 5c 91 3e 8f 63 9c a5 5c 26 f8 84 d8 c0 20 1d a1 62 7a c6 d3 f3 39 90 b9 4d fd dc 13 ec d3 e9 b8 fd 6d 74 33 61 3c 28 77 51 26 1e 54 5b 25 c6 51 6b 6d d4 a9 34 a3 56 ad 94 d1 80 62 37 30 56 87 c8 7e b3 f9 88 53 19 04 74 ea 80 6b 51 f2 42 e2 fe 71 38 e5 c1 28 ee fc 54 42 6a 53 1b 8b e1 77 f3 60 f0 Data Ascii: e})3d$REN%\|+fg*h#pXP&1B2Pwe#BLpVkzrnbRi;2J,SZVJ!+~o0r=)^[qOc<ddo \>c\& bz9Mmt3a<(wQ&T[%Qkm4Vb70V~StkQBq8(TBjSw`
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 63 4f 6e fc 68 ec 6e b1 2a 38 a8 06 74 e9 f7 ff 3c 60 23 37 4d ae c0 fe 14 30 45 c7 1f c4 c8 8e 9d c3 e0 2d 02 c2 d7 38 e9 80 76 32 18 f8 f0 20 f1 3f cb b1 5c 1e 4e b1 cd 02 c2 64 d5 cd df 4c f8 7b a3 de 30 2b 9e d2 51 dc 9d a8 4a 1a 25 9b ef 4f 33 27 64 d0 1f ef ac fa 2e 51 12 eb 46 64 3f 5d 1d 87 34 ba 56 39 b0 31 37 60 44 2d 54 b3 8a af 6b c0 55 95 cc 3c ab c9 64 0b 13 3b 26 29 8c 94 d8 c2 31 28 24 a3 03 d4 85 68 28 61 6e 21 5a 27 98 44 e1 f7 e3 dc 7f 84 95 b6 19 7f 67 30 0b c9 5e a3 f3 1c f4 48 25 b6 b2 66 81 97 cb e2 c5 e7 fa f6 23 d3 c9 39 ac 95 c3 c0 1e 9f 4c d0 b8 ca 61 a3 17 26 da 12 16 3f 2c 85 91 36 34 75 cd f4 fb 61 1d c4 48 88 d5 0a c8 ac d9 5e 99 3b 03 b3 af c9 93 03 13 e6 2d 3e 50 21 e6 a6 d0 ea 2b 21 64 11 88 f8 8c 9e 98 a8 66 6e 08 37 2d Data Ascii: cOnhn*8t<`#7M0E-8v2 ?\NdL{0+QJ%O3'd.QFd?]4V917`D-TkU<d;&)1($h(an!Z'Dg0^H%f#9La&?,64uaH^;->P!+!dfn7-
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 56 ca ed 3d cd 78 93 bf 6a 31 92 fc 42 84 e8 23 a8 74 0d 6c ed c0 5c f8 dd e0 ed d9 d4 00 0f 64 71 6a d2 bd 82 8c 5b 92 a4 e8 fe 1a bb 62 24 d6 04 58 7d c5 09 aa a4 69 56 f8 28 bd 0d 7d 89 ff e3 ce 12 4a 5c d4 37 f3 06 4d c1 d3 d0 85 53 3b 39 09 58 77 72 be 7d b8 35 47 fb cd dc 77 37 e8 3e b9 d3 50 bd 44 17 0f 89 da bc f7 68 a6 e0 96 15 3e 5a 65 b7 d1 ea 0e d8 48 fd c7 21 31 60 0f 21 25 39 3b 62 d8 e0 0c 83 ef 8f 8a 56 aa 88 38 35 13 5a 37 52 d9 6f 69 14 0e 15 c6 20 2d 67 ab 12 0e 6b c3 17 ff 4d 3f 1d cb 28 0b 48 df 8b 09 88 67 44 14 37 b7 ce 9f fa 00 ba 3f f9 c6 3f 36 4d 9d 23 57 98 3b a8 d8 69 27 fc cb 2e 28 49 86 4b c3 6f 72 ed 3c 19 2a 5b 4c b2 8d 7e 8a 22 48 54 c5 94 12 64 75 bf d0 57 9c b1 4d 71 1a 31 b1 77 3e aa fa 9e 5d f4 09 a7 e2 0b c7 f4 9d 10 Data Ascii: V=xj1B#tl\dqj[b$X}iV(}J\7MS;9Xwr}5Gw7>PDh>ZeH!1`!%9;bV85Z7Roi -gkM?(HgD7??6M#W;i'.(IKor<*[L~"HTduWMq1w>]
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: e1 e5 c5 47 a0 58 9d b4 df 0a 63 e3 95 c3 eb 89 58 81 34 db 26 ae c1 ba db e1 d4 e9 b0 8c f4 ca 8a aa 39 c8 91 a8 b8 5d 72 68 90 79 97 3e f4 a2 34 25 51 31 da 07 e1 10 fb 45 9a 58 45 38 08 3d d9 14 fe fd dc fb 25 30 fa 54 61 fe 22 31 c3 49 8a 77 7c 43 2a 8a ac 35 a0 94 88 9f de 3b 91 a9 d3 a9 05 f0 59 82 8f 26 19 86 bd 85 d7 cd 3d 49 25 5f 44 22 31 4b c6 3c b9 79 c0 eb 65 68 25 f0 12 c9 3e 6d 61 9b 6c cf a3 e7 4e bd 20 67 55 07 29 89 1d 51 5f 1a 28 44 5b e5 22 79 a9 cb 26 ee 44 9d 7d d0 1c 50 97 2c 7f a7 40 bd 4d f2 07 b4 89 d3 78 4b 69 df 78 ea f9 d9 cd d4 71 14 18 8d e5 86 28 38 f7 d7 85 94 94 46 d1 79 b6 d0 27 e4 42 64 53 cf b6 8a 6f 68 25 c7 1a 50 3d 48 84 0e 9a d4 29 ea bb 31 f1 bf 6f 88 d8 4e f5 f9 1c 07 59 60 35 aa 0a 7a e4 fb f2 ec f8 98 29 e1 cd Data Ascii: GXcX4&9]rhy>4%Q1EXE8=%0Ta"1Iw\|C*5;Y&=I%_D"1K<yeh%>malN gU)Q_(D["y&D}P,@MxKixq(8Fy'BdSoh%P=H)1oNY`5z)
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 36 73 0f 5e 2d 90 b9 a8 93 66 da bb d3 43 35 1b 15 8f 14 b4 82 fa b7 72 74 1a 10 07 04 95 98 b5 c7 67 9c cc 4b 2d ba 50 d2 a7 3f 3b 11 eb e0 99 3c d9 e2 c6 db a6 3d 65 97 5a 47 41 e8 14 d7 d8 d9 0d ff 1a bb e4 18 e7 9a 31 5d 1b bb 40 ab be 2b d9 5e 7e cf ca c4 40 ae 36 08 f6 b8 cc 13 a8 f8 d2 05 99 d5 3a 9c 13 8b 49 c7 23 6f 97 bf 28 f1 1f 83 de cd 44 0b c0 73 25 46 9b b6 e2 5c 22 31 5f cb 1b 7c a1 c9 41 c0 55 52 85 8c 4c a1 76 b7 31 bc cc 45 68 d9 35 ba 22 47 bb 04 9c 1c 5e a8 b1 ec e9 4b e5 76 08 08 59 83 f7 70 f6 eb b7 a1 fc 8e 20 c9 69 cd 00 56 bf 22 15 44 9f 75 7c df 29 0e 1b ed c6 9d de 80 df b8 a3 8d 44 d1 26 74 35 4b 79 82 31 29 29 59 76 a6 e5 fa 06 42 2e bd f5 ef 97 a4 07 0b 7f 3b 77 23 11 a9 c6 a8 75 3b 26 cf c6 fd f9 cd b4 86 11 58 47 d5 b7 21 Data Ascii: 6s^-fC5rtgK-P?;<=eZGA1]@+^~@6:I#o(Ds%F\"1_\|AURLv1Eh5"G^KvYp iV"Du\|)D&t5Ky1))YvB.;w#u;&XG!
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 7b 21 39 1c e5 95 7c ed eb 22 f7 76 58 0f ec 3b f5 2e 16 45 4b f7 7a cf 35 5b d8 62 69 39 21 a1 ab a3 7b 79 83 01 48 11 5e be c7 6e 8f 99 6a 57 4d e5 5e 2d 76 7b c2 db 61 53 89 41 9d 02 58 88 70 e7 d6 23 07 36 e9 2a 89 b5 e0 35 47 0b f3 a2 c0 98 f4 13 f6 36 13 ae 63 45 2f 0f 79 3b cc 65 fa 8c f7 fa 8f d5 dc c7 ce 25 c4 65 6a b5 fb 05 97 c8 13 39 b0 34 96 fc 01 c8 9a 85 10 1b 51 3c 9a 41 10 d6 46 ff c5 67 4d a5 be 9a c1 dd f3 50 3f b0 71 cc 11 6e 65 56 5f 85 ca 76 18 5f cc d1 c4 54 33 93 cd 44 fa f9 37 e9 35 bf ec e0 1f 54 bf 15 be 0e 6d 1f 5a f1 64 ca e7 39 79 1e cd 94 e1 dd ca 13 a4 d5 38 9b 71 54 bb 38 a8 dc ab 5b 40 d3 44 b1 db d8 27 25 fa 72 69 47 3f 40 39 5d d9 17 37 83 e8 94 2b 56 f4 eb 6b 9d a3 d1 85 e5 09 b6 94 7b c7 b8 09 2c 56 0b 9c 5c 78 52 6d Data Ascii: {!9\|"vX;.EKz5[bi9!{yH^njWM^-v{aSAXp#6*5G6cE/y;e%ej94Q<AFgMP?qneV_v_T3D75TmZd9y8qT8[@D'%riG?@9]7+Vk{,V\xRm
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 26 54 39 e0 b1 ee 66 58 23 52 a4 ea 16 ab 09 73 e1 18 34 dc a5 98 58 53 27 f7 2c d9 a1 56 aa c0 10 11 5e 57 23 62 a3 39 d9 a9 3f 4b d8 e9 54 bf b0 65 7b c4 14 dc 1d a1 e1 5f 41 b1 74 24 c1 ac 04 e9 ed 36 4a 83 ad a9 4b 2a 01 17 71 a5 9c cb 7d 61 5f 33 de 20 f1 86 db 30 ef b8 65 90 cb fe f1 37 c7 30 ad e1 83 e7 2c 8a f2 91 73 8f dc c7 db 0e fe 3f c0 59 2f 8d 5f 02 0e 80 72 0f 1a e6 d7 91 78 ed 4c 82 96 7f 3b 6f 7c eb d1 38 db 4e 4d 91 63 82 b0 e0 2a 7a f7 6a 73 e0 1a 3b b9 ba b9 ac 8d 78 b1 5d ee 91 18 4c fc 01 de 82 98 5a 24 8a 93 1b 20 73 34 6e 69 e9 ac 3a 1a d8 b1 ba 37 3c 69 bb 45 d0 b5 07 8e f7 2f 39 f1 f0 ed a6 f5 91 40 90 1e c8 26 2d fc 8b aa d0 51 b4 91 20 2e 6c b6 52 6d f1 90 c0 07 41 e2 49 3d 3f c3 8b a4 b0 0b 80 12 0f 5d e0 df b1 a7 42 d5 e5 58 Data Ascii: &T9fX#Rs4XS',V^W#b9?KTe{_At$6JKq}a_3 0e70,s?Y/_rxL;o\|8NMczjs;x]LZ$ s4ni:7<iE/9@&-Q .lRmAI=?]BX
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: ef c0 e6 fa c7 9a 2f f4 d2 8e 18 3c 0e 75 d1 0b 32 72 3b 63 c8 1f 7c 78 23 98 3a db 84 14 af d0 4a f5 89 e9 83 01 2f 1c e9 f3 87 fd 29 d5 cb a4 4a 50 5c 83 15 95 de 6a fb 7f 77 86 5d ee 68 43 b2 80 14 65 d5 5b d2 ac a3 5a 9a a3 b5 2e a3 35 60 9c b5 67 94 c6 30 69 ad ed 70 66 44 d5 ac 21 2f 61 77 39 8e fd 9b bc 9d 18 1a 32 6c dc 6b 22 8c ff b6 7b b4 88 57 d7 b3 41 08 29 95 9e c1 8f 93 59 a9 58 e4 e8 62 ce 83 7d 8d 28 3b 66 2e b7 70 e1 91 e3 d7 28 aa 68 e6 67 c6 2d 13 49 83 e8 3a 68 d3 5d e0 82 b6 9a 47 bc 78 24 75 c1 44 a7 ac 0d 64 a3 d7 20 e7 00 06 bc 90 c6 88 cb f3 a2 1d 55 0d 31 c7 f9 5c 6d f0 2c 13 69 c5 7a 90 84 a6 52 a8 72 fd db 4a 35 70 1c 2e ee ea 21 16 0c 02 de 14 d2 c0 cd a0 ba 1f 66 05 13 f6 51 fa ee 08 5d 50 d2 4b bf a3 89 ab b4 99 f7 90 c4 1a Data Ascii: /<u2r;c\|x#:J/)JP\jw]hCe[Z.5`g0ipfD!/aw92lk"{WA)YXb}(;f.p(hg-I:h]Gx$uDd U1\m,izRrJ5p.!fQ]PK
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 35 50 61 21 32 76 dd d8 99 34 a5 e5 95 48 41 49 d4 8e af fe 7f 37 22 55 7a 41 40 73 87 ad b6 33 59 3b 0a 8e 53 23 c6 f8 ee f1 cd 95 7a a8 0a b6 59 da 69 76 04 65 be 08 f3 6c 99 99 0e a1 8f 33 3e 99 c6 4a ec 85 32 e5 75 98 13 1c 0a 04 c0 05 19 fc 67 74 10 04 f1 4e 26 68 da ff b7 40 57 15 fd 84 3c 61 8e 4b dc 5e 91 75 09 d1 cf 53 a1 42 af 3c 3a 9e af 35 98 72 22 44 70 02 0e e9 cd ce f6 01 20 50 aa 58 49 26 12 cc 45 59 96 33 5e 8e 54 9e cf c6 bd 02 a8 92 f6 bb b5 1d 3c ae fb c1 45 44 d9 6d 3d b7 0a 0d 96 92 1f 91 9e 0f 76 96 66 dc 2f 8a 2b 5a 05 5e 52 43 fc e4 be b7 78 92 69 31 4d a8 57 9c 45 6b a2 f1 92 4f fb 2b 81 e2 53 da ce 97 31 20 4c 8a b1 2b 05 86 b2 a9 dc af 92 9c 01 1e dc 4c 1c a1 0c b4 81 14 03 b0 b4 5d 41 34 44 10 f9 40 ec 2f 1a cb 0b ba ec 6f 98 Data Ascii: 5Pa!2v4HAI7"UzA@s3Y;S#zYivel3>J2ugtN&h@W<aK^uSB<:5r"Dp PXI&EY3^T<EDm=vf/+Z^RCxi1MWEkO+S1 L+L]A4D@/o

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
88	192.168.2.7	49828	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	519	OUT	GET /Fx0NDO3ZlqxtwW9QpsiSOTNGpFrX3tQXnmrDfIbwKPWPl0uUUJUDvlkZiQg-_AXl4d8_=w240-h480-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:39 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 67568 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:39 GMT Expires: Sat, 28 Sep 2024 23:47:39 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:39 UTC	859	IN	Data Raw: 52 49 46 46 e8 07 01 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 ef 00 00 ef 00 00 56 50 38 4c 9f 07 01 00 2f ef c0 3b 10 09 87 8d 24 85 8d f6 0f 0e ec 7b fa 2f d8 24 35 44 f4 7f 02 f2 6f 37 d0 40 92 f0 4d 12 7d d3 dd 88 6b 24 81 f4 26 91 a4 74 23 7f fa 1c a2 00 8c 37 91 94 06 db 20 ce 01 f2 90 d1 9d aa a4 fb 31 32 f6 39 2d a9 3b fb e9 da dd 55 39 46 97 00 48 dd aa 51 5d 95 ec 4a 6c 9b 3a 74 07 40 d2 aa ea ec ea aa 7e 2f df d7 08 c0 cf 18 5c ab d7 c7 b0 df d7 f0 cc 09 c5 f0 ad 3e c3 df f7 81 31 a7 24 7e 56 f9 6f 78 a6 a4 f3 18 03 cf 90 6e 60 db 20 b1 f7 e6 7d c1 0c 49 b6 f9 da 6e 29 64 86 7a 43 a9 f5 13 ec 81 6c f3 95 8d ae 91 14 d6 1a 7b 63 db 9b ef 91 54 3f 96 bd d6 da 35 f0 95 a9 4f a1 3a cf f9 c4 35 e7 9c 7c 96 be 5d a4 f6 b6 81 9c 9a 55 c2 db Data Ascii: RIFFWEBPVP8XVP8L/;${/$5Do7@M}k$&t#7 129-;U9FHQ]Jl:t@~/\>1$~Voxn` }In)dzCl{cT?5O:5\|]U
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: ce db 7a 6e c0 80 d4 b9 19 6d d1 14 2b e0 71 b4 79 83 c8 46 2b 0d d6 7e a5 1e f6 f2 7a 99 8a 65 af 11 5a 78 ab c9 a0 5a 75 ac 8e 95 a6 da 60 9a dc 0a 1e bb 26 35 33 b0 61 51 6c 06 61 bd 87 b4 ef 7e 2a cb 54 ec f2 dc c2 14 9a 7b d5 e0 ba da e0 a1 37 c7 dc 06 6e 33 02 70 97 43 2a 67 a4 e2 3b 00 c0 ff cd a6 38 c9 6e 47 23 fb 87 fd dc 92 0b ca 86 e9 2c d1 b8 31 4a b3 31 a5 d9 bc 19 61 bf 80 5f d9 0c 00 d0 cd a6 d1 0b 39 fc 71 f1 60 4d cf 73 79 b1 b5 bb b3 b4 63 b5 73 7f 6c 1b 00 50 5b e6 fd 5e 77 67 43 33 ee 59 ec 0d f2 59 f1 96 c5 da 0f 7c 49 9b 24 d7 a7 c3 b9 f2 b6 25 eb e1 7e 2d 5f 0d 55 7d 77 f1 f9 76 f5 c8 fd e4 1e 00 40 b3 a8 6d 99 e2 b8 18 9a 01 a0 32 f9 1f 4d 0a 6f e4 c5 a3 c1 8f db 45 36 c5 49 e4 d3 5a 4d df 8e eb af ea 78 57 4c bb fa 2a 8a a7 2a aa Data Ascii: znm+qyF+~zeZxZu`&53aQla~T{7n3pCg;8nG#,1J1a_9q`MsycslP[^wgC3YY\|I$%~-_U}wv@m2MoE6IZMxWL**
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 9c 18 9f c0 ab 1e b1 4e 1d fc c6 dd 9d 71 b7 7a 32 d6 6b 55 e1 81 93 89 13 f8 8d 53 85 bb 74 e0 2e e3 d2 8b 6a 7c ec 48 17 5e 07 0f 9c 4a 9c c4 f7 3c a3 1a 1f 9f 49 dc 2d 1f 8c bb 26 32 52 8d 27 5e 1b a7 02 77 a8 c0 dd c6 67 8e e0 50 bd 98 7a 30 ee 9a 38 89 07 72 2c 70 0a 7b c0 81 d6 b6 65 73 e3 58 f7 fd 3c ef fb 7d df ff ff f5 17 48 2a 91 2d 5b e6 76 73 77 d2 0e 77 72 c2 c3 73 98 99 99 99 99 99 f9 9c 81 c0 4c 18 86 67 c2 4c ee c4 4d 76 2c 5b b6 85 ae 2a 15 fc f0 c1 fb 3e b7 06 6c db 96 cd 6d a3 fb 7e 9e f7 83 1f 67 e6 1f 10 cb 02 63 38 4e 1b 28 24 a5 4d ca cc 74 1c cc 0c cb cc 5b e6 e5 dd 32 73 17 53 c6 8d 93 4d 1c b0 5d c7 4e 64 c9 92 05 23 18 0d fc f0 c1 fb dc 21 8b b6 95 3a 70 8e 43 c6 92 47 11 0d 92 57 57 bf b5 e8 ff af 5a b7 ec 8c b9 d6 bb f7 3e 7c Data Ascii: Nqz2kUSt.j\|H^J<I-&2R'^wgPz08r,p{esX<}H-[vswwrsLgLMv,[>lm~gc8N($Mt[2sSM]Nd#!:pCGWWZ>\|
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 9f 87 3c 8d 53 8d 18 6d 65 7c e5 ba a9 6b 29 85 96 a0 62 b8 16 60 e5 73 f8 99 d5 7d 6b 84 ad 19 69 6d da f6 d7 4a a5 42 05 54 26 95 42 b2 fa 22 43 27 26 2f 94 05 b8 09 40 42 81 48 dc 63 c5 f8 c0 85 9e ac 46 58 ef 8f 21 30 09 58 d2 a6 d0 27 33 d6 47 a7 2e b7 af 77 75 eb 63 4b 5e 5b 3c ad 0d a5 00 47 3f 2a 4f 13 94 b2 50 4d 83 e8 4a 1a eb 5a 4a 9b f6 02 47 75 2c d7 b6 d9 f3 36 17 fa d9 ac d8 87 88 18 d0 d1 f8 e9 7a 4d 1c ce c7 94 db 86 5d f3 c9 3c 2b 63 ed ad 15 2a c0 4a b1 54 36 19 90 d0 75 02 3a 33 9c b4 3c ac 79 38 38 08 00 40 a4 08 6c da 44 a1 ed 43 b7 43 bf 79 ba 34 c2 06 12 33 95 90 59 ea 1b 37 4e 5a 1f 3f 15 b5 b6 7b b3 b3 0f e1 6c c2 75 c4 b9 d2 f3 b8 4f 02 57 bc 51 8c 44 90 b6 73 91 f2 4a a0 b4 84 8e d3 38 da 75 e8 85 13 7d e7 0d 67 6b 1e 9a 40 56 Data Ascii: <Sme\|k)b`s}kimJBT&B"C'&/@BHcFX!0X'3G.wucK^[<G?OPMJZJGu,6zM]<+cJT6u:3<y88@lDCCy43Y7NZ?{luOWQDsJ8u}gk@V
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: c2 89 78 44 ca 91 f8 06 95 07 71 bd 6d 2e c2 76 7c 50 58 dc f7 9e cc de 6c 7b c4 3b 5f df f0 aa cb d1 c1 38 fd 25 5d 3d f4 ac 67 25 ce ca 34 90 d3 b8 e0 d1 57 0e e1 33 96 5d 97 89 f5 46 de ea 64 b1 ae 54 62 a8 31 31 58 3c 1e 45 3b 99 f1 d4 b6 ba aa f1 5d fb 4c c7 9b 4f 34 7c ff 43 4d 2f 3d b0 0e eb 8e 5f c1 15 48 84 a0 0e 4b 78 ad af 9f 59 99 17 df c2 ec fb 6f ef d3 bb 1c 1e c2 19 22 ce a6 e8 41 b1 2b d6 08 28 8a 03 61 6b 84 c6 50 5b 31 1b b1 4c b4 ad 8f 29 11 ad 97 6a 7e ba 95 84 2b 88 f8 3d a2 a1 ee 91 da 05 8c 91 23 03 37 cb 7c 8e 1f 41 7d bf 53 eb b9 a5 6f 84 2c 04 15 52 9c 2b 1a 8b 91 bd 06 17 a5 cc 3d 69 b5 e7 fb 46 ae 7b 05 ce 86 52 c5 6c 01 a2 69 4e 6b a6 7f 2f 73 56 5e 04 ba 3e 2a c4 76 24 e0 14 a9 23 70 62 b4 27 6e 4e bc ce f5 15 61 0d 9c 18 23 Data Ascii: xDqm.v\|PXl{;_8%]=g%4W3]FdTb11X<E;]LO4\|CM/=_HKxYo"A+(akP[1L)j~+=#7\|A}So,R+=iF{RliNk/sV^>*v$#pb'nNa#
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: a2 bf 33 97 cc 32 3a 8c ee 19 2b 7b 54 8d aa 98 30 62 ab 9b 8e d6 2d e4 25 67 23 05 34 da 9e 14 e3 a3 79 84 96 02 e3 af 06 91 3b ff 3d ca 08 f7 16 35 92 2e 24 20 60 5a 97 27 cd 96 5c ac 69 a1 d5 bc 52 7e 9b e0 05 3d 71 9e e2 18 39 f5 7b 28 07 68 ce b3 3f d4 99 a7 be 0c 73 57 9a 21 81 35 db 2e f2 61 47 29 d4 39 8a 81 d8 9c 6c 46 c4 7b a0 6d 5d 30 a1 5e 1b 1d a8 04 eb cd b8 c7 d1 db ad b7 d9 bb 86 c4 6e 5c 2e 90 3f 12 11 0d 53 2b d4 93 25 b0 b8 86 a0 35 78 a3 15 8a f4 53 2f c5 ca 71 dd 52 93 6e d7 e2 60 70 51 9d 2e ed 81 87 d1 1b d6 fe 81 8a 68 e3 01 ed 89 05 59 25 8c 80 63 40 51 ac b1 bf bc da f7 f7 f2 8d ab 7c 33 11 ff 50 e3 d4 9d eb af b0 ca 08 3f 21 0b b7 06 9f 1e d6 23 7b 6e 62 ac 31 1c 2c 1b 34 7e 83 1b 3f 8c 6d 06 eb d7 e2 a3 b3 7d b7 6b 56 eb b6 18 Data Ascii: 32:+{T0b-%g#4y;=5.$ `Z'\iR~=q9{(h?sW!5.aG)9lF{m]0^n\.?S+%5xS/qRn`pQ.hY%c@Q\|3P?!#{nb1,4~?m}kV
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: 51 70 e8 ca 8a 99 41 7c de 42 c9 38 c0 b6 cb 71 eb ce f6 fb 37 d2 d7 dd 99 f8 37 b5 fa 80 55 84 73 f1 fb 4f ef 5f ee c9 18 08 1e 61 e2 60 6c 22 6c f0 34 d5 72 1d c7 0b 2e 86 88 30 c2 c1 94 d0 30 a1 3b 14 9b a2 89 d4 dc ef a5 93 f4 2b 76 99 f2 cb 04 b7 cb 03 61 e6 14 68 f8 e2 c3 78 98 08 b0 6a af c9 03 bc fa fb e0 a7 f7 a3 bb 17 42 9f 3a c6 f6 8c 06 08 ec 01 90 36 c1 0c ed 30 ab da 0d b2 37 a0 1b ba d6 88 ae 28 82 04 04 31 6e 4a ac 6e 32 c5 8b d6 f2 d7 a5 88 a6 1f 28 0e 1c 0f e9 75 63 f6 ab 16 5e 68 6c 7a 3a 66 1f 0f b2 78 9b 14 c1 61 bf 1a 22 73 12 65 42 b5 a3 53 c3 18 63 aa b3 f9 92 bb 06 ae 7e 8e f7 b1 6c 16 db 72 47 c0 1f 41 73 c9 fd 06 0b db 68 69 fc 65 07 eb 08 e2 ee 59 ed a1 e7 6d df bc 72 3e 49 c1 54 e3 0c a4 00 a2 04 54 97 7d ff 07 e8 6b 75 a4 56 Data Ascii: QpA\|B8q77UsO_a`l"l4r.00;+vahxjB:607(1nJn2(uc^hlz:fxa"seBSc~lrGAshieYmr>ITT}kuV
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: b7 14 ae d4 f2 4d 95 9b df fc e6 1e 38 d2 8e 98 3a 16 39 7a 6e 39 aa 3e 95 4c 37 36 a7 33 42 aa 92 31 9d 14 09 9b 57 8a da 4e 22 56 cf 5c 6e 0e 69 c2 03 3f 6a 05 8d 83 e5 b6 7c de ac 80 8c 76 f7 4c 71 d8 41 c9 54 23 27 09 2c 31 27 50 70 cb 0d ae a0 3a 3f 0f 3b aa d7 2d 0e 64 24 83 31 82 51 4c 60 61 22 0c 26 42 05 d8 88 e7 41 e8 5a e3 3c bc 97 3b e9 c7 87 f7 52 55 81 e2 a2 60 1a b1 92 5a 21 a1 80 5c b7 00 60 52 62 58 0b 1f 83 14 d0 11 d1 41 d9 b9 f7 0a b3 1d d6 47 27 0a e1 18 9f c8 02 3c f8 58 5b ca 3c 32 16 9d fa fe 8e fd 22 27 11 53 c9 02 14 46 c9 23 57 27 fd 59 ff 2d a4 0f 4a cb ac 68 6c 81 06 b1 90 22 5a 78 42 b3 bc 95 63 13 43 8c 62 83 13 70 6e cc da 02 8d db 14 00 05 66 4c 51 57 ac 38 19 87 67 b5 59 57 9b 71 3f 93 95 06 d8 78 4c 4a 01 5e 21 f7 4d 5b Data Ascii: M8:9zn9>L763B1WN"V\ni?j\|vLqAT#',1'Pp:?;-d$1QL`a"&BAZ<;RU`Z!\`RbXAG'<X[<2"'SF#W'Y-Jhl"ZxBcCbpnfLQW8gYWq?xLJ^!M[
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: fd f6 3d 83 87 67 86 4d cf 6e 5d df 3b da 6f ca 36 18 dd 56 b5 64 99 a0 50 b9 04 05 93 08 f4 34 5e 73 c0 a4 4e 1a 9c 56 dc 08 b0 c0 c0 49 35 6e 84 a2 58 2c 13 5d a9 6b e3 48 94 ea 2a 89 44 18 a4 34 e6 19 0a fa 31 13 86 14 de 81 e5 86 cd 70 50 85 1b c1 89 f8 7c 21 35 72 e1 a3 e3 81 47 8b d1 f8 46 5a b3 ad ef 0e 8d 5d 42 23 2a 1c f1 85 61 c3 12 30 12 52 40 0d 8a 02 69 63 a5 78 6d 05 d0 88 08 56 0f bb 7d 37 13 4f ad f0 10 be 5b b9 1a 12 05 af 2c 42 a4 e3 37 86 02 3c 32 9d b0 ee 63 d2 8e 8f 8b 45 af 10 9d b8 93 35 a8 7c 04 6d e0 54 14 87 fa c8 3a fe 0c fb bc 8b fe bf 8b 05 55 c1 09 40 44 50 3b 4a 64 0c 50 51 2f 57 c5 29 28 06 48 1b a8 e7 fa 6d 07 85 43 ee e1 2d 15 f1 30 89 36 a9 f6 57 8c b7 ae 9f 37 bb f9 38 3f 0d 33 7b dd d7 96 01 1b 5b 77 be 78 fa d6 17 ff Data Ascii: =gMn];o6VdP4^sNVI5nX,]kHD41pP\|!5rGFZ]B#a0R@icxmV}7O[,B7<2cE5\|mT:U@DP;JdPQ/W)(HmC-06W78?3{[wx
2024-09-27 23:47:39 UTC	1390	IN	Data Raw: a3 f0 21 ca 43 1b a1 bc 6b 2e 27 e6 8a 54 7a 42 8f 62 88 94 a0 18 c4 a1 03 13 bf 3f 0e e7 a3 b1 4d 11 bd f4 98 7e 09 e0 9a 47 a5 57 fe 45 52 5a 03 07 e2 87 1e 28 10 46 88 c4 5a 21 08 91 e4 e4 14 56 10 d6 59 16 b3 4d 18 13 10 fd b8 c8 8a 2c 4d 84 a6 4c d3 57 52 d6 40 2e 90 26 16 0a b9 a1 32 ae 85 42 e0 9b 15 5b fe 7f 48 7a af a5 8b b8 40 76 10 7d 1d 63 7f 59 31 36 74 ca 46 5e 80 31 51 5a aa 81 00 bc 90 bb 32 31 bc 8a a8 a2 93 a0 80 42 62 02 dd ea 1f fc 6b ae be 67 25 a0 c3 90 46 28 81 69 c4 e2 5a 9c 8a f5 c0 3c d2 a3 23 f2 26 20 ac 8c 65 11 a2 35 43 8c 60 ba 88 0f 3f f4 88 fc aa 55 f3 27 45 27 18 0c 92 22 09 81 c7 a9 96 fa 5f be b8 55 fe e3 91 fd df bc a3 ba 99 0c bc eb 77 cf b3 cb 9c e0 2e f9 52 0f 7b 55 60 02 37 9b c7 89 c7 e6 35 75 e1 72 7d f5 7d 5c 7e Data Ascii: !Ck.'TzBb?M~GWERZ(FZ!VYM,MLWR@.&2B[Hz@v}cY16tF^1QZ21Bbkg%F(iZ<#& e5C`?U'E'"_Uw.R{U`75ur}}\~

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
89	192.168.2.7	49830	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	1089	OUT	GET /iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	532	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 200 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:03:10 GMT Expires: Sat, 28 Sep 2024 23:03:10 GMT Cache-Control: public, max-age=86400, no-transform Age: 2669 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	200	IN	Data Raw: 52 49 46 46 c0 00 00 00 57 45 42 50 56 50 38 4c b4 00 00 00 2f 13 c0 04 10 35 38 6c db 46 92 b6 d1 8f fb f6 5f c3 2e 32 87 ab 20 8e 70 5b 5b 9b a2 4c b4 6e 78 0d ee 10 0f a5 cc c4 ab 21 56 82 13 bb b4 b3 52 05 12 41 aa df 04 f4 1f ea ef f4 07 12 88 78 08 07 d3 0e 3e 62 02 7a 5b 0f 0c 6a 7b da 05 de 0a 25 7e d2 7b c5 c6 7e 2b 4e e4 73 55 79 ec 47 dc a8 07 b8 ac c6 44 8a ab ea 95 78 83 70 6f 4e a4 cc 05 2c 60 dd 83 bb 0b 18 3e b6 a9 9e 10 6f 10 ee cd 5a cf 2a 97 bd 08 1b 75 05 97 cd 2c 7d f3 13 c1 5e b1 b1 57 ac f5 9e 76 81 f7 5a a8 75 9b 80 5e c7 60 64 67 60 6a 16 7c a4 c5 10 71 8f a3 e9 9f 03 Data Ascii: RIFFWEBPVP8L/58lF_.2 p[[Lnx!VRAx>bz[j{%~{~+NsUyGDxpoN,`>oZ*u,}^WvZu^`dg`j\|q

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
90	192.168.2.7	49829	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	1088	OUT	GET /12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	532	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 244 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 22:59:08 GMT Expires: Sat, 28 Sep 2024 22:59:08 GMT Cache-Control: public, max-age=86400, no-transform Age: 2911 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	244	IN	Data Raw: 52 49 46 46 ec 00 00 00 57 45 42 50 56 50 38 4c e0 00 00 00 2f 13 c0 04 10 95 40 8a 24 c9 91 34 50 c7 6b 00 2c ff b7 56 00 72 f7 64 ce 2b 02 8a 00 80 06 ab 37 db b6 bd 9d c0 8a 6e bb c5 9a 5d ad c6 b6 fd 66 55 1f c0 b6 6d 73 02 f2 0a 87 2f 62 40 5f 78 04 57 fc f9 3f 29 71 91 52 6d b0 24 ac 36 ab 70 01 51 2d e6 a4 a5 8e ec cc 60 8d 94 61 01 19 de 5f 42 5f cd 53 42 ad d7 64 58 ee 32 ec 05 c4 cd cf 89 35 e0 df 39 37 6e 36 a2 eb d6 cd 3b 4e fc 9b 1a 5d 92 dd 7b 92 8d e4 b3 be f7 7e 0e 50 f3 4e 5b ae 05 ac cc 6a 24 89 21 01 bb 7f 9f ff 24 d4 bb a3 60 57 fe 28 71 b2 e7 a4 72 b1 37 84 47 17 d7 e8 fa c7 88 6c 4d 0f ef c8 b9 c3 13 ab bb d6 17 90 e8 b4 ad 62 2c f4 b4 f7 91 24 09 a3 ba 61 53 82 c1 d0 33 6a f8 db 88 41 39 94 05 3c 39 Data Ascii: RIFFWEBPVP8L/@$4Pk,Vrd+7n]fUms/b@_xW?)qRm$6pQ-`a_B_SBdX2597n6;N]{~PN[j$!$`W(qr7GlMb,$aS3jA9<9

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
91	192.168.2.7	49831	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	1088	OUT	GET /W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 200 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:45:12 GMT Expires: Sat, 28 Sep 2024 23:45:12 GMT Cache-Control: public, max-age=86400, no-transform Age: 147 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	200	IN	Data Raw: 52 49 46 46 c0 00 00 00 57 45 42 50 56 50 38 4c b4 00 00 00 2f 13 c0 04 10 cf 40 90 6d d3 b3 de 9f 61 1a 04 92 36 9e 07 7d ff 14 17 08 24 e1 ee 2f b0 e2 48 92 12 5c f2 4f 8c 2c dc 5e 87 43 7c 7d 6c 58 18 7c 6c 1c 14 3c 38 44 6c 34 3c 1c 5c 2c a7 63 8d 88 87 88 21 04 48 1d c0 30 92 a4 44 8b be f2 ae 9b 7f a4 38 19 44 f4 5f 81 db 36 8a 8f 19 9e c1 34 bc 2f 8b 61 91 80 5c 0a 76 88 be 17 d8 f3 a4 f8 c9 5f c8 ac 1b 1d 7d e8 70 e7 7c 18 82 01 5f c6 35 c2 ae ce ad 16 e3 95 98 90 0d 53 4c 61 73 49 d8 a0 52 cc 84 94 8e 3c 4f 44 67 1d c0 51 66 00 d3 90 d5 75 d7 2d ab fb 97 96 ff e3 39 a7 d9 7c b2 36 10 Data Ascii: RIFFWEBPVP8L/@ma6}$/H\O,^C\|}lX\|l<8Dl4<\,c!H0D8D_64/a\v_}p\|_5SLasIR<ODgQfu-9\|6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
92	192.168.2.7	49833	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	1088	OUT	GET /ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	532	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 164 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:03:10 GMT Expires: Sat, 28 Sep 2024 23:03:10 GMT Cache-Control: public, max-age=86400, no-transform Age: 2669 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	164	IN	Data Raw: 52 49 46 46 9c 00 00 00 57 45 42 50 56 50 38 4c 8f 00 00 00 2f 13 c0 04 10 0e 06 8d 24 29 12 db fe 4d 1c 3d 0a 58 de 7e 15 8d 51 6d db 4a a6 df 90 b9 0e c9 40 12 5a 10 c0 1d ca b8 05 a0 87 7b 8c a7 b6 6d 1b 46 69 53 cf 17 f2 b6 60 90 12 56 da 09 6c 26 5a 2a 16 20 22 b2 95 c9 56 98 e3 28 b5 05 4e 97 1b 13 f0 84 a0 63 82 d4 65 4c 70 84 1c 40 c9 d0 2b 08 01 24 8d fa 3b 14 33 ad 8f f0 86 c0 d0 44 14 26 61 3b 7c fc 88 c8 48 99 da 52 7c 3b 94 a7 33 db e1 23 58 44 84 04 55 52 e1 ef 3e 56 00 00 Data Ascii: RIFFWEBPVP8L/$)M=X~QmJ@Z{mFiS`Vl&Z* "V(NceLp@+$;3D&a;\|HR\|;3#XDUR>V

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
93	192.168.2.7	49832	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:39 UTC	1072	OUT	GET /a/ACg8ocIPB8pm4h1EOZRGem3PoDcn21eL8kG9xLS87mgUSKpvN87oxA=s32-rw-mo HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 170 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:26 GMT Expires: Sat, 28 Sep 2024 20:07:26 GMT Cache-Control: public, max-age=86400, no-transform Age: 13213 ETag: "v0" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	170	IN	Data Raw: 52 49 46 46 a2 00 00 00 57 45 42 50 56 50 38 20 96 00 00 00 30 04 00 9d 01 2a 20 00 20 00 3e 6d 28 91 45 a4 22 21 9b fa ac 00 40 06 c4 a0 00 0b be b3 6d a7 9f ca 72 b7 44 09 af be 30 2c 00 fe 9c 58 ae b3 1d 9f 8d f3 ac 66 72 03 ff ff 99 a3 ff 49 bf ec 37 6b 9f fa f5 a5 b9 b1 78 a1 fc 37 3f 3e 9b 5d d5 d7 d7 fa 9f e2 af 3f 51 a0 68 58 bd f9 cb 98 97 b1 6a 5c 6e 37 5d 8e b7 cd 6b e3 e5 d7 ba e5 6b e5 bc a6 80 ee b5 78 d7 05 63 ea c5 9f f4 a8 7f 97 f6 1f c0 8f ac ff f7 ae a4 82 2e 09 cb 3b e3 41 6d c4 00 00 Data Ascii: RIFFWEBPVP8 0* >m(E"!@mrD0,XfrI7kx7?>]?QhXj\n7]kkxc.;Am

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
94	192.168.2.7	49834	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	1072	OUT	GET /a/ACg8ocJeUEY0r1lY88LZXQ4hyNO_-eGwKnex-CZfiNYD0aLUxQI0Uw=s32-rw-mo HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 236 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:26 GMT Expires: Sat, 28 Sep 2024 20:07:26 GMT Cache-Control: public, max-age=86400, no-transform Age: 13214 ETag: "v0" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	236	IN	Data Raw: 52 49 46 46 e4 00 00 00 57 45 42 50 56 50 38 20 d8 00 00 00 d0 05 00 9d 01 2a 20 00 20 00 3e 6d 2a 91 45 a4 22 a1 98 04 00 40 06 c4 b3 00 58 8d 81 3d d1 26 01 d2 5e 44 40 2f f5 9d db e4 c6 61 3b 5c 90 c3 85 fd 6f 7e 51 7b 00 00 fe 9c 5f e1 50 de 2c 59 55 1b 62 5f 3d 45 3a 0e a2 72 8a da 5a 6c c0 ea ff b8 07 c9 af 23 bf 64 a1 ff fd 8c df f4 66 ff a3 37 ef 7c bb 52 4e 5e fa 5b ed 0f 5f 8a 7c 0d 2d 57 e1 84 5a d8 ae ae dc 7a ef 4c ce 37 90 88 11 83 b1 0b ea a2 7a 6f 44 79 c0 82 1f 9f f9 ff ae 7d 7f 48 0f e1 b5 75 d2 38 e5 40 56 fa f5 b3 e5 f1 9e 42 e4 ea f9 81 94 2b 79 49 49 b2 7e c7 63 25 5b 42 7e 7f e5 4f f3 89 d9 a6 2d 7e d5 fc 36 cc 8d 9c 2c 28 e7 71 29 bd 25 97 97 4b c8 ba 34 48 92 b5 be b4 00 00 Data Ascii: RIFFWEBPVP8 * >m*E"@X=&^D@/a;\o~Q{_P,YUb_=E:rZl#df7\|RN^[_\|-WZzL7zoDy}Hu8@VB+yII~c%[B~O-~6,(q)%K4H

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
95	192.168.2.7	49837	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	513	OUT	GET /xFT8o4tZjHkrDeLOh3fJsAQ5y0ZD7JJz6tWa_bOU-kU9H_D_iKILb4XAvMfhmSYWXV0F=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 1906 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:40 GMT Expires: Sat, 28 Sep 2024 23:47:40 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	860	IN	Data Raw: 52 49 46 46 6a 07 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 20 22 07 00 00 30 20 00 9d 01 2a 40 00 40 00 3e 69 28 8e 46 a4 22 a1 21 3b fc 88 00 80 0d 09 6c 00 9d 39 41 7e 01 c5 b5 01 39 4f e3 d7 e5 1f c9 15 4d fb 37 8e 6e 86 39 9b cb 33 9c 79 c7 79 80 7e 9d fe a3 75 aa f3 01 fb 47 eb 1b fd 57 d4 a7 d2 07 c8 07 f3 bf f5 5e 91 de c0 1e 80 1e 5a ff ba 5f 07 1f d9 7f e0 7e d6 fb 46 7f f4 bc b6 fc 07 82 be 3c 3d 89 26 33 87 fa d0 8d f6 4d 6c 2b c0 d5 94 f8 97 d2 35 34 4f 1b 9f 55 7f e3 f7 05 fd 61 f4 cc f6 11 e8 97 fb 2c 55 19 9a f7 29 cf 37 78 94 c6 bc 39 e0 6d 89 aa e4 32 e4 f0 e4 01 cc 07 68 81 d1 00 4a 28 82 48 6f 07 3d e7 26 4f bd 94 21 a7 e1 90 b1 5a f4 06 51 9b 28 68 ed b7 2c 80 90 f3 95 e9 dd 7c 89 c2 1e dd 5b 11 Data Ascii: RIFFjWEBPVP8X??VP8 "0 *@@>i(F"!;l9A~9OM7n93yy~uGW^Z_~F<=&3Ml+54OUa,U)7x9m2hJ(Ho=&O!ZQ(h,\|[
2024-09-27 23:47:40 UTC	1046	IN	Data Raw: ca 00 49 05 7a 3c 82 4a eb 16 f7 80 88 dd be fe 9d a2 2c 8e 59 55 4f 94 7e 97 b8 64 70 bf bf d5 08 ae 68 3f cc f0 ce 3e d0 a6 a3 4e 3d e9 01 d6 58 69 2e cf ea d7 85 ba 7c a7 6c 1b 41 ac a5 0f a3 25 09 c9 eb 8e 33 5c c8 95 ea f3 52 56 dc 75 80 b0 2b 0d 85 f7 fc 35 ec fe 5f dc 0f a9 ea e4 07 19 7e b9 fe 1c 68 a3 13 2f 51 5c 10 ec 2d 75 79 54 87 f6 02 ee fa ce d8 33 c1 de 87 74 31 af 7d b7 96 fd 5f 86 03 1f ee d2 c9 d7 0c e4 2d 95 9f 8b 58 a8 8a 74 a8 a2 79 74 cc bc 5a e5 09 bd 5b b5 b7 78 fd a6 25 99 79 55 3c ef 51 7e 1b 6b f5 c4 fd b4 72 73 9a 61 61 b7 b1 53 19 b3 aa 4d 9a 35 0b f3 95 cf 4f f1 f8 f7 19 93 5f 8e 5f 45 f0 44 0a e9 5f 7a 2d f5 97 ef db e7 75 66 06 9f 7e 20 c6 3a d4 13 8d 7a b1 d9 bd 69 66 4e 95 9e 30 20 3c 28 b2 ed 5a b7 f5 30 ef 32 be c9 cf Data Ascii: Iz<J,YUO~dph?>N=Xi.\|lA%3\RVu+5_~h/Q\-uyT3t1}_-XtytZ[x%yU<Q~krsaaSM5O__ED_z-uf~ :zifN0 <(Z02

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
96	192.168.2.7	49838	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	512	OUT	GET /-NOBBNOtTJ2HI7t9Sy-lx2z9qXaGUI1vCxvB_F737ygDv16b4UY7UqRic0KUwBRy9CA=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 7952 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:40 GMT Expires: Sat, 28 Sep 2024 23:47:40 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	860	IN	Data Raw: 52 49 46 46 08 1f 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c bf 1e 00 00 2f 3f c0 0f 10 09 06 6d 1b 49 5a 4f a5 fd 97 3f e1 3b 0e 11 fd cf 77 34 47 9d d6 a8 aa de bb 4f ef bd 63 ad 44 4f d6 43 92 3a 3f 04 0b c6 91 64 2b 19 dc e1 db d1 05 f2 0f 8d 33 45 20 ae 23 d9 56 a2 c6 09 81 2f 8a fc 03 73 5d b7 5b 5b 0c 1a 49 52 54 c7 f0 68 80 3c bc 7f 6b 9f fe 07 00 62 94 ac 44 da c8 c3 fe 36 12 05 9a ec 55 ab f7 8c f4 b4 6d 8e 91 e3 de 23 b6 2b b5 cb bd bd 97 00 d9 ab de 1e ff 33 7e 45 62 7a 02 08 9b ff 9e 31 72 4c 87 31 4d 5c 00 f5 e9 79 8a bd b8 1a e3 fb f7 eb 95 c4 49 d4 84 5f 04 71 6f e2 59 cd dc 78 16 31 36 f1 8c ab fe 99 c0 f9 72 be 1e 8f f3 ff 2f 76 1b db da e7 d7 bd 40 2c 99 05 31 5b 0a 33 33 33 33 f3 30 33 87 99 99 Data Ascii: RIFFWEBPVP8X??VP8L/?mIZO?;w4GOcDOC:?d+3E #V/s][[IRTh<kbD6Um#+3~Ebz1rL1M\yI_qoYx16r/v@,1[333303
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 2e b9 71 bb 05 3f 00 34 01 be 02 ba 30 53 80 99 01 1f 58 13 d0 ac d9 1b a3 68 84 32 28 3a d4 ef f2 c6 f2 03 98 47 e8 8a db ec 1f a4 da c8 8a 7c 4c 8a 0d 7c ce 8d e0 dc cf 49 cc e7 dc a8 b9 20 c6 21 b3 b5 cb ca 8d 2f 55 a7 48 66 98 51 19 33 dd 76 36 7f 6e 84 35 2e 7c ed af 8a 76 72 f9 ff cb e3 33 93 b2 92 95 20 a3 5d ce da cd 56 2e 25 1d e7 64 b1 cd e5 fe ea d3 4e f8 e7 45 3e c0 80 57 31 0d e0 42 ec ae 88 5c 2f f5 a0 ce 41 c5 8b 2d 5a de 29 40 a9 4d 97 64 a9 14 a8 86 fc e5 80 cf 06 04 60 32 d4 d8 c8 e1 81 d7 9f 2f 5d 94 1d 01 89 f9 cd df 54 f4 ec 98 b1 72 a7 3a f7 42 6d f4 f7 be 30 a3 1b 5c a0 bf 71 d0 e8 17 e4 6e 2c 5a f1 d2 a7 e0 3d be 79 6a b9 b7 27 bb 7e 3d 8a c7 03 f9 4b 01 4b e4 c0 bf 68 dd 77 1a 01 73 dd 57 e4 b2 27 bf 46 96 e3 82 7f 1a f0 03 40 2b Data Ascii: .q?40SXh2(:G\|L\|I !/UHfQ3v6n5.\|vr3 ]V.%dNE>W1B\/A-Z)@Md`2/]Tr:Bm0\qn,Z=yj'~=KKhwsW'F@+
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 61 ce 38 fd 9f 56 3b f0 12 e1 76 aa 74 7b 4b a0 2e 7c a3 72 b2 a3 ba 99 0b a5 b9 6a 45 21 70 9b 5a 97 b3 ab 3f 89 c4 45 a3 71 d5 ec 3f ac 7d f7 0f ba ad 79 96 04 51 92 10 3d 66 03 53 5e b4 1e 1f ee 30 a8 cc 3f 5d 62 2a 20 03 03 31 4d 02 4a 2a a8 dc d2 2e 7a f7 0d 5f 6c 40 9b 0c cc 06 86 ce e0 2d 17 fe 53 49 3b a7 90 15 bf 35 18 f1 9d 72 94 45 c7 95 49 f4 df c4 27 98 82 bc 0b 97 3d d6 0d f8 db 64 c4 ff 27 ad ae 47 c6 65 9d be 7f 25 29 2b 00 20 a9 13 45 a8 97 89 da d1 b7 6c b8 ab f9 23 dd f7 ee 54 50 2f 11 05 a4 45 d3 0d 17 c3 02 48 04 ce 34 97 1f b5 8e 9d dc 97 a3 37 df b0 ac 47 1b 2d 65 03 eb 77 49 07 13 c7 40 e6 98 39 60 52 d2 ba 41 13 c9 ee a3 47 1f 16 86 99 d9 40 be e2 27 e9 33 bd d3 25 5b ef f3 9e 07 bf 08 7c c0 97 b0 7e fa 5d 67 bf f0 07 29 73 95 bb Data Ascii: a8V;vt{K.\|rjE!pZ?Eq?}yQ=fS^0?]b* 1MJ*.z_l@-SI;5rEI'=d'Ge%)+ El#TP/EH47G-ewI@9`RAG@'3%[\|~]g)s
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 47 44 72 2b c8 aa d3 e6 ff d7 6a 2b ee bb 86 21 eb de 02 ca bd 72 5a a9 b2 9a 53 dd a1 fa 11 ff 2f 6c 89 52 26 94 95 a0 4c 81 e7 63 08 72 5e 52 93 44 37 69 cf 4d 20 32 a7 2b d1 b4 82 6e 22 68 9d 6c 95 6e 3c e4 d2 f6 d0 b9 cd d2 11 1b 79 b9 2c 30 1c d7 6a b0 a0 dd c0 a4 79 4f 45 c7 a7 ec a1 81 3b f9 d1 5b 06 1d 5e 00 93 a5 75 d5 f9 c5 3e 01 17 01 c6 24 d9 c5 b7 9c 96 0f c8 e6 b6 72 5b d6 97 5e 5e 89 49 7e c3 71 4d e3 d8 22 1a d3 0f c6 cd 2d 3b f4 c9 73 5b df 65 22 96 88 c8 a0 ec b1 28 b3 26 11 4f 93 f6 b4 ab 11 70 93 3a a9 5f 7c 4e 13 4e e5 92 9a d6 d0 6e 0a 12 65 a8 72 fd 61 97 be 27 39 2d ca 73 92 5d ed d1 63 6e af f4 32 bb 0c b4 27 ca c1 91 39 21 c9 52 b6 d8 18 42 a5 1e 14 24 c6 05 30 80 34 8c 64 57 98 42 57 95 fc 18 09 b4 fb f7 e3 6c 6e cc c8 e5 4c 2a Data Ascii: GDr+j+!rZS/lR&Lcr^RD7iM 2+n"hln<y,0jyOE;[^u>$r[^^I~qM"-;s[e"(&Op:_\|NNnera'9-s]cn2'9!RB$04dWBWlnL*
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 05 85 17 27 72 87 cb 78 ea e8 6e 6e 99 c0 85 97 1f 10 95 63 36 4d a2 24 8f 79 eb 64 db b5 1e 81 cc 90 d9 a8 0c 95 a0 3a c8 4e 9e a5 56 d0 04 2a 50 8b 10 72 61 66 32 a7 b5 fb fc c8 3b 1f e7 c5 f4 09 8f dd 4a 61 cd 4e b0 6f 1f 3b bb 29 7e ab 6c 7b fe a2 7b a7 91 51 1f a1 e2 ba 85 aa 23 16 5c b8 e5 9d 87 1a 36 98 d1 12 30 f7 aa 38 e5 ca 38 ac 10 c0 d0 bf 08 0e 71 6c 5c d6 fe 03 08 00 0b 60 20 b3 36 15 bb 13 d5 3a d9 8a 6c a1 5a 7c d8 99 41 25 83 36 f8 0f 74 40 82 4e 24 08 a7 59 33 13 c4 c8 3b 1e 93 64 ed 25 3c ad 09 b0 05 3a 80 dc 72 91 69 81 40 aa f3 8e c5 36 2f ca 1f 2c 8b 13 26 64 a6 bc 99 18 78 ec 88 a8 20 1c 1f 9f 21 8a de 2d a5 9c a7 47 c1 ef b6 29 2b 96 8b 01 47 86 5b b8 11 88 10 8c 16 95 ad a0 75 68 e5 c7 3f 76 1a a8 59 46 29 90 02 3a 90 44 73 22 a1 Data Ascii: 'rxnnc6M$yd:NV*Praf2;JaNo;)~l{{Q#\6088ql\` 6:lZ\|A%6t@N$Y3;d%<:ri@6/,&dx !-G)+G[uh?vYF):Ds"
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: a6 7b 15 6b 0d b8 06 64 26 eb e0 32 8f 61 b3 9d cf 73 f5 d2 c3 56 5a a8 4d 5f 6a 34 d5 73 ff 7f 18 71 ec 07 10 eb e2 e3 73 90 e6 ce b4 2c af 3f 71 d1 e8 87 dc b5 3b 27 99 91 e0 b1 5d 33 ff da 0f 39 77 fe 7b ad b5 04 be 61 77 17 3f 34 9d 5b 6e 01 8d 45 55 eb 9d f7 ff 90 a8 37 c2 8e 80 77 20 14 5b 23 ec 8d fa 6e d1 03 85 5f 98 bd 10 81 ac 3b 6b 1d 40 6f 87 c2 45 5c 66 2e 23 65 a8 2c 7a 26 6e b7 61 ab f3 e9 25 70 7f 44 e2 06 02 1e c9 7d 14 93 3d 06 eb 31 60 db 07 5b 57 2d 6d 22 b3 ba 39 6d 77 e2 94 63 f7 89 82 d6 f5 2e 18 f2 ea 99 30 8d 41 b3 c2 1c e7 ef 93 e3 03 43 ae fc 4a d3 e7 5b da b5 f2 ea 7d 2c 1a 13 43 6a a0 30 7d 66 bd 30 ad 0f e6 d6 3d 50 1a d6 45 21 1a 04 3a 54 1d 08 a3 ab 96 61 62 02 1e 5e f4 aa 8b 0e 19 b2 3d 02 b5 62 eb 85 bc 53 5f 40 f4 e6 53 Data Ascii: {kd&2asVZM_j4sqs,?q;']39w{aw?4[nEU7w [#n_;k@oE\f.#e,z&na%pD}=1`[W-m"9mwc.0ACJ[},Cj0}f0=PE!:Tab^=bS_@S
2024-09-27 23:47:40 UTC	142	IN	Data Raw: ba c4 2e 02 22 62 8a 4c 49 80 4f cc 19 cf 5d 98 00 7c 3a 89 61 10 83 09 75 87 e8 0a d1 44 a8 1e 10 9a 80 d6 24 87 88 28 75 a8 9b a1 e6 36 6a b6 c9 76 0e 39 d2 a2 b7 58 10 d5 52 41 54 0b 05 78 55 00 56 00 2a 00 2f 40 14 9a 58 eb b8 07 c8 10 65 c0 7f 82 ef 3f 0f f1 12 f0 08 70 03 70 97 f9 1b 31 62 00 45 58 49 46 22 00 00 00 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 50 69 63 61 73 61 00 00 Data Ascii: ."bLIO]\|:auD$(u6jv9XRATxUV/@Xe?pp1bEXIF"II1Picasa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
97	192.168.2.7	49839	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	511	OUT	GET /mvFrMMdovquq71B-ta-JVKBdw4Zbs2RmPxe8EVFyGiXAtHAm_p0x3940NqDmFGk6vg=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8458 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:40 GMT Expires: Sat, 28 Sep 2024 23:47:40 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	860	IN	Data Raw: 52 49 46 46 02 21 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c b9 20 00 00 2f 3f c0 0f 10 4d 38 6a 1b 49 90 d6 d5 f7 cb f0 47 7c 20 22 fa 1f 2a 78 9f bf 3b 4b 96 b1 bd 54 db 23 b5 3d a7 fa 91 ba 05 a3 48 92 14 55 ec fb 44 ac 7f 41 f7 62 66 66 6a 1d 6c 23 49 72 d2 af 50 36 71 50 e4 1f d1 5b 28 4b 53 0c 24 49 32 34 ab bb fb ff 0b eb 6c db fd 8f 49 9f 20 11 57 88 50 c0 45 84 4c 49 f7 e1 c5 1b 21 42 74 12 80 fa d2 09 1d c0 64 ba 0a 6f e1 01 90 11 64 b3 13 76 e6 b9 8b 61 89 2b 09 90 45 b1 76 46 a6 2d 7e 62 3e 00 15 ff 26 93 34 9f dc 0c e9 23 9b 8e dc a8 b9 ad 28 f9 39 e4 f3 49 ff dd df e3 bd b6 7b db 44 b7 70 04 50 92 c9 2f c2 35 6d db 22 39 72 de 2f 33 2b 0b ba aa 49 d8 2d 66 a6 01 8d d6 a3 95 86 99 99 99 99 99 99 99 99 Data Ascii: RIFF!WEBPVP8X??VP8L /?M8jIG\| "*x;KT#=HUDAbffjl#IrP6qP[(KS$I24lI WPELI!Btdodva+EvF-~b>&4#(9I{DpP/5m"9r/3+I-f
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: ce 59 90 f3 57 b2 9d 2c 08 fd e1 bd 0d 04 e0 0a 80 cc 54 7b e3 7b 65 02 14 74 c3 98 c5 94 0c 70 64 9b 03 de ff 1a fb 52 e3 ec 35 78 c3 0f 65 f8 67 4d cb 9d 2e 73 c5 11 54 33 a1 1a 98 72 ac 32 f8 d7 c2 7c b0 cc 16 2e 00 b4 0a 7d 1e a7 a0 a3 39 ab 22 51 81 26 62 d8 03 05 94 1b 66 12 4d f3 39 b4 02 76 dc 64 ad eb eb fa 91 43 7a ee da 4b ee 64 c4 80 89 00 54 be 0c 71 6f 7c 2f 41 c0 1b 23 6e 7c 1e 22 af 46 9d a2 46 4f a1 b6 4f a7 89 77 11 e2 fc af 0b 59 6b 1b a1 55 9f d1 6c e3 0c 62 e7 14 4d 1c 15 1c 5d 55 4f af cd 3a 7d 2d b7 fe 65 8a 6f 37 59 e6 83 08 e2 08 88 09 03 d1 44 23 51 21 83 24 25 c3 c4 87 92 c4 90 09 0a ac 30 d5 06 7a aa f5 53 fb 37 7d 1b 33 7f e3 db fb 26 7d df bb c0 ba 34 94 22 02 90 fc 14 e4 c0 1d 80 e8 b4 20 79 8a 9e 03 16 8e fc cd 1b 1c f7 bd Data Ascii: YW,T{{etpdR5xegM.sT3r2\|.}9"Q&bfM9vdCzKdTqo\|/A#n\|"FFOOwYkUlbM]UO:}-eo7YD#Q!$%0zS7}3&}4" y
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: da 0e 17 ba dc 73 6d b1 68 56 5a 67 9f c6 51 cd 01 51 4c b8 23 3d 2c 9f 59 73 56 46 64 59 b1 71 00 41 c0 04 20 43 40 01 d0 8a a0 26 03 de f6 ac 8b 65 eb 4f 1e 53 58 92 65 69 c1 83 25 8e 39 43 3c 32 fb 05 43 0f ff d9 a7 d9 d2 c3 18 0c 81 23 48 54 94 22 ad 59 91 89 79 d1 31 09 1e 81 e0 a1 86 ff 9e 23 02 bf fc 33 06 c7 41 90 2c 34 dc 02 f3 99 e5 8c 06 99 98 a7 aa d3 c0 ba 00 35 20 29 51 c0 83 09 46 c4 ad 7d 94 35 3a e4 6c bb 96 0f 3e 41 4a b1 97 07 26 28 49 06 49 a5 09 11 d2 00 24 1b 3a 79 c5 a2 2b 17 90 3f ac 01 08 10 34 4d 97 7c 96 5f 40 a8 80 8b fe d1 75 d2 ef 5d bd b3 0f 59 f2 a3 0b bc c9 46 11 74 a1 de fd 37 5f 60 49 87 08 36 02 24 80 16 43 60 c8 ec 3d eb 1e 0f a8 11 04 02 c3 21 61 28 48 dd 8e f0 84 8b 8c 51 e8 f8 8c dc 6f 6f c4 26 89 cc 24 46 f3 10 b3 Data Ascii: smhVZgQQL#=,YsVFdYqA C@&eOSXei%9C<2C#HT"Yy1#3A,45 )QF}5:l>AJ&(II$:y+?4M\|_@u]YFt7_`I6$C`=!a(HQoo&$F
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: a3 6d 5d 2c 83 c5 e3 35 85 1b 7e ab ee ca 9f 0b 78 99 6f 6e 29 22 59 35 90 15 94 60 a0 99 51 35 a1 c2 85 ba 2e 55 c9 67 e9 8a 89 70 f5 38 8d 2d c9 5e 11 be 35 6a 9a 96 40 4d 03 a5 a4 26 92 fa d8 5a 5e 50 e9 8c 5a 23 95 7f 04 48 88 49 4c a8 b0 32 d0 95 ac 9c 28 40 d3 08 02 47 79 33 46 a8 24 90 25 07 9c 8a 96 8c a0 69 da 7d c0 89 f3 bf 7d 44 ff 51 18 33 26 cb 25 37 54 3b 2b b5 5a e4 18 e4 07 1d 30 1f ac 28 48 d6 48 95 93 4a 0a 95 26 ff 24 5d dc 82 b1 63 b0 49 96 2c 0b a8 97 12 ef cd 5b cf 36 12 00 49 18 f7 6a 0c a4 a1 86 3c 88 20 9b f9 c1 48 08 41 38 16 c8 70 eb 5a ab b3 4a 42 09 a5 c0 d6 3d 36 bb a5 68 c4 d0 aa e4 08 af 5b 15 1a 2d 0a 2a 32 86 6c 4e e5 1c 86 89 10 b2 57 34 9e 0d 0b 0d 88 0c 17 03 48 10 43 02 fd 77 d4 93 ff 4c 21 d4 31 91 02 bc 13 34 60 2f Data Ascii: m],5~xon)"Y5`Q5.Ugp8-^5j@M&Z^PZ#HIL2(@Gy3F$%i}}DQ3&%7T;+Z0(HHJ&$]cI,[6Ij< HA8pZJB=6h[-*2lNW4HCwL!14`/
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: d1 1b e8 a6 a1 91 63 96 7e d2 a3 57 fc 0b 34 c5 34 4d 13 2a 80 0e 2c de 69 35 2f 4c 3d 0f d9 d3 44 03 52 0c 11 03 df 96 a0 20 15 12 28 33 4a a1 1e 6c 42 b2 b8 0b 9b 8b 2e 5b b8 0c 41 a4 93 6c b6 52 e8 9a 87 d4 30 97 9a 01 64 92 52 0c 55 7d 70 59 a2 0c 9f 6a 86 41 54 42 ae 2f b4 29 37 f0 a6 c6 39 b8 e4 4e 11 0b 13 42 93 a4 0a df f2 2d 4f 7e f2 b7 28 83 86 7e 01 94 97 ac 59 ff 43 5b 55 fb 59 ab f1 81 bd 58 0b 88 83 59 09 fc 7a de 34 46 2d b9 92 44 17 d4 3e bf 1f 58 f2 46 68 7f 7f a9 e1 71 f7 c7 b2 48 4c e4 47 1f cf 54 b2 62 a0 04 8b 86 0b b6 fe 83 80 52 40 92 29 15 14 3a 18 67 cd 10 4d 0e 9f de 82 56 7f 01 61 06 70 db 5b d7 81 8d 46 91 c9 0a 29 13 59 aa 80 02 e0 49 3e 84 ca 5e 41 c7 52 6a 76 2d ba 46 2e 5f b1 ed 83 b7 b1 c0 bd 37 32 a1 1c b1 49 01 40 14 f4 Data Ascii: c~W44M*,i5/L=DR (3JlB.[AlR0dRU}pYjATB/)79NB-O~(~YC[UYXYz4F-D>XFhqHLGTbR@):gMVap[F)YI>^ARjv-F._72I@
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 54 48 31 e6 eb bd b5 9e c9 f3 1a 7d fb a7 81 1e b1 c6 e3 b7 f3 4d cd 58 65 28 5b 9b e6 90 75 6e ca bf 32 5b 0c ce 18 1c 29 a8 9e 64 49 c0 02 a7 25 9b 88 18 87 07 dd d9 84 54 74 a4 4e 95 b2 f2 21 41 c3 eb 23 4c d8 56 0a 9f ef b8 42 b2 ae 5d 22 aa 70 80 67 f1 10 2b 25 e8 13 5b 24 f5 7d 98 4c 5a 22 ae 3c ac 4e 25 2d 33 60 60 c9 82 63 e7 0b 4b 61 d3 2f 88 33 26 12 82 4a b0 03 4a 98 38 73 a7 84 32 49 1c 38 a8 66 20 42 42 8c 19 42 24 04 1e a5 41 4b 65 f2 0c 77 fe d3 4b 67 ae 58 62 1b 6c 6c f7 40 f3 b1 ac 85 bd f2 b1 ba 17 b7 c4 7e 63 11 f8 b8 0a ca 60 75 49 4c 48 55 23 78 63 95 09 88 20 42 53 e2 5c 89 ba b9 a7 a4 69 3a e6 57 97 d7 a5 d8 b2 d2 63 76 66 fb be 7c 1e 0f 42 5e 4d be eb 68 dc 53 8b 8a 8b 0a 59 20 23 62 67 b5 95 bd a3 a4 c7 96 1d 36 df 71 5b af f3 4a Data Ascii: TH1}MXe([un2[)dI%TtN!A#LVB]"pg+%[$}LZ"<N%-3``cKa/3&JJ8s2I8f BBB$AKewKgXbll@~c`uILHU#xc BS\i:Wcvf\|B^MhSY #bg6q[J
2024-09-27 23:47:40 UTC	648	IN	Data Raw: 56 49 fe fb 8f e0 12 21 21 56 71 9a e4 f3 ec b8 69 be a6 7a 1f d8 ed f6 03 37 16 80 ac 28 bb ac d8 18 e8 68 46 00 62 a2 f1 b5 b9 b1 11 d5 a5 3b b2 80 74 4e 89 23 09 96 a0 5a 13 88 6b 45 95 88 14 30 e0 b5 90 9d c0 9d a7 a8 b6 98 14 2f b3 3f 4d 21 cc 2c e5 c4 9c 31 7a 07 36 57 ab 15 42 3a b2 b0 37 a1 d9 35 77 ee 40 e1 32 cd d6 9e d3 91 a5 99 dd 9b 54 54 6e c1 50 2c 4a 4e 54 b8 f0 d5 33 5a be 66 06 34 81 44 98 1a 5c 9e d9 31 2d 04 3c 83 ab 3e ba 4b 6b d4 e6 c1 82 ad 9b 9b 35 8c 8e 63 14 c2 f0 df ff 4d 20 7e ba 12 43 e9 9e 6c 5e 08 88 03 e9 09 6b 29 fb 86 5d 63 59 cb 84 e3 15 f8 80 2c 04 59 29 3d 24 01 e4 22 80 07 59 e8 c7 29 48 fb 52 a2 43 11 06 29 90 e7 e5 2e cc f8 66 36 68 41 c9 5c fc a7 db ac b1 7a dd 4e 73 93 26 f5 30 1f 3b 80 d3 0e 1f 4e c6 07 6e c2 47 Data Ascii: VI!!Vqiz7(hFb;tN#ZkE0/?M!,1z6WB:75w@2TTnP,JNT3Zf4D\1-<>Kk5cM ~Cl^k)]cY,Y)=$"Y)HRC).f6hA\zNs&0;NnG

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
98	192.168.2.7	49840	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	519	OUT	GET /5cp90J10ZQlw83zdlFAZSfBbjkN5XAsTpaRIbiRPfY5AnOgeU8fBI-_Ce_ekXlfVTJ55=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:41 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 28380 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:40 GMT Expires: Sat, 28 Sep 2024 23:47:40 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:41 UTC	859	IN	Data Raw: 52 49 46 46 d4 6e 00 00 57 45 42 50 56 50 38 20 c8 6e 00 00 f0 89 01 9d 01 2a 0e 02 28 01 3e 59 26 8f 45 a3 a2 21 94 6a 3e 5c 38 05 84 b4 36 8a e7 dd 28 fa 5d 33 fe e4 57 59 dc 73 1a b2 1a b6 fe f7 82 18 0e 67 99 68 5a 33 22 7c 45 ff 13 a5 36 3d f5 df f0 bf cb 7e d8 7e 62 7c ca f1 bf 6c 1e dc fb df eb 8f cc df c0 3f e6 f7 01 f2 9f f1 fc cf fd 8b f8 ff f9 df e3 3f 2b be 63 7f be ff bf fe cf dd 8f f5 ef f2 df ee 7f 3e be 82 3f a8 ff 6e ff 99 fe 0f fc a7 ec bf d2 8f fb 7f b7 de f7 ff b9 ff c9 fc bb f8 1b fd 17 fc 6f fe 7f f4 9f f2 bf ff fc ca ff c3 fd af f7 83 fd ef fd c7 ed 2f f9 ef 90 2f ea 3f df ff f5 7a f4 7b 29 ff 83 ff 9f ff ff dc 2b f9 ef fa 8f fe 5e d2 3f f8 3f 75 3f ed fc b4 7f 6f ff 95 fb 79 ff 33 de 8b ff cf fb 7f 70 0f ff fe db 1f c0 3f ff eb 2e Data Ascii: RIFFnWEBPVP8 n*(>Y&E!j>\86(]3WYsghZ3"\|E6=~~b\|l??+c>?no//?z{)+^??u?oy3p?.
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 7d 3f 9e ac 8b a0 fa 62 56 f4 be 3f 2a 9a 73 aa 2d 1d f2 68 07 03 01 c6 f6 56 71 6f 8c 88 22 70 28 55 46 c5 38 1b 63 1f ab 34 bd 0a 08 93 26 1a 54 41 45 e9 9b 65 16 c9 06 20 c2 cd 8d 0f 33 49 cf 77 ec d8 f1 4c b4 0f 19 ae fc 0d 45 95 0d 43 fa 79 75 48 97 4c c9 d3 77 87 38 76 75 2e f7 9d 7b 0e 67 81 c4 3b 9e c7 44 fa 42 a7 2a 43 71 5a 8c 89 e8 7f ff 20 42 38 5e c7 ff e2 0c 71 89 3c 06 84 de 90 8d 4b 33 2e 96 19 fc 5c d0 3c 4a d7 28 c7 23 de ae 81 51 0b f3 c7 dd 23 4a ce 89 16 88 5b 73 40 69 1e f4 1e fe 60 01 a7 8d 04 00 86 3b 10 cb 43 8f 2a 0a c9 2a af 69 57 63 6f e2 61 70 77 e1 17 85 1e df 98 ee 44 43 f0 19 dc d4 c3 dd f3 64 0b f6 ac 02 32 85 b1 9a 44 9d 25 97 d4 83 da 22 19 e7 e3 f5 03 64 32 b8 cc 98 75 f3 c8 26 c2 18 62 e5 eb ce d3 14 a3 62 78 84 d3 80 Data Ascii: }?bV?s-hVqo"p(UF8c4&TAEe 3IwLECyuHLw8vu.{g;DBCqZ B8^q<K3.\<J(#Q#J[s@i`;C**iWcoapwDCd2D%"d2u&bbx
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 57 a0 d6 4e 0a f6 15 8a 28 8d 8b e6 3b 36 22 3d fe ac 44 a9 d4 60 51 bd 53 8f 2c d9 bc 6e c6 fe 08 be e0 af 0c c5 df 31 f3 d4 cf ff 5f 90 98 51 54 7d 59 9f cc 3e 99 91 f0 02 15 4a a6 86 38 27 d4 ff cc 95 09 c8 d0 27 82 a9 10 0f 9c c0 76 f0 59 fb 96 67 d4 b6 20 6f e4 fc 6f 95 e7 9a 76 bc 29 36 30 3e 01 28 9f b6 68 70 8f ec b8 f4 0d e7 b1 db 99 eb d1 f8 f2 84 63 fe 4c ad 64 49 ee 24 7e cb e8 b0 8a 4e 0b 36 56 71 f7 f7 1e 28 ef 5d 0d c0 db 23 ba 26 07 95 f5 7f 4a a3 d0 ca 37 74 ca ed 6d 0f 12 2c 5c c8 1c cb 42 1e b0 de 9d e2 bb 34 29 07 40 c1 56 c6 14 cf a5 c4 2d ff 03 cb d8 d1 d2 d3 47 85 e0 79 78 ff 40 dd 13 d3 b0 d5 72 fa a4 79 a7 8f 3c 20 cf 74 10 29 27 40 15 63 65 36 77 5b ac 8b 08 70 97 f1 e5 a4 c3 ec ce 34 28 42 d8 62 dc 8e 6f c5 bc 75 5a 16 92 a9 f2 Data Ascii: WN(;6"=D`QS,n1_QT}Y>J8''vYg oov)60>(hpcLdI$~N6Vq(]#&J7tm,\B4)@V-Gyx@ry< t)'@ce6w[p4(BbouZ
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: fc 46 a6 87 8e 78 62 7b 5c d9 df fb 74 1b 9a cd a1 4c 98 20 7a 7e 4f 38 dc 8a 4c 81 57 e4 1f 11 f0 93 61 c0 5d 32 30 3d 9b 6e 22 2a 17 6e 03 14 a4 7f a8 c9 63 a9 2b 14 b1 f2 a2 19 1e a5 1d 41 8a 4c 72 73 95 3f 0c 39 37 58 0a b0 11 22 3a 71 fd 4e 2a 54 c9 9f 6c a0 ad 8e 71 d1 29 77 c2 bc 21 aa 89 4a 56 4e 27 2d 7a 86 54 b7 63 45 1c d7 34 31 ac ab 00 d7 bd c0 f2 25 f2 bc ea 1e 8d 07 ff dd 66 46 3b 0b e6 e0 5f ad d2 ad 7b bd 42 41 b0 f7 70 b9 4b 73 6a bc 7e a3 cb e4 f5 f7 5b 59 f7 be bc a3 c4 6f b3 0b 45 69 96 d4 73 0b da a3 50 d5 59 e1 06 8b 29 cf 48 1d a1 0c 05 27 f6 0e 21 44 bd 6a 25 2f 6c 9a 20 8d 5e 02 a1 cf 39 4c 81 f9 8f a3 d1 e4 4c dc de 89 b0 d8 04 37 af 09 7a 73 5b fd d5 a8 16 b7 cb 67 a7 bb 85 8a 91 b2 6b 65 52 89 0b 53 0c f2 0f 0e af 3a 85 e1 e0 Data Ascii: Fxb{\tL z~O8LWa]20=n"nc+ALrs?97X":qNTlq)w!JVN'-zTcE41%fF;_{BApKsj~[YoEisPY)H'!Dj%/l ^9LL7zs[gkeRS:
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 9a 27 34 03 7b c5 bd 5a 34 ab 63 13 78 66 b0 df 64 69 ee db 8a ed c4 2c 1a 15 db e7 7d a9 94 54 28 cc 72 c4 23 67 68 06 34 47 aa 18 5b a3 5f 9a d3 d8 5f d7 b6 2e 2a 62 3c 58 d1 64 4f 81 7a 65 1c 80 bf 79 38 8a 16 97 2b 27 36 f0 d1 b2 6c c5 e9 3a 9f a1 23 4f f2 a2 5c f5 59 9a 62 0b 15 d5 1d 11 77 a5 01 ff 15 78 59 6a 3e c9 08 39 ac 8a c5 ab 88 f6 f3 27 37 c8 70 89 be fa 82 e5 96 35 d9 73 a3 6a 14 e3 bc 7e 27 05 ac f0 7b 95 c1 8c 27 c6 d7 d0 90 14 0d f8 69 cf 4c d4 7f c4 4f 3c d1 b7 e5 f3 75 e1 13 87 7f b9 ee 61 ea 75 7b 5e 4c f7 68 75 75 82 db a3 77 b7 e5 ac 13 72 2d c4 a4 8a 0b a1 a0 24 92 4f cc 56 80 57 58 8d f1 99 c4 e1 43 4f d0 f9 5b 91 30 f7 6e 5c 41 df 8a 2a 87 c2 b2 96 81 0c b7 68 55 30 c9 69 88 c5 cf 7d 5d 76 11 bb c1 99 f9 22 96 68 e5 4e 71 1f b5 Data Ascii: '4{Z4cxfdi,}T(r#gh4G[__.b<XdOzey8+'6l:#O\YbwxYj>9'7p5sj~'{'iLO<uau{^Lhuuwr-$OVWXCO[0n\AhU0i}]v"hNq
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: ed ee 5b 23 8d 47 54 5e fd a4 b5 f6 66 0d 0a 8b 25 2c 09 5a 5b d2 99 b6 4b 3c 30 0f 67 aa a7 80 60 7e d9 49 d2 5b a6 cc 42 84 54 0a d3 85 9a 15 95 cc f9 a2 a8 64 8d 62 cd 50 09 8d b2 70 a9 5e 03 3a 53 ab fa 81 52 a7 ca af 1b 41 8d 81 c3 51 4f 35 a0 97 e0 c8 79 4b 53 6d c9 7e 82 93 62 a4 28 64 12 70 c4 06 ab dc a6 58 0d f2 00 38 12 25 00 2e 4e 64 48 ae e3 d8 18 15 05 69 c2 3c 30 f4 04 e0 7a 9b f6 37 2a 94 8d 7e 51 4e 28 3e e1 08 43 19 9a 3e 52 17 44 e9 47 c3 8c ca ce 2b 3c 81 15 f3 49 2a 72 ec cd e9 41 6f b1 f2 d6 8f 2e 58 60 14 c0 b2 d2 1f 07 20 d0 70 78 7b 98 1d 83 00 e9 aa 3d f5 1f e2 33 78 d1 f2 23 d1 ec c5 8b 59 f9 3f e8 73 12 40 d2 7e a8 df a1 48 59 42 41 32 0c 12 f1 84 63 87 19 42 e5 a4 74 6a 29 1e e9 8f 2f d1 3e 3d b7 54 78 65 ea 81 dc ca b9 72 df Data Ascii: [#GT^f%,Z[K<0g`~I[BTdbPp^:SRAQO5yKSm~b(dpX8%.NdHi<0z7~QN(>C>RDG+<IrAo.X` px{=3x#Y?s@~HYBA2cBtj)/>=Txer
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: a2 ed b0 91 97 2a a6 a7 48 f1 fc 3c 7b 87 61 36 58 8c 14 6d dd 34 7a cc d7 d9 93 77 88 02 3f 5b 26 6f b7 0a 39 c2 de bf c6 2b a7 27 00 6e d0 0a 62 11 7e 05 ac 9d 0a 79 75 01 54 49 5a c8 00 2a 96 2f 4f a8 d7 25 87 b5 98 a1 cc 3a 81 76 e9 aa 2f 68 79 24 62 e4 0f eb 75 67 9e 44 f1 57 4b 74 61 61 87 cc 54 3e f7 97 f7 c6 3c d9 76 53 97 5b b2 76 b3 17 67 5f 71 d3 2a 8c 71 f0 6f f2 c7 cd 09 a6 f8 a3 8b e6 32 e2 cb 8f 6e 13 da 8e 85 8a 64 4b d6 f8 20 a7 11 17 62 c2 f2 18 4c e6 9d 40 8b 99 10 cb c2 a2 a9 4b 7b 22 3f 68 d4 48 58 ea 7c 38 9f 95 11 7d 17 11 a5 32 bd 0a 86 0c a2 bc c7 e8 8a d3 4a 00 8e f5 bf cf 43 e8 77 27 7b f2 65 7c 64 cd eb f6 7d 67 f1 4b 4f 59 ca e6 81 fd 3c 03 92 5e ef 97 5a 70 c1 8a 23 cf 5b 4b f9 bd aa dc d9 f1 3c 83 8e c0 56 b6 c5 fd cf 88 5a Data Ascii: H<{a6Xm4zw?[&o9+'nb~yuTIZ/O%:v/hy$bugDWKtaaT><vS[vg_q*qo2ndK bL@K{"?hHX\|8}2JCw'{e\|d}gKOY<^Zp#[K<VZ
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 40 af 2d fa 48 06 25 4c b1 4d 4e 84 80 80 62 2a dc c8 88 c3 25 8f e1 9d d7 61 25 de 7f 68 96 0d 73 fb d2 b3 b8 0a 2a 60 c5 ad fd 94 9a 77 cc 30 44 ef 76 3d ff 66 d8 14 d8 4b ab b9 48 d7 3a b3 79 f6 ba 6a 40 59 d6 60 dd ff aa b1 5f 37 7c ee 5b df bb 67 04 29 ee 29 52 ca 14 59 21 76 2a 84 cf 39 88 f7 0d 76 01 c3 c5 82 77 76 1b ff eb ac 03 22 a2 5a b8 32 45 c6 e1 4a b7 b5 1c 46 40 07 01 a6 02 99 dc 8d e9 d2 5a 33 6f 88 dd c1 2f 1c 78 42 b6 ab 93 e2 f2 5b f9 25 43 fc 35 50 20 c3 06 bc bf 34 9f fe 6c c4 9f 4b 0f 17 90 f2 60 13 b1 e4 c2 20 81 bb 85 aa 8f 09 cf ad 0b 0d 91 2a 41 26 0c f4 db 25 8b fc d3 94 8f 08 d7 ed 8d 80 fe e4 77 24 28 be 3b 12 a0 03 5b 24 1d ab a8 92 d0 62 e2 bc ba de 63 01 7d 3b 1f 1b 2d 36 e4 b1 35 79 bf 54 e6 02 46 a8 17 86 33 a7 ed 4d 84 Data Ascii: @-H%LMNb%a%hs`w0Dv=fKH:yj@Y`_7\|[g))RY!v9vwv"Z2EJF@Z3o/xB[%C5P 4lK` A&%w$(;[$bc};-65yTF3M
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 03 ca 9b 5d d1 28 ee 04 6f 68 ff 5b 25 2f c3 2e 66 3a 30 1a 56 45 74 97 8a 8b 69 41 7e c2 cd 7f 54 2b 18 45 5b dc e0 15 b6 e1 50 d0 2f 1e 0f b3 17 00 73 25 13 8a 26 f7 ed 2a 57 a4 0d 67 f4 5b 09 07 b5 70 e4 9a 62 8f be f8 3b 0a a9 30 11 2c 78 27 33 87 6c b0 88 0f 13 06 4f 3c 41 5c f4 b7 87 1e 07 56 6e 9a be a2 13 96 5d 38 9d f8 10 f5 e8 0f 2b 4d fb d2 85 85 6f b0 f7 39 da 6f 8d ae ec a8 f1 5d 57 92 44 fd 5c 33 59 53 c1 98 3e b9 8f a9 ff b1 14 da 55 ea bd 4c 4c cd 9c b3 79 05 f9 be f0 a0 2b fa 55 89 2c 9c 65 05 fd ee d1 bb b7 f6 16 05 82 82 2b 79 e5 64 8f 8c 8f df d6 56 aa f7 4a f4 e0 c4 bc 33 78 69 70 67 25 b6 bc 5b 6b ec bb 6f 68 68 bc 94 25 04 7c 99 73 d1 03 56 d9 3b bd ba 0e 17 5f 30 bc bf 08 fc 6b 95 45 ad 2b 08 cc 02 1d 1e 9d 5a eb c3 d6 2f 80 7d fb Data Ascii: ](oh[%/.f:0VEtiA~T+E[P/s%&*Wg[pb;0,x'3lO<A\Vn]8+Mo9o]WD\3YS>ULLy+U,e+ydVJ3xipg%[kohh%\|sV;_0kE+Z/}
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 0f 02 13 f0 e5 0e 71 1a 01 44 0a 42 93 40 56 35 b7 ac be 6f a7 f9 b9 b7 74 0f 42 ae 98 e8 7f a7 0e 08 dd bf 30 39 0e cf 56 a0 75 5f 5a e9 3a f2 01 d7 5c 1d 25 1f bd 5e 39 55 f9 b8 85 20 8c ee f9 3e 76 91 c9 c4 11 2d de 75 ad e1 3e 30 84 72 84 6d 2a eb 7d 95 08 69 50 50 72 68 49 e6 e0 e3 53 74 68 47 0c a3 3b d6 17 2b 71 03 a1 73 66 52 39 ef dc 11 0a bb b7 ad 5e f3 82 00 06 a8 a6 ee a2 6a 23 28 7d 17 fc dc e9 3c ff 28 53 97 be a9 aa 67 66 32 45 da f2 97 8d 00 f1 c7 8a b4 03 29 44 61 41 1c 59 d4 11 60 64 c3 b3 b1 c1 42 af 4f 93 2e a6 67 f3 40 9f 8a 1e 2b 08 47 a6 40 5d fc bf 7b c7 e7 61 aa bc 4d a2 84 62 0b 8a 8b 37 1b 9f 4e 08 73 3d f6 40 2e 14 40 da 6c e1 6a 7e 57 5d 9c 30 a3 2c d1 e5 3d ff 88 a7 16 66 f9 33 0d 5b f0 06 72 da be 01 10 44 ca 6b cb 65 db a7 Data Ascii: qDB@V5otB09Vu_Z:\%^9U >v-u>0rm*}iPPrhISthG;+qsfR9^j#(}<(Sgf2E)DaAY`dBO.g@+G@]{aMb7Ns=@.@lj~W]0,=f3[rDke

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
99	192.168.2.7	49841	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	518	OUT	GET /mqmlU6mUH3kD4vLaikeVQOC8gmOCc0kf9YRgnVVw7vLG4oNQ-OQH7vAOaNOzacBbUYE=w526-h296-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:41 UTC	531	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 33844 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:40 GMT Expires: Sat, 28 Sep 2024 23:47:40 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:41 UTC	859	IN	Data Raw: 52 49 46 46 2c 84 00 00 57 45 42 50 56 50 38 20 20 84 00 00 90 a4 01 9d 01 2a 0e 02 28 01 3e 5d 28 90 45 a3 a2 a1 a4 2b 96 fb f8 80 0b 89 6a 6d 31 20 4f 1b 44 03 79 11 11 11 e9 60 e0 13 20 1a 33 e4 5b e7 df 7e 5a fe 5d fc c5 f1 bf 6d de ca fc 1f f9 6f f8 7f df fe 7a 3f 7b dd 6f c8 7f b6 fa 8e f8 2b f5 ef e1 ff e5 7f 90 ff 2b fb 59 f3 37 fd e7 fe 9f f5 9e ec 7f a9 7f 90 ff a1 fe 37 f7 e7 e8 1f fa 4f f6 0f f9 1f dd ff ca 7e d3 7d 1d ff a7 fb b7 ef 2b fb 47 fd 1f cc 0f 81 9f d3 bf c4 ff e7 ff 5d ef 23 fe ef f6 e3 dd 7f f7 bf f3 7f fa 7f d3 ff b2 f9 02 fe 8f fd e3 fe f7 ae c7 ff ff 73 ef f0 ff f3 3f ff ff f9 f8 0b fe 87 fe 97 ff cf b4 77 fd ff dd 0f 85 df ed bf f4 bf 70 7e 09 ff 6b ff f7 ff b5 f7 00 ff ff ed 99 fc 03 ff c6 b3 ae a0 78 67 f9 4f d5 bf 9b fe f9 Data Ascii: RIFF,WEBPVP8 *(>](E+jm1 ODy` 3[~Z]moz?{o++Y77O~}+G]#s?wp~kxgO
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 0f d3 6d 1e 7e ec 5d df 89 a9 e0 7e 32 5f ef 62 f3 8d 46 d7 6c 73 32 8a ef 43 f1 4a 44 b4 4f 78 f2 70 0f 53 3b b7 64 06 99 97 be f8 69 d5 81 17 19 90 d3 fc b4 c8 9e 8c e8 9c 4d b2 79 ed 46 8b 1f 97 36 1f c9 d1 69 ac d8 29 50 72 a5 72 79 e3 63 6b d4 9b 36 07 b1 62 60 e2 fc 3f c9 ff fc 66 3f 5e 7e 16 bf f9 10 b7 3c a6 7f 2d af 31 6f f3 19 21 10 3f 65 0d 28 23 a0 64 0d c5 a8 71 ab ea ce 87 68 1e 35 69 a9 4e a4 03 81 d2 cf 34 f5 5e b8 5f d0 6d a4 7c 26 89 cd 3a 50 fd f9 33 fd 1f d0 97 27 48 87 0d 39 b6 3d 44 fd 0d ad 3f 2c d2 b3 80 00 c6 3e fd 7a a4 bd 48 92 5b e8 a5 50 58 81 87 eb 32 13 64 09 09 1d 27 01 ad dd df 80 e6 36 14 dd 55 6e 8d 8b d5 51 20 fa e1 50 9f 4d 9e 76 b2 cd 40 60 69 e7 56 50 30 2b 9b 3e f0 e4 dc 09 7f d0 6e 48 ce 76 a5 e1 0e 2e 6f 2e f0 b8 Data Ascii: m~]~2_bFls2CJDOxpS;diMyF6i)Prryck6b`?f?^~<-1o!?e(#dqh5iN4^_m\|&:P3'H9=D?,>zH[PX2d'6UnQ PMv@`iVP0+>nHv.o.
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 36 30 59 67 93 24 4e 74 60 2f 1e a6 71 fe 37 de bc 61 d4 86 97 79 8d 90 24 7a 0d 7a f0 3d 9a 75 76 f5 57 80 44 c7 e7 2f 2c 86 70 1a 79 b4 00 ea 6f 8c 91 a2 a5 83 7a e4 83 41 b3 09 82 06 54 57 2c 4f d6 74 dd 4d b9 5f 10 0a c9 16 ac e9 72 8a 53 92 7f bb 1c cb 56 9b e6 84 82 a1 ad b1 17 f2 9a c8 ec d4 31 71 04 ea 13 83 b8 74 2d 3e ff 29 60 a8 89 05 c8 34 8b 9a 05 49 83 89 ed 2c a4 0b dc 2f 7d f4 f4 1d 7c ef 04 ea 5f d9 67 81 a6 f8 39 4a 62 ce 1a ac 5e d6 84 e7 38 d4 70 e0 ef a2 72 e0 79 c0 77 36 4c 53 f2 d3 48 ef 2c ee cf 99 84 aa aa 00 ed e5 f2 d7 3f c6 f6 9e d2 6f 68 23 18 a6 d1 6b 07 ca d4 90 64 58 64 4b 5a 50 46 4f d6 3c f5 82 f7 3e 2f 03 52 11 b0 42 6a 83 0f 6e 74 e9 e1 44 1e b5 5c 70 ff 9e f5 6e 1d 84 b1 fe fa c0 77 a6 54 23 26 21 d8 48 df 5b f2 20 d2 Data Ascii: 60Yg$Nt`/q7ay$zz=uvWD/,pyozATW,OtM_rSV1qt->)`4I,/}\|_g9Jb^8pryw6LSH,?oh#kdXdKZPFO<>/RBjntD\pnwT#&!H[
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: ff e1 9b 1d b6 87 43 27 82 05 cc 8a c1 ed a8 a0 35 f4 eb ff c8 dd 42 1b b0 79 25 43 37 b8 8c 1f b9 4c 70 af 52 ff 2d e7 85 13 d9 15 ea 6d c5 1a 99 6f 19 37 74 da bb 63 13 63 84 59 bb 25 69 b0 ec fb fd 77 bd 27 70 45 78 6a a4 ad 37 e2 bf 86 c2 a3 dd 36 20 96 21 8f d5 6e 4d d0 f0 7a 69 07 e2 3b 52 7f 02 85 ad 55 6e 9f ed 8f bb 67 3e 81 19 4c 27 fe 15 ce 1b 40 ab 07 5b cf 41 f0 13 32 98 4b b1 7b f4 61 d9 72 ea 69 ac 2d 33 03 a9 6c e7 0c 8e d0 20 14 90 21 d9 8e 4c e6 c4 8e 37 75 b7 6b b5 08 f4 a7 2d 84 94 74 7b 0e 61 86 1d aa e6 83 53 d1 0e 1f 76 20 49 b0 88 b6 84 0e 1a d5 a6 7e bf 69 66 7d 4e 94 09 5d 68 c2 fa 44 d9 03 e8 ba 0b 67 52 c3 85 3d e6 31 f7 73 a0 14 5a 7d db 01 a4 2e 0c 98 c8 bf cf 18 a1 43 be 7e 78 f8 78 18 6c bd 4a 35 9a db ca 05 12 31 79 eb 78 Data Ascii: C'5By%C7LpR-mo7tccY%iw'pExj76 !nMzi;RUng>L'@[A2K{ari-3l !L7uk-t{aSv I~if}N]hDgR=1sZ}.C~xxlJ51yx
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 1a da 46 95 2b 6a d8 16 29 76 6b 9d e0 ef 9b da 86 d0 47 db 59 c0 2f c0 4a 25 39 fc 90 ad 63 de 95 55 d9 53 4d 93 17 21 44 e4 86 ae 7e 0b 2a ba 95 c0 84 f4 2c f7 14 7a a5 8f a4 bc 84 db 3c 81 a6 87 78 34 45 37 98 bd 51 1a 19 9c 91 6d f3 19 fe 55 4b 9b 09 82 c5 84 06 84 d0 c4 5d 40 da 2f 9d e7 99 2b 4c c4 49 50 79 18 09 77 6b 22 c4 37 65 dc 8e 9a 8b fc f0 24 52 55 d1 b6 46 5f ca 78 a2 7c df 9c 3b 8e 19 5d bf fa 19 2a f5 ee f3 f3 8d ba 6e c8 19 df 44 75 32 09 84 69 da 47 a9 66 03 15 bf 86 56 ba 5f 67 09 0f ef ec 47 49 bb 29 17 0f 5c eb c5 fe 85 de 79 cc 7d d3 ee 61 8f c3 27 dd e5 40 0b 98 24 a0 3d a3 78 8e 27 9b ee 33 92 f8 26 1d 02 87 b4 f1 2e ad dd 81 34 f9 76 92 12 97 b0 7e a7 74 99 55 12 4f 9b 0c a4 dd a2 70 db 10 a6 49 b8 31 c3 0b e8 07 d1 fb 2b 34 77 Data Ascii: F+j)vkGY/J%9cUSM!D~,z<x4E7QmUK]@/+LIPywk"7e$RUF_x\|;]nDu2iGfV_gGI)\y}a'@$=x'3&.4v~tUOpI1+4w
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 2f be 49 9b 0e b3 3c ed 01 8c f3 de 74 6e 14 e4 46 f3 0c ec f9 1a 15 ec f1 6c b7 6f 45 a3 78 39 18 f1 6c 98 15 07 be d4 9a 7e 5d e6 20 ac 99 17 fe 0a e0 a8 dd b0 66 59 b8 4f cc f7 88 85 93 2c d6 9f f4 d7 dd 3a 03 c5 8f d7 cf 58 b7 86 6e 20 47 7e 51 c9 d8 67 75 41 2e 41 af 6c 80 cc 47 ce b6 0f 71 e9 71 59 c8 9d c5 f9 ea 58 29 05 42 93 67 c0 a5 47 06 4c 56 a1 a1 2c a0 48 ad 06 80 b0 0b bb 03 7f 7d e3 a1 f7 e2 31 54 dd 2f ca 3f f1 7c 57 c4 1c 00 bc a1 44 d5 95 55 02 23 aa ab f6 ab ea 88 6d a8 42 17 b5 dd 7f 14 90 bf 8d 6d bd c8 01 3f 73 bf c9 a7 e9 3b ef 3a 4a 6f d8 36 f5 42 c7 72 a2 60 0b 27 07 ff 06 59 64 71 b0 0c 7b e5 4c 70 4c a5 15 9d 03 b2 81 2f bf f7 27 ac 1a a9 5e c3 32 0b da 2b 86 a1 8a d2 74 4d 39 72 8c 63 f8 b0 23 87 b1 5b 3d 9f 2d 6e b5 41 83 84 Data Ascii: /I<tnFloEx9l~] fYO,:Xn G~QguA.AlGqqYX)BgGLV,H}1T/?\|WDU#mBm?s;:Jo6Br`'Ydq{LpL/'^2+tM9rc#[=-nA
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 53 ca d7 87 7e 72 cb 8d 99 42 49 e2 07 87 e6 b0 9c e9 7b c4 7e fa 32 c4 38 c2 0a 89 ea 49 9d b6 2c d3 9c c5 92 8b 16 ff cd 7f 15 30 65 8e 4a ee 00 59 5f 18 e2 21 1c f0 54 06 e7 1e 4a cb 50 20 07 05 f0 f1 ac 15 ed 17 a1 8b 9b f6 b1 ff 86 18 3e 02 7b 65 c3 e3 55 e0 c3 26 23 11 b2 6d a8 d8 60 cf eb ee 97 bd 46 12 a1 e9 e0 ca 71 98 d1 12 27 89 e3 c8 3f 19 37 c3 70 49 88 6d e6 c5 1b 1e 39 33 d4 6a b5 54 9c a9 80 31 b1 5f 44 ed 0d 0f 88 51 d0 c8 f3 dd 73 4a 62 52 e7 3b 92 4e e4 19 5f da b8 d6 b6 2f 23 4e 5a 8b 64 11 16 5c e7 f4 23 12 92 78 90 e8 64 ce 06 0a 53 c3 cd 6e c3 6d 5a 30 ec 7b bd 5a 80 a9 0a 55 5c a5 c3 44 49 a0 43 07 82 63 84 00 61 80 3e 65 65 b1 a6 1f 27 e6 af d8 e2 8b d2 3b 18 7f f8 71 a8 4b 9b e5 dd 50 b9 1e 3d 2d be 87 9f 0f 1b bc 3b 1f 9e 1d 45 Data Ascii: S~rBI{~28I,0eJY_!TJP >{eU&#m`Fq'?7pIm93jT1_DQsJbR;N_/#NZd\#xdSnmZ0{ZU\DICca>ee';qKP=-;E
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 35 6d cb e5 ae 02 17 f5 20 c4 c1 52 75 f7 b4 8b 9b 1b d1 31 1b ad 31 e9 4e 31 0a a9 41 59 09 3d 40 71 17 6d 8d e4 31 43 e6 17 46 d8 9b 0f f7 6d ae 27 d6 3d 26 57 22 1f 22 b4 34 b0 1a 3f 7f 3a da 8e 2f b5 67 39 5b 6b d8 2e a4 e3 60 4e 1e b0 8a e0 4e 74 0d 74 2e 74 72 bb 50 ec 1c 7a 31 30 1b 3d 6d b6 f1 54 3f fb 06 cc e1 47 c9 1a ae 01 76 2a 3f 3b d7 26 0a 03 67 03 c7 2b 99 2e 71 e9 9b 9c 84 95 9c 2a d2 67 cd 54 73 cc ad 40 30 47 dd dd 99 1d e7 99 96 85 e3 e9 0f ca 18 f8 b1 b8 0a 6b b1 fc e8 3e 43 b2 0d cd e4 7c 5b 60 df 88 a8 d4 ab e1 d4 2a 27 ff 2f fa 0a 61 fe 29 7d 71 0c b9 fa a7 38 26 ce c3 7f 92 5e a2 c2 ec c1 6f d2 97 ee 0d e3 e1 85 a4 df 0e 81 f2 d0 04 e3 8a d7 e5 d9 78 e8 ec 6d d2 36 f9 5c 0e f3 56 c9 72 b4 59 5a f3 02 52 90 37 ea eb ba 32 28 a0 c2 Data Ascii: 5m Ru11N1AY=@qm1CFm'=&W""4?:/g9[k.`NNtt.trPz10=mT?Gv?;&g+.qgTs@0Gk>C\|[`*'/a)}q8&^oxm6\VrYZR72(
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 0c 35 21 3d 2b 9e a6 ec 26 09 fb 67 16 b1 a5 46 75 e4 ed e9 d8 61 d5 06 6c 04 f2 e6 be 7c 5b 4f be 5b a8 67 1b 07 40 69 9a ea c3 0c 8c 8e 1a 13 d3 d5 c0 85 d7 2b 02 5b 31 c5 34 51 71 e7 9e 04 b6 0f 92 93 ee 7b c3 7b 30 e1 90 69 4c e1 fb 29 f0 a5 31 67 72 99 d9 40 83 c2 86 27 b2 f2 6f 8a 8f 09 00 ea 97 bf 39 33 9b ff a3 86 e4 39 e1 59 b6 79 c1 75 6c 28 bb 89 5b 8e 96 60 2b 51 ca 4b 49 84 f9 57 74 02 bd ab f5 34 57 cf b5 32 f8 c0 fa d0 49 6a 5c 8d 12 b0 6e 2d d7 55 6f fc 59 a0 4b ea 47 3c 67 38 77 40 a1 ba 63 19 7d 99 51 3b b4 3d f0 53 0f 99 b3 41 13 c3 9d 73 79 99 e5 84 75 ce 8e cc 38 21 53 1e a8 c0 f7 8e 29 1f 7b 97 57 94 20 f0 2d 5d 59 85 1f 36 56 e6 ae 8e 78 6e fa 18 63 9d 30 66 7e 09 72 d8 ea 29 3b 61 48 e1 9b 53 9c 73 ec 8b 11 8c 30 97 37 99 d8 7a d5 Data Ascii: 5!=+&gFual\|[O[g@i+[14Qq{{0iL)1gr@'o939Yyul([`+QKIWt4W2Ij\n-UoYKG<g8w@c}Q;=SAsyu8!S){W -]Y6Vxnc0f~r);aHSs07z
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 4b 1e 79 45 60 e3 5d ae af 74 18 8e 6b 00 62 04 c7 89 42 41 d8 b6 50 8b aa 15 df 3f dd 35 ae 5f 53 c6 b3 29 9c cf d9 e7 1c 0b cd c5 1a 05 9f ed b9 3e 89 53 6d 78 23 b0 d8 3a d4 6a 97 55 f5 39 8a 77 be e9 ed 07 32 17 7f 56 4a cd 68 e7 85 ff 5e 5b 62 9c a8 69 ab 91 ce 6d 4a 1d cb d8 3b 6e 4b 04 2c 9c e0 52 21 f9 03 04 e7 14 3f 39 32 28 37 a5 78 86 9c 09 8f 81 64 5a 7b 56 04 54 9b 43 c6 4d 48 9b b3 21 2b 0e 26 45 68 4c d7 e3 fa 8c 50 45 d4 22 ca b5 7c 37 c0 c7 5f 1c 5f 6c 71 53 ed 69 40 4c 05 61 e9 df f1 ab 5b f6 65 cc dc 4a c2 6c 83 8a ca 06 5c 88 4c c7 f8 27 c4 41 8c 2f 34 73 b7 0d 26 63 09 2d 1c 0d 2d 23 d6 db af c7 d4 3e 15 da d9 d9 1e e2 98 b6 37 b4 80 33 99 6e f8 e7 78 b4 3b f9 db c2 f9 b2 62 19 ca 8e c0 52 9b 42 e1 b8 65 35 89 4e 88 51 da ba 06 ae 55 Data Ascii: KyE`]tkbBAP?5_S)>Smx#:jU9w2VJh^[bimJ;nK,R!?92(7xdZ{VTCMH!+&EhLPE"\|7__lqSi@La[eJl\L'A/4s&c--#>73nx;bRBe5NQU

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
100	192.168.2.7	49843	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	1071	OUT	GET /a-/ALV-UjVbNKa5i-zyQ7NrOn8KScByDGAhArAquxNNHFKgHw-SQakm6dM=s32-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 548 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:26 GMT Expires: Sat, 28 Sep 2024 20:07:26 GMT Cache-Control: public, max-age=86400, no-transform Age: 13214 ETag: "vb" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	548	IN	Data Raw: 52 49 46 46 1c 02 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 1f 00 00 1f 00 00 56 50 38 20 d4 01 00 00 b0 09 00 9d 01 2a 20 00 20 00 3e 81 36 95 47 25 23 22 21 30 18 08 00 a0 10 09 6c 00 9d 32 84 7c 3f ba 5e 87 68 20 c8 ed 80 bb 80 de 5f b3 04 ce 3a ef 37 c1 da 52 09 dd 5d e3 57 ea 14 1d 70 9b b2 cd ed 51 22 06 91 fc 76 ed 1d 1f 5e 89 5f cb e4 1a ee 5a de 00 00 fc 38 1a 74 b8 d3 38 42 5a 18 8f 10 70 73 7e 7c 63 99 02 0e 47 60 b1 94 2f 5d 71 67 31 e3 0f 2d 53 ba 5b 18 80 6f 72 08 52 a9 e8 7b b4 07 66 9d d5 3e d4 49 0e f1 cf 7c 0b de 8c b7 14 7b fb 27 d9 39 fa 45 cf 0d 3c 40 58 cc 50 32 d0 05 8e 9f ff 2f 34 77 35 ec 25 89 66 3f 0b d9 8c f3 54 3c 93 2d ac 59 d5 25 9c c6 eb 91 1b 38 c4 8a 13 85 d5 0b c8 2b 8b 95 1e 81 e3 7f 18 90 9a 10 90 1b bb 19 Data Ascii: RIFFWEBPVP8XVP8 * >6G%#"!0l2\|?^h _:7R]WpQ"v^_Z8t8BZps~\|cG`/]qg1-S[orR{f>I\|{'9E<@XP2/4w5%f?T<-Y%8+

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
101	192.168.2.7	49842	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	1079	OUT	GET /VZKGiuCEP2knhIKJYR4emUBuUra84gib_oDLocmdEcf1NYwf7hmo3Yv0OkzasOCQ2A=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	534	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 7854 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 20:07:25 GMT Expires: Sat, 28 Sep 2024 20:07:25 GMT Cache-Control: public, max-age=86400, no-transform Age: 13215 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	856	IN	Data Raw: 52 49 46 46 a6 1e 00 00 57 45 42 50 56 50 38 4c 9a 1e 00 00 2f 3f c0 0f 10 4d 30 68 e0 36 8e 7c 76 f7 d9 fc 09 8f 44 44 ff 43 6a 35 65 52 2d ad 77 8b cd 66 b0 bb be 40 81 63 9e 80 ec 36 c9 fe 6d c1 28 92 24 45 19 f3 5a ff 42 19 8e 4f 87 c3 36 92 14 c9 c7 97 7f a0 fc b0 38 62 23 db 56 93 0f a8 15 b5 35 fb 5f 92 f1 5a e5 9c e3 4c ff 23 20 45 b9 0c 00 00 76 02 d2 aa 9c 9c 66 8c 18 f9 25 3f b4 e5 bf 60 35 22 00 85 1f 5c 54 cc 1a 02 0d 51 9c 08 83 b6 32 9d bf cd 6f 10 b9 d0 ef 53 32 b9 a6 5d 76 e5 47 7c 44 d3 77 d8 33 05 53 b8 75 92 92 7c c4 51 e7 e8 4f 6e 73 d5 c4 8b b5 4b 32 1b 03 41 db b6 a9 c3 9f f5 7e 0e 11 31 01 1b b5 0d 32 cf 20 6c 3a 29 67 50 fb 53 f6 ff c9 90 6c fd 23 32 b3 d0 1c eb da f6 dd 19 2b 63 67 af 7c b7 e7 11 ae b9 b3 8d 27 b0 7d 57 b6 cd 99 Data Ascii: RIFFWEBPVP8L/?M0h6\|vDDCj5eR-wf@c6m($EZBO68b#V5_ZL# Evf%?`5"\TQ2oS2]vG\|Dw3Su\|QOnsK2A~12 l:)gPSl#2+cg\|'}W
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 91 60 8f 19 10 42 14 69 d6 08 ce dc 32 13 ae 2d 74 62 07 6e 39 46 90 02 25 14 29 43 9b 98 8c 61 89 c3 88 4a 38 f4 50 da c6 75 4f 9c 0f 68 e6 f6 7d 38 7f 35 9c da 4d cd 2f 73 3b 1c ba 33 72 2d 5e 9f 9e 3e af 17 2a 11 88 1a 72 e7 0c f9 0c 23 a7 52 2d 6c 15 32 6d 98 cd 23 c5 81 7c fc e3 da 6f ff 9c cf 78 f2 58 02 00 e0 09 60 29 d3 ed a8 21 63 87 02 e9 1e 0c fe 0f 1a 64 00 04 90 11 20 88 f0 68 9a aa a9 00 0a 5a ef 41 79 2b 78 89 d2 d9 2b eb 73 6a f6 6a 71 f6 30 3f b3 74 5b 0c e6 97 de 2c 86 73 4a 8e eb cb 07 a6 a7 ee 07 10 91 86 40 ec a5 92 da 65 49 2f f4 a0 00 96 59 d4 49 7b c6 6c 6e f3 67 ff 9a bc ec 31 73 0f 1e 4b 60 4e 09 74 3b b8 10 98 d3 46 ca 56 36 b0 28 30 04 02 0c 40 cc d0 41 01 d5 94 a7 4a 90 23 cf fa dc e2 79 5e 5e 0f b9 d6 88 8b fa fa ff ad 3f e7 Data Ascii: `Bi2-tbn9F%)CaJ8PuOh}85M/s;3r-^>*r#R-l2m#\|oxX`)!cd hZAy+x+sjjq0?t[,sJ@eI/YI{lng1sK`Nt;FV6(0@AJ#y^^?
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 8e cd ed fc c5 58 47 ed 5f bf c8 bb 07 f7 35 f2 ea 99 98 96 ae 92 27 aa 20 f0 4e 21 4f 4e bd 21 d5 4f 3c e1 44 e3 77 b3 27 3e fe 35 f8 c0 5b ff b8 32 b0 e1 15 32 c0 8c 8c 7b 2c 74 88 1d c6 74 18 1c e8 90 22 49 60 14 26 4d b4 4a f8 7f f9 ed c1 5b ee 9e b0 e5 e0 15 c8 ff 27 cb ff a2 bf b2 04 0e 40 0c 08 09 4b cd 74 ce 31 f5 e0 97 cb ae c3 63 bf ce 2b 67 da 39 ea 29 09 6b 71 b0 39 6e 6d e4 9f ad 7b f2 81 c9 da a2 bc f2 99 9d a9 78 69 b3 dd 26 9e ed d6 10 a1 88 d4 03 dc b7 10 c0 a1 9d fb bb b5 03 0f fa d9 bd 6f fd df e0 47 ab df dc 90 3e 46 51 85 4d 01 59 64 ed 87 83 8b 08 a3 21 17 71 18 31 20 30 81 05 e0 8a 8b f1 a2 00 0c 4f 89 62 bb e8 6c ab 38 58 c2 f6 70 3b a2 9a 45 08 15 1c 61 01 88 46 ea 1a b7 d6 d4 db 1d 17 cc c6 2f d7 86 f3 3b dd 94 04 41 2a 6e 5a 2e Data Ascii: XG_5' N!ON!O<Dw'>5[22{,tt"I`&MJ['@Kt1c+g9)kq9nm{xi&oG>FQMYd!q1 0Obl8Xp;EaF/;A*nZ.
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: df 7b e1 4c 9c 6d 1d fc 66 9e e5 d9 24 5c b6 32 44 28 2c f1 d5 d1 8b 99 ce 47 38 c2 51 c3 8a c6 14 ce 14 99 7d c9 cf cf 7a 57 de 1f a6 e0 2c 56 f8 60 76 0e 10 88 11 09 4c 70 ba 78 5e 2e b9 b0 de eb 24 9d 1d 5b 87 3f 1d 7d 50 81 84 0c 58 42 0f ab dd 9e 79 35 7a ba 32 57 96 82 b2 5c e4 95 0b 2f 7a f3 54 ef cc c3 a7 be b8 64 72 36 b1 3d 3a 6a ad ea a9 1c 53 83 e5 ba 6a e6 ec bf 66 6e 63 9d 44 ee e2 ff 86 93 06 0d 57 1c cd 56 46 60 b4 22 94 92 29 77 27 3e c2 51 50 19 2a d2 0a 56 28 73 9c fa 23 f9 40 2d 1b b2 59 61 d1 60 d5 14 11 62 81 11 22 78 99 ac 7d 98 2b fe 76 fd 60 80 90 90 22 03 66 32 30 e2 0f ee ac fc f0 7f 36 1c ee 29 da 13 89 3e bf 7a c7 5d 2f b8 e9 ea d6 20 f3 22 f6 1c ff d8 41 77 0c ca 7e a5 c7 a7 b6 7c 39 97 6f 6f fd a5 e3 ad 49 1f e9 fa 8d 8d ff Data Ascii: {Lmf$\2D(,G8Q}zW,V`vLpx^.$[?}PXBy5z2W\/zTdr6=:jSjfncDWVF`")w'>QP*V(s#@-Ya`b"x}+v`"f206)>z]/ "Aw~\|9ooI
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 8d a4 cd 2b d5 ee de b2 2e 52 10 d1 7a 44 a8 04 8b 0f 9d bc b3 f0 8b a2 31 28 87 97 c9 95 fb 5f 94 8d ad 1d bb 6e 3a 6f 6d 72 62 98 f4 dc 48 60 ea 58 a6 3e b7 05 27 86 72 db e0 b4 45 45 04 e1 fe ee b4 97 2e 74 c9 9c ce 1f fc e7 c2 53 ac c4 be 8c 9b 14 4f b0 e1 d4 f3 65 a1 84 cd b8 1a 1f c9 35 22 67 f4 02 0f 11 79 76 49 9b 37 31 dd d4 89 9a e1 3f 54 a3 00 0a 6a f1 f2 e1 c7 c5 df a4 37 87 65 9d 26 c5 32 6d 1d bd fa 96 b4 5e a9 10 cb c2 e6 34 ce 1c 1d c7 f3 64 86 2c 47 9b 9b b9 28 41 95 d4 22 42 c8 92 0a f8 ee 82 9d 5d 3d 22 6d 43 56 73 6c 70 a5 91 82 4d 2e db 5b 50 d6 8e 86 6c 59 5c 52 3e 89 4a 37 29 92 e5 10 41 c2 27 00 98 d4 b9 c4 3e 2b 9b de fd 8f 88 48 a0 00 0e 74 2f de 3d ff f5 f7 ce 79 fc 05 5a d0 22 e1 72 e9 64 5d 95 83 f4 11 4a 35 ce d1 87 5d f4 c0 Data Ascii: +.RzD1(_n:omrbH`X>'rEE.tSOe5"gyvI71?Tj7e&2m^4d,G(A"B]="mCVslpM.[PlY\R>J7)A'>+Ht/=yZ"rd]J5]
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: a6 c1 0f 0f 13 a6 5e 03 19 83 93 24 0d ff 79 d4 0a 6a 9b aa 8e 43 2b d0 96 e8 86 28 0a 1c 68 f6 ae 18 4e 9d 88 b1 21 f0 61 a6 5d 7d 7f 57 4b 25 2c 05 b5 04 51 51 c2 84 36 8c ea b0 4a ac 7e cf 62 7d b9 d8 38 ab 0d cd bd 38 97 40 0a 98 cb 1c 05 95 54 4f cf 56 96 39 57 b9 5a 57 59 95 b1 d8 b8 84 88 ac 8b 66 73 ea ae 3e 6d 94 71 4d 79 df ba cd f7 dc 7b d4 4b 99 ff ed 21 71 f1 86 b9 7a 8e f8 8f 68 49 b6 5c ba 20 dd 26 24 6a 46 58 a3 b5 68 c3 8d 3d 5c 19 8b c3 51 04 e7 cd 70 a1 c8 f5 98 dc 8c 7a 08 2c 85 13 05 2e b4 46 a4 18 53 98 15 a9 a4 a9 fa 8e 3c 31 cc 33 a7 1b e7 e6 61 5d 04 38 c5 c1 08 45 8e 8c a8 66 8b 86 2d 71 b1 2e d7 65 ba 45 b6 54 93 8f 08 41 dd 0e 55 77 b6 9c be f5 83 ff 6e 76 e5 0f c3 b5 bf 32 fb f7 83 7f 55 bf a1 aa 22 aa 9c 43 fd 3b f0 97 f0 bf Data Ascii: ^$yjC+(hN!a]}WK%,QQ6J~b}88@TOV9WZWYfs>mqMy{K!qzhI\ &$jFXh=\Qpz,.FS<13a]8Ef-q.eETAUwnv2U"C;
2024-09-27 23:47:40 UTC	48	IN	Data Raw: 2a df 82 5a 8d e1 b7 78 f5 87 1f 66 2b 19 57 95 51 14 01 4a 81 3a a0 aa 2d 01 60 c1 0b a6 80 05 04 72 28 e3 cf d1 95 a3 2f b0 de 00 9e 00 b6 0e Data Ascii: *Zxf+WQJ:-`r(/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
102	192.168.2.7	49846	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	1080	OUT	GET /54_553vN5-CRQBSmcbg54izHeT-KyBC2iEooeY90pcU7jpFWSgSsZYhKRBob74zRkNE=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:41 UTC	534	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 7840 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 19:56:29 GMT Expires: Sat, 28 Sep 2024 19:56:29 GMT Cache-Control: public, max-age=86400, no-transform Age: 13871 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:41 UTC	856	IN	Data Raw: 52 49 46 46 98 1e 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 50 1e 00 00 2f 3f c0 0f 10 09 06 6d 1b 49 92 77 ef cf f2 27 7c 0b 22 a2 ff 51 75 60 8b 55 1c 1a 59 46 1d 1d 2f 42 e3 c8 a6 7e b4 60 dc b6 91 23 5d 0e af c1 be 2e cc ec 1a d7 7f 75 57 40 6e 82 75 24 c9 4a fa 01 df ae 51 90 7f 40 84 e0 76 c5 36 92 24 35 f3 2c b6 95 7f 62 cc cc a6 d4 ff 04 c0 c0 86 5d 80 7f 84 20 d8 03 e0 03 88 38 e0 81 63 b9 84 60 cf ea 97 91 48 44 6e 15 eb 6e 21 44 78 c1 1c c7 32 4a 89 67 de 12 97 17 78 8f 97 67 0e 7f 9c 5f 23 13 7d 72 22 2e be 2e 5f d7 9f 7d 19 b9 5c 96 d6 8e 4b d8 02 61 92 02 a1 d7 23 bb 24 a8 71 8b 70 4d db b6 c8 91 9c f7 fb be 44 95 4a 52 8b 5b d0 4c 03 cd 30 d0 cb cc cc cc cc cc cc cc cc cc cc bc c3 cc d4 dc 2d 86 92 Data Ascii: RIFFWEBPVP8X??VP8LP/?mIw'\|"Qu`UYF/B~`#].uW@nu$JQ@v6$5,b] 8c`HDnn!Dx2Jgxg_#}r".._}\Ka#$qpMDJR[L0-
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 1c 55 b7 a3 06 5b 80 98 87 2f 24 ca 93 3b 68 75 4c 81 88 40 b9 0b c0 33 31 a0 ef 65 17 e2 0e b6 96 95 64 e5 be 2d c7 3a 70 59 1b 36 ec ac 7d 3a bc 43 1d 02 e8 b6 35 34 ae 46 4f bc 7e 27 8d 1c 4b cd 43 e9 fb 0c f4 44 b5 2d 84 01 25 4d 98 a5 ba 0b 2b 72 40 40 59 0c 65 d7 98 5d 2d 02 23 00 4e ef 76 ea e4 12 28 4f 68 df 61 42 e9 d1 c2 aa 3d 97 69 b5 b1 35 3a c5 e0 20 14 39 50 46 bf a5 3c 01 da ec 19 9a 50 27 da 5c 0a 41 5a c5 40 00 21 e0 a4 ba 6d 5b 7d e0 f1 2a d7 00 0c 0c ed bb da a3 3c 03 97 19 d0 f0 f6 cd cc 25 62 8e d2 cd 42 f7 7c cd c2 15 51 85 bc 03 87 23 89 79 e7 38 c6 21 ba 4d 0e 46 02 73 87 81 ee 8b 2d 06 3a 24 14 83 19 8b 05 f5 1f 4c e2 1f f3 54 00 b2 70 69 b0 c3 de 88 97 27 ca 83 e2 12 c0 4a 3e bb 19 de 20 2a 9f 43 d9 c1 4c 5b 14 25 a0 1c 78 0e 02 Data Ascii: U[/$;huL@31ed-:pY6}:C54FO~'KCD-%M+r@@Ye]-#Nv(OhaB=i5: 9PF<P'\AZ@!m[}<%bB\|Q#y8!MFs-:$LTpi'J> CL[%x
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 42 01 f0 c4 f8 de 51 76 a3 b2 72 f7 69 d6 c4 8a 63 e3 66 4b 30 b2 64 f9 a2 5b 4f 5c a0 33 39 0c e7 cf ae 56 62 2a 1e 00 1c 52 a1 c2 5b 94 9f b7 5a 73 c1 a0 23 cd 1d 9c a2 60 94 db ed 72 26 71 f3 92 53 fe 99 42 49 61 f3 97 f4 ac 98 bc 46 ba 7a 98 c5 3d 20 86 bb 01 73 70 56 c3 c6 9a 45 17 0a 73 ce e6 22 2b 85 40 67 c2 1a ed 31 31 d7 5e 76 31 cd ac 24 78 c0 b5 2d 37 2a ef d5 d0 20 00 10 28 64 14 92 4a 29 85 84 42 c2 96 16 be bb 69 b7 5f 44 a1 af 41 99 17 20 00 25 e8 48 44 c5 bc 49 2a 61 90 34 6f 5f 13 19 5d 72 0c ec b3 75 f6 67 4b ca 1d e6 f5 be 71 91 19 13 01 4d b2 23 9d 71 8b 82 44 92 7a e6 c6 75 c2 c3 7f 54 1a 03 b5 74 e0 f4 fe 7a c7 6d d2 c4 be 77 df 7b 37 5d ea 71 31 f1 a2 f9 7e 69 4d 5f 98 f4 54 6a 91 2d c6 4a 49 f3 a2 c4 06 15 3d a7 78 00 1c 24 18 c6 Data Ascii: BQvricfK0d[O\39VbR[Zs#`r&qSBIaFz= spVEs"+@g11^v1$x-7 (dJ)Bi_DA %HDI*a4o_]rugKqM#qDzuTtzmw{7]q1~iM_Tj-JI=x$
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: ee 03 ef d7 44 11 41 5e 29 5a 07 a3 13 55 d9 e0 f4 7f bc 8f b5 7d 97 1d 1f f8 97 16 c0 64 dc 60 39 86 42 20 85 55 2a 59 10 2a 80 68 3e 0d 3c 30 b8 45 10 85 5c 86 a0 92 5b 62 9b a6 c8 19 34 95 d2 8c cc d4 e2 51 2b 7d bb 3f 01 53 8f 3f 08 a0 d6 be be 81 93 c7 54 31 ce bc 91 a8 08 d0 38 32 b1 6b f3 1a a6 49 6a 95 88 7a 8c 90 0c 5c 69 88 79 11 d1 be 28 d3 9a ed 7b 25 d2 92 46 f0 d3 c9 f1 a1 ee 48 25 b2 45 ce 66 9b 5a 90 c8 05 2f 88 e7 82 65 c0 72 05 25 31 4b ce 06 dd ea 6d 4d 4b 92 8e f2 ca 75 16 ef 04 ee 45 0f 76 ac d0 5a cf 75 75 dd f0 a7 4e bf 6d 8e 9e 31 68 8a bb 9c 04 65 84 a6 0f 2f a9 6f c2 f2 ff 1b aa 2c 0d f0 8c b9 91 51 42 c6 ce c5 a6 67 5e a9 4c 3c f1 20 8a 0d a2 f9 25 20 9e 62 40 61 15 f3 86 c8 60 8a f9 05 55 f3 80 59 41 31 a6 11 40 d4 14 66 80 db Data Ascii: DA^)ZU}d`9B UYh><0E\[b4Q+}?S?T182kIjz\iy({%FH%EfZ/er%1KmMKuEvZuuNm1he/o,QBg^L< % b@a`UYA1@f
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 88 00 c4 90 00 31 59 06 8c 24 50 68 08 02 85 15 f5 91 df ef 94 6a d7 0b f4 28 54 9e 56 b6 25 43 c7 d8 00 7e d7 60 16 49 5f 48 47 49 aa 02 35 7e e4 78 34 70 02 ad cd 8c 44 90 05 12 49 4b 20 e0 4a c0 ee 50 e1 ad 4f 90 e8 8d f5 e1 38 e6 3c 80 00 f5 ac c1 c0 b4 e4 51 88 b6 5e 05 4a 0a 5d 26 7b af 32 4c 81 17 1f 09 6a 7a fd 31 9b ed ed 59 13 e5 a6 af 39 6a 64 98 a9 31 36 20 4a 4a 46 7a 47 aa 72 01 26 f7 c7 0c 96 bc 24 30 12 58 02 a6 0e 86 0a 3c 30 02 8c 1c 20 21 e2 84 6b ae bd 5d 6b ba a3 9a 82 b9 4e 8a 52 88 34 a9 54 94 a5 46 9b 8c ab a9 ca 40 68 0c ef 76 14 00 11 1a 62 0e bc 18 cc 96 53 07 89 38 23 cb 28 8c 75 0c 0e 08 49 82 fa 9e a9 4f 6e 42 7d 76 cb 25 1f 82 4d 46 81 9e d8 df 6f 02 5f c6 94 d6 fe 55 2f ad 69 75 eb 76 3e fe 20 67 bf ef 67 44 26 8a b6 08 e9 Data Ascii: 1Y$Phj(TV%C~`I_HGI5~x4pDIK JPO8<Q^J]&{2Ljz1Y9jd16 JJFzGr&$0X<0 !k]kNR4TF@hvbS8#(uIOnB}v%MFo_U/iuv> ggD&
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 82 43 07 d1 0a 10 97 8c 52 cd 58 23 d4 ba 4c 55 94 b9 d4 c1 df 78 e2 5f 6e d6 73 67 c6 d1 86 1a ac 98 69 8f b8 f6 5f 1f e6 8a 7f 7d b8 4b fd fe 51 ac 78 85 f0 09 21 91 0f 6c ba 6f 04 27 ed ff d3 29 cd 6e d5 c8 4d 33 15 53 96 94 56 bb e0 ea 2f 68 cb 94 c2 9c 54 81 02 e0 69 88 39 55 18 f9 71 54 00 8f 0f fe 64 fd 08 c4 73 29 4a 12 71 4d 6c 52 b6 50 0f 7b 0b d3 75 27 ee b6 cc 5e 53 a6 6d 70 60 24 cc a1 ff 70 a8 4f 0c 70 28 79 9c 04 90 00 4e 44 94 e8 c8 2c 5f a3 13 dd 4e 4e f1 91 37 e8 fa e3 bd 92 d5 0a b8 96 8e d6 9b 3c c6 bc dd 93 f5 d5 9e d5 7c 83 31 51 24 d5 61 64 08 08 80 c8 f6 8e 7e 69 a2 de 6f 42 9e d0 c3 83 a2 8b 9f 94 b9 7b 4c ed 52 a1 ff d6 8c 8c 04 48 22 05 40 1c d4 04 15 de 39 0a 6a 98 08 07 b8 31 ca f9 00 55 ae 1c 11 60 e1 fb bf 07 6c 24 4b 61 ab Data Ascii: CRX#LUx_nsgi_}KQx!lo')nM3SV/hTi9UqTds)JqMlRP{u'^Smp`$pOp(yND,_NN7<\|1Q$ad~ioB{LRH"@9j1U`l$Ka
2024-09-27 23:47:41 UTC	34	IN	Data Raw: 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 50 69 63 61 73 61 00 00 Data Ascii: II*1Picasa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
103	192.168.2.7	49845	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	1080	OUT	GET /xqUAS7ybTTu-O2dBQp2ZeoDTPvszt7NC5o-7ugw-TWkrUGpYiQSofQQDfNDPHPYueOo=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8228 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 22:24:33 GMT Expires: Sat, 28 Sep 2024 22:24:33 GMT Cache-Control: public, max-age=86400, no-transform Age: 4987 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	857	IN	Data Raw: 52 49 46 46 1c 20 00 00 57 45 42 50 56 50 38 4c 0f 20 00 00 2f 3f c0 0f 10 4d 20 6a db 46 97 76 bf 94 3f e2 03 11 d1 ff 2c a8 e0 87 51 5b 34 d1 9e 8e ad 17 01 36 f3 40 f4 9e 00 5d 38 8e 24 49 8d 52 e0 bf 75 0a bd 18 5e cc 3a 3e 3b 1c 44 92 a4 48 79 cc f8 2f e0 fc 6b 7a 01 cc 8c c1 b6 91 24 45 7d cf f9 47 d8 cf e8 bd bb 77 d7 ff 18 a9 54 2f 2a 6b 1c 6f 52 d7 d0 95 7a f5 b2 00 88 a7 fe a9 b9 a6 0a 34 34 b4 d4 67 ab 49 0a 95 06 a8 f0 be 3a 12 7c a1 f1 87 0a bd 9d 99 78 7f 9b b7 ee 7d 0f f8 c7 9c e0 09 2d 6f 4b 7a 9c 93 bd 95 52 c9 dd d9 bf df ff 9c 17 36 7f f7 e5 97 3d ad d6 56 54 06 82 b6 6d e3 f0 87 bd ed a7 10 11 13 80 32 9b f4 d1 97 87 d3 fe b6 6d 86 24 59 ef 17 11 99 55 5d d5 18 35 d6 b6 6d db b6 77 7f b2 6d db b6 77 8f 6d db f6 39 6b ef b6 bb d4 55 99 Data Ascii: RIFF WEBPVP8L /?M jFv?,Q[46@]8$IRu^:>;DHy/kz$E}GwT/*koRz44gI:\|x}-oKzR6=VTm2m$YU]5mwmwm9kU
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 00 8d 16 fd f0 55 75 3e b7 4f 36 77 d8 bd a1 1f 5f 44 2f 18 ae 4b a1 a5 26 fe 91 55 52 ae ec 18 6d 7f bf ae 6b be d4 95 14 36 02 91 94 03 e9 b6 40 22 04 d4 00 d5 fb fe b6 f1 da f3 b3 e9 d7 73 19 90 75 d3 1e dc 50 1b fa bb d8 fc 62 ad cc 39 03 23 26 8c 0a a0 82 09 00 90 26 16 00 30 02 2a 8a 60 80 66 db 32 1b ea 67 8d a8 69 b0 b4 03 54 f8 6b dd d9 a8 18 fb 6d 03 79 8a bc 59 b6 2b dc 55 7a d2 9b 23 8a bf 3c 0d 5b 6d 01 ed 7e fa fe ea bf 80 95 44 41 00 80 51 57 65 89 30 53 3f 71 cb 4e 87 fd fb 39 f3 36 a6 ba e4 d2 4e f9 ef bd 2d bb 20 79 c9 03 46 05 10 33 45 d1 07 1c 61 04 d0 40 73 d9 49 d0 cd 72 e4 da 3e 56 38 fb dc 39 e6 b8 45 e8 20 5b 5f dd 22 c2 38 fc 54 f4 c3 8d 2e 93 c9 5a a2 3a 8c 2d c3 f0 0c 10 88 49 f4 a7 17 e5 c7 bb 74 55 8d 21 8c 16 4b 04 ae 71 e2 Data Ascii: Uu>O6w_D/K&URmk6@"suPb9#&&0*`f2giTkmyY+Uz#<[m~DAQWe0S?qN96N- yF3Ea@sIr>V89E [_"8T.Z:-ItU!Kq
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: d8 73 d3 77 ee 64 26 67 52 00 d0 24 9e 21 95 6b d9 8c ca b3 71 22 75 90 28 48 e1 34 ac 61 8e 24 d2 21 c5 bc 30 eb 3d 1f d6 a0 46 85 60 82 0b 1a bc d7 43 15 0a 4a c0 b1 e8 da 56 79 ab fe 81 dc f9 ee 42 13 40 b7 12 45 71 a9 48 5b 26 20 04 c9 c1 12 98 e4 10 20 78 06 5d f1 47 2a 6e 88 fb 5e 2d 42 28 09 6f 18 46 03 00 c9 82 61 26 d7 5c fa f0 ea 1b 7e 60 59 d8 6a a0 32 9a 44 15 42 4c 60 48 c1 65 19 a3 3c 0d 5b 45 ae 9a 66 16 69 72 2e 70 50 21 3d 50 80 5a 31 e5 2a 86 bb 48 ad 14 1d 6e b8 24 f4 e6 58 41 17 13 2e 6d 4d db d9 7b 7f 52 c6 a3 27 fd 36 54 49 8f 42 52 52 b9 b3 00 72 08 d0 31 2b e0 ce 4d 42 e7 b9 f5 6b d9 fc 16 2a af 63 f6 31 89 e9 27 36 1a 16 8e d4 32 22 46 ac ca 13 9d 7b 7a ff 79 d2 dc 3d 66 9f 58 0f a4 8d 18 05 a4 88 23 9e f1 65 19 36 a9 45 4e 11 47 Data Ascii: swd&gR$!kq"u(H4a$!0=F`CJVyB@EqH[& x]Gn^-B(oFa&\~`Yj2DBL`He<[Efir.pP!=PZ1Hn$XA.mM{R'6TIBRRr1+MBk*c1'62"F{zy=fX#e6ENG
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 82 0c c8 06 35 eb cd cd 9a ca 2b 2e 6d c5 22 ba 31 d5 72 03 d6 6d cd 4a 81 ad bf 37 9b 5e 90 c1 e5 6c 7d ac 4b 4e 41 4f 91 33 72 8d cb 63 49 59 cc 38 a0 a2 e2 ef e0 9f 92 84 a6 e6 a2 4d 12 f7 e3 8f 7d b7 e2 40 ad 84 04 24 01 c0 00 31 20 43 26 48 56 88 c8 dd 3a c2 2d 04 75 26 35 39 e7 39 00 06 5e 62 c2 39 29 24 2d 78 b8 a0 19 af 5e 4b 7a 22 00 82 82 4e 38 49 a9 79 a0 c1 e5 cb 93 1f e8 42 31 2e b4 13 3d f4 96 fe fc 56 1f 7d 77 39 d6 fa e9 97 46 12 23 75 0d 61 7a 92 67 3c b2 25 98 5b b1 47 6c 57 54 11 5f c4 56 24 3f 59 65 64 32 1e 74 03 60 80 43 12 80 24 03 30 64 80 18 77 bf fd 51 36 d6 98 3a 93 aa 9c 04 04 44 88 39 26 be 4d b9 a1 cd ec 9d e0 d7 3e 3b c7 62 71 14 23 05 5c 06 f0 83 9e ab c4 e0 14 e8 90 f1 65 7c 0c 51 ea 38 29 df 95 b3 be 3c 51 06 72 d1 b1 23 Data Ascii: 5+.m"1rmJ7^l}KNAO3rcIY8M}@$1 C&HV:-u&599^b9)$-x^Kz"N8IyB1.=V}w9F#uazg<%[GlWT_V$?Yed2t`C$0dwQ6:D9&M>;bq#\e\|Q8)<Qr#
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 77 5c d0 75 ef e3 db 44 a4 28 23 ed 0d de 3e 74 95 da 9b cd be ef ff cd 64 d3 7f 6f bb 64 76 f5 e0 96 d3 6c f3 66 de ce 54 ac 5c f4 97 c3 68 b1 5d 38 58 ce d8 ce 19 9a 5a 1b 1d 63 70 8b d7 72 fb 1d 37 09 fb 7a 5c 92 83 89 c2 0c 85 20 c0 85 59 82 20 65 40 86 c2 65 38 6e fa 03 a7 df 77 b7 a4 d5 51 96 10 61 26 0e d9 3c ff 44 4b 1a 18 29 91 12 41 2c 23 38 0c 82 a7 19 35 ca f6 a2 0f 7d 79 dd e4 6c d5 9d 77 3b be 6f d6 fe b7 0b 3f fe cb bb cf 9e c9 86 fb b5 d9 ed f2 67 06 06 c6 fc b9 2e 30 c0 48 4a f5 ce c7 77 dc ef b3 11 d3 d4 37 ba d5 3b 9e fa d4 96 4f 94 2e a9 3d 1d 5b cf 9b 5c b0 72 25 bc 21 8a 28 8d 65 d9 c8 c8 6d 0b 39 d1 4b af 9a a0 60 08 21 cb f9 af 80 45 17 18 0e a2 0c c8 90 04 fc b9 0c 49 8b 6c dd 01 d9 3c dc 74 d2 43 06 26 09 9c c5 97 94 b7 cd e4 0f Data Ascii: w\uD(#>tdodvlfT\h]8XZcpr7z\ Y e@e8nwQa&<DK)A,#85}ylw;o?g.0HJw7;O.=[\r%!(em9K`!EIl<tC&
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: a7 79 23 db 8d 67 62 ef 3c 11 3b 7e b8 b8 fd 97 25 a3 ff 7c a4 7b 7c da e8 f7 9b fa 9b 59 69 35 34 66 00 4d b7 4c ca 1e 7c 53 85 f6 23 85 74 bc 9e 8f e9 4f 0d ba 37 70 b5 77 76 72 ac b3 b7 ee c0 f7 1f 7b ca c7 8e b6 ef 65 e1 25 9e f1 2b 81 f5 f0 81 6b 80 ab 06 0e 77 e7 bc ea 10 0f 06 9a 50 83 d4 09 1e 6e de 67 6d 75 28 c7 ff db 51 de a2 e3 1e ff 58 b7 fe 37 99 f9 f0 ea 07 7e 27 de a7 f2 d3 a1 23 30 71 ec f5 0f df fb aa 35 17 fc c3 3f 3e 2a 3e b3 cb ad 46 ba 8e c5 83 30 b0 00 e8 02 d7 2e fa 91 8d 05 00 11 06 28 a0 c7 1e b8 00 38 9f 29 37 6c c1 61 60 1c 68 93 34 be 6f dc c8 cf 33 f3 fe 7c ef aa 4d cf 9a 37 70 c7 f1 bc c4 e5 99 39 8d a8 02 86 c6 bc f3 b7 d9 cf 24 2f e9 bc 94 39 3f df 9e 6e 7f e1 cb ff 1c d9 7a 88 6d e0 62 ff d1 5b 00 27 92 86 de 60 2e e7 ac Data Ascii: y#gb<;~%\|{\|Yi54fML\|S#tO7pwvr{e%+kwPngmu(QX7~'#0q5?>*>F0.(8)7la`h4o3\|M7p9$/9?nzmb['`.
2024-09-27 23:47:40 UTC	421	IN	Data Raw: 80 18 a3 50 10 10 01 a0 22 12 01 88 11 12 02 08 10 a2 2c 08 a0 e8 20 51 76 30 b8 db 2f 62 1d cd e5 5d cd e1 3f 8a 3f 7e e4 d9 08 a0 5b 84 9c 4c e8 be d6 f5 9f ac 2d a3 59 de 1c 96 df 35 29 64 60 10 63 5c 89 10 93 38 0a 80 28 44 a4 d2 3b f8 c6 cc ad 4b b8 ff 8e a0 61 40 88 00 48 04 12 02 11 20 02 51 50 94 4f 98 6b 89 44 02 40 04 90 29 37 69 99 19 9e 6b 57 5e fd 7f df ac b6 00 2c 2e 00 59 92 6a 2f 4c fa a5 df fd b4 e3 d5 09 66 b4 25 0c e6 a8 08 4a 05 20 0a 68 c9 48 8a a4 8a d4 e4 07 57 d3 83 07 2c 81 0c 49 84 e2 62 15 05 20 02 24 91 90 cc 49 26 9e b3 aa 8e 49 4d 71 f0 b1 dd 4a 0b be c9 55 f3 1e 20 03 58 a2 50 d9 3b bf 8c 27 92 6f 4d 78 d6 77 7e fd da ef 7e db f0 cf 5f 97 7e f5 e7 dc 97 86 fe 76 63 cf 83 b8 be a3 92 2e d7 18 d8 a3 22 e8 48 ff 27 91 12 55 aa Data Ascii: P", Qv0/b]??~[L-Y5)d`c\8(D;Ka@H QPOkD@)7ikW^,.Yj/Lf%J hHW,Ib $I&IMqJU XP;'oMxw~~_~vc."H'U

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
104	192.168.2.7	49844	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	1081	OUT	GET /ldkXMQV3VO28rcqoeW8wN-5SxFZ8PcDrwM1EGxxTPv4cSrPPawrwzB28M1uQq5Ll3lTq=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:40 UTC	534	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 9702 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 19:56:29 GMT Expires: Sat, 28 Sep 2024 19:56:29 GMT Cache-Control: public, max-age=86400, no-transform Age: 13871 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:40 UTC	856	IN	Data Raw: 52 49 46 46 de 25 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 96 25 00 00 2f 3f c0 0f 10 4d 30 6c db 36 12 2c a7 cf 9d f6 9f f8 6e 88 88 fe 4f 40 f3 3b 7e 76 a0 29 19 78 b4 15 94 5b 85 78 a8 a8 22 33 c6 a4 0b 46 91 24 29 ea 3d 26 ff e2 ee c5 cc b4 bc a3 c3 6d 6d db 4a b4 71 09 89 28 85 fe 63 4a 60 11 12 b9 8e cf 62 18 c9 56 9a 17 4f 01 e9 bf 36 77 c3 21 68 ff a3 82 81 88 20 f8 de 12 a4 73 73 56 14 de 09 be a2 5c be 75 fe c6 57 0a c3 fc 36 3e a4 08 30 1d 0b 0f f3 50 20 3c e5 92 b5 02 74 14 13 ca 35 6c f0 10 62 d9 43 b4 5a fb 27 7c f7 3c b4 84 68 82 1a bb 9d c1 3e 0b fd c7 d5 63 f2 7e c2 b7 86 a8 32 9c e5 c3 79 88 55 87 52 0f 47 f3 df a3 da ca 16 10 1b 31 41 02 37 ce 9f 5c d7 90 1b 28 6e ff 67 ca ad be 33 73 ce 59 6f Data Ascii: RIFF%WEBPVP8X??VP8L%/?M0l6,nO@;~v)x[x"3F$)=&mmJq(cJ`bVO6w!h ssV\uW6>0P <t5lbCZ'\|<h>c~2yURG1A7\(ng3sYo
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 02 a2 25 c5 95 88 39 c6 82 12 b3 8c 5b b7 7d 63 e8 3a f7 ff 8e 2a ec 08 4a e0 40 84 00 74 54 90 b4 ec 27 29 cd 08 c9 78 88 43 21 02 6f 48 de 1b 6c bb ae f1 9d a6 77 9f 47 53 e2 78 43 d0 e1 22 d2 0b f2 06 77 25 ae 20 96 d8 1a 49 6f 64 72 8e 33 2c 3a c3 0b 49 e0 66 38 3a 50 b1 d0 19 51 41 c5 a4 9b a5 2d 78 84 12 a0 3a 51 03 cd df 68 9e ad e2 a1 00 5e 1b 8a da 31 eb f7 6e f1 a6 8a 66 15 0f 6b 56 18 08 8e 1d 47 e0 8b a2 a3 d4 7a 2e 39 17 ff e6 e4 f0 bc a2 20 24 ba de 6a c6 8b 92 d8 30 8e 87 42 f1 4a 26 21 a6 88 10 61 70 54 44 52 34 87 af d3 c4 ad 7a af b1 f6 3c c1 4c 48 e4 f8 16 8d 99 4d 01 33 c7 32 e9 8c b0 8c a4 c4 d2 88 03 60 26 34 10 d2 90 1a 59 00 b1 44 c4 4c 60 21 9c 97 da ea 37 15 87 13 7c 32 c4 00 25 83 a7 e8 5b 00 ae c7 43 18 a6 f7 ef 11 49 eb 04 3a Data Ascii: %9[}c:*J@tT')xC!oHlwGSxC"w% Iodr3,:If8:PQA-x:Qh^1nfkVGz.9 $j0BJ&!apTDR4z<LHM32`&4YDL`!7\|2%[CI:
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: c2 e4 fb ac 73 e6 7d 0f c3 ec 2a 20 6b dd 79 9e 66 42 08 4d 61 79 34 fd fa 40 f9 b6 07 44 8b bf 8d f3 2f fd b2 e3 40 13 9e e4 1d 9c 54 bc 72 55 fe 54 df 8a e3 0b a8 05 2a 16 74 2f 22 2b a9 51 64 88 20 42 68 08 85 3a 10 41 76 8c de a7 af a4 c1 50 a1 d1 ad 9f 6b 74 ed 96 dd 0f 19 38 77 f4 ff ce 60 1b 16 bd 6e 55 74 5c 92 e2 08 1c 04 2a 9c ae 30 0d 85 19 38 0d 17 77 c7 58 ee be fe eb d9 30 20 24 01 0a 61 d2 b1 19 7c 77 b8 71 fc b5 08 4f 0d 70 08 33 24 03 f6 3b f8 21 b5 56 7b e0 86 3b 8c e9 3a 41 50 80 42 28 0d 71 ae e9 b7 87 22 a3 9e 2c 4a cb f2 df a2 b7 24 df 2c e8 a3 25 ab e8 ec 62 47 a4 24 1f 9c a4 d3 12 14 29 68 2a b0 40 c0 09 80 08 76 2c 0e 85 98 37 3c 37 1f 5e b7 74 dd bf 6d 42 90 37 3f 74 9b f9 07 30 c4 56 84 86 ab 91 74 00 08 9d 22 58 2e 33 47 6d cc Data Ascii: s}* kyfBMay4@D/@TrUTt/"+Qd Bh:AvPkt8w`nUt\08wX0 $a\|wqOp3$;!V{;:APB(q",J$,%bG$)h*@v,7<7^tmB7?t0Vt"X.3Gm
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 68 31 18 b7 6e 9a 7d f2 e9 6a ab 79 60 12 1d 97 73 95 95 3d 97 ec 19 44 37 67 7b e5 e5 9d 1b 2e db f7 56 cc b5 40 a8 82 77 cc 1c fc cd a9 5b 5f 63 f6 5d 98 da a2 86 c1 11 42 05 92 92 ed 75 8b fb fe a5 a6 22 77 70 32 ed af 5c f3 c5 0d df 65 95 44 7d dd 0b ef 90 3a f6 48 42 02 a3 02 8e 76 4f 5b 65 1b 10 12 4a a3 58 62 78 e3 20 71 34 e0 66 02 0e e5 4e 3e eb 18 e6 24 a8 82 25 cc fe fa 65 66 cc a4 82 44 49 13 82 c2 d5 21 39 5d 90 ae fc bc 8c 14 46 55 9c be e9 8c 45 57 dd 6b 95 d5 65 6a c5 94 38 31 e1 be 17 e9 9a 0f 1a 27 92 fc 59 f9 a8 84 65 dc 37 53 4f 38 7e 77 84 75 a0 5d 28 b5 ca 49 cb c9 aa 4d 30 80 c2 0d 08 8a c7 2e a2 4e 02 5c b3 65 3f 25 58 83 de 39 62 14 0a 32 3b 30 39 1a 41 43 08 6e e2 47 e3 9d 5b 5f ef 81 d3 ff 68 fd 89 21 1e 0c 44 1c 07 6e ce d1 c8 Data Ascii: h1n}jy`s=D7g{.V@w[_c]Bu"wp2\eD}:HBvO[eJXbx q4fN>$%efDI!9]FUEWkej81'Ye7SO8~wu](IM0.N\e?%X9b2;09ACnG[_h!Dn
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: f9 3a b5 75 e4 a2 cf 9e f0 ca b3 82 2d 4b c7 a4 5e f8 6b 72 7f e6 72 ae 27 15 9d 46 01 dc 8c 8d 63 ee f8 8b e7 dc f3 86 99 30 f0 cf 9f c2 95 14 10 00 5c 50 04 a5 d4 90 7d f3 96 ee d0 29 18 ad 2b 4c 7d 00 92 82 2f fc 3a 36 06 f1 99 4d a3 43 86 87 02 13 5d 02 02 e3 8b 63 c5 69 8c 65 e8 92 23 41 04 be 10 58 3e 88 b4 b3 b1 59 2b 32 34 47 62 dd bd ed 4e f3 13 13 3b 3d fb 94 2b ae 0b 8c 46 87 73 02 14 0a 09 b6 3b 67 e7 27 bc d3 7f d2 79 8d 5b 8d 4c 94 26 87 93 3e 98 bd db bc fd 28 fe f8 d0 d0 4f 6f 52 53 b2 c6 8d 00 19 a1 10 a2 b4 5f d3 e0 04 04 80 fb df 15 00 82 a2 5a 02 02 80 6b d2 bd e2 57 05 0c bf 2e ac 29 38 f7 05 08 0a 3a a0 d3 48 00 10 52 8c a6 5e 29 32 af 19 7a 24 80 28 90 19 2a 06 82 aa d2 92 77 84 e8 48 f6 dc 31 d7 7c b2 cf 33 77 49 a0 35 63 56 fb 50 Data Ascii: :u-K^krr'Fc0\P})+L}/:6MC]cie#AX>Y+24GbN;=+Fs;g'y[L&>(OoRS_ZkW.)8:HR^)2z$(*wH1\|3wI5cVP
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: 19 fb 07 ee b6 67 14 38 f7 9e c8 9d 5b 3b 7f 2c 3d ae 2b 99 41 41 29 b0 c9 ef c9 c4 a5 83 8f 0a 5d de d3 75 7a ae f4 c5 57 ec 27 37 ac 9e ae 6c fc ab 0f d3 1b 1d ea 33 cb 01 01 52 c4 f1 89 12 dc b3 ad 77 f1 e8 be 0f 11 f4 6b 29 39 aa 65 93 19 35 0c a6 2e 0f 01 70 dd 2a c2 9f 96 ca 5d a5 20 9f 62 59 c4 6a 10 a9 c0 ad 05 33 30 91 84 04 5c 42 47 00 42 f1 14 0c cd e0 83 d0 58 91 cc 04 65 23 cd de e3 24 b5 96 f0 b1 59 39 51 3b e8 7b 95 73 f2 15 13 f5 48 5b 36 d4 32 72 87 5f f3 d9 4e 5a 91 67 ce bd da 00 22 61 c1 f4 74 cc 57 13 23 37 0e 37 9c 33 db 69 f2 59 ec d2 1e ee 3b c3 ad a1 8e 97 df 4e 4c 74 6c df 11 21 13 74 d2 1b 78 11 d2 29 e0 ed c6 9d 3e 2f b2 76 cc 30 af 51 ca 1f f1 a7 3c 22 39 18 03 1c 00 37 01 17 c7 c2 68 6f e6 a4 a9 7a 4e c5 ad 91 b3 15 39 04 04 Data Ascii: g8[;,=+AA)]uzW'7l3Rwk)9e5.p*] bYj30\BGBXe#$Y9Q;{sH[62r_NZg"atW#773iY;NLtl!tx)>/v0Q<"97hozN9
2024-09-27 23:47:40 UTC	1390	IN	Data Raw: ac 65 b8 e9 17 73 8b 8b b5 c7 1a 1f 72 e8 e9 85 61 1f 70 15 58 03 e6 04 20 24 93 e2 98 28 a1 22 3e 29 a8 08 80 c4 54 e8 66 5a ba 67 84 6d 2e 58 69 6d ec bd 52 ad c3 89 6f 3e 32 6e cf 1e 60 5b ce f7 7d 95 df 6a f7 63 9f 6d df c9 4d 13 dc c0 9f bf ff e7 0a 25 fb 6e e2 45 0f c5 2b b4 ea dd ae 7e e5 a1 47 de f1 e5 ce fc a5 67 fc f9 6b ab 1a c2 fb 01 49 f7 dc 83 60 f0 14 17 04 b6 d9 d8 86 01 b0 09 5f 0a 80 6d 0e 8e a0 fe 1e e5 e9 08 e7 1e 47 0e a4 33 60 13 29 37 27 b8 2b 14 92 23 ff f4 1a 74 f1 fb ef ff 88 cf df f7 b3 be dd 7c 58 d7 03 df 2c a8 c6 49 c2 21 02 46 33 07 8a a4 93 24 51 c9 1b 34 45 be cf 37 0a 52 30 3a 02 d3 3b 62 ce 4a 48 af f5 c5 cb 9b 18 3b 00 d4 d9 06 e7 21 c9 03 f8 dc 8a 5f 66 ae db 7b fa b5 ca c7 bb ec 20 4c dd 6b 33 e7 74 5e f4 7e 2f ee 8d Data Ascii: esrapX $(">)TfZgm.XimRo>2n`[}jcmM%nE+~GgkI`_mG3`)7'+#t\|X,I!F3$Q4E7R0:;bJH;!_f{ Lk3t^~/
2024-09-27 23:47:40 UTC	506	IN	Data Raw: ae 62 46 5e 29 34 89 99 c9 8e 71 fd 2d ef f2 88 7d ad be e9 0d 58 c6 83 a5 4f 51 31 1a db b8 8e ab df f9 b4 4d 95 0c 79 6d b2 49 67 71 64 70 b4 0f 13 c7 c5 d0 60 70 16 23 cb 1b a1 a2 a8 53 1c 48 9e d9 1a 64 da 8d bd 0a ab 12 c3 d3 7c b1 16 d4 9a a2 75 06 e0 df 5a 21 b5 81 b0 a4 fa 56 af c2 c3 20 5e 9e 8a c4 19 73 3c b7 1f 2a 80 9b ba 7e 1c 0a c0 e7 00 0f 14 71 e9 43 bf 0a 0e 45 e3 53 c6 f4 ef 31 98 66 a2 59 8b bb 16 d1 00 56 48 0d 0a e9 3c d0 23 ca b6 1f 42 09 7d b7 6c c0 10 a8 c3 97 c9 4b 87 76 7c bf 18 35 4e bb 20 0b 41 06 41 4a 88 e2 17 f1 48 a6 32 61 c8 88 00 80 eb ba 4c 2a e1 ac 92 a8 ac 53 7b a7 08 16 42 88 82 8c 2d 80 ff 1a cb f2 b6 22 a4 58 1a 1c a4 d1 a9 3d ed 69 a8 43 c7 0c d9 36 64 48 c3 1c b2 7e 0b c3 4f 50 44 9e 34 34 80 3d b5 ab 9f 28 cd a9 Data Ascii: bF^)4q-}XOQ1MymIgqdp`p#SHd\|uZ!V ^s<~qCES1fYVH<#B}lKv\|5N AAJH2aLS{B-"X=iC6dH~OPD44=(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
105	192.168.2.7	49847	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:40 UTC	1081	OUT	GET /4-UAwBqazrTOzXLc32ZtW6RjPbcwm-AsWiZuyQGR-fFZpnGKGDOsvBVK1Tew-pdyqtQ1=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:41 UTC	534	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8394 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 19:56:29 GMT Expires: Sat, 28 Sep 2024 19:56:29 GMT Cache-Control: public, max-age=86400, no-transform Age: 13872 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:41 UTC	856	IN	Data Raw: 52 49 46 46 c2 20 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 7a 20 00 00 2f 3f c0 0f 00 4d 28 68 23 49 c9 1e 3d cc fb 57 8c 12 22 fa 3f 01 ec 6d 63 fc b6 8d b8 6c b6 10 20 5b 30 8c 24 d9 d4 cb 3f be 6f db d8 ba 67 fc 1f 87 03 49 92 4c ab 9e 79 ff b3 d9 f6 7b df 9c 60 24 49 92 92 59 e0 e4 6e 27 e7 ff 5f 72 77 77 e8 7f 3c 09 d0 05 a7 89 da 22 12 26 21 1a 8a 2e f0 03 ec b6 3c d2 66 83 18 05 03 7e c6 10 89 db ab 33 ec e6 67 41 6a 6c 84 a3 30 34 6a c2 0d fc 85 4f 00 dc 1f 8f 8a f9 85 22 c0 74 18 9d 53 1c 0f 22 99 26 c9 b0 bd aa eb 08 94 0e 4e b6 c3 5c c4 14 08 13 ef a6 7d 22 02 03 31 38 75 13 b7 7a 68 32 f8 bb f0 f7 65 da 94 da 29 5b 45 f1 3c 32 77 04 9d ac c3 e7 6c 08 fe 43 16 bf be 7a 74 64 af 1a ff db b6 2d 53 9b ed Data Ascii: RIFF WEBPVP8X??VP8Lz /?M(h#I=W"?mcl [0$?ogILy{`$IYn'_rww<"&!.<f~3gAjl04jO"tS"&N\}"18uzh2e)[E<2wlCztd-S
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 48 c4 02 0c 12 67 3d 76 e3 fc a5 af 77 32 6d 80 28 e5 bd fe ba 57 df b1 2d d7 66 72 a9 4d 42 80 42 5d 96 35 3f 73 c6 51 d4 8c cf fd c8 69 c9 a5 5e 4d 73 19 17 a3 77 5a 49 2f f3 4d bb 5f 99 0b 7f 99 19 2a 80 aa 8f f3 9a a9 88 7b 13 50 07 33 1b f0 67 1a ac 93 c6 e4 c0 5f b7 5a a2 af 68 ce 5d bd 20 b1 89 39 57 53 08 51 c5 cc cf a1 b2 77 bb d3 cc 86 5f 99 37 df bd f5 35 17 8f e6 45 52 5e af 06 1a 71 2d 32 51 d3 6f 57 0d 91 24 8a 31 11 86 2e 4a 3f f7 83 71 58 ac fa 91 99 35 a0 bc a3 18 5e d0 fe d9 77 5c 7d be 34 78 8e d3 fb c5 5d 80 25 b9 47 3b f8 c4 be f8 d2 cf 91 1b 10 4e 74 c9 4a 70 cd c6 ac a8 a9 e2 68 9e bd 05 67 34 59 41 e3 b3 15 4a 68 1f bc 83 44 ca 45 b6 8f 77 b8 d0 7a 84 68 77 08 c6 bf 09 85 24 bb 0c e5 71 d5 77 25 55 c3 71 21 fc 1e c7 64 25 40 23 0b Data Ascii: Hg=vw2m(W-frMBB]5?sQi^MswZI/M_*{P3g_Zh] 9WSQw_75ER^q-2QoW$1.J?qX5^w\}4x]%G;NtJphg4YAJhDEwzhw$qw%Uq!d%@#
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: d1 7a 39 ae 2e 76 5f a1 e7 62 9c 48 f0 bc 10 d3 ae c4 a3 37 2b a9 ff f5 49 ad a6 21 aa 25 eb 4f b9 fb 3b 44 93 20 f5 67 e3 c1 1e 98 98 0d df 85 76 d4 92 78 8e 83 78 f0 76 d4 eb f5 da 1b 57 9e 7d 3c 5e 7f ef 09 d9 bf 1c 91 35 27 b5 16 fd 6a 7f 1e 8f de 52 bb 0e 48 41 68 d6 80 db 4c 0f e7 bc b2 69 a9 16 21 96 5c 1e d8 14 31 c8 00 01 ab 2f 32 50 57 f1 63 d4 34 02 91 12 19 f2 17 0a ca e0 6d 0d cd 2d 99 7b a7 64 2d c0 c8 04 0c 96 e6 51 a2 49 52 47 a8 b3 b3 a9 d5 69 14 01 94 52 fc f7 f0 4b 97 fb 3d 7c 37 15 8b 1f 50 18 99 84 cc 00 ce f8 9d 8f ba f1 03 ff 83 dd 92 39 fa 97 d4 e2 7f e2 dd 6d dd 81 de 07 49 57 1b 5f 0e 86 ab 31 40 00 48 a6 60 bb bf 2d 11 06 90 a3 6a 45 7c e0 e8 c7 7e 1f b6 db d6 9d b4 4a 80 b4 4d 52 69 aa aa 98 53 b3 1a 95 c5 06 79 db e4 99 db 9c Data Ascii: z9.v_bH7+I!%O;D gvxxvW}<^5'jRHAhLi!\1/2PWc4m-{d-QIRGiRK=\|7P9mIW_1@H`-jE\|~JMRiSy
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 3d f6 8f 00 d6 f4 d6 8f 6a 58 e1 54 37 76 e9 d3 df f2 d2 75 07 9c 6c 04 eb 8f a5 a4 88 13 8d a5 bd c8 3b 31 af 3e bc ed 7c 6b 44 35 a4 fd 14 e0 34 6c 75 11 d8 95 2b 44 7c 66 05 a9 39 35 5d 8b 2b 6b d8 ba e2 b0 fc dc d9 03 40 cc 6f 28 ad 88 24 48 0a 84 12 98 10 78 f1 ef 75 23 9e 8d 71 8b e3 47 7f 42 9a 1a 20 e2 9e 56 64 10 30 40 af 04 18 dd c6 bd 2d 79 34 ec f3 95 5b 1f c5 67 1d fd 47 0d 01 b8 57 80 b1 1c a3 e7 71 ee ec 6f 5f be a4 99 77 3e ff fc da ef 4a 42 38 03 49 12 29 41 fa 68 d6 5d 19 cf 37 7b 18 20 07 8a ee 76 46 3a 61 30 ab 63 d6 c3 8c 5c 18 61 ac 24 3f 6d a6 cb d0 3e 83 ce 09 10 06 22 63 6e a2 40 92 14 c2 b5 77 ad f6 72 f6 7b 9f 6b 57 0f fb 84 4b 00 ab db 6f 2e fb ed dc 92 fc bd 12 5d fe f4 99 c3 df fa ec f5 01 23 24 d7 76 9a 39 bd 16 54 1f 6f 05 Data Ascii: =jXT7vul;1>\|kD54lu+D\|f95]+k@o($Hxu#qGB Vd0@-y4[gGWqo_w>JB8I)Ah]7{ vF:a0c\a$?m>"cn@wr{kWKo.]#$v9To
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 36 c0 e6 2a 40 19 43 02 72 cf fd ec 45 83 2d dc 41 88 ad 0b cd d6 a7 68 8d 53 4b ee b4 cb c6 6c 8c da b8 c7 02 33 a3 61 9f fc 62 4d dc d5 89 e7 20 88 40 00 8c cf 33 37 ab 5a 9e 68 c1 d0 5c eb 66 9e df 8f 27 83 11 ca 8a 17 31 e9 97 87 39 5f e8 6f fc 48 24 ec 2c ed 48 2c 8c be bd 2d 21 b1 c0 b6 56 c5 f4 7a 13 fb f9 1a c1 5e 00 99 19 a0 6a e0 91 55 d4 0c cc 0a 7e 7f 64 b0 54 4e 8b eb 8f 2f 2b 5b ed 95 cf da ec 93 db c0 e8 34 28 8f 35 14 28 48 13 07 b1 6a ba e1 d8 cd a3 1f 3e 7f 67 3b a6 ed 4e 02 4d b3 bb bc 4e fb ac 93 07 de 61 07 c4 0b 7e fb ca 5c f4 28 98 d5 fc be 1e 01 1a c6 33 3b df 4f e4 97 8e fc e6 a5 1f 37 d2 c3 9b b7 31 90 2d 19 48 15 75 cd 99 cf 38 08 df fe 77 e8 01 44 3b 64 8e aa e3 8e 97 7f 2d c9 42 49 f6 de 0f 41 92 d0 14 81 19 dd 72 e5 bb e3 e2 Data Ascii: 6*@CrE-AhSKl3abM @37Zh\f'19_oH$,H,-!Vz^jU~dTN/+[4(5(Hj>g;NMNa~\(3;O71-Hu8wD;d-BIAr
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 71 80 a3 ce fd f1 ab ed 6b 6c 20 bd cd bc ef 45 a4 bf 68 74 46 92 b6 99 50 22 63 4d 52 36 53 23 3a ed ba 7e 0d ed 0d c2 d5 58 49 00 59 52 95 03 5e 3b ba f8 e6 c9 6b ee dd 66 51 53 c8 4c 18 1b c6 bf 6a cd 79 a0 04 9a 19 f1 3c f2 45 09 03 45 06 82 9a 1e 68 d0 67 35 b1 61 4d 05 c7 96 e4 2a 56 0d 0b 01 41 cf fb 5a f3 c4 8f de f2 94 42 17 9c a8 d3 44 5f 1a a3 43 ed 65 8c 20 62 fe 16 88 1e 87 fa 19 5b 97 4f cb bf be da 14 ea a7 45 0b df e6 f2 f6 be 5f c6 a7 10 02 a1 06 86 c8 f4 fd e1 a9 4b 72 1d 2a 83 c7 a1 7c fd 9d fa 4d de 69 60 40 ba 24 b7 0e f0 ba d9 2d 8d 1c 3a 35 34 8f 1a 60 5a 96 77 9f cf dc 63 94 5a 31 98 54 5b 7d 3b 0d 94 19 ef f9 70 30 05 ea 72 ba 7e cb 9e 52 5a 66 c9 4c 0c 64 00 20 08 a2 90 69 15 5a f8 f7 c3 84 12 12 95 2d 87 3b 25 b2 fd b1 e0 5c 79 Data Ascii: qkl EhtFP"cMR6S#:~XIYR^;kfQSLjy<EEhg5aMVAZBD_Ce b[OE_Kr\|Mi`@$-:54`ZwcZ1T[};p0r~RZfLd iZ-;%\y
2024-09-27 23:47:41 UTC	588	IN	Data Raw: ad ed 2f 6d 75 67 0f 86 23 c6 17 50 a0 d5 11 a1 3f f9 52 73 96 3c 2b 60 82 83 0e 16 13 de 00 1b 5b e6 4a 71 c8 70 f5 bf 1c 4e 7d 69 cb 10 76 0b 58 df c9 03 38 37 b6 4e a6 96 d9 3e 30 f6 69 15 bd ba ab 3d 93 13 5a bd 59 a7 87 84 64 72 a3 ff f0 05 57 e6 ca 48 54 bc 79 1e cc 98 d9 e4 6b 0a ef 21 fe fd 77 b5 6c 6c b8 48 53 d4 37 04 a0 48 1b 85 c0 02 01 04 80 25 b0 fe c1 f4 c9 3f 4b 90 67 a1 87 d7 15 04 f8 9b 03 d7 16 a9 4d 6f 09 26 ad 7c b7 cc ef 1c dc 66 e8 e5 59 ff d0 f5 71 de 7d 5b 3f 60 17 03 16 16 5a ac 9b 79 77 f2 ec 4b ee 77 ac 0a 17 12 5d 9a 23 b3 9c b9 3b 16 ac 4b c0 c8 00 46 f6 b7 95 76 8e 80 74 74 77 d5 b0 60 fb 12 04 72 27 b3 d0 d0 e7 e5 2a 4f 08 99 0d 02 49 60 45 49 02 b1 72 1b 24 00 00 66 d3 e3 73 9f 5a 44 0f 08 24 47 1e 49 b8 6f fb c4 7d f9 c8 Data Ascii: /mug#P?Rs<+`[JqpN}ivX87N>0i=ZYdrWHTyk!wllHS7H%?KgMo&\|fYq}[?`ZywKw]#;KFvttw`r'*OI`EIr$fsZD$GIo}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
106	192.168.2.7	49851	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:41 UTC	512	OUT	GET /metlPQbcsgsGldn5bJXm86AwhehBEosXGFuF_Yb5m9ub2M3Hp5-1Kc72ISMCKnCIS44=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:41 UTC	522	IN	HTTP/1.1 200 OK Content-Type: image/webp Vary: Origin Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length ETag: "v1" Expires: Sat, 28 Sep 2024 23:47:41 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Date: Fri, 27 Sep 2024 23:47:41 GMT Server: fife Content-Length: 8406 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:41 UTC	868	IN	Data Raw: 52 49 46 46 ce 20 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 86 20 00 00 2f 3f c0 0f 10 4d 28 6c db b6 4d c2 56 92 2e 37 a2 ff c1 8b a4 d4 c1 85 6a 87 fd e0 d9 ec c0 71 ea 01 38 06 e8 63 60 09 8f 24 7d fd 05 db 48 92 d4 8c 58 f9 07 a4 30 64 32 f3 93 85 71 30 8e 6d 3b c9 4d 82 bb c3 ca e9 bf 16 2a a0 00 97 25 93 05 23 49 92 4d cd ea 1b f7 bf d5 5f 59 fd 6d db fd 0f 32 86 6c f0 4d 3b 50 e1 5c de 89 0d b9 e0 7c a2 ce b7 2d f3 4b fb e2 80 f9 b1 ed 40 df 32 27 c8 ca f3 fa 67 81 81 ea 02 98 9e 4a ab 44 96 b0 11 1d 31 fa 85 1e 01 e2 b1 8e 48 8f 14 e6 f3 90 5f c7 b5 58 10 07 60 9e 88 bb 80 eb 18 49 40 81 c5 80 70 a8 f6 e8 f0 54 eb 7d 82 30 0f c0 16 2f 7f 39 e8 ba 5d 6b 90 e8 39 03 04 fd c2 27 82 aa 59 aa 1a cd 18 0a da b6 Data Ascii: RIFF WEBPVP8X??VP8L /?M(lMV.7jq8c`$}HX0d2q0m;M*%#IM_Ym2lM;P\\|-K@2'gJD1H_X`I@pT}0/9]k9'Y
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: ca ee 3d b3 87 07 0f 86 70 80 f6 ec e9 89 f1 f9 fc 44 33 e3 c6 32 df f9 ae c4 8f 14 27 6c 59 7c fd fe 44 fb fe 3d cf df fd 99 a4 c8 90 30 51 1b fd 55 d6 c2 1a 48 5b 6b f5 3f 54 5e 41 3a a2 02 74 4b 08 94 92 3c 90 86 a8 84 20 05 8a 58 24 21 2e 88 dc 20 90 d3 99 15 5c 7f eb 4c bc c4 57 be 32 9f 7d f4 dc ee 49 2e e0 07 52 fd d6 c6 af 4f cd aa 80 fe 51 8f 25 56 70 66 46 18 13 b6 13 16 db c4 f4 b6 f6 3c 2c 67 f6 82 9d 27 0c 87 f2 01 5f 7b a8 ff 61 c0 07 6b af 57 a7 fd 3e b0 73 cb 2e a9 bc 30 3a 90 83 f5 53 ac 19 1b 53 92 74 8d aa ea 32 06 59 be 31 c1 14 21 d0 95 81 54 92 17 98 56 0b 56 61 11 82 8c 91 20 06 38 55 66 7e ce 5c c9 6d f9 cc 55 af dc 74 4a 35 08 f1 d8 87 e2 d2 58 68 d1 e1 ec 62 11 28 03 00 62 61 46 b6 53 e6 33 d2 71 ea 94 87 1d 53 1a c8 ac cd 10 13 Data Ascii: =pD32'lY\|D=0QUH[k?T^A:tK< X$!. \LW2}I.ROQ%VpfF<,g'_{akW>s.0:SSt2Y1!TVVa 8Uf~\mUtJ5Xhb(baFS3qS
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 65 bb 97 f8 2f 93 5e 3b dc 3c f9 5b 73 9d f1 4d f7 1c 07 2f 71 08 71 c9 1b bb 6e 7a e6 b2 13 cf e1 8b 2b 73 1b 5f c2 11 24 56 9b 1a 74 18 30 3b 05 3e cc ae 59 05 b7 55 ab 0e 51 04 22 90 72 a5 dc 37 40 03 93 d5 40 59 26 a8 5b ba e6 1a ec 50 16 0a ef df 3f bc d4 2b e4 7d ac cc 4c 11 da 04 61 42 00 b4 08 00 04 20 86 91 da b6 d0 0b 52 b0 41 a4 4f 21 75 7a f5 d3 0f d8 bb b1 9c 2e b5 71 7d 9c 77 f9 61 9c 5d af 59 cd d2 16 95 89 ab 0e cf 39 2d 0b 67 bf 72 95 5d e9 76 3f 8c 01 35 56 59 a2 64 f0 40 a1 81 18 75 c5 d3 61 e7 96 6f 71 e5 3f 00 29 10 01 45 ca 44 93 19 21 dd 5a ca 2f 09 40 42 a7 62 44 fb fb ec b3 5e 78 3c 52 4f 29 1a 9c f1 37 fe ec 17 cf 3b 4e 51 48 89 d3 40 2c 9e 02 a4 d0 21 82 88 40 00 22 08 12 69 3a 6f d7 aa 09 de 3b bf 70 fd f4 82 5d 55 98 1c b4 4d Data Ascii: e/^;<[sM/qqnz+s_$Vt0;>YUQ"r7@@Y&[P?+}LaB RAO!uz.q}wa]Y9-gr]v?5VYd@uaoq?)ED!Z/@BbD^x<RO)7;NQH@,!@"i:o;p]UM
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 70 c2 51 0d 0a 16 7d 08 24 50 84 5a 18 a9 62 48 59 53 9b ba 07 ad 25 2b 86 d4 7a 62 b1 48 80 08 2c 9c 36 4c 25 a3 b8 e0 82 43 2d 31 f9 4f e0 18 7a f3 6d bc d8 fd d1 8e 58 63 c7 72 dd 63 9e 16 02 05 96 42 69 7a ff 66 32 6a 5c 80 57 33 da 3c c6 a6 d0 56 fe 81 27 e7 bd cd 9b df bb fb 5d 4a 0d 23 96 d8 dd 80 33 48 5a 52 92 87 3f ee fe 89 33 56 5a 04 96 80 27 06 8b ac 64 04 63 60 59 22 c5 ca 16 50 30 80 c4 42 e7 c6 c4 d6 99 10 b4 53 d5 e4 27 6d 84 0f 3f 72 e0 9d 83 3a 05 40 0e cc 03 69 30 46 70 65 ba e0 f4 0b 55 b4 6f 41 3a 94 71 5c 72 e4 fe ca 70 7f 27 9d 40 06 5c e1 84 3a 7a 3c f8 c2 8a 35 5a 83 31 e4 d7 73 d4 ed 40 ff e7 72 6a ce eb 7f 7a d5 9d 4f fd d5 be 87 f8 36 60 87 83 c6 39 5f cd f3 fe dd e4 8d 00 b7 80 50 62 24 02 90 93 1c 68 58 c1 22 27 32 dc 8e 2f Data Ascii: pQ}$PZbHYS%+zbH,6L%C-1OzmXcrcBizf2j\W3<V']J#3HZR?3VZ'dc`Y"P0BS'm?r:@i0FpeUoA:q\rp'@\:z<5Z1s@rjzO6`9_Pb$hX"'2/
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 89 44 11 c5 23 7b 60 8f 4c 20 4c c5 a8 d3 e1 20 22 aa 19 80 00 11 4d 37 31 c0 43 3c 40 3e 4e d4 cb e8 36 cf 74 8b 0b a6 32 fa 16 47 4b ee eb d1 65 82 41 4c d3 79 ef 15 75 ef 67 5f 3f e3 82 b9 9f 95 b3 31 71 91 13 32 82 02 21 8b 5b 12 08 a6 43 f1 10 61 91 5d ba ba d6 e6 71 1b 4a 4d 88 47 36 08 92 4a a6 e2 74 83 09 0f 71 65 69 63 36 86 6e b7 40 e5 a1 f5 a1 12 05 c2 09 88 14 24 46 8e 19 7b 20 37 12 83 c8 a8 46 d0 2a 00 1e a9 1d 16 41 44 6a 84 b8 a6 29 b1 32 67 76 a3 dc 14 5e 49 ca 8c 82 79 66 87 4b 3b ba e4 ca 25 ba a6 29 bd f5 8d cd 7b ae 7e cf 5b d6 f6 77 36 51 11 10 19 89 2c 3f 3e 90 4c 57 b7 df 52 f9 93 3a f9 a4 cb 0b b3 5b 3c 51 9e 3a 3c 27 ac 57 aa 4d 5e ae c2 d4 38 24 95 e2 1a 49 8d b4 56 da 58 d2 06 1b 03 27 2b c0 de e9 62 e7 70 58 00 82 01 34 98 cc Data Ascii: D#{`L L "M71C<@>N6t2GKeALyug_?1q2![Ca]qJMG6Jtqeic6n@$F{ 7F*ADj)2gv^IyfK;%){~[w6Q,?>LWR:[<Q:<'WM^8$IVX'+bpX4
2024-09-27 23:47:41 UTC	1390	IN	Data Raw: 51 57 a1 34 a6 03 75 46 ce d9 ad 90 2b b5 ac 13 6a 93 51 95 60 59 d7 dc 70 2f e8 60 49 36 d5 25 b9 80 23 11 da 1a 5f 47 b6 1b fd 78 82 d7 ae 1a 75 bf 6d 9a 13 41 ac 78 b4 1a 3c 73 c9 3b 97 1f c5 79 8f 6b eb 4f f4 2b 3f b4 6f 41 15 33 0a 11 04 cc c4 d8 e4 d9 78 98 fb a3 f2 75 d4 75 d8 ca 51 1b f8 b8 22 b7 04 9f a6 99 5e 97 23 d4 e4 50 bb fe c1 ad 2b b6 a6 05 4f 93 7e a0 36 03 10 c4 c9 8d e3 5f 3d 4a 32 0a b4 39 0b e5 18 0a 9f e9 f5 e3 72 eb b4 89 10 77 f3 7a cb e3 e8 91 0a 04 6e 67 36 4a 87 0d 3d 72 42 9b 95 f3 f6 57 8f 46 ff 8a 72 4e fa 27 1d a7 3a 7d 6b 0b 2f c0 ad 3e b8 cd 92 aa a4 2b 84 63 1f eb 8f 8e 8f 8f 2c 74 41 02 00 90 6a 42 47 9c 54 6c 31 49 43 22 28 8a ed 9c a7 c9 7c ac df bb ad 8c 96 f5 d6 3f f0 c2 af ad f7 4a f5 49 5a a5 40 1d 44 06 25 c0 25 Data Ascii: QW4uF+jQ`Yp/`I6%#_GxumAx<s;ykO+?oA3xuuQ"^#P+O~6_=J29rwzng6J=rBWFrN':}k/>+c,tAjBGTl1IC"(\|?JIZ@D%%
2024-09-27 23:47:41 UTC	588	IN	Data Raw: 2a c3 8c ca 2c 0c a1 26 ea e5 0e 2c dd e9 f8 cf bb cd d3 ab 87 f0 bf f3 e3 a1 d5 e1 b1 37 cb e9 0a 35 47 22 5a 83 11 1d 70 98 a5 2f d0 65 ec df 71 eb 64 f0 ee bd ed ed 8f b0 7c 73 f6 97 ef f5 7b c1 dc 52 7b 39 3d 19 1a 13 ab 5a 6b 39 24 4e 6a 02 56 d6 ab 98 eb 9c 2d f4 36 9b 83 da 95 31 83 56 d6 06 66 cc 4b ac 1a af 8b fd 80 25 d9 dc 46 67 01 9a 08 2c d0 c0 b0 02 33 0a 03 a4 52 56 c4 c5 0e 8c 6f f7 d3 9f 2c ad 3a ef 0f 23 f8 5f f9 e1 f0 ae 62 74 b5 28 b5 a8 ab 4e d5 37 16 0c a1 e1 6a f3 0e 7c 29 5e b9 eb 81 6a a9 ce e5 c1 d6 85 71 bd fe 2c a9 1c db 3f 7d e1 98 7a ea e7 5a 73 59 53 4e 96 6f 01 07 87 60 9a cf 81 bb 85 de 64 bd 21 bb 57 55 8c ca 18 01 6c 5e 40 2a 96 73 03 80 e5 32 cf a3 33 45 53 06 81 02 05 8b 16 8a 36 ac 0b b2 82 ac 6d f2 79 7e eb 4e 9d 97 Data Ascii: ,&,75G"Zp/eqd\|s{R{9=Zk9$NjV-61VfK%Fg,3RVo,:#_bt(N7j\|)^jq,?}zZsYSNo`d!WUl^@s23ES6my~N

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
107	192.168.2.7	49848	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:41 UTC	520	OUT	GET /12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:41 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 244 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 21:00:05 GMT Expires: Sat, 28 Sep 2024 21:00:05 GMT Cache-Control: public, max-age=86400, no-transform Age: 10056 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:41 UTC	244	IN	Data Raw: 52 49 46 46 ec 00 00 00 57 45 42 50 56 50 38 4c e0 00 00 00 2f 13 c0 04 10 95 40 8a 24 c9 91 34 50 c7 6b 00 2c ff b7 56 00 72 f7 64 ce 2b 02 8a 00 80 06 ab 37 db b6 bd 9d c0 8a 6e bb c5 9a 5d ad c6 b6 fd 66 55 1f c0 b6 6d 73 02 f2 0a 87 2f 62 40 5f 78 04 57 fc f9 3f 29 71 91 52 6d b0 24 ac 36 ab 70 01 51 2d e6 a4 a5 8e ec cc 60 8d 94 61 01 19 de 5f 42 5f cd 53 42 ad d7 64 58 ee 32 ec 05 c4 cd cf 89 35 e0 df 39 37 6e 36 a2 eb d6 cd 3b 4e fc 9b 1a 5d 92 dd 7b 92 8d e4 b3 be f7 7e 0e 50 f3 4e 5b ae 05 ac cc 6a 24 89 21 01 bb 7f 9f ff 24 d4 bb a3 60 57 fe 28 71 b2 e7 a4 72 b1 37 84 47 17 d7 e8 fa c7 88 6c 4d 0f ef c8 b9 c3 13 ab bb d6 17 90 e8 b4 ad 62 2c f4 b4 f7 91 24 09 a3 ba 61 53 82 c1 d0 33 6a f8 db 88 41 39 94 05 3c 39 Data Ascii: RIFFWEBPVP8L/@$4Pk,Vrd+7n]fUms/b@_xW?)qRm$6pQ-`a_B_SBdX2597n6;N]{~PN[j$!$`W(qr7GlMb,$aS3jA9<9

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
108	192.168.2.7	49852	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	521	OUT	GET /iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	532	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 200 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 21:11:24 GMT Expires: Sat, 28 Sep 2024 21:11:24 GMT Cache-Control: public, max-age=86400, no-transform Age: 9378 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	200	IN	Data Raw: 52 49 46 46 c0 00 00 00 57 45 42 50 56 50 38 4c b4 00 00 00 2f 13 c0 04 10 35 38 6c db 46 92 b6 d1 8f fb f6 5f c3 2e 32 87 ab 20 8e 70 5b 5b 9b a2 4c b4 6e 78 0d ee 10 0f a5 cc c4 ab 21 56 82 13 bb b4 b3 52 05 12 41 aa df 04 f4 1f ea ef f4 07 12 88 78 08 07 d3 0e 3e 62 02 7a 5b 0f 0c 6a 7b da 05 de 0a 25 7e d2 7b c5 c6 7e 2b 4e e4 73 55 79 ec 47 dc a8 07 b8 ac c6 44 8a ab ea 95 78 83 70 6f 4e a4 cc 05 2c 60 dd 83 bb 0b 18 3e b6 a9 9e 10 6f 10 ee cd 5a cf 2a 97 bd 08 1b 75 05 97 cd 2c 7d f3 13 c1 5e b1 b1 57 ac f5 9e 76 81 f7 5a a8 75 9b 80 5e c7 60 64 67 60 6a 16 7c a4 c5 10 71 8f a3 e9 9f 03 Data Ascii: RIFFWEBPVP8L/58lF_.2 p[[Lnx!VRAx>bz[j{%~{~+NsUyGDxpoN,`>oZ*u,}^WvZu^`dg`j\|q

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
109	192.168.2.7	49853	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	1080	OUT	GET /zP7opc5mRojd_Hmq_COpDBXf_QbspUi9UYBBYacXiIgmM7_s-g2UqXjHpsFSCATOJnE=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8332 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:42 GMT Expires: Sat, 28 Sep 2024 23:47:42 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	860	IN	Data Raw: 52 49 46 46 84 20 00 00 57 45 42 50 56 50 38 4c 78 20 00 00 2f 3f c0 0f 10 4d 98 69 db 66 cb 6b fe 8c a7 61 88 e8 ff 04 e4 9d 08 56 46 39 4b 8f 85 5c 16 8c db 48 52 34 cf cb 3f b4 8b 80 99 16 5a ad d6 52 1c 8c 24 49 52 52 6b 38 1c f9 ff fb dc 61 3d 5c 49 92 6c 5a 7d 6d ec 7f 71 37 ea da f8 d2 63 ff 83 85 ab ce 08 5f 21 4b 18 51 03 0b 14 9d d4 29 35 af 54 00 fb e3 07 8b 7c f0 9f 09 81 15 db e9 50 c2 4e 48 f9 97 e2 27 30 03 df 59 89 7f 07 84 fe fa 1d 5a 26 95 26 cb a4 24 97 87 66 80 06 86 ac 7a 4b cb 59 21 f3 c0 07 04 63 fc 6c 8f 4d c1 e2 2c ba 84 4b c4 d1 40 c2 24 83 b3 c7 67 3f c7 92 2c 53 0c 9c c2 2b f1 55 e1 d1 00 60 b5 dc 3a ff 39 e7 e2 b0 66 34 33 92 46 ac 11 cb 96 34 62 32 c9 cc 6c 3f 66 66 26 33 33 33 33 b3 cc cc cc 16 33 5b c3 33 77 2e 1d f8 ff bf Data Ascii: RIFF WEBPVP8Lx /?MifkaVF9K\HR4?ZR$IRRk8a=\IlZ}mq7c_!KQ)5T\|PNH'0YZ&&$fzKY!clM,K@$g?,S+U`:9f43F4b2l?ff&33333[3w.
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: a6 13 85 10 64 a4 25 58 42 83 53 f7 82 03 c0 56 db 18 85 71 8c d2 c9 61 36 59 31 49 77 dd 11 0e 51 24 42 43 c4 8d 83 c6 b1 24 fb 2e bd b7 45 0e 79 03 51 e5 6a f7 1d 75 fc c7 95 56 27 15 a3 00 40 c6 30 48 45 41 00 80 40 35 08 4b de 36 b2 d3 4f 7f c3 a3 03 e1 64 2a 5f 5c 69 8f c2 b4 ad 15 d9 15 3c 10 21 66 f7 90 be ba 88 dc 53 20 04 21 00 05 0d c3 41 ef c3 0c 67 06 3b 44 96 55 00 00 2c 50 00 32 25 4b d0 ba 41 2a 11 45 44 1f 9a 9a 0a 6d dc 56 54 28 13 78 ae ae 9b 08 0e 69 2d 21 09 d0 08 45 02 88 a1 6a e3 9a 7d d6 df d5 34 d7 b6 0e b8 b2 b8 e6 ff 0d 43 c1 a3 50 22 cb aa 8c 22 e9 b9 c2 34 9b d2 d9 fb 03 0a ab 85 7a e3 dc 28 2a ab d6 c1 10 de 9a 58 fa c1 e7 b3 0c 4a c4 48 b0 64 a5 f9 19 e2 03 24 96 92 94 69 36 03 d6 43 64 6b 18 25 fb c6 05 71 18 57 64 63 71 00 Data Ascii: d%XBSVqa6Y1IwQ$BC$.EyQjuV'@0HEA@5K6Od_\i<!fS !Ag;DU,P2%KAEDmVT(xi-!Ej}4CP""4z(*XJHd$i6Cdk%qWdcq
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 89 3d 36 8a 28 c0 03 18 02 a0 00 08 f6 fb 6a c9 cd 67 3c 92 d1 6b 01 f4 00 0a 00 57 a8 52 42 28 21 00 74 4a 02 90 f5 df b6 6a f7 23 af 67 07 40 81 14 84 e0 ca 4a 72 ae 27 18 e2 85 24 2e 04 74 ac ea aa e6 47 40 62 d5 6c 3a 52 51 64 4d 7f ac de b6 91 0c 18 41 7b 3c 15 a5 81 65 38 fc e5 05 01 61 92 a5 15 21 62 16 d0 97 71 44 8c 1a 6d 0b f4 78 3c a9 78 da c0 d1 9f 0f d4 9d de 93 ac 01 6a 32 c4 59 22 d0 08 b0 0c a6 81 30 69 d3 83 19 bd 0e 40 eb dc 42 00 e7 57 29 3d 05 21 2e 17 01 30 ae ca b5 47 2d 93 86 cd c7 3a 2b 13 1b 65 7a 6f a4 5c c5 0a 9b 18 89 4c aa 6c ca d0 05 a3 cc 2c b8 74 5d ff b8 d2 ca 9f 68 9e 2e ae 67 dd b5 07 d6 95 e3 a3 ec 1a 04 75 0c 81 cd a1 d8 29 ab a0 a5 a3 5a 43 42 25 6b b7 b1 d5 08 13 32 0b 60 40 65 4e 4f 2c 9e 89 1c 1f 86 14 33 a8 e6 13 Data Ascii: =6(jg<kWRB(!tJj#g@Jr'$.tG@bl:RQdMA{<e8a!bqDmx<xj2Y"0i@BW)=!.0G-:+ezo\Ll,t]h.gu)ZCB%k2`@eNO,3
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: f5 40 37 00 85 a5 ac c1 fa 4f ea 76 bd df 66 28 3f 03 68 01 b0 1d d6 1c 53 e9 e8 9e a5 7e e3 3a e2 44 08 88 3a dd 00 3b bc 75 2e a3 c9 be 07 90 88 c6 44 d5 c8 61 ab 81 15 b0 a1 07 85 ea 14 b6 68 30 a7 92 b2 5e a2 3b 09 10 a5 c5 95 3e 55 c4 f4 8d 19 8b 9c d6 11 bd 40 00 09 66 89 ab 0e 36 09 11 02 87 88 fb 09 ac 10 e2 43 83 06 10 01 b1 99 96 19 95 aa 4f 17 c2 81 c7 ec 32 aa c3 70 f0 eb 4d 65 ca 0f 5b 7b 5e 3b 00 2a e0 08 3b 85 f5 4c 58 ff 4e 1c fc 1b b0 0c 1c 4b a8 c1 fa 17 fe a4 fc d4 59 60 33 bc 53 da 88 eb 84 e2 2a 94 01 95 94 40 74 42 41 28 d7 09 0e 32 8d 88 87 77 4c d9 14 44 56 88 0f 2a 64 5e 88 f2 05 8e 0c 0e 5d a0 0f 46 53 e8 9c 9e d6 73 5a c7 91 71 5f 8d 38 44 2a 0c 60 31 80 5a aa 79 56 a7 22 12 14 f0 5e 68 3f b6 65 4b 24 d6 0f 8f 33 a8 b5 85 39 a8 Data Ascii: @7Ovf(?hS~:D:;u.Dah0^;>U@f6CO2pMe[{^;;LXNKY`3S@tBA(2wLDVd^]FSsZq_8D`1ZyV"^h?eK$39
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 90 a9 dc 36 55 01 50 99 0c 68 89 31 7f e1 72 76 d5 10 4c 60 17 91 28 64 61 0a 1f 0f 5c 67 09 5d 0d 14 4c 12 d4 c2 a1 a9 ef f9 09 84 2d 17 1f 7a 3e a1 18 e0 93 f3 be ca 73 01 41 d6 18 aa 87 d2 7b 1b 9d 7f dc 4e cd 83 9c f0 e2 ec ec 0c a6 68 b0 01 f8 9e 15 87 f5 14 21 23 e7 2a d4 11 21 a9 36 89 0f c6 b8 01 62 76 8c f6 a9 ac a2 3c 22 89 21 a4 11 cb 20 bb 04 51 18 df ab 7f ab a9 53 fb dc 43 1f 66 a1 89 ec a8 2c 44 95 37 3d e4 50 54 44 94 c3 29 01 0b 60 33 e0 a2 40 0a 08 85 ec 93 a9 22 03 24 59 8c d0 05 0e c6 56 fa fc bc 4b 74 5b 07 41 18 88 f2 99 25 12 89 1d a0 1b 35 b1 f0 84 99 ff f6 11 32 de c5 10 3c 16 4d 0c 60 87 dd c3 a1 c3 c2 1b 97 8e b4 b3 8c 75 22 95 b2 29 01 04 39 dd bb af 13 da be 45 54 40 b5 dc 91 73 cf 85 90 dc e7 43 20 d9 f3 7c 03 37 cf 5d f2 b9 Data Ascii: 6UPh1rvL`(da\g]L-z>sA{Nh!#*!6bv<"! QSCf,D7=PTD)`3@"$YVKt[A%52<M`u")9ET@sC \|7]
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 7b 8c 64 e5 33 3f d3 19 c4 70 70 0f 6c fd 5e b2 da b7 ef 54 63 4a 27 ef ab 21 e4 ec 3c 99 3e 5f ae d7 e3 c9 b5 95 20 c1 18 63 6f 25 24 08 47 0f 49 ed be ec a6 ae 48 86 ee 30 36 9d 83 27 0c e6 e4 d0 d4 28 67 82 03 f4 bd 4e 10 ea 45 d0 2c 12 d1 85 e2 22 c9 11 68 01 21 f8 38 10 03 43 33 0a 62 2f 00 a3 02 e0 30 87 bb a7 90 04 ef df 09 f5 1b 09 59 a7 49 36 dc 4e f5 35 06 96 20 b6 29 5b f3 dc 1f a9 39 65 e6 0e 4f 70 07 9f 82 01 ea 4f f6 5f 25 dd e7 00 0e 21 ba 2b d4 19 9b fc 1c 09 16 08 01 94 89 8a 7a 24 13 79 72 5c 4e 2a a5 a9 b2 81 cf 34 1b 92 20 a1 31 04 13 85 92 11 1d a1 da 10 74 90 08 95 34 37 bc 91 81 a1 a8 98 f8 18 c0 a1 6f 66 c7 3f 4b 21 f5 43 c9 3f 2f 54 9c 56 7b 4d 24 72 46 b1 89 00 92 48 61 2f 37 a2 e9 d6 60 0c 98 44 55 cb 25 b3 56 b5 2d 2b 05 53 bf Data Ascii: {d3?ppl^TcJ'!<>_ co%$GIH06'(gNE,"h!8C3b/0YI6N5 )[9eOpO_%!+z$yr\N*4 1t47of?K!C?/TV{M$rFHa/7`DU%V-+S
2024-09-27 23:47:42 UTC	522	IN	Data Raw: 91 ae de b5 ba f3 e1 ba af 9f 68 b1 ff d8 49 1f b8 3e cf 5f 6a 60 96 ea 8f 04 11 e4 61 88 dc 6c 22 00 11 02 48 44 06 29 12 d1 9a a9 17 be ca c2 7b fc d6 dc 6b 92 8c b6 81 cb 2c 9f 30 27 12 21 0a 5e 08 11 ad 50 f7 e9 ba 38 63 60 ec d2 bb c3 79 44 30 41 92 20 18 09 96 89 66 d8 6d 0d dc 0d c7 14 e1 d1 82 bf b9 05 fe 7e 6b 3c 67 3c 15 a2 04 3d 0d ac 73 d8 c7 d9 93 45 49 bc 02 66 63 f1 61 fb c3 3e 4e b4 89 44 80 45 cc fd 63 02 88 4b b9 de 7d 33 cc fc a2 c7 af 23 e1 dc bb cc 8b 8f 70 d2 47 73 68 62 a8 d5 91 89 00 0d 11 22 43 e8 70 c9 88 2d 12 3e 12 56 65 cd 7d 7e a5 3e e6 78 1d 18 44 92 cc 49 cd 78 86 27 c2 4a 76 0a 1f c5 31 38 dc 18 04 54 30 99 7c 8f 52 60 73 0b bb 53 b0 30 66 af 36 5b 7a 37 0b 06 2c a8 dd 6c 0f 60 58 3c ee 77 b4 38 73 c9 55 53 8c 12 20 a8 49 Data Ascii: hI>_j`al"HD){k,0'!^P8c`yD0A fm~k<g<=sEIfca>NDEcK}3#pGshb"Cp->Ve}~>xDIx'Jv18T0\|R`sS0f6[z7,l`X<w8sUS I

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
110	192.168.2.7	49854	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	520	OUT	GET /W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	532	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 200 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 21:11:24 GMT Expires: Sat, 28 Sep 2024 21:11:24 GMT Cache-Control: public, max-age=86400, no-transform Age: 9378 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	200	IN	Data Raw: 52 49 46 46 c0 00 00 00 57 45 42 50 56 50 38 4c b4 00 00 00 2f 13 c0 04 10 cf 40 90 6d d3 b3 de 9f 61 1a 04 92 36 9e 07 7d ff 14 17 08 24 e1 ee 2f b0 e2 48 92 12 5c f2 4f 8c 2c dc 5e 87 43 7c 7d 6c 58 18 7c 6c 1c 14 3c 38 44 6c 34 3c 1c 5c 2c a7 63 8d 88 87 88 21 04 48 1d c0 30 92 a4 44 8b be f2 ae 9b 7f a4 38 19 44 f4 5f 81 db 36 8a 8f 19 9e c1 34 bc 2f 8b 61 91 80 5c 0a 76 88 be 17 d8 f3 a4 f8 c9 5f c8 ac 1b 1d 7d e8 70 e7 7c 18 82 01 5f c6 35 c2 ae ce ad 16 e3 95 98 90 0d 53 4c 61 73 49 d8 a0 52 cc 84 94 8e 3c 4f 44 67 1d c0 51 66 00 d3 90 d5 75 d7 2d ab fb 97 96 ff e3 39 a7 d9 7c b2 36 10 Data Ascii: RIFFWEBPVP8L/@ma6}$/H\O,^C\|}lX\|l<8Dl4<\,c!H0D8D_64/a\v_}p\|_5SLasIR<ODgQfu-9\|6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
111	192.168.2.7	49856	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	520	OUT	GET /ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 164 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 21:00:05 GMT Expires: Sat, 28 Sep 2024 21:00:05 GMT Cache-Control: public, max-age=86400, no-transform Age: 10057 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	164	IN	Data Raw: 52 49 46 46 9c 00 00 00 57 45 42 50 56 50 38 4c 8f 00 00 00 2f 13 c0 04 10 0e 06 8d 24 29 12 db fe 4d 1c 3d 0a 58 de 7e 15 8d 51 6d db 4a a6 df 90 b9 0e c9 40 12 5a 10 c0 1d ca b8 05 a0 87 7b 8c a7 b6 6d 1b 46 69 53 cf 17 f2 b6 60 90 12 56 da 09 6c 26 5a 2a 16 20 22 b2 95 c9 56 98 e3 28 b5 05 4e 97 1b 13 f0 84 a0 63 82 d4 65 4c 70 84 1c 40 c9 d0 2b 08 01 24 8d fa 3b 14 33 ad 8f f0 86 c0 d0 44 14 26 61 3b 7c fc 88 c8 48 99 da 52 7c 3b 94 a7 33 db e1 23 58 44 84 04 55 52 e1 ef 3e 56 00 00 Data Ascii: RIFFWEBPVP8L/$)M=X~QmJ@Z{mFiS`Vl&Z* "V(NceLp@+$;3D&a;\|HR\|;3#XDUR>V

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
112	192.168.2.7	49855	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	504	OUT	GET /a/ACg8ocIPB8pm4h1EOZRGem3PoDcn21eL8kG9xLS87mgUSKpvN87oxA=s32-rw-mo HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	529	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 170 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:42 GMT Expires: Sat, 28 Sep 2024 23:47:42 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v0" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	170	IN	Data Raw: 52 49 46 46 a2 00 00 00 57 45 42 50 56 50 38 20 96 00 00 00 30 04 00 9d 01 2a 20 00 20 00 3e 6d 28 91 45 a4 22 21 9b fa ac 00 40 06 c4 a0 00 0b be b3 6d a7 9f ca 72 b7 44 09 af be 30 2c 00 fe 9c 58 ae b3 1d 9f 8d f3 ac 66 72 03 ff ff 99 a3 ff 49 bf ec 37 6b 9f fa f5 a5 b9 b1 78 a1 fc 37 3f 3e 9b 5d d5 d7 d7 fa 9f e2 af 3f 51 a0 68 58 bd f9 cb 98 97 b1 6a 5c 6e 37 5d 8e b7 cd 6b e3 e5 d7 ba e5 6b e5 bc a6 80 ee b5 78 d7 05 63 ea c5 9f f4 a8 7f 97 f6 1f c0 8f ac ff f7 ae a4 82 2e 09 cb 3b e3 41 6d c4 00 00 Data Ascii: RIFFWEBPVP8 0* >m(E"!@mrD0,XfrI7kx7?>]?QhXj\n7]kkxc.;Am

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
113	192.168.2.7	49858	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	1081	OUT	GET /MjrhJApdcYG1D2vtDZFqcc6UebJ-eMLT_M5omELV_39EbQkiDigolM_XFgQ-aKZHdz0a=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	534	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 2114 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 19:56:29 GMT Expires: Sat, 28 Sep 2024 19:56:29 GMT Cache-Control: public, max-age=86400, no-transform Age: 13873 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	856	IN	Data Raw: 52 49 46 46 3a 08 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 20 f2 07 00 00 90 23 00 9d 01 2a 40 00 40 00 3e 71 2c 8e 46 a4 a2 a1 21 35 fd 1e 60 90 0e 09 6c 00 9d 32 aa 7c 3f ac fe 52 fb 20 56 1f c7 ee 7c ce 9e 5d fc b9 ce 27 cc 03 f5 17 cd 77 f4 af dc 07 ec 6f a8 6f d6 ef d8 ef 79 2f 41 9f e2 7d 40 3f 9e 7f 9d eb 1f f4 00 fe 01 fe 03 d3 3f f7 4b e0 b7 f7 1b f6 fb e0 2f f9 3f f9 1f fc 38 3c bb d7 fb b7 82 3e 0e bc f3 21 9b 86 fa 49 fb 1f 30 fb ed e0 05 eb 9f f0 1e 6d 90 1e d0 7f 19 ef b5 fa 4b cc b1 53 1a 00 7d d5 7d 80 7c a5 e7 3f e9 8f fd 1f e6 be 01 ff 96 7f 5f ff af d8 23 f7 3b d8 e3 f6 e0 74 e5 89 65 1c dc 19 51 b9 d7 1c 45 58 ae 82 99 cf bb 3f a0 18 fc b9 a6 cf 69 5a 1e f1 73 02 19 21 40 ad 53 a6 85 8d 42 2c 5e Data Ascii: RIFF:WEBPVP8X??VP8 #*@@>q,F!5`l2\|?R V\|]'wooy/A}@??K/?8<>!I0mKS}}\|?_#;teQEX?iZs!@SB,^
2024-09-27 23:47:42 UTC	1258	IN	Data Raw: bd 53 80 ee ea b8 dd 50 1f f8 66 1d 7d a5 3a f0 b6 9e 25 ab c8 52 37 32 d0 56 6b 1e 66 5f 2d 33 82 5c 99 f1 4d b4 08 31 d8 2b 36 30 c3 f1 d5 94 cd 40 25 e9 5c 09 f1 2a 66 9e 87 10 30 d6 27 f9 be b8 ff f8 62 01 85 3c 86 a8 c8 a1 b7 85 c8 6c 50 b6 80 e7 14 ac ec c9 14 c2 fc 0c 00 71 84 c0 98 84 61 eb 72 f9 cb 68 8b 77 b4 2a 99 e8 47 63 e5 25 32 78 5e 28 15 2b 39 bf 70 90 46 a6 2f d0 9b 24 b4 f7 34 c7 59 32 80 b2 aa 34 6a 1d 3c 81 28 53 57 5a 25 0c d5 b7 c7 78 46 96 d8 5e ef bf 36 3e 0a 2d 5a b6 8a 78 f2 a5 4b cf 02 db ce 49 a3 90 bc 3f b9 ff 9e d3 ba 9b 05 12 6b d0 0a de 18 fd 04 df dd b3 2a 79 12 89 3e f7 d9 d6 51 e7 94 90 54 bd 24 b6 1f d3 f5 d9 34 da 96 9b bf 18 a7 6f 97 eb d9 45 03 b1 44 58 c4 f9 f1 e0 b9 c0 8c 0b 5b 1c d0 4e 03 e8 06 09 61 f6 7b c6 91 Data Ascii: SPf}:%R72Vkf_-3\M1+60@%\f0'b<lPqarhwGc%2x^(+9pF/$4Y24j<(SWZ%xF^6>-ZxKI?k*y>QT$4oEDX[Na{

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
114	192.168.2.7	49857	142.250.185.118	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	1081	OUT	GET /yUx5IRbWt1gaidaZIU4Ts5jePA40MnAU88T25jABDQuoL9KBgbbYnHxBAGWTzb51C9Gb=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8422 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 22:35:53 GMT Expires: Sat, 28 Sep 2024 22:35:53 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 4309 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	857	IN	Data Raw: 52 49 46 46 de 20 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 96 20 00 00 2f 3f c0 0f 00 4d 30 68 db 48 92 92 d9 7b b3 c7 1f f0 91 88 e8 7f 4c 45 30 35 7f 58 58 bb 4a a7 1b 3e 15 61 72 31 e6 5e e7 c9 a5 3d 0b 46 91 24 29 2a ff 0a 8f 5e cc 77 cb bc a7 c3 91 24 49 4e 93 81 f7 f0 ff c7 71 26 38 79 8f 14 0c 24 49 32 d4 8b 33 ff ff 36 db b6 fb 1f 08 84 80 46 55 44 73 c1 11 1c c7 08 4e 81 93 0c ff 97 49 4f 10 d0 19 46 c7 29 78 95 e7 64 fc 0f 88 82 5f c5 84 f9 8f a6 c3 5f 79 c8 0a 0f 11 86 90 d9 ab d0 08 4a d5 06 83 39 8a f0 a4 49 11 92 5b f8 d7 25 58 fb c4 05 81 50 98 22 53 df 62 12 8c 01 17 9c 3f 68 fe a0 dc bb ab 04 ef 39 1e 77 f0 12 64 74 10 b0 2b 90 33 84 62 f8 e7 0e af d4 18 0a d2 36 60 3a ff b6 af 84 88 98 00 e4 7f Data Ascii: RIFF WEBPVP8X??VP8L /?M0hH{LE05XXJ>ar1^=F$)*^w$INq&8y$I236FUDsNIOF)xd__yJ9I[%XP"Sb?h9wdt+3b6`:
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 53 78 20 4e 18 30 98 63 48 44 a2 24 21 0d ea 50 9a ff c0 46 f7 ab 96 3d e2 d4 07 75 f0 d6 e1 1c 6d f4 b1 38 51 87 82 a0 15 63 00 67 35 b8 cb c6 c4 ce 9c 03 48 0f 55 71 6f 6f 38 39 31 7d d8 df c7 cb 37 aa be c5 d9 df ff f0 2b d9 21 df 7d 11 27 4e ca 13 36 b4 32 c6 c8 2d 73 69 21 d5 a8 fd 50 08 89 c2 8b f3 4d f3 43 10 7e 57 0f fd f1 f6 97 3e 31 fb e6 55 95 37 f0 b5 53 c3 77 b6 57 de 7a b0 ac bc cc a6 40 9b b8 91 34 a8 bd 71 e6 4f 8f 2c bb fb bf 37 5e f7 bd 73 73 0b 87 4e 69 f5 be 7e 63 a3 c1 14 21 18 14 01 0a c2 18 44 02 26 18 fc 24 ae d3 b0 b0 16 a2 f4 9c eb cf 0e 84 c1 b2 c3 57 d7 5f 51 bc 7e d2 85 ab 13 93 db ce ac 0e df 36 1a dd 59 72 10 36 45 a9 d2 95 7d b1 14 3b c9 cc 0a 21 88 09 1c 48 36 0d 08 06 3a 92 1e b5 bb 73 fd e1 31 96 db 19 20 52 13 f2 ce 4e Data Ascii: Sx N0cHD$!PF=um8Qcg5HUqoo891}7+!}'N62-si!PMC~W>1U7SwWz@4qO,7^ssNi~c!D&$W_Q~6Yr6E};!H6:s1 RN
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 25 39 31 25 22 e0 61 95 ea 29 de 35 be b1 b9 ec 6e 3e e1 be 0c 9d c3 65 87 04 2b 8e ef bd 7f db 3f 5f 5f 75 2e 65 37 e9 ec f9 4d b5 94 39 32 ca b5 37 aa 47 b6 16 62 85 92 92 da 99 35 e5 90 72 6d 62 f3 bd 83 af 48 06 8d e6 9e a0 bc 79 f7 72 0f a8 06 bf af db 2e 7b e2 97 1f be be f3 44 81 db 62 c0 96 c2 00 02 20 66 21 0a 00 11 8d a0 82 7b 78 fd 33 9b d5 32 0e 2e 41 74 48 1b aa 6d e6 bd 6a b9 48 31 51 4a c9 18 27 d7 dc 53 cf 73 75 fb d2 6d 1f cf 86 71 96 90 21 99 f0 ee 1a ad e9 d6 6f e8 bb e7 13 79 b1 d5 ec a6 fc 8c eb 67 a3 71 70 77 0a 46 82 86 f2 79 cd 8b 56 0e 56 a6 db fc 78 d1 d1 31 1e 5f d5 d0 a0 1a f5 ac 30 b4 28 e5 62 6c dc 16 0b 66 60 0c b2 42 0d d1 74 73 26 d7 10 89 25 46 4d 34 e2 dd 8d c5 4b eb ad 6f 2d 27 d7 d5 2d e6 3b 4b c5 8e a0 b5 ec a4 48 d6 Data Ascii: %91%"a)5n>e+?__u.e7M927Gb5rmbHyr.{Db f!{x32.AtHmjH1QJ'Ssumq!oygqpwFyVVx1_0(blf`Bts&%FM4Ko-'-;KH
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 90 bc 78 58 9f 7d c1 e4 fa ee 72 7d fa cc 13 fb 27 77 4d 02 17 ac dc f7 b8 b7 ff a8 fc ef b7 f3 05 7f fd dd ea 04 70 86 18 b6 d0 95 94 3d ef 86 de 86 d4 92 04 08 21 ca db 47 d0 a6 37 80 00 48 57 0d ea 6e d1 31 da 3c be 1d b3 a3 09 41 10 4d 85 de 99 71 4c 00 94 22 d8 3a fa d6 23 0f 7f 7c e6 f6 67 2c 8f 7e fa c2 6a 66 30 0f 1b ad a2 04 ca 15 3c db f8 0d df 4e 8f fe 40 fc f3 63 1e 9c 19 af 3c 01 e3 30 06 24 02 80 4c b5 35 76 1c cf bf 76 5d dd d2 3e ba 6b 9c 8e 73 a7 14 bc 64 eb 4f ba e7 5f 55 7b 7a f1 b9 a3 97 ad 45 14 00 30 68 6c 0c f1 3a a2 12 0f 80 18 51 b5 5c b8 4f b7 c3 99 40 b4 18 0c 3c 0c 6d 3e de c3 ce bd dd f7 f2 f9 1f 7a c7 bd b5 ea 1f 00 db 8b e2 e0 e4 dc 19 f2 8f 4f 7c e5 3b f6 dd 7e f4 af af fd c2 45 97 3a 6f 7b c0 14 a3 52 b1 09 c2 31 b5 e5 79 Data Ascii: xX}r}'wMp=!G7HWn1<AMqL":#\|g,~jf0<N@c<0$L5vv]>ksdO_U{zE0hl:Q\O@<m>zO\|;~E:o{R1y
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 90 56 b1 10 d1 bf 21 5d 8b 57 27 ca 7f 34 79 a8 46 93 e5 d3 92 23 7d 0c 84 59 9d 60 2c 96 23 9f da fc e9 3d 76 68 2b 33 54 32 6e 44 a8 28 06 2a 66 2d 00 29 22 8d 53 92 2b 04 b1 61 c0 1a c6 15 29 ac c9 1a 1c a4 82 aa 52 75 22 4e 5c 9b 67 0e 08 5b d6 b9 ef b6 4e 12 af a5 1a b6 54 de b6 e7 59 2f da 4d fd 02 66 00 70 9b db 5d 4f 8c dd c0 6e a7 94 1e 5b 20 23 33 60 86 24 64 31 a0 ff e8 ef 9f 3f b0 f4 d4 13 8b 17 3f 9a d5 b4 f5 c7 cb 49 df f0 3c 59 64 41 ac 70 98 83 d9 20 9b 9f be da dc f5 88 62 9c 4c 80 64 10 4b 8c 8c 24 92 60 90 08 91 10 85 08 16 2d 43 84 96 b4 c9 98 30 04 4a e5 7e 9a 0a 09 8a 78 fc 93 9a ab 7b b7 7f f1 8b 7a 7e b1 7e d2 f4 f6 23 67 8a 37 73 fa d2 39 5f b0 e6 77 b7 ee 7d ce 45 33 1d 00 71 ac 77 cc 0c 04 0d ae 75 23 36 91 1a c8 00 c0 0a 69 7f Data Ascii: V!]W'4yF#}Y`,#=vh+3T2nD(*f-)"S+a)Ru"N\g[NTY/Mfp]On[ #3`$d1??I<YdAp bLdK$`-C0J~x{z~~#g7s9_w}E3qwu#6i
2024-09-27 23:47:42 UTC	1390	IN	Data Raw: 75 ba d5 5b 91 4c 88 05 00 4a 24 b5 83 55 38 ee c0 db ec d6 b7 0c 5c f8 ec c1 0b b6 69 ff 9b 6d 53 d9 0a db 55 f3 08 36 13 ac 90 7f b8 33 d3 97 01 54 78 64 fd a6 1f f6 f9 be 54 da a8 e7 ef 09 ed bc aa 77 e5 d6 f7 e5 43 f4 4c 0d 57 37 b5 97 6d 88 2e 03 cd b6 e2 f3 d3 d5 f8 d4 79 2b 66 39 78 c3 d2 48 a2 24 c1 1e d2 c0 87 e5 bd 71 39 37 17 0b 75 7c 6a f5 33 3f 14 ff f8 21 93 d3 85 90 da bb 3b 1c 48 31 ef 45 67 9b cb 6d 71 c1 53 bd 3c 74 94 a5 1e 17 4b 56 41 08 0d 85 46 a9 16 33 25 62 f7 61 3b 7e 6f f8 d6 c3 f4 f6 6f bc 50 7f ce af 38 db d8 7b c2 ae 17 5d a5 46 1b 71 24 e1 2a 05 5b f3 d2 c6 76 c4 37 9d da f8 bf 4b 1b 3b 12 39 eb bb ed 55 ff 44 47 31 e6 f0 0b 1d f5 9e c1 de 34 db 74 ac dd 00 3e 7a a3 79 77 a5 5a ba 94 3f 58 3a b6 e6 55 db ca 1c c5 09 76 a4 91 Data Ascii: u[LJ$U8\imSU63TxdTwCLW7m.y+f9xH$q97u\|j3?!;H1EgmqS<tKVAF3%ba;~ooP8{]Fq$*[v7K;9UDG14t>zywZ?X:Uv
2024-09-27 23:47:42 UTC	615	IN	Data Raw: 51 78 fe 03 be 92 67 09 01 25 45 b8 1e b5 6f 44 d7 2f 84 73 c8 4a 9b c4 56 d0 30 13 50 46 00 c9 db 13 77 fc 97 13 f7 48 dd bd ec 79 ee 49 91 b4 f0 4d 21 a0 42 19 95 ac 57 2a 97 e7 8e 5f af 54 ed ec 8f 7a 05 df ae 13 55 25 87 08 68 a3 3c 22 75 74 a6 4a a0 9c ab 99 e9 e6 a0 46 41 08 3d e1 c0 b9 8b 8c eb 82 4e 15 be e4 be f9 97 7c ca 95 10 39 12 12 e4 11 4c a7 ce d7 15 ec 8a 1b 2a 12 d7 85 eb a2 24 55 3a 85 80 32 08 6c a4 0e eb bb c5 92 1f 87 d9 26 67 08 07 c8 84 42 24 47 26 79 21 43 df a5 29 1e 0e 4f 69 7c e7 77 87 76 e3 9a 3d 3a a9 28 f2 a9 ca e8 99 6a 31 27 a2 2e 1a 46 98 73 75 ad 75 64 87 84 08 a2 8b b3 f3 e0 1e 25 f3 a3 95 ea 03 cf 97 4e ba 48 12 21 25 91 42 b9 9a 5f 77 f2 12 e1 98 c0 56 ee ac db 25 81 4d 67 fd 85 82 4c 88 d4 01 26 bf b2 70 e8 05 a9 bf Data Ascii: Qxg%EoD/sJV0PFwHyIM!BW_TzU%h<"utJFA=N\|9L$U:2l&gB$G&y!C)Oi\|wv=:(j1'.Fsuud%NH!%B_wV%MgL&p

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
115	192.168.2.7	49864	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	504	OUT	GET /a/ACg8ocJeUEY0r1lY88LZXQ4hyNO_-eGwKnex-CZfiNYD0aLUxQI0Uw=s32-rw-mo HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:42 UTC	524	IN	HTTP/1.1 200 OK Content-Type: image/webp Vary: Origin Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length ETag: "v478d" Expires: Sat, 28 Sep 2024 23:47:42 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Date: Fri, 27 Sep 2024 23:47:42 GMT Server: fife Content-Length: 236 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:42 UTC	236	IN	Data Raw: 52 49 46 46 e4 00 00 00 57 45 42 50 56 50 38 20 d8 00 00 00 d0 05 00 9d 01 2a 20 00 20 00 3e 6d 2a 91 45 a4 22 a1 98 04 00 40 06 c4 b3 00 58 8d 81 3d d1 26 01 d2 5e 44 40 2f f5 9d db e4 c6 61 3b 5c 90 c3 85 fd 6f 7e 51 7b 00 00 fe 9c 5f e1 50 de 2c 59 55 1b 62 5f 3d 45 3a 0e a2 72 8a da 5a 6c c0 ea ff b8 07 c9 af 23 bf 64 a1 ff fd 8c df f4 66 ff a3 37 ef 7c bb 52 4e 5e fa 5b ed 0f 5f 8a 7c 0d 2d 57 e1 84 5a d8 ae ae dc 7a ef 4c ce 37 90 88 11 83 b1 0b ea a2 7a 6f 44 79 c0 82 1f 9f f9 ff ae 7d 7f 48 0f e1 b5 75 d2 38 e5 40 56 fa f5 b3 e5 f1 9e 42 e4 ea f9 81 94 2b 79 49 49 b2 7e c7 63 25 5b 42 7e 7f e5 4f f3 89 d9 a6 2d 7e d5 fc 36 cc 8d 9c 2c 28 e7 71 29 bd 25 97 97 4b c8 ba 34 48 92 b5 be b4 00 00 Data Ascii: RIFFWEBPVP8 * >m*E"@X=&^D@/a;\o~Q{_P,YUb_=E:rZl#df7\|RN^[_\|-WZzL7zoDy}Hu8@VB+yII~c%[B~O-~6,(q)%K4H

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
116	192.168.2.7	49865	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:42 UTC	503	OUT	GET /a-/ALV-UjVbNKa5i-zyQ7NrOn8KScByDGAhArAquxNNHFKgHw-SQakm6dM=s32-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:43 UTC	521	IN	HTTP/1.1 200 OK Content-Type: image/webp Vary: Origin Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length ETag: "vb" Expires: Sat, 28 Sep 2024 23:47:43 GMT Cache-Control: public, max-age=86400, no-transform Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Date: Fri, 27 Sep 2024 23:47:43 GMT Server: fife Content-Length: 548 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:43 UTC	548	IN	Data Raw: 52 49 46 46 1c 02 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 1f 00 00 1f 00 00 56 50 38 20 d4 01 00 00 b0 09 00 9d 01 2a 20 00 20 00 3e 81 36 95 47 25 23 22 21 30 18 08 00 a0 10 09 6c 00 9d 32 84 7c 3f ba 5e 87 68 20 c8 ed 80 bb 80 de 5f b3 04 ce 3a ef 37 c1 da 52 09 dd 5d e3 57 ea 14 1d 70 9b b2 cd ed 51 22 06 91 fc 76 ed 1d 1f 5e 89 5f cb e4 1a ee 5a de 00 00 fc 38 1a 74 b8 d3 38 42 5a 18 8f 10 70 73 7e 7c 63 99 02 0e 47 60 b1 94 2f 5d 71 67 31 e3 0f 2d 53 ba 5b 18 80 6f 72 08 52 a9 e8 7b b4 07 66 9d d5 3e d4 49 0e f1 cf 7c 0b de 8c b7 14 7b fb 27 d9 39 fa 45 cf 0d 3c 40 58 cc 50 32 d0 05 8e 9f ff 2f 34 77 35 ec 25 89 66 3f 0b d9 8c f3 54 3c 93 2d ac 59 d5 25 9c c6 eb 91 1b 38 c4 8a 13 85 d5 0b c8 2b 8b 95 1e 81 e3 7f 18 90 9a 10 90 1b bb 19 Data Ascii: RIFFWEBPVP8XVP8 * >6G%#"!0l2\|?^h _:7R]WpQ"v^_Z8t8BZps~\|cG`/]qg1-S[orR{f>I\|{'9E<@XP2/4w5%f?T<-Y%8+

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
117	192.168.2.7	49869	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	511	OUT	GET /VZKGiuCEP2knhIKJYR4emUBuUra84gib_oDLocmdEcf1NYwf7hmo3Yv0OkzasOCQ2A=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:43 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 7854 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:43 GMT Expires: Sat, 28 Sep 2024 23:47:43 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:43 UTC	860	IN	Data Raw: 52 49 46 46 a6 1e 00 00 57 45 42 50 56 50 38 4c 9a 1e 00 00 2f 3f c0 0f 10 4d 30 68 e0 36 8e 7c 76 f7 d9 fc 09 8f 44 44 ff 43 6a 35 65 52 2d ad 77 8b cd 66 b0 bb be 40 81 63 9e 80 ec 36 c9 fe 6d c1 28 92 24 45 19 f3 5a ff 42 19 8e 4f 87 c3 36 92 14 c9 c7 97 7f a0 fc b0 38 62 23 db 56 93 0f a8 15 b5 35 fb 5f 92 f1 5a e5 9c e3 4c ff 23 20 45 b9 0c 00 00 76 02 d2 aa 9c 9c 66 8c 18 f9 25 3f b4 e5 bf 60 35 22 00 85 1f 5c 54 cc 1a 02 0d 51 9c 08 83 b6 32 9d bf cd 6f 10 b9 d0 ef 53 32 b9 a6 5d 76 e5 47 7c 44 d3 77 d8 33 05 53 b8 75 92 92 7c c4 51 e7 e8 4f 6e 73 d5 c4 8b b5 4b 32 1b 03 41 db b6 a9 c3 9f f5 7e 0e 11 31 01 1b b5 0d 32 cf 20 6c 3a 29 67 50 fb 53 f6 ff c9 90 6c fd 23 32 b3 d0 1c eb da f6 dd 19 2b 63 67 af 7c b7 e7 11 ae b9 b3 8d 27 b0 7d 57 b6 cd 99 Data Ascii: RIFFWEBPVP8L/?M0h6\|vDDCj5eR-wf@c6m($EZBO68b#V5_ZL# Evf%?`5"\TQ2oS2]vG\|Dw3Su\|QOnsK2A~12 l:)gPSl#2+cg\|'}W
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 10 42 14 69 d6 08 ce dc 32 13 ae 2d 74 62 07 6e 39 46 90 02 25 14 29 43 9b 98 8c 61 89 c3 88 4a 38 f4 50 da c6 75 4f 9c 0f 68 e6 f6 7d 38 7f 35 9c da 4d cd 2f 73 3b 1c ba 33 72 2d 5e 9f 9e 3e af 17 2a 11 88 1a 72 e7 0c f9 0c 23 a7 52 2d 6c 15 32 6d 98 cd 23 c5 81 7c fc e3 da 6f ff 9c cf 78 f2 58 02 00 e0 09 60 29 d3 ed a8 21 63 87 02 e9 1e 0c fe 0f 1a 64 00 04 90 11 20 88 f0 68 9a aa a9 00 0a 5a ef 41 79 2b 78 89 d2 d9 2b eb 73 6a f6 6a 71 f6 30 3f b3 74 5b 0c e6 97 de 2c 86 73 4a 8e eb cb 07 a6 a7 ee 07 10 91 86 40 ec a5 92 da 65 49 2f f4 a0 00 96 59 d4 49 7b c6 6c 6e f3 67 ff 9a bc ec 31 73 0f 1e 4b 60 4e 09 74 3b b8 10 98 d3 46 ca 56 36 b0 28 30 04 02 0c 40 cc d0 41 01 d5 94 a7 4a 90 23 cf fa dc e2 79 5e 5e 0f b9 d6 88 8b fa fa ff ad 3f e7 5f e9 c0 5b Data Ascii: Bi2-tbn9F%)CaJ8PuOh}85M/s;3r-^>*r#R-l2m#\|oxX`)!cd hZAy+x+sjjq0?t[,sJ@eI/YI{lng1sK`Nt;FV6(0@AJ#y^^?_[
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: c5 58 47 ed 5f bf c8 bb 07 f7 35 f2 ea 99 98 96 ae 92 27 aa 20 f0 4e 21 4f 4e bd 21 d5 4f 3c e1 44 e3 77 b3 27 3e fe 35 f8 c0 5b ff b8 32 b0 e1 15 32 c0 8c 8c 7b 2c 74 88 1d c6 74 18 1c e8 90 22 49 60 14 26 4d b4 4a f8 7f f9 ed c1 5b ee 9e b0 e5 e0 15 c8 ff 27 cb ff a2 bf b2 04 0e 40 0c 08 09 4b cd 74 ce 31 f5 e0 97 cb ae c3 63 bf ce 2b 67 da 39 ea 29 09 6b 71 b0 39 6e 6d e4 9f ad 7b f2 81 c9 da a2 bc f2 99 9d a9 78 69 b3 dd 26 9e ed d6 10 a1 88 d4 03 dc b7 10 c0 a1 9d fb bb b5 03 0f fa d9 bd 6f fd df e0 47 ab df dc 90 3e 46 51 85 4d 01 59 64 ed 87 83 8b 08 a3 21 17 71 18 31 20 30 81 05 e0 8a 8b f1 a2 00 0c 4f 89 62 bb e8 6c ab 38 58 c2 f6 70 3b a2 9a 45 08 15 1c 61 01 88 46 ea 1a b7 d6 d4 db 1d 17 cc c6 2f d7 86 f3 3b dd 94 04 41 2a 6e 5a 2e 6f fb 8a 73 Data Ascii: XG_5' N!ON!O<Dw'>5[22{,tt"I`&MJ['@Kt1c+g9)kq9nm{xi&oG>FQMYd!q1 0Obl8Xp;EaF/;A*nZ.os
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 9c 6d 1d fc 66 9e e5 d9 24 5c b6 32 44 28 2c f1 d5 d1 8b 99 ce 47 38 c2 51 c3 8a c6 14 ce 14 99 7d c9 cf cf 7a 57 de 1f a6 e0 2c 56 f8 60 76 0e 10 88 11 09 4c 70 ba 78 5e 2e b9 b0 de eb 24 9d 1d 5b 87 3f 1d 7d 50 81 84 0c 58 42 0f ab dd 9e 79 35 7a ba 32 57 96 82 b2 5c e4 95 0b 2f 7a f3 54 ef cc c3 a7 be b8 64 72 36 b1 3d 3a 6a ad ea a9 1c 53 83 e5 ba 6a e6 ec bf 66 6e 63 9d 44 ee e2 ff 86 93 06 0d 57 1c cd 56 46 60 b4 22 94 92 29 77 27 3e c2 51 50 19 2a d2 0a 56 28 73 9c fa 23 f9 40 2d 1b b2 59 61 d1 60 d5 14 11 62 81 11 22 78 99 ac 7d 98 2b fe 76 fd 60 80 90 90 22 03 66 32 30 e2 0f ee ac fc f0 7f 36 1c ee 29 da 13 89 3e bf 7a c7 5d 2f b8 e9 ea d6 20 f3 22 f6 1c ff d8 41 77 0c ca 7e a5 c7 a7 b6 7c 39 97 6f 6f fd a5 e3 ad 49 1f e9 fa 8d 8d ff f4 6c 50 2e Data Ascii: mf$\2D(,G8Q}zW,V`vLpx^.$[?}PXBy5z2W\/zTdr6=:jSjfncDWVF`")w'>QP*V(s#@-Ya`b"x}+v`"f206)>z]/ "Aw~\|9ooIlP.
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: d5 ee de b2 2e 52 10 d1 7a 44 a8 04 8b 0f 9d bc b3 f0 8b a2 31 28 87 97 c9 95 fb 5f 94 8d ad 1d bb 6e 3a 6f 6d 72 62 98 f4 dc 48 60 ea 58 a6 3e b7 05 27 86 72 db e0 b4 45 45 04 e1 fe ee b4 97 2e 74 c9 9c ce 1f fc e7 c2 53 ac c4 be 8c 9b 14 4f b0 e1 d4 f3 65 a1 84 cd b8 1a 1f c9 35 22 67 f4 02 0f 11 79 76 49 9b 37 31 dd d4 89 9a e1 3f 54 a3 00 0a 6a f1 f2 e1 c7 c5 df a4 37 87 65 9d 26 c5 32 6d 1d bd fa 96 b4 5e a9 10 cb c2 e6 34 ce 1c 1d c7 f3 64 86 2c 47 9b 9b b9 28 41 95 d4 22 42 c8 92 0a f8 ee 82 9d 5d 3d 22 6d 43 56 73 6c 70 a5 91 82 4d 2e db 5b 50 d6 8e 86 6c 59 5c 52 3e 89 4a 37 29 92 e5 10 41 c2 27 00 98 d4 b9 c4 3e 2b 9b de fd 8f 88 48 a0 00 0e 74 2f de 3d ff f5 f7 ce 79 fc 05 5a d0 22 e1 72 e9 64 5d 95 83 f4 11 4a 35 ce d1 87 5d f4 c0 65 6e 46 1e Data Ascii: .RzD1(_n:omrbH`X>'rEE.tSOe5"gyvI71?Tj7e&2m^4d,G(A"B]="mCVslpM.[PlY\R>J7)A'>+Ht/=yZ"rd]J5]enF
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 13 a6 5e 03 19 83 93 24 0d ff 79 d4 0a 6a 9b aa 8e 43 2b d0 96 e8 86 28 0a 1c 68 f6 ae 18 4e 9d 88 b1 21 f0 61 a6 5d 7d 7f 57 4b 25 2c 05 b5 04 51 51 c2 84 36 8c ea b0 4a ac 7e cf 62 7d b9 d8 38 ab 0d cd bd 38 97 40 0a 98 cb 1c 05 95 54 4f cf 56 96 39 57 b9 5a 57 59 95 b1 d8 b8 84 88 ac 8b 66 73 ea ae 3e 6d 94 71 4d 79 df ba cd f7 dc 7b d4 4b 99 ff ed 21 71 f1 86 b9 7a 8e f8 8f 68 49 b6 5c ba 20 dd 26 24 6a 46 58 a3 b5 68 c3 8d 3d 5c 19 8b c3 51 04 e7 cd 70 a1 c8 f5 98 dc 8c 7a 08 2c 85 13 05 2e b4 46 a4 18 53 98 15 a9 a4 a9 fa 8e 3c 31 cc 33 a7 1b e7 e6 61 5d 04 38 c5 c1 08 45 8e 8c a8 66 8b 86 2d 71 b1 2e d7 65 ba 45 b6 54 93 8f 08 41 dd 0e 55 77 b6 9c be f5 83 ff 6e 76 e5 0f c3 b5 bf 32 fb f7 83 7f 55 bf a1 aa 22 aa 9c 43 fd 3b f0 97 f0 bf 54 03 2d 8a Data Ascii: ^$yjC+(hN!a]}WK%,QQ6J~b}88@TOV9WZWYfs>mqMy{K!qzhI\ &$jFXh=\Qpz,.FS<13a]8Ef-q.eETAUwnv2U"C;T-
2024-09-27 23:47:43 UTC	44	IN	Data Raw: 8d e1 b7 78 f5 87 1f 66 2b 19 57 95 51 14 01 4a 81 3a a0 aa 2d 01 60 c1 0b a6 80 05 04 72 28 e3 cf d1 95 a3 2f b0 de 00 9e 00 b6 0e Data Ascii: xf+WQJ:-`r(/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
118	192.168.2.7	49870	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	513	OUT	GET /4-UAwBqazrTOzXLc32ZtW6RjPbcwm-AsWiZuyQGR-fFZpnGKGDOsvBVK1Tew-pdyqtQ1=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:43 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8394 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:43 GMT Expires: Sat, 28 Sep 2024 23:47:43 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:43 UTC	860	IN	Data Raw: 52 49 46 46 c2 20 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 7a 20 00 00 2f 3f c0 0f 00 4d 28 68 23 49 c9 1e 3d cc fb 57 8c 12 22 fa 3f 01 ec 6d 63 fc b6 8d b8 6c b6 10 20 5b 30 8c 24 d9 d4 cb 3f be 6f db d8 ba 67 fc 1f 87 03 49 92 4c ab 9e 79 ff b3 d9 f6 7b df 9c 60 24 49 92 92 59 e0 e4 6e 27 e7 ff 5f 72 77 77 e8 7f 3c 09 d0 05 a7 89 da 22 12 26 21 1a 8a 2e f0 03 ec b6 3c d2 66 83 18 05 03 7e c6 10 89 db ab 33 ec e6 67 41 6a 6c 84 a3 30 34 6a c2 0d fc 85 4f 00 dc 1f 8f 8a f9 85 22 c0 74 18 9d 53 1c 0f 22 99 26 c9 b0 bd aa eb 08 94 0e 4e b6 c3 5c c4 14 08 13 ef a6 7d 22 02 03 31 38 75 13 b7 7a 68 32 f8 bb f0 f7 65 da 94 da 29 5b 45 f1 3c 32 77 04 9d ac c3 e7 6c 08 fe 43 16 bf be 7a 74 64 af 1a ff db b6 2d 53 9b ed Data Ascii: RIFF WEBPVP8X??VP8Lz /?M(h#I=W"?mcl [0$?ogILy{`$IYn'_rww<"&!.<f~3gAjl04jO"tS"&N\}"18uzh2e)[E<2wlCztd-S
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 12 67 3d 76 e3 fc a5 af 77 32 6d 80 28 e5 bd fe ba 57 df b1 2d d7 66 72 a9 4d 42 80 42 5d 96 35 3f 73 c6 51 d4 8c cf fd c8 69 c9 a5 5e 4d 73 19 17 a3 77 5a 49 2f f3 4d bb 5f 99 0b 7f 99 19 2a 80 aa 8f f3 9a a9 88 7b 13 50 07 33 1b f0 67 1a ac 93 c6 e4 c0 5f b7 5a a2 af 68 ce 5d bd 20 b1 89 39 57 53 08 51 c5 cc cf a1 b2 77 bb d3 cc 86 5f 99 37 df bd f5 35 17 8f e6 45 52 5e af 06 1a 71 2d 32 51 d3 6f 57 0d 91 24 8a 31 11 86 2e 4a 3f f7 83 71 58 ac fa 91 99 35 a0 bc a3 18 5e d0 fe d9 77 5c 7d be 34 78 8e d3 fb c5 5d 80 25 b9 47 3b f8 c4 be f8 d2 cf 91 1b 10 4e 74 c9 4a 70 cd c6 ac a8 a9 e2 68 9e bd 05 67 34 59 41 e3 b3 15 4a 68 1f bc 83 44 ca 45 b6 8f 77 b8 d0 7a 84 68 77 08 c6 bf 09 85 24 bb 0c e5 71 d5 77 25 55 c3 71 21 fc 1e c7 64 25 40 23 0b 25 a9 48 02 Data Ascii: g=vw2m(W-frMBB]5?sQi^MswZI/M_*{P3g_Zh] 9WSQw_75ER^q-2QoW$1.J?qX5^w\}4x]%G;NtJphg4YAJhDEwzhw$qw%Uq!d%@#%H
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 2e 76 5f a1 e7 62 9c 48 f0 bc 10 d3 ae c4 a3 37 2b a9 ff f5 49 ad a6 21 aa 25 eb 4f b9 fb 3b 44 93 20 f5 67 e3 c1 1e 98 98 0d df 85 76 d4 92 78 8e 83 78 f0 76 d4 eb f5 da 1b 57 9e 7d 3c 5e 7f ef 09 d9 bf 1c 91 35 27 b5 16 fd 6a 7f 1e 8f de 52 bb 0e 48 41 68 d6 80 db 4c 0f e7 bc b2 69 a9 16 21 96 5c 1e d8 14 31 c8 00 01 ab 2f 32 50 57 f1 63 d4 34 02 91 12 19 f2 17 0a ca e0 6d 0d cd 2d 99 7b a7 64 2d c0 c8 04 0c 96 e6 51 a2 49 52 47 a8 b3 b3 a9 d5 69 14 01 94 52 fc f7 f0 4b 97 fb 3d 7c 37 15 8b 1f 50 18 99 84 cc 00 ce f8 9d 8f ba f1 03 ff 83 dd 92 39 fa 97 d4 e2 7f e2 dd 6d dd 81 de 07 49 57 1b 5f 0e 86 ab 31 40 00 48 a6 60 bb bf 2d 11 06 90 a3 6a 45 7c e0 e8 c7 7e 1f b6 db d6 9d b4 4a 80 b4 4d 52 69 aa aa 98 53 b3 1a 95 c5 06 79 db e4 99 db 9c bd d7 9c b1 Data Ascii: .v_bH7+I!%O;D gvxxvW}<^5'jRHAhLi!\1/2PWc4m-{d-QIRGiRK=\|7P9mIW_1@H`-jE\|~JMRiSy
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: d6 f4 d6 8f 6a 58 e1 54 37 76 e9 d3 df f2 d2 75 07 9c 6c 04 eb 8f a5 a4 88 13 8d a5 bd c8 3b 31 af 3e bc ed 7c 6b 44 35 a4 fd 14 e0 34 6c 75 11 d8 95 2b 44 7c 66 05 a9 39 35 5d 8b 2b 6b d8 ba e2 b0 fc dc d9 03 40 cc 6f 28 ad 88 24 48 0a 84 12 98 10 78 f1 ef 75 23 9e 8d 71 8b e3 47 7f 42 9a 1a 20 e2 9e 56 64 10 30 40 af 04 18 dd c6 bd 2d 79 34 ec f3 95 5b 1f c5 67 1d fd 47 0d 01 b8 57 80 b1 1c a3 e7 71 ee ec 6f 5f be a4 99 77 3e ff fc da ef 4a 42 38 03 49 12 29 41 fa 68 d6 5d 19 cf 37 7b 18 20 07 8a ee 76 46 3a 61 30 ab 63 d6 c3 8c 5c 18 61 ac 24 3f 6d a6 cb d0 3e 83 ce 09 10 06 22 63 6e a2 40 92 14 c2 b5 77 ad f6 72 f6 7b 9f 6b 57 0f fb 84 4b 00 ab db 6f 2e fb ed dc 92 fc bd 12 5d fe f4 99 c3 df fa ec f5 01 23 24 d7 76 9a 39 bd 16 54 1f 6f 05 6c 77 8f 41 Data Ascii: jXT7vul;1>\|kD54lu+D\|f95]+k@o($Hxu#qGB Vd0@-y4[gGWqo_w>JB8I)Ah]7{ vF:a0c\a$?m>"cn@wr{kWKo.]#$v9TolwA
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 40 19 43 02 72 cf fd ec 45 83 2d dc 41 88 ad 0b cd d6 a7 68 8d 53 4b ee b4 cb c6 6c 8c da b8 c7 02 33 a3 61 9f fc 62 4d dc d5 89 e7 20 88 40 00 8c cf 33 37 ab 5a 9e 68 c1 d0 5c eb 66 9e df 8f 27 83 11 ca 8a 17 31 e9 97 87 39 5f e8 6f fc 48 24 ec 2c ed 48 2c 8c be bd 2d 21 b1 c0 b6 56 c5 f4 7a 13 fb f9 1a c1 5e 00 99 19 a0 6a e0 91 55 d4 0c cc 0a 7e 7f 64 b0 54 4e 8b eb 8f 2f 2b 5b ed 95 cf da ec 93 db c0 e8 34 28 8f 35 14 28 48 13 07 b1 6a ba e1 d8 cd a3 1f 3e 7f 67 3b a6 ed 4e 02 4d b3 bb bc 4e fb ac 93 07 de 61 07 c4 0b 7e fb ca 5c f4 28 98 d5 fc be 1e 01 1a c6 33 3b df 4f e4 97 8e fc e6 a5 1f 37 d2 c3 9b b7 31 90 2d 19 48 15 75 cd 99 cf 38 08 df fe 77 e8 01 44 3b 64 8e aa e3 8e 97 7f 2d c9 42 49 f6 de 0f 41 92 d0 14 81 19 dd 72 e5 bb e3 e2 8f 8b 88 f7 Data Ascii: @CrE-AhSKl3abM @37Zh\f'19_oH$,H,-!Vz^jU~dTN/+[4(5(Hj>g;NMNa~\(3;O71-Hu8wD;d-BIAr
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: fd f1 ab ed 6b 6c 20 bd cd bc ef 45 a4 bf 68 74 46 92 b6 99 50 22 63 4d 52 36 53 23 3a ed ba 7e 0d ed 0d c2 d5 58 49 00 59 52 95 03 5e 3b ba f8 e6 c9 6b ee dd 66 51 53 c8 4c 18 1b c6 bf 6a cd 79 a0 04 9a 19 f1 3c f2 45 09 03 45 06 82 9a 1e 68 d0 67 35 b1 61 4d 05 c7 96 e4 2a 56 0d 0b 01 41 cf fb 5a f3 c4 8f de f2 94 42 17 9c a8 d3 44 5f 1a a3 43 ed 65 8c 20 62 fe 16 88 1e 87 fa 19 5b 97 4f cb bf be da 14 ea a7 45 0b df e6 f2 f6 be 5f c6 a7 10 02 a1 06 86 c8 f4 fd e1 a9 4b 72 1d 2a 83 c7 a1 7c fd 9d fa 4d de 69 60 40 ba 24 b7 0e f0 ba d9 2d 8d 1c 3a 35 34 8f 1a 60 5a 96 77 9f cf dc 63 94 5a 31 98 54 5b 7d 3b 0d 94 19 ef f9 70 30 05 ea 72 ba 7e cb 9e 52 5a 66 c9 4c 0c 64 00 20 08 a2 90 69 15 5a f8 f7 c3 84 12 12 95 2d 87 3b 25 b2 fd b1 e0 5c 79 f0 16 2b b9 Data Ascii: kl EhtFP"cMR6S#:~XIYR^;kfQSLjy<EEhg5aMVAZBD_Ce b[OE_Kr\|Mi`@$-:54`ZwcZ1T[};p0r~RZfLd iZ-;%\y+
2024-09-27 23:47:43 UTC	584	IN	Data Raw: 75 67 0f 86 23 c6 17 50 a0 d5 11 a1 3f f9 52 73 96 3c 2b 60 82 83 0e 16 13 de 00 1b 5b e6 4a 71 c8 70 f5 bf 1c 4e 7d 69 cb 10 76 0b 58 df c9 03 38 37 b6 4e a6 96 d9 3e 30 f6 69 15 bd ba ab 3d 93 13 5a bd 59 a7 87 84 64 72 a3 ff f0 05 57 e6 ca 48 54 bc 79 1e cc 98 d9 e4 6b 0a ef 21 fe fd 77 b5 6c 6c b8 48 53 d4 37 04 a0 48 1b 85 c0 02 01 04 80 25 b0 fe c1 f4 c9 3f 4b 90 67 a1 87 d7 15 04 f8 9b 03 d7 16 a9 4d 6f 09 26 ad 7c b7 cc ef 1c dc 66 e8 e5 59 ff d0 f5 71 de 7d 5b 3f 60 17 03 16 16 5a ac 9b 79 77 f2 ec 4b ee 77 ac 0a 17 12 5d 9a 23 b3 9c b9 3b 16 ac 4b c0 c8 00 46 f6 b7 95 76 8e 80 74 74 77 d5 b0 60 fb 12 04 72 27 b3 d0 d0 e7 e5 2a 4f 08 99 0d 02 49 60 45 49 02 b1 72 1b 24 00 00 66 d3 e3 73 9f 5a 44 0f 08 24 47 1e 49 b8 6f fb c4 7d f9 c8 33 db cb d6 Data Ascii: ug#P?Rs<+`[JqpN}ivX87N>0i=ZYdrWHTyk!wllHS7H%?KgMo&\|fYq}[?`ZywKw]#;KFvttw`r'*OI`EIr$fsZD$GIo}3

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
119	192.168.2.7	49868	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	512	OUT	GET /54_553vN5-CRQBSmcbg54izHeT-KyBC2iEooeY90pcU7jpFWSgSsZYhKRBob74zRkNE=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:43 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 7840 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:43 GMT Expires: Sat, 28 Sep 2024 23:47:43 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:43 UTC	860	IN	Data Raw: 52 49 46 46 98 1e 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 50 1e 00 00 2f 3f c0 0f 10 09 06 6d 1b 49 92 77 ef cf f2 27 7c 0b 22 a2 ff 51 75 60 8b 55 1c 1a 59 46 1d 1d 2f 42 e3 c8 a6 7e b4 60 dc b6 91 23 5d 0e af c1 be 2e cc ec 1a d7 7f 75 57 40 6e 82 75 24 c9 4a fa 01 df ae 51 90 7f 40 84 e0 76 c5 36 92 24 35 f3 2c b6 95 7f 62 cc cc a6 d4 ff 04 c0 c0 86 5d 80 7f 84 20 d8 03 e0 03 88 38 e0 81 63 b9 84 60 cf ea 97 91 48 44 6e 15 eb 6e 21 44 78 c1 1c c7 32 4a 89 67 de 12 97 17 78 8f 97 67 0e 7f 9c 5f 23 13 7d 72 22 2e be 2e 5f d7 9f 7d 19 b9 5c 96 d6 8e 4b d8 02 61 92 02 a1 d7 23 bb 24 a8 71 8b 70 4d db b6 c8 91 9c f7 fb be 44 95 4a 52 8b 5b d0 4c 03 cd 30 d0 cb cc cc cc cc cc cc cc cc cc cc bc c3 cc d4 dc 2d 86 92 Data Ascii: RIFFWEBPVP8X??VP8LP/?mIw'\|"Qu`UYF/B~`#].uW@nu$JQ@v6$5,b] 8c`HDnn!Dx2Jgxg_#}r".._}\Ka#$qpMDJR[L0-
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 06 5b 80 98 87 2f 24 ca 93 3b 68 75 4c 81 88 40 b9 0b c0 33 31 a0 ef 65 17 e2 0e b6 96 95 64 e5 be 2d c7 3a 70 59 1b 36 ec ac 7d 3a bc 43 1d 02 e8 b6 35 34 ae 46 4f bc 7e 27 8d 1c 4b cd 43 e9 fb 0c f4 44 b5 2d 84 01 25 4d 98 a5 ba 0b 2b 72 40 40 59 0c 65 d7 98 5d 2d 02 23 00 4e ef 76 ea e4 12 28 4f 68 df 61 42 e9 d1 c2 aa 3d 97 69 b5 b1 35 3a c5 e0 20 14 39 50 46 bf a5 3c 01 da ec 19 9a 50 27 da 5c 0a 41 5a c5 40 00 21 e0 a4 ba 6d 5b 7d e0 f1 2a d7 00 0c 0c ed bb da a3 3c 03 97 19 d0 f0 f6 cd cc 25 62 8e d2 cd 42 f7 7c cd c2 15 51 85 bc 03 87 23 89 79 e7 38 c6 21 ba 4d 0e 46 02 73 87 81 ee 8b 2d 06 3a 24 14 83 19 8b 05 f5 1f 4c e2 1f f3 54 00 b2 70 69 b0 c3 de 88 97 27 ca 83 e2 12 c0 4a 3e bb 19 de 20 2a 9f 43 d9 c1 4c 5b 14 25 a0 1c 78 0e 02 05 11 23 d3 Data Ascii: [/$;huL@31ed-:pY6}:C54FO~'KCD-%M+r@@Ye]-#Nv(OhaB=i5: 9PF<P'\AZ@!m[}<%bB\|Q#y8!MFs-:$LTpi'J> CL[%x#
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: f8 de 51 76 a3 b2 72 f7 69 d6 c4 8a 63 e3 66 4b 30 b2 64 f9 a2 5b 4f 5c a0 33 39 0c e7 cf ae 56 62 2a 1e 00 1c 52 a1 c2 5b 94 9f b7 5a 73 c1 a0 23 cd 1d 9c a2 60 94 db ed 72 26 71 f3 92 53 fe 99 42 49 61 f3 97 f4 ac 98 bc 46 ba 7a 98 c5 3d 20 86 bb 01 73 70 56 c3 c6 9a 45 17 0a 73 ce e6 22 2b 85 40 67 c2 1a ed 31 31 d7 5e 76 31 cd ac 24 78 c0 b5 2d 37 2a ef d5 d0 20 00 10 28 64 14 92 4a 29 85 84 42 c2 96 16 be bb 69 b7 5f 44 a1 af 41 99 17 20 00 25 e8 48 44 c5 bc 49 2a 61 90 34 6f 5f 13 19 5d 72 0c ec b3 75 f6 67 4b ca 1d e6 f5 be 71 91 19 13 01 4d b2 23 9d 71 8b 82 44 92 7a e6 c6 75 c2 c3 7f 54 1a 03 b5 74 e0 f4 fe 7a c7 6d d2 c4 be 77 df 7b 37 5d ea 71 31 f1 a2 f9 7e 69 4d 5f 98 f4 54 6a 91 2d c6 4a 49 f3 a2 c4 06 15 3d a7 78 00 1c 24 18 c6 e7 62 e6 c5 Data Ascii: QvricfK0d[O\39VbR[Zs#`r&qSBIaFz= spVEs"+@g11^v1$x-7 (dJ)Bi_DA %HDI*a4o_]rugKqM#qDzuTtzmw{7]q1~iM_Tj-JI=x$b
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 44 11 41 5e 29 5a 07 a3 13 55 d9 e0 f4 7f bc 8f b5 7d 97 1d 1f f8 97 16 c0 64 dc 60 39 86 42 20 85 55 2a 59 10 2a 80 68 3e 0d 3c 30 b8 45 10 85 5c 86 a0 92 5b 62 9b a6 c8 19 34 95 d2 8c cc d4 e2 51 2b 7d bb 3f 01 53 8f 3f 08 a0 d6 be be 81 93 c7 54 31 ce bc 91 a8 08 d0 38 32 b1 6b f3 1a a6 49 6a 95 88 7a 8c 90 0c 5c 69 88 79 11 d1 be 28 d3 9a ed 7b 25 d2 92 46 f0 d3 c9 f1 a1 ee 48 25 b2 45 ce 66 9b 5a 90 c8 05 2f 88 e7 82 65 c0 72 05 25 31 4b ce 06 dd ea 6d 4d 4b 92 8e f2 ca 75 16 ef 04 ee 45 0f 76 ac d0 5a cf 75 75 dd f0 a7 4e bf 6d 8e 9e 31 68 8a bb 9c 04 65 84 a6 0f 2f a9 6f c2 f2 ff 1b aa 2c 0d f0 8c b9 91 51 42 c6 ce c5 a6 67 5e a9 4c 3c f1 20 8a 0d a2 f9 25 20 9e 62 40 61 15 f3 86 c8 60 8a f9 05 55 f3 80 59 41 31 a6 11 40 d4 14 66 80 db 40 15 d3 8c Data Ascii: DA^)ZU}d`9B UYh><0E\[b4Q+}?S?T182kIjz\iy({%FH%EfZ/er%1KmMKuEvZuuNm1he/o,QBg^L< % b@a`UYA1@f@
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 00 31 59 06 8c 24 50 68 08 02 85 15 f5 91 df ef 94 6a d7 0b f4 28 54 9e 56 b6 25 43 c7 d8 00 7e d7 60 16 49 5f 48 47 49 aa 02 35 7e e4 78 34 70 02 ad cd 8c 44 90 05 12 49 4b 20 e0 4a c0 ee 50 e1 ad 4f 90 e8 8d f5 e1 38 e6 3c 80 00 f5 ac c1 c0 b4 e4 51 88 b6 5e 05 4a 0a 5d 26 7b af 32 4c 81 17 1f 09 6a 7a fd 31 9b ed ed 59 13 e5 a6 af 39 6a 64 98 a9 31 36 20 4a 4a 46 7a 47 aa 72 01 26 f7 c7 0c 96 bc 24 30 12 58 02 a6 0e 86 0a 3c 30 02 8c 1c 20 21 e2 84 6b ae bd 5d 6b ba a3 9a 82 b9 4e 8a 52 88 34 a9 54 94 a5 46 9b 8c ab a9 ca 40 68 0c ef 76 14 00 11 1a 62 0e bc 18 cc 96 53 07 89 38 23 cb 28 8c 75 0c 0e 08 49 82 fa 9e a9 4f 6e 42 7d 76 cb 25 1f 82 4d 46 81 9e d8 df 6f 02 5f c6 94 d6 fe 55 2f ad 69 75 eb 76 3e fe 20 67 bf ef 67 44 26 8a b6 08 e9 6b 8e ab 59 Data Ascii: 1Y$Phj(TV%C~`I_HGI5~x4pDIK JPO8<Q^J]&{2Ljz1Y9jd16 JJFzGr&$0X<0 !k]kNR4TF@hvbS8#(uIOnB}v%MFo_U/iuv> ggD&kY
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 0a 10 97 8c 52 cd 58 23 d4 ba 4c 55 94 b9 d4 c1 df 78 e2 5f 6e d6 73 67 c6 d1 86 1a ac 98 69 8f b8 f6 5f 1f e6 8a 7f 7d b8 4b fd fe 51 ac 78 85 f0 09 21 91 0f 6c ba 6f 04 27 ed ff d3 29 cd 6e d5 c8 4d 33 15 53 96 94 56 bb e0 ea 2f 68 cb 94 c2 9c 54 81 02 e0 69 88 39 55 18 f9 71 54 00 8f 0f fe 64 fd 08 c4 73 29 4a 12 71 4d 6c 52 b6 50 0f 7b 0b d3 75 27 ee b6 cc 5e 53 a6 6d 70 60 24 cc a1 ff 70 a8 4f 0c 70 28 79 9c 04 90 00 4e 44 94 e8 c8 2c 5f a3 13 dd 4e 4e f1 91 37 e8 fa e3 bd 92 d5 0a b8 96 8e d6 9b 3c c6 bc dd 93 f5 d5 9e d5 7c 83 31 51 24 d5 61 64 08 08 80 c8 f6 8e 7e 69 a2 de 6f 42 9e d0 c3 83 a2 8b 9f 94 b9 7b 4c ed 52 a1 ff d6 8c 8c 04 48 22 05 40 1c d4 04 15 de 39 0a 6a 98 08 07 b8 31 ca f9 00 55 ae 1c 11 60 e1 fb bf 07 6c 24 4b 61 ab 48 28 f5 02 Data Ascii: RX#LUx_nsgi_}KQx!lo')nM3SV/hTi9UqTds)JqMlRP{u'^Smp`$pOp(yND,_NN7<\|1Q$ad~ioB{LRH"@9j1U`l$KaH(
2024-09-27 23:47:43 UTC	30	IN	Data Raw: 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 50 69 63 61 73 61 00 00 Data Ascii: 1Picasa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
120	192.168.2.7	49872	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	512	OUT	GET /xqUAS7ybTTu-O2dBQp2ZeoDTPvszt7NC5o-7ugw-TWkrUGpYiQSofQQDfNDPHPYueOo=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:43 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8228 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:43 GMT Expires: Sat, 28 Sep 2024 23:47:43 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:43 UTC	860	IN	Data Raw: 52 49 46 46 1c 20 00 00 57 45 42 50 56 50 38 4c 0f 20 00 00 2f 3f c0 0f 10 4d 20 6a db 46 97 76 bf 94 3f e2 03 11 d1 ff 2c a8 e0 87 51 5b 34 d1 9e 8e ad 17 01 36 f3 40 f4 9e 00 5d 38 8e 24 49 8d 52 e0 bf 75 0a bd 18 5e cc 3a 3e 3b 1c 44 92 a4 48 79 cc f8 2f e0 fc 6b 7a 01 cc 8c c1 b6 91 24 45 7d cf f9 47 d8 cf e8 bd bb 77 d7 ff 18 a9 54 2f 2a 6b 1c 6f 52 d7 d0 95 7a f5 b2 00 88 a7 fe a9 b9 a6 0a 34 34 b4 d4 67 ab 49 0a 95 06 a8 f0 be 3a 12 7c a1 f1 87 0a bd 9d 99 78 7f 9b b7 ee 7d 0f f8 c7 9c e0 09 2d 6f 4b 7a 9c 93 bd 95 52 c9 dd d9 bf df ff 9c 17 36 7f f7 e5 97 3d ad d6 56 54 06 82 b6 6d e3 f0 87 bd ed a7 10 11 13 80 32 9b f4 d1 97 87 d3 fe b6 6d 86 24 59 ef 17 11 99 55 5d d5 18 35 d6 b6 6d db b6 77 7f b2 6d db b6 77 8f 6d db f6 39 6b ef b6 bb d4 55 99 Data Ascii: RIFF WEBPVP8L /?M jFv?,Q[46@]8$IRu^:>;DHy/kz$E}GwT/*koRz44gI:\|x}-oKzR6=VTm2m$YU]5mwmwm9kU
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: fd f0 55 75 3e b7 4f 36 77 d8 bd a1 1f 5f 44 2f 18 ae 4b a1 a5 26 fe 91 55 52 ae ec 18 6d 7f bf ae 6b be d4 95 14 36 02 91 94 03 e9 b6 40 22 04 d4 00 d5 fb fe b6 f1 da f3 b3 e9 d7 73 19 90 75 d3 1e dc 50 1b fa bb d8 fc 62 ad cc 39 03 23 26 8c 0a a0 82 09 00 90 26 16 00 30 02 2a 8a 60 80 66 db 32 1b ea 67 8d a8 69 b0 b4 03 54 f8 6b dd d9 a8 18 fb 6d 03 79 8a bc 59 b6 2b dc 55 7a d2 9b 23 8a bf 3c 0d 5b 6d 01 ed 7e fa fe ea bf 80 95 44 41 00 80 51 57 65 89 30 53 3f 71 cb 4e 87 fd fb 39 f3 36 a6 ba e4 d2 4e f9 ef bd 2d bb 20 79 c9 03 46 05 10 33 45 d1 07 1c 61 04 d0 40 73 d9 49 d0 cd 72 e4 da 3e 56 38 fb dc 39 e6 b8 45 e8 20 5b 5f dd 22 c2 38 fc 54 f4 c3 8d 2e 93 c9 5a a2 3a 8c 2d c3 f0 0c 10 88 49 f4 a7 17 e5 c7 bb 74 55 8d 21 8c 16 4b 04 ae 71 e2 a6 3d 8e Data Ascii: Uu>O6w_D/K&URmk6@"suPb9#&&0*`f2giTkmyY+Uz#<[m~DAQWe0S?qN96N- yF3Ea@sIr>V89E [_"8T.Z:-ItU!Kq=
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 77 ee 64 26 67 52 00 d0 24 9e 21 95 6b d9 8c ca b3 71 22 75 90 28 48 e1 34 ac 61 8e 24 d2 21 c5 bc 30 eb 3d 1f d6 a0 46 85 60 82 0b 1a bc d7 43 15 0a 4a c0 b1 e8 da 56 79 ab fe 81 dc f9 ee 42 13 40 b7 12 45 71 a9 48 5b 26 20 04 c9 c1 12 98 e4 10 20 78 06 5d f1 47 2a 6e 88 fb 5e 2d 42 28 09 6f 18 46 03 00 c9 82 61 26 d7 5c fa f0 ea 1b 7e 60 59 d8 6a a0 32 9a 44 15 42 4c 60 48 c1 65 19 a3 3c 0d 5b 45 ae 9a 66 16 69 72 2e 70 50 21 3d 50 80 5a 31 e5 2a 86 bb 48 ad 14 1d 6e b8 24 f4 e6 58 41 17 13 2e 6d 4d db d9 7b 7f 52 c6 a3 27 fd 36 54 49 8f 42 52 52 b9 b3 00 72 08 d0 31 2b e0 ce 4d 42 e7 b9 f5 6b d9 fc 16 2a af 63 f6 31 89 e9 27 36 1a 16 8e d4 32 22 46 ac ca 13 9d 7b 7a ff 79 d2 dc 3d 66 9f 58 0f a4 8d 18 05 a4 88 23 9e f1 65 19 36 a9 45 4e 11 47 09 31 f3 Data Ascii: wd&gR$!kq"u(H4a$!0=F`CJVyB@EqH[& x]Gn^-B(oFa&\~`Yj2DBL`He<[Efir.pP!=PZ1Hn$XA.mM{R'6TIBRRr1+MBk*c1'62"F{zy=fX#e6ENG1
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 06 35 eb cd cd 9a ca 2b 2e 6d c5 22 ba 31 d5 72 03 d6 6d cd 4a 81 ad bf 37 9b 5e 90 c1 e5 6c 7d ac 4b 4e 41 4f 91 33 72 8d cb 63 49 59 cc 38 a0 a2 e2 ef e0 9f 92 84 a6 e6 a2 4d 12 f7 e3 8f 7d b7 e2 40 ad 84 04 24 01 c0 00 31 20 43 26 48 56 88 c8 dd 3a c2 2d 04 75 26 35 39 e7 39 00 06 5e 62 c2 39 29 24 2d 78 b8 a0 19 af 5e 4b 7a 22 00 82 82 4e 38 49 a9 79 a0 c1 e5 cb 93 1f e8 42 31 2e b4 13 3d f4 96 fe fc 56 1f 7d 77 39 d6 fa e9 97 46 12 23 75 0d 61 7a 92 67 3c b2 25 98 5b b1 47 6c 57 54 11 5f c4 56 24 3f 59 65 64 32 1e 74 03 60 80 43 12 80 24 03 30 64 80 18 77 bf fd 51 36 d6 98 3a 93 aa 9c 04 04 44 88 39 26 be 4d b9 a1 cd ec 9d e0 d7 3e 3b c7 62 71 14 23 05 5c 06 f0 83 9e ab c4 e0 14 e8 90 f1 65 7c 0c 51 ea 38 29 df 95 b3 be 3c 51 06 72 d1 b1 23 0f 64 3b Data Ascii: 5+.m"1rmJ7^l}KNAO3rcIY8M}@$1 C&HV:-u&599^b9)$-x^Kz"N8IyB1.=V}w9F#uazg<%[GlWT_V$?Yed2t`C$0dwQ6:D9&M>;bq#\e\|Q8)<Qr#d;
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 75 ef e3 db 44 a4 28 23 ed 0d de 3e 74 95 da 9b cd be ef ff cd 64 d3 7f 6f bb 64 76 f5 e0 96 d3 6c f3 66 de ce 54 ac 5c f4 97 c3 68 b1 5d 38 58 ce d8 ce 19 9a 5a 1b 1d 63 70 8b d7 72 fb 1d 37 09 fb 7a 5c 92 83 89 c2 0c 85 20 c0 85 59 82 20 65 40 86 c2 65 38 6e fa 03 a7 df 77 b7 a4 d5 51 96 10 61 26 0e d9 3c ff 44 4b 1a 18 29 91 12 41 2c 23 38 0c 82 a7 19 35 ca f6 a2 0f 7d 79 dd e4 6c d5 9d 77 3b be 6f d6 fe b7 0b 3f fe cb bb cf 9e c9 86 fb b5 d9 ed f2 67 06 06 c6 fc b9 2e 30 c0 48 4a f5 ce c7 77 dc ef b3 11 d3 d4 37 ba d5 3b 9e fa d4 96 4f 94 2e a9 3d 1d 5b cf 9b 5c b0 72 25 bc 21 8a 28 8d 65 d9 c8 c8 6d 0b 39 d1 4b af 9a a0 60 08 21 cb f9 af 80 45 17 18 0e a2 0c c8 90 04 fc b9 0c 49 8b 6c dd 01 d9 3c dc 74 d2 43 06 26 09 9c c5 97 94 b7 cd e4 0f 47 f9 70 Data Ascii: uD(#>tdodvlfT\h]8XZcpr7z\ Y e@e8nwQa&<DK)A,#85}ylw;o?g.0HJw7;O.=[\r%!(em9K`!EIl<tC&Gp
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: db 8d 67 62 ef 3c 11 3b 7e b8 b8 fd 97 25 a3 ff 7c a4 7b 7c da e8 f7 9b fa 9b 59 69 35 34 66 00 4d b7 4c ca 1e 7c 53 85 f6 23 85 74 bc 9e 8f e9 4f 0d ba 37 70 b5 77 76 72 ac b3 b7 ee c0 f7 1f 7b ca c7 8e b6 ef 65 e1 25 9e f1 2b 81 f5 f0 81 6b 80 ab 06 0e 77 e7 bc ea 10 0f 06 9a 50 83 d4 09 1e 6e de 67 6d 75 28 c7 ff db 51 de a2 e3 1e ff 58 b7 fe 37 99 f9 f0 ea 07 7e 27 de a7 f2 d3 a1 23 30 71 ec f5 0f df fb aa 35 17 fc c3 3f 3e 2a 3e b3 cb ad 46 ba 8e c5 83 30 b0 00 e8 02 d7 2e fa 91 8d 05 00 11 06 28 a0 c7 1e b8 00 38 9f 29 37 6c c1 61 60 1c 68 93 34 be 6f dc c8 cf 33 f3 fe 7c ef aa 4d cf 9a 37 70 c7 f1 bc c4 e5 99 39 8d a8 02 86 c6 bc f3 b7 d9 cf 24 2f e9 bc 94 39 3f df 9e 6e 7f e1 cb ff 1c d9 7a 88 6d e0 62 ff d1 5b 00 27 92 86 de 60 2e e7 ac 7b eb 28 Data Ascii: gb<;~%\|{\|Yi54fML\|S#tO7pwvr{e%+kwPngmu(QX7~'#0q5?>*>F0.(8)7la`h4o3\|M7p9$/9?nzmb['`.{(
2024-09-27 23:47:43 UTC	418	IN	Data Raw: 50 10 10 01 a0 22 12 01 88 11 12 02 08 10 a2 2c 08 a0 e8 20 51 76 30 b8 db 2f 62 1d cd e5 5d cd e1 3f 8a 3f 7e e4 d9 08 a0 5b 84 9c 4c e8 be d6 f5 9f ac 2d a3 59 de 1c 96 df 35 29 64 60 10 63 5c 89 10 93 38 0a 80 28 44 a4 d2 3b f8 c6 cc ad 4b b8 ff 8e a0 61 40 88 00 48 04 12 02 11 20 02 51 50 94 4f 98 6b 89 44 02 40 04 90 29 37 69 99 19 9e 6b 57 5e fd 7f df ac b6 00 2c 2e 00 59 92 6a 2f 4c fa a5 df fd b4 e3 d5 09 66 b4 25 0c e6 a8 08 4a 05 20 0a 68 c9 48 8a a4 8a d4 e4 07 57 d3 83 07 2c 81 0c 49 84 e2 62 15 05 20 02 24 91 90 cc 49 26 9e b3 aa 8e 49 4d 71 f0 b1 dd 4a 0b be c9 55 f3 1e 20 03 58 a2 50 d9 3b bf 8c 27 92 6f 4d 78 d6 77 7e fd da ef 7e db f0 cf 5f 97 7e f5 e7 dc 97 86 fe 76 63 cf 83 b8 be a3 92 2e d7 18 d8 a3 22 e8 48 ff 27 91 12 55 aa a9 76 ce Data Ascii: P", Qv0/b]??~[L-Y5)d`c\8(D;Ka@H QPOkD@)7ikW^,.Yj/Lf%J hHW,Ib $I&IMqJU XP;'oMxw~~_~vc."H'Uv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
121	192.168.2.7	49873	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	513	OUT	GET /ldkXMQV3VO28rcqoeW8wN-5SxFZ8PcDrwM1EGxxTPv4cSrPPawrwzB28M1uQq5Ll3lTq=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:43 UTC	533	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 9448 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 21:01:42 GMT Expires: Sat, 28 Sep 2024 21:01:42 GMT Cache-Control: public, max-age=86400, no-transform Age: 9961 ETag: "v1" Content-Type: image/webp Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:43 UTC	857	IN	Data Raw: 52 49 46 46 e0 24 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 18 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 97 24 00 00 2f 3f c0 0f 10 4d 30 6c db 36 12 2c a7 cf 9d f6 9f f8 6e 88 88 fe 4f 40 f3 3b 7e 76 a0 29 19 78 b4 15 94 5b 85 78 a8 a8 22 33 c6 a4 0b 46 91 24 29 ea 3d 26 ff e2 ee c5 cc b4 bc a3 c3 6d 6d db 4a b4 71 09 89 28 85 fe 63 4a 60 11 12 b9 8e cf 62 18 c9 56 9a 17 4f 01 e9 bf 36 77 c3 21 68 ff a3 82 81 88 20 f8 de 12 a4 73 73 56 14 de 09 be a2 5c be 75 fe c6 57 0a c3 fc 36 3e a4 08 30 1d 0b 0f f3 50 20 3c e5 92 b5 02 74 14 13 ca 35 6c f0 10 62 d9 43 b4 5a fb 27 7c f7 3c b4 84 68 82 1a bb 9d c1 3e 0b fd c7 d5 63 f2 7e c2 b7 86 a8 32 9c e5 c3 79 88 55 87 52 0f 47 f3 df a3 da ca 16 10 1b 31 41 02 37 ce 9f 5c d7 90 1b 43 41 db 36 92 c3 9f f6 76 0f 83 88 Data Ascii: RIFF$WEBPVP8X??VP8L$/?M0l6,nO@;~v)x[x"3F$)=&mmJq(cJ`bVO6w!h ssV\uW6>0P <t5lbCZ'\|<h>c~2yURG1A7\CA6v
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 27 81 7b b9 47 0a 64 9a 52 ce f8 fb c0 db 1e 3c f1 80 e9 ad c2 5c 3f 21 83 8f 40 2b a8 46 a4 4e 18 50 98 33 51 d5 5d ae 73 3f 86 87 37 97 b2 78 46 aa b4 3b 1a 78 ed 8e 53 f0 6c bd f9 6c 30 64 8a a6 67 ff a3 b8 7f fe 48 d3 ee 90 88 31 11 6a 89 c1 11 25 0f 84 9a 00 60 82 08 50 50 29 20 30 88 1b 82 20 32 81 a1 06 09 28 b8 b0 14 9e 2e 0f d9 38 f8 4c a5 0f 4d d1 54 b6 5b 46 d5 5a 8a 56 fc 3d fa 9c 59 9f c9 27 d9 c6 7d 4b 51 ad 59 0d c8 4b 46 4b 14 4e b3 60 6a 96 d6 8d fe ed fa 1a fd 93 d3 b2 a1 5f 9c 0d 72 01 68 54 90 34 fd 5a f2 39 3e 35 82 36 49 04 6e 9f de 99 ec 5d d3 fd f4 ec d1 2d 1a 93 ed 84 20 32 a1 70 44 d5 32 cd 59 02 b1 64 25 2f 9c 88 68 b6 8a ae 2e 36 a1 06 0e c3 18 c0 25 c5 60 d2 05 23 33 b1 5a 5a 8f 6f 99 04 ab 62 13 cd ce 9c b1 35 06 03 84 d1 68 Data Ascii: '{GdR<\?!@+FNP3Q]s?7xF;xSll0dgH1j%`PP) 0 2(.8LMT[FZV=Y'}KQYKFKN`j_rhT4Z9>56In]- 2pD2Yd%/h.6%`#3ZZob5h
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: e3 55 20 89 86 d1 12 50 82 32 62 ee 32 4a 89 ce f7 1a 7b 15 df 20 d5 69 e0 b7 fd 6b 67 9c 98 a2 8d 58 35 5e 75 fb 79 13 42 c5 04 0d 30 42 23 62 8e 4b ed f1 52 ce 6f 84 3c fa be 0a 42 5d 49 2d 33 8d 42 08 c2 86 7e fe 8a c4 d2 6c f1 fe 43 dc f8 45 1e 2f 7b e4 11 2c 0e 00 6d 3f 78 5a 35 12 42 4d 30 1d 5a bf bf 5b b2 ef e1 48 ed 47 19 7f ee db 03 93 56 5c 71 4f 8e 16 6c 5c cc 9d ed 6c 38 b5 42 db 29 58 69 8e 3e 97 6c 15 49 11 44 88 86 28 4a 41 82 e9 0e 83 37 37 d3 4a aa a8 ea fe 39 dc e9 39 2d c7 7f 6c a0 ee 8c 3f 9d 63 1f 56 7d 6c 10 99 e6 42 8c c0 20 50 60 5a 82 61 08 e7 60 14 26 76 db 94 77 de f9 41 0b 02 42 10 20 09 53 d7 8e fb fc e9 f6 9c db 11 9c eb 32 50 32 24 3d 8e fa f4 ff 56 59 79 df 5b 9e 31 75 64 9c a0 00 05 29 85 a8 b5 fe 70 1d 2a ab 0c f2 75 d5 Data Ascii: U P2b2J{ ikgX5^uyB0B#bKRo<B]I-3B~lCE/{,m?xZ5BM0Z[HGV\qOl\l8B)Xi>lID(JA77J99-l?cV}lB P`Za`&vwAB S2P2$=VYy[1ud)p*u
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 77 7d 7b af d3 21 3d b9 4a 91 9a 6b b8 22 09 97 96 6e 86 c4 44 e2 43 cb 6a b1 71 6c c9 b1 20 d8 82 fd c5 8b 07 37 ff 7e ec 1f 24 0d 20 14 c1 5b 26 c7 ff cb ec e6 8f c8 91 2b b3 3d 49 24 18 21 14 20 29 7a d8 5d f6 c5 7b a5 b4 32 28 67 fd 92 25 ae 69 3d d7 17 f1 ce c6 73 9f c7 6a 56 82 10 c0 14 8f 33 f4 da 26 db 84 4f 94 22 5b d2 9d d8 48 76 72 cc c4 a7 28 51 2e 1b 8a a4 f4 27 62 0d f3 ff e9 bc 11 54 24 90 c0 71 82 93 2c 19 a2 69 82 f1 e6 77 a6 25 9b d2 34 6d c7 f4 55 ab 18 87 e2 0e 67 36 a5 50 69 c0 be 10 f6 2c bb ba 99 94 bb c0 0f ea 58 c7 f1 dc 74 e4 9c c3 1e 57 80 41 56 64 c5 f9 eb 69 d3 0e 24 80 c2 52 82 82 a9 85 92 09 80 25 5d f7 4d c4 16 b4 e1 42 cf 32 91 4f a6 07 e1 14 42 30 a3 17 ed 5b 77 ff d5 7d e7 7e 6d fb e9 9a 79 81 d0 56 30 33 3b 79 3b 89 1b Data Ascii: w}{!=Jk"nDCjql 7~$ [&+=I$! )z]{2(g%i=sjV3&O"[Hvr(Q.'bT$q,iw%4mUg6Pi,XtWAVdi$R%]MB2OB0[w}~myV03;y;
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: cc 2b 37 c2 b1 03 20 29 58 e1 36 a4 29 88 53 8b a2 81 63 05 61 d4 c4 11 88 27 f4 0b 62 5f ca d1 23 0b 3f 9c c7 3b d3 b9 d0 40 eb f3 10 2a e4 54 6c dc 3d 88 89 97 a6 4b de 70 ec 9f 77 38 bd 1b 19 a7 20 29 e8 1f c4 2b aa 23 6f ed 5e b9 ba 7b ef c4 4c 3e dd 1f 7d 6f f1 d9 8b 8e a3 e0 6b eb d1 6f de 51 62 da a2 3d 40 09 49 88 a2 dd 52 85 71 10 80 f3 fb 0a 00 4e 2a 96 40 00 70 0c da 4b 6e e0 33 7c b7 b2 9e 77 f1 4d 04 99 06 68 14 01 00 24 35 3f f3 66 8a aa d4 d3 c2 07 ef cb 85 8a 40 50 5e 6f dc 25 22 25 0f 3d b0 4c 9c e9 b8 96 ce f9 fa 73 a3 d5 41 73 c7 9b 1c 21 2d 72 fa 34 ab 4c 52 32 89 c5 80 bf 93 87 2f 92 f8 b5 58 58 77 b1 f6 e4 bd f6 6f ba 14 a2 fc c0 da 4d 12 12 84 20 7e 43 12 4c c2 40 08 0e fe 72 20 48 00 84 70 5e 94 9e 04 ff f9 19 98 e3 dc 87 35 c9 3a Data Ascii: +7 )X6)Sca'b_#?;@Tl=Kpw8 )+#o^{L>}okoQb=@IRqN@pKn3\|wMh$5?f@P^o%"%=LsAs!-r4LR2/XXwoM ~CL@r Hp^5:
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 33 e5 71 ff 59 5c 59 ad 35 a7 45 47 5e b7 95 76 f2 6d af 3d 7f 83 4f 5d fc b3 14 3c 37 37 3b 1e fa 78 a6 77 7d b1 79 e5 62 6c 75 1a bd ae 62 2e 8e f5 eb ae f7 df cf 67 a2 e5 22 f7 ca 69 c2 09 1c b9 c4 3c de df 70 ee 74 68 eb d0 18 b7 e4 c6 03 3f c9 a3 c9 49 1f 30 00 4e 1c 16 c3 6a 3f 27 0b e2 ac 86 b3 98 b5 59 5b cb c2 11 ac 90 92 20 18 c8 09 0e 02 a4 e2 24 95 70 c7 0f 1f 3e a6 36 3d d3 c8 53 da 35 4e 46 f2 ad 15 83 84 af 59 2f 7a 28 fc f7 81 6a e6 e4 a0 a3 55 ed 98 74 06 43 ba e5 7a 99 83 33 75 83 dd ff ae ef b5 c1 9b e2 ed d6 c9 be c9 b8 49 06 df de 66 3e c4 d5 8b 6e e4 42 d9 fb 55 95 9a 87 09 02 96 32 4e 09 55 57 18 a2 7f 2c 9f b5 f3 96 9d 3f ff c5 b8 22 df cb b7 e5 e0 8d 7f bf 7e b3 0b 10 80 5f 18 88 92 97 ba a5 0e b5 be 6d c6 a2 9c ed 40 ac 87 ab ae Data Ascii: 3qY\Y5EG^vm=O]<77;xw}yblub.g"i<pth?I0Nj?'Y[ $p>6=S5NFY/z(jUtCz3uIf>nBU2NUW,?"~_m@
2024-09-27 23:47:43 UTC	1390	IN	Data Raw: 89 35 76 24 46 00 ca 62 cb 78 20 38 c1 5f ae 7d bb b0 7d f8 fc 5f 94 4c f7 2d 4f 29 d9 2b 0b a7 ba af fe af e7 8f fa 47 9e 79 c1 c0 31 f8 8a ad f4 cc 16 d0 a7 49 6d 67 48 20 be 35 b1 e7 41 c0 f0 28 26 5f 9d 32 d3 37 b0 db 1d 2b e4 a1 00 23 4b a6 c0 3e ac 81 62 c5 ce 53 ee fc da 73 14 9a f8 ee 2f c3 77 63 9d 3f 1a e4 ff d7 fd d3 f4 15 77 f5 17 36 2c 33 72 30 25 0a e3 54 58 9c b2 fe 6d 45 0d 23 68 97 4d 5d b5 30 de 2a 69 75 be 24 a6 eb 59 5a f6 ac 49 dd ce 95 4c 15 00 98 b5 90 75 d1 1b 1b cc f7 30 78 4c 6f e8 ee d9 36 96 a0 04 b5 6d 1f bb 2f ba 65 e5 fa b9 bd 07 c6 db 0f 2e 3f 7c e2 cb 9b 5e fb c2 df fd a9 60 44 88 30 28 ae b1 30 54 91 3f f5 fe e7 bb 9b fd a3 df be 45 71 f0 e5 e0 a9 50 78 75 69 cb 8c f1 40 1d d6 98 c7 cb e7 de f9 c0 77 af 9f bb c7 47 bb df Data Ascii: 5v$Fbx 8_}}_L-O)+Gy1ImgH 5A(&_27+#K>bSs/wc?w6,3r0%TXmE#hM]0*iu$YZILu0xLo6m/e.?\|^`D0(0T?EqPxui@wG
2024-09-27 23:47:43 UTC	251	IN	Data Raw: 37 9b e0 c2 57 dd 57 fc 62 4e 72 2d e7 ca 34 97 8e 92 c1 dc 92 83 dd bd de 53 77 df 77 d2 ea 48 cf 68 65 bf e5 d4 92 5a 5b 50 46 be fc 7d db 82 3c 16 6a cd 8f 2a 84 2a c2 22 9f 3e 44 06 08 b7 40 a1 69 82 28 00 00 01 9c 40 38 0c 07 42 41 87 12 9b 85 2d 80 bd 01 d8 77 8a e6 65 fa 31 0a 7b 96 a8 77 0d 1e 5b 90 42 a5 bb 24 7c 65 84 d7 b8 08 ad 38 20 47 36 cb 95 18 ae 05 87 b4 b4 83 9a 62 d7 22 dd 0a 8a 80 83 a6 99 29 0d 77 33 4b 17 a3 25 dc b1 ba 76 e5 fc 40 74 71 31 93 4b bc fc 4e 0c cb c7 55 a8 66 53 4a 85 20 f3 30 f3 08 7c 88 12 14 7a 15 2e 9a 0c 53 02 50 00 14 04 12 65 fe d1 e2 af a0 d7 d7 8b d2 30 07 d8 ef f6 2d 00 00 45 58 49 46 22 00 00 00 49 49 2a 00 08 00 00 00 01 00 31 01 02 00 07 00 00 00 1a 00 00 00 00 00 00 00 50 69 63 61 73 61 00 00 Data Ascii: 7WWbNr-4SwwHheZ[PF}<j*">D@i(@8BA-we1{w[B$\|e8 G6b")w3K%v@tq1KNUfSJ 0\|z.SPe0-EXIF"II1Picasa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
122	192.168.2.7	49878	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	1261	OUT	POST /_/PlayStoreUi/cspreport/fine-allowlist HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 2771 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" Content-Type: application/csp-report sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://play.google.com X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: report Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
2024-09-27 23:47:43 UTC	2771	OUT	Data Raw: 7b 22 63 73 70 2d 72 65 70 6f 72 74 22 3a 7b 22 64 6f 63 75 6d 65 6e 74 2d 75 72 69 22 3a 22 68 74 74 70 73 3a 2f 2f 70 6c 61 79 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 74 6f 72 65 2f 61 70 70 73 2f 64 65 74 61 69 6c 73 3f 69 64 3d 63 6f 6d 2e 6e 65 70 74 75 6e 65 2e 64 6f 6d 69 6e 6f 26 68 6c 3d 65 6e 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 76 69 6f 6c 61 74 65 64 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 65 66 66 65 63 74 69 76 65 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 6f 72 69 67 69 6e 61 6c 2d 70 6f 6c 69 63 79 22 3a 22 73 63 72 69 70 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 Data Ascii: {"csp-report":{"document-uri":"https://play.google.com/store/apps/details?id=com.neptune.domino&hl=en","referrer":"","violated-directive":"script-src-elem","effective-directive":"script-src-elem","original-policy":"script-src 'unsafe-inline' 'unsafe-eval'
2024-09-27 23:47:43 UTC	3301	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=utf-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:43 GMT Strict-Transport-Security: max-age=31536000 Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy: script-src 'report-sample' 'nonce-fgEg1xsyOk5xse_5g8CLrQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.google.com/js/bg/ https://www.gstatic.com/_/boq-play/_/js/k=boq [TRUNCATED] Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Cross-Origin-Opener-Policy: same-origin-allow-popups Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
123	192.168.2.7	49881	142.250.185.132	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	1208	OUT	GET /recaptcha/api.js?trustedtypes=true&render=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
2024-09-27 23:47:44 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Fri, 27 Sep 2024 23:47:43 GMT Date: Fri, 27 Sep 2024 23:47:43 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:44 UTC	641	IN	Data Raw: 36 35 32 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 Data Ascii: 652/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.g
2024-09-27 23:47:44 UTC	984	IN	Data Raw: 59 66 66 78 72 4d 38 54 6d 5a 54 36 52 41 72 57 47 51 56 43 4a 30 4c 52 69 76 44 37 67 6c 63 41 55 41 41 41 43 51 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 64 76 62 32 64 73 5a 53 35 6a 62 32 30 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 Data Ascii: YffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecati
2024-09-27 23:47:44 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
124	192.168.2.7	49882	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:43 UTC	513	OUT	GET /MjrhJApdcYG1D2vtDZFqcc6UebJ-eMLT_M5omELV_39EbQkiDigolM_XFgQ-aKZHdz0a=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:44 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 2114 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:43 GMT Expires: Sat, 28 Sep 2024 23:47:43 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:44 UTC	860	IN	Data Raw: 52 49 46 46 3a 08 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 20 f2 07 00 00 90 23 00 9d 01 2a 40 00 40 00 3e 71 2c 8e 46 a4 a2 a1 21 35 fd 1e 60 90 0e 09 6c 00 9d 32 aa 7c 3f ac fe 52 fb 20 56 1f c7 ee 7c ce 9e 5d fc b9 ce 27 cc 03 f5 17 cd 77 f4 af dc 07 ec 6f a8 6f d6 ef d8 ef 79 2f 41 9f e2 7d 40 3f 9e 7f 9d eb 1f f4 00 fe 01 fe 03 d3 3f f7 4b e0 b7 f7 1b f6 fb e0 2f f9 3f f9 1f fc 38 3c bb d7 fb b7 82 3e 0e bc f3 21 9b 86 fa 49 fb 1f 30 fb ed e0 05 eb 9f f0 1e 6d 90 1e d0 7f 19 ef b5 fa 4b cc b1 53 1a 00 7d d5 7d 80 7c a5 e7 3f e9 8f fd 1f e6 be 01 ff 96 7f 5f ff af d8 23 f7 3b d8 e3 f6 e0 74 e5 89 65 1c dc 19 51 b9 d7 1c 45 58 ae 82 99 cf bb 3f a0 18 fc b9 a6 cf 69 5a 1e f1 73 02 19 21 40 ad 53 a6 85 8d 42 2c 5e Data Ascii: RIFF:WEBPVP8X??VP8 #*@@>q,F!5`l2\|?R V\|]'wooy/A}@??K/?8<>!I0mKS}}\|?_#;teQEX?iZs!@SB,^
2024-09-27 23:47:44 UTC	1254	IN	Data Raw: ea b8 dd 50 1f f8 66 1d 7d a5 3a f0 b6 9e 25 ab c8 52 37 32 d0 56 6b 1e 66 5f 2d 33 82 5c 99 f1 4d b4 08 31 d8 2b 36 30 c3 f1 d5 94 cd 40 25 e9 5c 09 f1 2a 66 9e 87 10 30 d6 27 f9 be b8 ff f8 62 01 85 3c 86 a8 c8 a1 b7 85 c8 6c 50 b6 80 e7 14 ac ec c9 14 c2 fc 0c 00 71 84 c0 98 84 61 eb 72 f9 cb 68 8b 77 b4 2a 99 e8 47 63 e5 25 32 78 5e 28 15 2b 39 bf 70 90 46 a6 2f d0 9b 24 b4 f7 34 c7 59 32 80 b2 aa 34 6a 1d 3c 81 28 53 57 5a 25 0c d5 b7 c7 78 46 96 d8 5e ef bf 36 3e 0a 2d 5a b6 8a 78 f2 a5 4b cf 02 db ce 49 a3 90 bc 3f b9 ff 9e d3 ba 9b 05 12 6b d0 0a de 18 fd 04 df dd b3 2a 79 12 89 3e f7 d9 d6 51 e7 94 90 54 bd 24 b6 1f d3 f5 d9 34 da 96 9b bf 18 a7 6f 97 eb d9 45 03 b1 44 58 c4 f9 f1 e0 b9 c0 8c 0b 5b 1c d0 4e 03 e8 06 09 61 f6 7b c6 91 53 4c 97 20 Data Ascii: Pf}:%R72Vkf_-3\M1+60@%\f0'b<lPqarhwGc%2x^(+9pF/$4Y24j<(SWZ%xF^6>-ZxKI?k*y>QT$4oEDX[Na{SL

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
125	192.168.2.7	49883	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:44 UTC	512	OUT	GET /zP7opc5mRojd_Hmq_COpDBXf_QbspUi9UYBBYacXiIgmM7_s-g2UqXjHpsFSCATOJnE=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:44 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8332 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:44 GMT Expires: Sat, 28 Sep 2024 23:47:44 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:44 UTC	860	IN	Data Raw: 52 49 46 46 84 20 00 00 57 45 42 50 56 50 38 4c 78 20 00 00 2f 3f c0 0f 10 4d 98 69 db 66 cb 6b fe 8c a7 61 88 e8 ff 04 e4 9d 08 56 46 39 4b 8f 85 5c 16 8c db 48 52 34 cf cb 3f b4 8b 80 99 16 5a ad d6 52 1c 8c 24 49 52 52 6b 38 1c f9 ff fb dc 61 3d 5c 49 92 6c 5a 7d 6d ec 7f 71 37 ea da f8 d2 63 ff 83 85 ab ce 08 5f 21 4b 18 51 03 0b 14 9d d4 29 35 af 54 00 fb e3 07 8b 7c f0 9f 09 81 15 db e9 50 c2 4e 48 f9 97 e2 27 30 03 df 59 89 7f 07 84 fe fa 1d 5a 26 95 26 cb a4 24 97 87 66 80 06 86 ac 7a 4b cb 59 21 f3 c0 07 04 63 fc 6c 8f 4d c1 e2 2c ba 84 4b c4 d1 40 c2 24 83 b3 c7 67 3f c7 92 2c 53 0c 9c c2 2b f1 55 e1 d1 00 60 b5 dc 3a ff 39 e7 e2 b0 66 34 33 92 46 ac 11 cb 96 34 62 32 c9 cc 6c 3f 66 66 26 33 33 33 33 b3 cc cc cc 16 33 5b c3 33 77 2e 1d f8 ff bf Data Ascii: RIFF WEBPVP8Lx /?MifkaVF9K\HR4?ZR$IRRk8a=\IlZ}mq7c_!KQ)5T\|PNH'0YZ&&$fzKY!clM,K@$g?,S+U`:9f43F4b2l?ff&33333[3w.
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: a6 13 85 10 64 a4 25 58 42 83 53 f7 82 03 c0 56 db 18 85 71 8c d2 c9 61 36 59 31 49 77 dd 11 0e 51 24 42 43 c4 8d 83 c6 b1 24 fb 2e bd b7 45 0e 79 03 51 e5 6a f7 1d 75 fc c7 95 56 27 15 a3 00 40 c6 30 48 45 41 00 80 40 35 08 4b de 36 b2 d3 4f 7f c3 a3 03 e1 64 2a 5f 5c 69 8f c2 b4 ad 15 d9 15 3c 10 21 66 f7 90 be ba 88 dc 53 20 04 21 00 05 0d c3 41 ef c3 0c 67 06 3b 44 96 55 00 00 2c 50 00 32 25 4b d0 ba 41 2a 11 45 44 1f 9a 9a 0a 6d dc 56 54 28 13 78 ae ae 9b 08 0e 69 2d 21 09 d0 08 45 02 88 a1 6a e3 9a 7d d6 df d5 34 d7 b6 0e b8 b2 b8 e6 ff 0d 43 c1 a3 50 22 cb aa 8c 22 e9 b9 c2 34 9b d2 d9 fb 03 0a ab 85 7a e3 dc 28 2a ab d6 c1 10 de 9a 58 fa c1 e7 b3 0c 4a c4 48 b0 64 a5 f9 19 e2 03 24 96 92 94 69 36 03 d6 43 64 6b 18 25 fb c6 05 71 18 57 64 63 71 00 Data Ascii: d%XBSVqa6Y1IwQ$BC$.EyQjuV'@0HEA@5K6Od_\i<!fS !Ag;DU,P2%KAEDmVT(xi-!Ej}4CP""4z(*XJHd$i6Cdk%qWdcq
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 89 3d 36 8a 28 c0 03 18 02 a0 00 08 f6 fb 6a c9 cd 67 3c 92 d1 6b 01 f4 00 0a 00 57 a8 52 42 28 21 00 74 4a 02 90 f5 df b6 6a f7 23 af 67 07 40 81 14 84 e0 ca 4a 72 ae 27 18 e2 85 24 2e 04 74 ac ea aa e6 47 40 62 d5 6c 3a 52 51 64 4d 7f ac de b6 91 0c 18 41 7b 3c 15 a5 81 65 38 fc e5 05 01 61 92 a5 15 21 62 16 d0 97 71 44 8c 1a 6d 0b f4 78 3c a9 78 da c0 d1 9f 0f d4 9d de 93 ac 01 6a 32 c4 59 22 d0 08 b0 0c a6 81 30 69 d3 83 19 bd 0e 40 eb dc 42 00 e7 57 29 3d 05 21 2e 17 01 30 ae ca b5 47 2d 93 86 cd c7 3a 2b 13 1b 65 7a 6f a4 5c c5 0a 9b 18 89 4c aa 6c ca d0 05 a3 cc 2c b8 74 5d ff b8 d2 ca 9f 68 9e 2e ae 67 dd b5 07 d6 95 e3 a3 ec 1a 04 75 0c 81 cd a1 d8 29 ab a0 a5 a3 5a 43 42 25 6b b7 b1 d5 08 13 32 0b 60 40 65 4e 4f 2c 9e 89 1c 1f 86 14 33 a8 e6 13 Data Ascii: =6(jg<kWRB(!tJj#g@Jr'$.tG@bl:RQdMA{<e8a!bqDmx<xj2Y"0i@BW)=!.0G-:+ezo\Ll,t]h.gu)ZCB%k2`@eNO,3
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: f5 40 37 00 85 a5 ac c1 fa 4f ea 76 bd df 66 28 3f 03 68 01 b0 1d d6 1c 53 e9 e8 9e a5 7e e3 3a e2 44 08 88 3a dd 00 3b bc 75 2e a3 c9 be 07 90 88 c6 44 d5 c8 61 ab 81 15 b0 a1 07 85 ea 14 b6 68 30 a7 92 b2 5e a2 3b 09 10 a5 c5 95 3e 55 c4 f4 8d 19 8b 9c d6 11 bd 40 00 09 66 89 ab 0e 36 09 11 02 87 88 fb 09 ac 10 e2 43 83 06 10 01 b1 99 96 19 95 aa 4f 17 c2 81 c7 ec 32 aa c3 70 f0 eb 4d 65 ca 0f 5b 7b 5e 3b 00 2a e0 08 3b 85 f5 4c 58 ff 4e 1c fc 1b b0 0c 1c 4b a8 c1 fa 17 fe a4 fc d4 59 60 33 bc 53 da 88 eb 84 e2 2a 94 01 95 94 40 74 42 41 28 d7 09 0e 32 8d 88 87 77 4c d9 14 44 56 88 0f 2a 64 5e 88 f2 05 8e 0c 0e 5d a0 0f 46 53 e8 9c 9e d6 73 5a c7 91 71 5f 8d 38 44 2a 0c 60 31 80 5a aa 79 56 a7 22 12 14 f0 5e 68 3f b6 65 4b 24 d6 0f 8f 33 a8 b5 85 39 a8 Data Ascii: @7Ovf(?hS~:D:;u.Dah0^;>U@f6CO2pMe[{^;;LXNKY`3S@tBA(2wLDVd^]FSsZq_8D`1ZyV"^h?eK$39
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 90 a9 dc 36 55 01 50 99 0c 68 89 31 7f e1 72 76 d5 10 4c 60 17 91 28 64 61 0a 1f 0f 5c 67 09 5d 0d 14 4c 12 d4 c2 a1 a9 ef f9 09 84 2d 17 1f 7a 3e a1 18 e0 93 f3 be ca 73 01 41 d6 18 aa 87 d2 7b 1b 9d 7f dc 4e cd 83 9c f0 e2 ec ec 0c a6 68 b0 01 f8 9e 15 87 f5 14 21 23 e7 2a d4 11 21 a9 36 89 0f c6 b8 01 62 76 8c f6 a9 ac a2 3c 22 89 21 a4 11 cb 20 bb 04 51 18 df ab 7f ab a9 53 fb dc 43 1f 66 a1 89 ec a8 2c 44 95 37 3d e4 50 54 44 94 c3 29 01 0b 60 33 e0 a2 40 0a 08 85 ec 93 a9 22 03 24 59 8c d0 05 0e c6 56 fa fc bc 4b 74 5b 07 41 18 88 f2 99 25 12 89 1d a0 1b 35 b1 f0 84 99 ff f6 11 32 de c5 10 3c 16 4d 0c 60 87 dd c3 a1 c3 c2 1b 97 8e b4 b3 8c 75 22 95 b2 29 01 04 39 dd bb af 13 da be 45 54 40 b5 dc 91 73 cf 85 90 dc e7 43 20 d9 f3 7c 03 37 cf 5d f2 b9 Data Ascii: 6UPh1rvL`(da\g]L-z>sA{Nh!#*!6bv<"! QSCf,D7=PTD)`3@"$YVKt[A%52<M`u")9ET@sC \|7]
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 7b 8c 64 e5 33 3f d3 19 c4 70 70 0f 6c fd 5e b2 da b7 ef 54 63 4a 27 ef ab 21 e4 ec 3c 99 3e 5f ae d7 e3 c9 b5 95 20 c1 18 63 6f 25 24 08 47 0f 49 ed be ec a6 ae 48 86 ee 30 36 9d 83 27 0c e6 e4 d0 d4 28 67 82 03 f4 bd 4e 10 ea 45 d0 2c 12 d1 85 e2 22 c9 11 68 01 21 f8 38 10 03 43 33 0a 62 2f 00 a3 02 e0 30 87 bb a7 90 04 ef df 09 f5 1b 09 59 a7 49 36 dc 4e f5 35 06 96 20 b6 29 5b f3 dc 1f a9 39 65 e6 0e 4f 70 07 9f 82 01 ea 4f f6 5f 25 dd e7 00 0e 21 ba 2b d4 19 9b fc 1c 09 16 08 01 94 89 8a 7a 24 13 79 72 5c 4e 2a a5 a9 b2 81 cf 34 1b 92 20 a1 31 04 13 85 92 11 1d a1 da 10 74 90 08 95 34 37 bc 91 81 a1 a8 98 f8 18 c0 a1 6f 66 c7 3f 4b 21 f5 43 c9 3f 2f 54 9c 56 7b 4d 24 72 46 b1 89 00 92 48 61 2f 37 a2 e9 d6 60 0c 98 44 55 cb 25 b3 56 b5 2d 2b 05 53 bf Data Ascii: {d3?ppl^TcJ'!<>_ co%$GIH06'(gNE,"h!8C3b/0YI6N5 )[9eOpO_%!+z$yr\N*4 1t47of?K!C?/TV{M$rFHa/7`DU%V-+S
2024-09-27 23:47:44 UTC	522	IN	Data Raw: 91 ae de b5 ba f3 e1 ba af 9f 68 b1 ff d8 49 1f b8 3e cf 5f 6a 60 96 ea 8f 04 11 e4 61 88 dc 6c 22 00 11 02 48 44 06 29 12 d1 9a a9 17 be ca c2 7b fc d6 dc 6b 92 8c b6 81 cb 2c 9f 30 27 12 21 0a 5e 08 11 ad 50 f7 e9 ba 38 63 60 ec d2 bb c3 79 44 30 41 92 20 18 09 96 89 66 d8 6d 0d dc 0d c7 14 e1 d1 82 bf b9 05 fe 7e 6b 3c 67 3c 15 a2 04 3d 0d ac 73 d8 c7 d9 93 45 49 bc 02 66 63 f1 61 fb c3 3e 4e b4 89 44 80 45 cc fd 63 02 88 4b b9 de 7d 33 cc fc a2 c7 af 23 e1 dc bb cc 8b 8f 70 d2 47 73 68 62 a8 d5 91 89 00 0d 11 22 43 e8 70 c9 88 2d 12 3e 12 56 65 cd 7d 7e a5 3e e6 78 1d 18 44 92 cc 49 cd 78 86 27 c2 4a 76 0a 1f c5 31 38 dc 18 04 54 30 99 7c 8f 52 60 73 0b bb 53 b0 30 66 af 36 5b 7a 37 0b 06 2c a8 dd 6c 0f 60 58 3c ee 77 b4 38 73 c9 55 53 8c 12 20 a8 49 Data Ascii: hI>_j`al"HD){k,0'!^P8c`yD0A fm~k<g<=sEIfca>NDEcK}3#pGshb"Cp->Ve}~>xDIx'Jv18T0\|R`sS0f6[z7,l`X<w8sUS I

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
126	192.168.2.7	49884	142.250.184.246	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:44 UTC	513	OUT	GET /yUx5IRbWt1gaidaZIU4Ts5jePA40MnAU88T25jABDQuoL9KBgbbYnHxBAGWTzb51C9Gb=s64-rw HTTP/1.1 Host: play-lh.googleusercontent.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:44 UTC	530	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="unnamed.webp" X-Content-Type-Options: nosniff Server: fife Content-Length: 8422 X-XSS-Protection: 0 Date: Fri, 27 Sep 2024 23:47:44 GMT Expires: Sat, 28 Sep 2024 23:47:44 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v1" Content-Type: image/webp Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-27 23:47:44 UTC	860	IN	Data Raw: 52 49 46 46 de 20 00 00 57 45 42 50 56 50 38 58 0a 00 00 00 08 00 00 00 3f 00 00 3f 00 00 56 50 38 4c 96 20 00 00 2f 3f c0 0f 00 4d 30 68 db 48 92 92 d9 7b b3 c7 1f f0 91 88 e8 7f 4c 45 30 35 7f 58 58 bb 4a a7 1b 3e 15 61 72 31 e6 5e e7 c9 a5 3d 0b 46 91 24 29 2a ff 0a 8f 5e cc 77 cb bc a7 c3 91 24 49 4e 93 81 f7 f0 ff c7 71 26 38 79 8f 14 0c 24 49 32 d4 8b 33 ff ff 36 db b6 fb 1f 08 84 80 46 55 44 73 c1 11 1c c7 08 4e 81 93 0c ff 97 49 4f 10 d0 19 46 c7 29 78 95 e7 64 fc 0f 88 82 5f c5 84 f9 8f a6 c3 5f 79 c8 0a 0f 11 86 90 d9 ab d0 08 4a d5 06 83 39 8a f0 a4 49 11 92 5b f8 d7 25 58 fb c4 05 81 50 98 22 53 df 62 12 8c 01 17 9c 3f 68 fe a0 dc bb ab 04 ef 39 1e 77 f0 12 64 74 10 b0 2b 90 33 84 62 f8 e7 0e af d4 18 0a d2 36 60 3a ff b6 af 84 88 98 00 e4 7f Data Ascii: RIFF WEBPVP8X??VP8L /?M0hH{LE05XXJ>ar1^=F$)*^w$INq&8y$I236FUDsNIOF)xd__yJ9I[%XP"Sb?h9wdt+3b6`:
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 4e 18 30 98 63 48 44 a2 24 21 0d ea 50 9a ff c0 46 f7 ab 96 3d e2 d4 07 75 f0 d6 e1 1c 6d f4 b1 38 51 87 82 a0 15 63 00 67 35 b8 cb c6 c4 ce 9c 03 48 0f 55 71 6f 6f 38 39 31 7d d8 df c7 cb 37 aa be c5 d9 df ff f0 2b d9 21 df 7d 11 27 4e ca 13 36 b4 32 c6 c8 2d 73 69 21 d5 a8 fd 50 08 89 c2 8b f3 4d f3 43 10 7e 57 0f fd f1 f6 97 3e 31 fb e6 55 95 37 f0 b5 53 c3 77 b6 57 de 7a b0 ac bc cc a6 40 9b b8 91 34 a8 bd 71 e6 4f 8f 2c bb fb bf 37 5e f7 bd 73 73 0b 87 4e 69 f5 be 7e 63 a3 c1 14 21 18 14 01 0a c2 18 44 02 26 18 fc 24 ae d3 b0 b0 16 a2 f4 9c eb cf 0e 84 c1 b2 c3 57 d7 5f 51 bc 7e d2 85 ab 13 93 db ce ac 0e df 36 1a dd 59 72 10 36 45 a9 d2 95 7d b1 14 3b c9 cc 0a 21 88 09 1c 48 36 0d 08 06 3a 92 1e b5 bb 73 fd e1 31 96 db 19 20 52 13 f2 ce 4e c5 cb f6 Data Ascii: N0cHD$!PF=um8Qcg5HUqoo891}7+!}'N62-si!PMC~W>1U7SwWz@4qO,7^ssNi~c!D&$W_Q~6Yr6E};!H6:s1 RN
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 25 22 e0 61 95 ea 29 de 35 be b1 b9 ec 6e 3e e1 be 0c 9d c3 65 87 04 2b 8e ef bd 7f db 3f 5f 5f 75 2e 65 37 e9 ec f9 4d b5 94 39 32 ca b5 37 aa 47 b6 16 62 85 92 92 da 99 35 e5 90 72 6d 62 f3 bd 83 af 48 06 8d e6 9e a0 bc 79 f7 72 0f a8 06 bf af db 2e 7b e2 97 1f be be f3 44 81 db 62 c0 96 c2 00 02 20 66 21 0a 00 11 8d a0 82 7b 78 fd 33 9b d5 32 0e 2e 41 74 48 1b aa 6d e6 bd 6a b9 48 31 51 4a c9 18 27 d7 dc 53 cf 73 75 fb d2 6d 1f cf 86 71 96 90 21 99 f0 ee 1a ad e9 d6 6f e8 bb e7 13 79 b1 d5 ec a6 fc 8c eb 67 a3 71 70 77 0a 46 82 86 f2 79 cd 8b 56 0e 56 a6 db fc 78 d1 d1 31 1e 5f d5 d0 a0 1a f5 ac 30 b4 28 e5 62 6c dc 16 0b 66 60 0c b2 42 0d d1 74 73 26 d7 10 89 25 46 4d 34 e2 dd 8d c5 4b eb ad 6f 2d 27 d7 d5 2d e6 3b 4b c5 8e a0 b5 ec a4 48 d6 69 be 29 Data Ascii: %"a)5n>e+?__u.e7M927Gb5rmbHyr.{Db f!{x32.AtHmjH1QJ'Ssumq!oygqpwFyVVx1_0(blf`Bts&%FM4Ko-'-;KHi)
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 58 9f 7d c1 e4 fa ee 72 7d fa cc 13 fb 27 77 4d 02 17 ac dc f7 b8 b7 ff a8 fc ef b7 f3 05 7f fd dd ea 04 70 86 18 b6 d0 95 94 3d ef 86 de 86 d4 92 04 08 21 ca db 47 d0 a6 37 80 00 48 57 0d ea 6e d1 31 da 3c be 1d b3 a3 09 41 10 4d 85 de 99 71 4c 00 94 22 d8 3a fa d6 23 0f 7f 7c e6 f6 67 2c 8f 7e fa c2 6a 66 30 0f 1b ad a2 04 ca 15 3c db f8 0d df 4e 8f fe 40 fc f3 63 1e 9c 19 af 3c 01 e3 30 06 24 02 80 4c b5 35 76 1c cf bf 76 5d dd d2 3e ba 6b 9c 8e 73 a7 14 bc 64 eb 4f ba e7 5f 55 7b 7a f1 b9 a3 97 ad 45 14 00 30 68 6c 0c f1 3a a2 12 0f 80 18 51 b5 5c b8 4f b7 c3 99 40 b4 18 0c 3c 0c 6d 3e de c3 ce bd dd f7 f2 f9 1f 7a c7 bd b5 ea 1f 00 db 8b e2 e0 e4 dc 19 f2 8f 4f 7c e5 3b f6 dd 7e f4 af af fd c2 45 97 3a 6f 7b c0 14 a3 52 b1 09 c2 31 b5 e5 79 64 d8 35 Data Ascii: X}r}'wMp=!G7HWn1<AMqL":#\|g,~jf0<N@c<0$L5vv]>ksdO_U{zE0hl:Q\O@<m>zO\|;~E:o{R1yd5
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 10 d1 bf 21 5d 8b 57 27 ca 7f 34 79 a8 46 93 e5 d3 92 23 7d 0c 84 59 9d 60 2c 96 23 9f da fc e9 3d 76 68 2b 33 54 32 6e 44 a8 28 06 2a 66 2d 00 29 22 8d 53 92 2b 04 b1 61 c0 1a c6 15 29 ac c9 1a 1c a4 82 aa 52 75 22 4e 5c 9b 67 0e 08 5b d6 b9 ef b6 4e 12 af a5 1a b6 54 de b6 e7 59 2f da 4d fd 02 66 00 70 9b db 5d 4f 8c dd c0 6e a7 94 1e 5b 20 23 33 60 86 24 64 31 a0 ff e8 ef 9f 3f b0 f4 d4 13 8b 17 3f 9a d5 b4 f5 c7 cb 49 df f0 3c 59 64 41 ac 70 98 83 d9 20 9b 9f be da dc f5 88 62 9c 4c 80 64 10 4b 8c 8c 24 92 60 90 08 91 10 85 08 16 2d 43 84 96 b4 c9 98 30 04 4a e5 7e 9a 0a 09 8a 78 fc 93 9a ab 7b b7 7f f1 8b 7a 7e b1 7e d2 f4 f6 23 67 8a 37 73 fa d2 39 5f b0 e6 77 b7 ee 7d ce 45 33 1d 00 71 ac 77 cc 0c 04 0d ae 75 23 36 91 1a c8 00 c0 0a 69 7f 94 da b4 Data Ascii: !]W'4yF#}Y`,#=vh+3T2nD(*f-)"S+a)Ru"N\g[NTY/Mfp]On[ #3`$d1??I<YdAp bLdK$`-C0J~x{z~~#g7s9_w}E3qwu#6i
2024-09-27 23:47:44 UTC	1390	IN	Data Raw: 5b 91 4c 88 05 00 4a 24 b5 83 55 38 ee c0 db ec d6 b7 0c 5c f8 ec c1 0b b6 69 ff 9b 6d 53 d9 0a db 55 f3 08 36 13 ac 90 7f b8 33 d3 97 01 54 78 64 fd a6 1f f6 f9 be 54 da a8 e7 ef 09 ed bc aa 77 e5 d6 f7 e5 43 f4 4c 0d 57 37 b5 97 6d 88 2e 03 cd b6 e2 f3 d3 d5 f8 d4 79 2b 66 39 78 c3 d2 48 a2 24 c1 1e d2 c0 87 e5 bd 71 39 37 17 0b 75 7c 6a f5 33 3f 14 ff f8 21 93 d3 85 90 da bb 3b 1c 48 31 ef 45 67 9b cb 6d 71 c1 53 bd 3c 74 94 a5 1e 17 4b 56 41 08 0d 85 46 a9 16 33 25 62 f7 61 3b 7e 6f f8 d6 c3 f4 f6 6f bc 50 7f ce af 38 db d8 7b c2 ae 17 5d a5 46 1b 71 24 e1 2a 05 5b f3 d2 c6 76 c4 37 9d da f8 bf 4b 1b 3b 12 39 eb bb ed 55 ff 44 47 31 e6 f0 0b 1d f5 9e c1 de 34 db 74 ac dd 00 3e 7a a3 79 77 a5 5a ba 94 3f 58 3a b6 e6 55 db ca 1c c5 09 76 a4 91 4c c8 ff Data Ascii: [LJ$U8\imSU63TxdTwCLW7m.y+f9xH$q97u\|j3?!;H1EgmqS<tKVAF3%ba;~ooP8{]Fq$*[v7K;9UDG14t>zywZ?X:UvL
2024-09-27 23:47:44 UTC	612	IN	Data Raw: 03 be 92 67 09 01 25 45 b8 1e b5 6f 44 d7 2f 84 73 c8 4a 9b c4 56 d0 30 13 50 46 00 c9 db 13 77 fc 97 13 f7 48 dd bd ec 79 ee 49 91 b4 f0 4d 21 a0 42 19 95 ac 57 2a 97 e7 8e 5f af 54 ed ec 8f 7a 05 df ae 13 55 25 87 08 68 a3 3c 22 75 74 a6 4a a0 9c ab 99 e9 e6 a0 46 41 08 3d e1 c0 b9 8b 8c eb 82 4e 15 be e4 be f9 97 7c ca 95 10 39 12 12 e4 11 4c a7 ce d7 15 ec 8a 1b 2a 12 d7 85 eb a2 24 55 3a 85 80 32 08 6c a4 0e eb bb c5 92 1f 87 d9 26 67 08 07 c8 84 42 24 47 26 79 21 43 df a5 29 1e 0e 4f 69 7c e7 77 87 76 e3 9a 3d 3a a9 28 f2 a9 ca e8 99 6a 31 27 a2 2e 1a 46 98 73 75 ad 75 64 87 84 08 a2 8b b3 f3 e0 1e 25 f3 a3 95 ea 03 cf 97 4e ba 48 12 21 25 91 42 b9 9a 5f 77 f2 12 e1 98 c0 56 ee ac db 25 81 4d 67 fd 85 82 4c 88 d4 01 26 bf b2 70 e8 05 a9 bf b3 9d 10 Data Ascii: g%EoD/sJV0PFwHyIM!BW_TzU%h<"utJFA=N\|9L$U:2l&gB$G&y!C)Oi\|wv=:(j1'.Fsuud%NH!%B_wV%MgL&p

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
127	192.168.2.7	49887	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:44 UTC	1261	OUT	POST /_/PlayStoreUi/cspreport/fine-allowlist HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 2822 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" Content-Type: application/csp-report sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://play.google.com X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: report Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
2024-09-27 23:47:44 UTC	2822	OUT	Data Raw: 7b 22 63 73 70 2d 72 65 70 6f 72 74 22 3a 7b 22 64 6f 63 75 6d 65 6e 74 2d 75 72 69 22 3a 22 68 74 74 70 73 3a 2f 2f 70 6c 61 79 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 74 6f 72 65 2f 61 70 70 73 2f 64 65 74 61 69 6c 73 3f 69 64 3d 63 6f 6d 2e 6e 65 70 74 75 6e 65 2e 64 6f 6d 69 6e 6f 26 68 6c 3d 65 6e 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 76 69 6f 6c 61 74 65 64 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 65 66 66 65 63 74 69 76 65 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 6f 72 69 67 69 6e 61 6c 2d 70 6f 6c 69 63 79 22 3a 22 73 63 72 69 70 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 Data Ascii: {"csp-report":{"document-uri":"https://play.google.com/store/apps/details?id=com.neptune.domino&hl=en","referrer":"","violated-directive":"script-src-elem","effective-directive":"script-src-elem","original-policy":"script-src 'unsafe-inline' 'unsafe-eval'
2024-09-27 23:47:45 UTC	3301	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=utf-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:45 GMT Strict-Transport-Security: max-age=31536000 Cross-Origin-Opener-Policy: same-origin-allow-popups Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport Content-Security-Policy: script-src 'report-sample' 'nonce-CV5UlpVubw9xFhtOshEmqA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.google.com/js/bg/ https://www.gstatic.com/_/boq-play/_/js/k=boq [TRUNCATED] Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
128	192.168.2.7	49888	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:44 UTC	1267	OUT	POST /play/log?format=json&authuser&proto_v2=true HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 3607 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" Content-Type: text/plain;charset=UTF-8 sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://play.google.com X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
2024-09-27 23:47:44 UTC	3607	OUT	Data Raw: 5b 5b 32 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 57 69 6e 64 6f 77 73 22 2c 6e 75 6c 6c 2c 22 31 30 2e 30 22 5d 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 22 65 6e 22 2c 22 63 68 72 6f 6d 65 22 2c 22 31 31 37 2e 30 2e 30 2e 30 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 5c 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 5c 22 3b 76 3d 5c 22 31 31 37 5c 22 2c 20 5c 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 5c 22 3b 76 3d 5c 22 38 5c 22 2c 20 5c 22 43 68 72 6f 6d 69 75 6d 5c 22 3b 76 3d 5c 22 31 31 37 5c 22 22 5d 5d 2c 36 35 2c 5b 5b 22 31 37 32 37 34 38 36 39 37 33 30 31 35 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c Data Ascii: [[2,null,[null,null,"Windows",null,"10.0"],null,null,null,null,null,["en","chrome","117.0.0.0",null,null,null,null,null,null,null,"\"Google Chrome\";v=\"117\", \"Not;A=Brand\";v=\"8\", \"Chromium\";v=\"117\""]],65,[["1727486973015",null,null,null,null,nul
2024-09-27 23:47:45 UTC	685	IN	HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Access-Control-Allow-Origin: https://play.google.com Access-Control-Allow-Credentials: true Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:45 GMT Cross-Origin-Resource-Policy: same-site Cross-Origin-Opener-Policy: same-origin Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:45 UTC	32	IN	Data Raw: 31 61 0d 0a 5b 22 39 30 30 30 30 30 22 2c 22 31 37 32 37 34 38 30 38 36 35 30 38 36 22 5d 0d 0a Data Ascii: 1a["900000","1727480865086"]
2024-09-27 23:47:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
129	192.168.2.7	49889	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:44 UTC	1261	OUT	POST /_/PlayStoreUi/cspreport/fine-allowlist HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 1597 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" Content-Type: application/csp-report sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://play.google.com X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: report Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
2024-09-27 23:47:44 UTC	1597	OUT	Data Raw: 7b 22 63 73 70 2d 72 65 70 6f 72 74 22 3a 7b 22 64 6f 63 75 6d 65 6e 74 2d 75 72 69 22 3a 22 68 74 74 70 73 3a 2f 2f 70 6c 61 79 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 74 6f 72 65 2f 61 70 70 73 2f 64 65 74 61 69 6c 73 3f 69 64 3d 63 6f 6d 2e 6e 65 70 74 75 6e 65 2e 64 6f 6d 69 6e 6f 26 68 6c 3d 65 6e 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 76 69 6f 6c 61 74 65 64 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 65 66 66 65 63 74 69 76 65 2d 64 69 72 65 63 74 69 76 65 22 3a 22 73 63 72 69 70 74 2d 73 72 63 2d 65 6c 65 6d 22 2c 22 6f 72 69 67 69 6e 61 6c 2d 70 6f 6c 69 63 79 22 3a 22 73 63 72 69 70 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 Data Ascii: {"csp-report":{"document-uri":"https://play.google.com/store/apps/details?id=com.neptune.domino&hl=en","referrer":"","violated-directive":"script-src-elem","effective-directive":"script-src-elem","original-policy":"script-src 'unsafe-inline' 'unsafe-eval'
2024-09-27 23:47:45 UTC	3301	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=utf-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:45 GMT Strict-Transport-Security: max-age=31536000 Content-Security-Policy: script-src 'report-sample' 'nonce-Jub9XVGofrp1lAUSl75zdA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.google.com/js/bg/ https://www.gstatic.com/_/boq-play/_/js/k=boq [TRUNCATED] Cross-Origin-Resource-Policy: cross-origin Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Cross-Origin-Opener-Policy: same-origin-allow-popups Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
130	192.168.2.7	49891	142.250.184.196	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:44 UTC	701	OUT	GET /recaptcha/api.js?trustedtypes=true&render=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0 HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
2024-09-27 23:47:45 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Fri, 27 Sep 2024 23:47:45 GMT Date: Fri, 27 Sep 2024 23:47:45 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:45 UTC	641	IN	Data Raw: 36 35 32 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 Data Ascii: 652/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.g
2024-09-27 23:47:45 UTC	984	IN	Data Raw: 59 66 66 78 72 4d 38 54 6d 5a 54 36 52 41 72 57 47 51 56 43 4a 30 4c 52 69 76 44 37 67 6c 63 41 55 41 41 41 43 51 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 64 76 62 32 64 73 5a 53 35 6a 62 32 30 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 Data Ascii: YffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecati
2024-09-27 23:47:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
131	192.168.2.7	49898	142.250.185.132	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:45 UTC	1153	OUT	GET /tools/feedback/chat_load.js HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw
2024-09-27 23:47:46 UTC	893	IN	HTTP/1.1 302 Found Content-Type: application/binary Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:46 GMT Location: https://www.gstatic.com/feedback/js/ghelp/16uafg9rapvyz/chat_load.js Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy: script-src 'report-sample' 'nonce-fZnXtPLL31lRwQ7FlIPuoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/asx-frontend-server/ Content-Security-Policy: require-trusted-types-for 'script';report-uri /tools/feedback/cspreport Cross-Origin-Opener-Policy: same-origin-allow-popups Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
132	192.168.2.7	49906	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:46 UTC	1542	OUT	POST /_/PlayStoreUi/browserinfo?f.sid=-6058864537366551753&bl=boq_playuiserver_20240925.10_p0&hl=en&authuser&soc-app=121&soc-platform=1&soc-device=1&_reqid=77377&rt=j HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 118 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" X-Same-Domain: 1 sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" Content-Type: application/x-www-form-urlencoded;charset=UTF-8 sec-ch-ua-full-version: "117.0.5938.134" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://play.google.com X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw; _ga=GA1.3.1127213862.1727486974; _gid=GA1.3.896316527.1727486974; _gat_UA199959031=1; _gcl_au=1.1.2060740617.1727486974
2024-09-27 23:47:46 UTC	118	OUT	Data Raw: 66 2e 72 65 71 3d 25 35 42 39 25 32 43 31 25 32 43 31 25 32 43 25 35 42 6e 75 6c 6c 25 32 43 31 30 32 34 25 32 43 31 32 38 30 25 35 44 25 32 43 25 35 42 6e 75 6c 6c 25 32 43 39 30 37 25 32 43 31 32 38 30 25 35 44 25 32 43 25 35 42 31 25 32 43 31 25 32 43 6e 75 6c 6c 25 32 43 31 25 35 44 25 32 43 25 35 42 30 25 32 43 30 25 32 43 30 25 35 44 25 35 44 26 Data Ascii: f.req=%5B9%2C1%2C1%2C%5Bnull%2C1024%2C1280%5D%2C%5Bnull%2C907%2C1280%5D%2C%5B1%2C1%2Cnull%2C1%5D%2C%5B0%2C0%2C0%5D%5D&
2024-09-27 23:47:47 UTC	1195	IN	HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:46 GMT Content-Disposition: attachment; filename="response.bin"; filename=UTF-8''response.bin X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version= Cross-Origin-Resource-Policy: same-site Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport Cross-Origin-Opener-Policy: same-origin-allow-popups Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-27 23:47:47 UTC	97	IN	Data Raw: 35 62 0d 0a 29 5d 7d 27 0a 0a 5b 5b 5b 22 66 2e 6d 74 22 5d 2c 5b 22 64 69 22 2c 32 33 5d 2c 5b 22 61 66 2e 68 74 74 70 72 6d 22 2c 32 33 2c 22 34 33 36 33 38 38 30 39 38 31 36 32 39 37 38 32 32 36 33 22 2c 38 36 5d 2c 5b 22 65 22 2c 34 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 39 31 5d 5d 5d 0d 0a Data Ascii: 5b)]}'[[["f.mt"],["di",23],["af.httprm",23,"4363880981629782263",86],["e",4,null,null,91]]]
2024-09-27 23:47:47 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
133	192.168.2.7	49911	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:47 UTC	1581	OUT	POST /_/PlayStoreUi/jserror?script=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.neptune.domino%26hl%3Den&error=Ia%60Hydration%20source%20in%20dom%3B%60El%20source%20in%20dom%60null&line=Not%20available HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 4432 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" Content-Type: application/x-www-form-urlencoded;charset=UTF-8 sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://play.google.com X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw; _ga=GA1.3.1127213862.1727486974; _gid=GA1.3.896316527.1727486974; _gat_UA199959031=1; _gcl_au=1.1.2060740617.1727486974
2024-09-27 23:47:47 UTC	4432	OUT	Data Raw: 74 72 61 63 65 3d 45 72 72 6f 72 25 33 41 25 32 30 49 61 25 36 30 48 79 64 72 61 74 69 6f 6e 25 32 30 73 6f 75 72 63 65 25 32 30 69 6e 25 32 30 64 6f 6d 25 33 42 25 36 30 45 6c 25 32 30 73 6f 75 72 63 65 25 32 30 69 6e 25 32 30 64 6f 6d 25 36 30 6e 75 6c 6c 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 61 74 25 32 30 68 74 74 70 73 25 33 41 25 32 46 25 32 46 77 77 77 2e 67 73 74 61 74 69 63 2e 63 6f 6d 25 32 46 5f 25 32 46 62 6f 71 2d 70 6c 61 79 25 32 46 5f 25 32 46 6a 73 25 32 46 6b 25 33 44 62 6f 71 2d 70 6c 61 79 2e 50 6c 61 79 53 74 6f 72 65 55 69 2e 65 6e 2e 6a 56 47 72 47 48 43 6c 56 7a 41 2e 32 30 32 31 2e 4f 25 32 46 61 6d 25 33 44 52 37 63 5a 77 4f 6a 36 51 44 41 4a 44 50 41 50 48 67 64 6a 41 51 25 32 46 64 25 33 44 31 25 32 46 65 78 63 6d 25 33 Data Ascii: trace=Error%3A%20Ia%60Hydration%20source%20in%20dom%3B%60El%20source%20in%20dom%60null%0A%20%20%20%20at%20https%3A%2F%2Fwww.gstatic.com%2F_%2Fboq-play%2F_%2Fjs%2Fk%3Dboq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O%2Fam%3DR7cZwOj6QDAJDPAPHgdjAQ%2Fd%3D1%2Fexcm%3
2024-09-27 23:47:47 UTC	3333	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=utf-8 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:47 GMT Strict-Transport-Security: max-age=31536000 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin-allow-popups Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport Content-Security-Policy: script-src 'report-sample' 'nonce-VmAkwM5gakh7GW69dk5bUg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.google.com/js/bg/ https://www.gstatic.com/_/boq-play/_/js/k=boq [TRUNCATED] Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
134	192.168.2.7	49912	172.217.16.206	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:47 UTC	1514	OUT	POST /_/PlayStoreUi/jserror?script=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.neptune.domino%26hl%3Den&error=Ge&line=Not%20available HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 6900 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.134" Content-Type: application/x-www-form-urlencoded;charset=UTF-8 sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.134", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.134" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://play.google.com X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlKHLAQiFoM0BCNy9zQEIucrNAQii0c0BCIrTzQEIpNbNAQj01s0BCKfYzQEI+cDUFRj1yc0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://play.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: NID=517=jAXoWfkSa3lMCaxpiQ_GkzpT4UNnAdSD9FQQzBOpXrnlkFtOd_SEOQAVROH6As5UFLI8Ee6yA3N8cFWBY2VwCP8JRASFF6jiCV7aJudAJMzDJjkiu6Ojfjg1qWsjZHwbCsXfQh48H0Oyg2Cg_q_OiScsoa6N0Md1ToUn3lQ8H2tXpCvotw; _ga=GA1.3.1127213862.1727486974; _gid=GA1.3.896316527.1727486974; _gat_UA199959031=1; _gcl_au=1.1.2060740617.1727486974
2024-09-27 23:47:47 UTC	6900	OUT	Data Raw: 74 72 61 63 65 3d 45 72 72 6f 72 25 33 41 25 32 30 47 65 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 61 74 25 32 30 6e 65 77 25 32 30 6b 57 25 32 30 28 68 74 74 70 73 25 33 41 25 32 46 25 32 46 77 77 77 2e 67 73 74 61 74 69 63 2e 63 6f 6d 25 32 46 5f 25 32 46 62 6f 71 2d 70 6c 61 79 25 32 46 5f 25 32 46 6a 73 25 32 46 6b 25 33 44 62 6f 71 2d 70 6c 61 79 2e 50 6c 61 79 53 74 6f 72 65 55 69 2e 65 6e 2e 6a 56 47 72 47 48 43 6c 56 7a 41 2e 32 30 32 31 2e 4f 25 32 46 63 6b 25 33 44 62 6f 71 2d 70 6c 61 79 2e 50 6c 61 79 53 74 6f 72 65 55 69 2e 59 31 79 41 72 74 58 57 31 4b 6b 2e 4c 2e 42 31 2e 4f 25 32 46 61 6d 25 33 44 52 37 63 5a 77 4f 6a 36 51 44 41 4a 44 50 41 50 48 67 64 6a 41 51 25 32 46 64 25 33 44 31 25 32 46 65 78 6d 25 33 44 4c 45 69 6b 5a 65 25 32 Data Ascii: trace=Error%3A%20Ge%0A%20%20%20%20at%20new%20kW%20(https%3A%2F%2Fwww.gstatic.com%2F_%2Fboq-play%2F_%2Fjs%2Fk%3Dboq-play.PlayStoreUi.en.jVGrGHClVzA.2021.O%2Fck%3Dboq-play.PlayStoreUi.Y1yArtXW1Kk.L.B1.O%2Fam%3DR7cZwOj6QDAJDPAPHgdjAQ%2Fd%3D1%2Fexm%3DLEikZe%2
2024-09-27 23:47:47 UTC	3333	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=utf-8 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 27 Sep 2024 23:47:47 GMT Strict-Transport-Security: max-age=31536000 Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport Content-Security-Policy: script-src 'report-sample' 'nonce-g-qNzBrqn_Cj1gNdaDTs7Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist Cross-Origin-Opener-Policy: same-origin-allow-popups Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.google.com/js/bg/ https://www.gstatic.com/_/boq-play/_/js/k=boq [TRUNCATED] Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
135	192.168.2.7	49923	216.198.53.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:50 UTC	684	OUT	GET /hc/en-us/categories/360000012223-Indonesia HTTP/1.1 Host: support.codapay.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:51 UTC	1284	IN	HTTP/1.1 404 Not Found Date: Fri, 27 Sep 2024 23:47:51 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-Ray: 8c9f6193eaa44234-EWR CF-Cache-Status: EXPIRED Cache-Control: max-age=0, public Content-Language: en-us Strict-Transport-Security: max-age=259200; includeSubDomains Vary: Accept-Encoding x-frame-options: SAMEORIGIN X-Request-ID: 8c9f619427094234-IAD x-runtime: 0.109290 x-ua-compatible: IE=edge x-xss-protection: 1; mode=block x-zendesk-origin-server: app-server-89c54b797-thznf x-zendesk-processed-host-header: support.codapay.com X-Zendesk-Zorg: yes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NIKWRz%2BMSr2GLls2dpMrtsIsW2CuueKbRJKFHQC6Tzm5cUVxOcIeaGwAtddOFlUvBMnDhBkXDeu0q01Fl28FRQohXc8Mr6RD3PwgbQy5fVS1vQbwzaIkwTn1KexA%2Beanc2tYzvg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Set-Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; path=/; domain=.support.codapay.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000; path=/; domain=.support.codapay.com; HttpOnly; Secure; SameSite=None Server: cloudflare
2024-09-27 23:47:51 UTC	85	IN	Data Raw: 32 65 63 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e Data Ascii: 2ec9<!DOCTYPE html><html dir="ltr" lang="en-US"><head> <meta charset="utf-8" />
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 0a 20 20 3c 21 2d 2d 20 76 32 35 31 33 33 20 2d 2d 3e 0a 0a 0a 20 20 3c 74 69 74 6c 65 3e 54 68 65 20 70 61 67 65 20 79 6f 75 20 77 65 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 6e 27 74 20 65 78 69 73 74 20 26 6e 64 61 73 68 3b 20 43 6f 64 61 20 50 61 79 6d 65 6e 74 73 20 53 75 70 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 70 61 72 61 6d 22 20 63 6f 6e 74 65 6e 74 3d 22 61 75 74 68 65 6e 74 69 63 69 74 79 5f 74 6f 6b 65 6e 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 68 63 3a 6d 65 74 61 3a 73 65 72 76 65 72 3a 52 31 75 74 6e 32 35 72 52 66 6b 7a 30 68 52 64 5f 4b 32 47 76 4a 61 4c 37 67 6e 33 74 57 6e 6f 67 56 56 59 6e 4a Data Ascii: ... v25133 --> <title>The page you were looking for doesn't exist – Coda Payments Support</title> <meta name="csrf-param" content="authenticity_token"><meta name="csrf-token" content="hc:meta:server:R1utn25rRfkz0hRd_K2GvJaL7gn3tWnogVVYnJ
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 6d 65 6e 74 2e 72 65 66 65 72 72 65 72 3b 0a 20 20 20 69 66 28 72 65 66 65 72 72 65 72 2e 69 6e 64 65 78 4f 66 28 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 22 29 20 3e 20 2d 31 29 20 7b 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 67 6c 6f 62 61 6c 2e 63 6f 64 61 70 61 79 6d 65 6e 74 73 2e 63 6f 6d 2f 68 63 2f 65 6e 2d 75 73 2f 61 72 74 69 63 6c 65 73 2f 33 36 30 30 30 31 39 33 39 32 39 35 2d 48 6f 77 2d 74 6f 2d 63 6f 6e 74 61 63 74 2d 43 6f 64 61 73 68 6f 70 2d 43 75 73 74 6f 6d 65 72 2d 53 75 70 70 6f 72 74 22 29 3b 0a 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 0a 0a 20 20 3c 73 63 72 69 70 74 3e 0a Data Ascii: ment.referrer; if(referrer.indexOf("https://www.google.com/") > -1) { window.location.replace("https://support.global.codapayments.com/hc/en-us/articles/360001939295-How-to-contact-Codashop-Customer-Support"); }</script> <script>
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 28 72 65 66 65 72 72 65 72 2e 69 6e 64 65 78 4f 66 28 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6f 64 61 73 68 6f 70 2e 63 6f 6d 2f 65 6e 2d 6e 70 22 29 20 3e 20 2d 31 29 20 7b 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6e 70 2e 63 6f 64 61 70 61 79 6d 65 6e 74 73 2e 63 6f 6d 22 29 3b 0a 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 0a 20 20 20 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 0a 20 20 20 20 3c 61 20 74 69 74 6c 65 3d 22 48 6f 6d 65 22 20 68 72 65 66 3d 22 2f 68 63 2f 65 6e 2d 75 73 22 3e 0a 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 2f 68 63 2f 74 68 65 6d 69 6e 67 5f 61 73 73 65 74 73 2f 30 31 48 Data Ascii: (referrer.indexOf("https://www.codashop.com/en-np") > -1) { window.location.replace("https://support.np.codapayments.com"); }</script> <div class="logo"> <a title="Home" href="/hc/en-us"> <img src="/hc/theming_assets/01H
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 20 78 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 20 3d 20 22 74 61 62 6c 65 2d 63 65 6c 6c 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 20 3d 20 22 6e 6f 6e 65 22 3b 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0a 20 20 3c 6d 61 69 6e 20 72 6f 6c 65 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 2d 64 69 76 69 64 65 72 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 2d 70 61 67 65 22 3e 0a 20 20 3c 68 31 3e 6f 6f 70 73 3c 2f 68 31 3e 0a 0a 20 20 0a 0a 20 20 0a 0a 20 20 0a Data Ascii: x.style.display = "table-cell"; y.style.display = "none"; } }</script> </header> <main role="main"> <div class="container-divider"></div><div class="error-page"> <h1>oops</h1>
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 20 64 61 74 61 2d 72 65 74 75 72 6e 2d 74 6f 3d 22 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 63 6f 64 61 70 61 79 2e 63 6f 6d 2f 68 63 2f 65 6e 2d 75 73 2f 63 61 74 65 67 6f 72 69 65 73 2f 33 36 30 30 30 30 30 31 32 32 32 33 2d 49 6e 64 6f 6e 65 73 69 61 22 20 64 61 74 61 2d 74 68 65 6d 65 3d 22 68 63 22 20 64 61 74 61 2d 6c 6f 63 61 6c 65 3d 22 65 6e 2d 75 73 22 20 64 61 74 61 2d 61 75 74 68 2d 6f 72 69 67 69 6e 3d 22 31 36 35 38 30 35 2c 74 72 75 65 2c 74 72 75 65 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 2f 2a 0a 0a 20 20 20 20 47 72 65 65 74 69 6e 67 73 20 73 6f 75 72 63 65 63 6f 64 65 20 6c 75 72 6b 65 72 21 0a 0a 20 20 20 20 54 68 69 73 20 Data Ascii: data-return-to="https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia" data-theme="hc" data-locale="en-us" data-auth-origin="165805,true,true"></script> <script type="text/javascript"> /* Greetings sourcecode lurker! This
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 6c 2c 22 63 72 65 61 74 65 64 5f 61 74 22 3a 22 32 30 31 34 2d 31 30 2d 30 33 54 30 38 3a 32 37 3a 31 37 5a 22 2c 22 75 70 64 61 74 65 64 5f 61 74 22 3a 22 32 30 32 33 2d 30 36 2d 32 32 54 30 36 3a 33 32 3a 31 30 5a 22 2c 22 72 6f 75 74 65 5f 69 64 22 3a 34 38 37 31 37 39 2c 22 73 69 67 6e 61 74 75 72 65 5f 74 65 6d 70 6c 61 74 65 22 3a 22 7b 7b 61 67 65 6e 74 2e 73 69 67 6e 61 74 75 72 65 7d 7d 5c 72 5c 6e 22 7d 2c 22 63 75 72 72 65 6e 74 5f 62 72 61 6e 64 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 64 61 70 61 79 2e 7a 65 6e 64 65 73 6b 2e 63 6f 6d 22 2c 22 63 75 72 72 65 6e 74 5f 68 6f 73 74 5f 6d 61 70 70 69 6e 67 22 3a 22 73 75 70 70 6f 72 74 2e 63 6f 64 61 70 61 79 2e 63 6f 6d 22 2c 22 63 75 72 72 65 6e 74 5f 70 61 74 68 22 3a 6e 75 6c 6c 2c Data Ascii: l,"created_at":"2014-10-03T08:27:17Z","updated_at":"2023-06-22T06:32:10Z","route_id":487179,"signature_template":"{{agent.signature}}\r\n"},"current_brand_url":"https://codapay.zendesk.com","current_host_mapping":"support.codapay.com","current_path":null,
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 6c 73 65 2c 22 68 61 73 5f 65 64 69 74 5f 75 73 65 72 5f 70 72 6f 66 69 6c 65 5f 76 32 22 3a 66 61 6c 73 65 2c 22 68 61 73 5f 67 61 72 64 65 6e 5f 6d 6f 64 61 6c 73 22 3a 66 61 6c 73 65 2c 22 62 69 6c 6c 69 6e 67 5f 75 72 6c 22 3a 22 2f 61 63 63 65 73 73 2f 72 65 74 75 72 6e 5f 74 6f 3f 72 65 74 75 72 6e 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 63 6f 64 61 70 61 79 2e 7a 65 6e 64 65 73 6b 2e 63 6f 6d 25 32 46 61 64 6d 69 6e 25 32 46 62 69 6c 6c 69 6e 67 25 32 46 73 75 62 73 63 72 69 70 74 69 6f 6e 22 2c 22 69 73 5f 61 63 63 6f 75 6e 74 5f 6f 77 6e 65 72 22 3a 66 61 6c 73 65 2c 22 74 68 65 6d 69 6e 67 5f 63 6f 6f 6b 69 65 5f 6b 65 79 22 3a 22 68 63 2d 64 61 33 39 61 33 65 65 35 65 36 62 34 62 30 64 33 32 35 35 62 66 65 66 39 35 36 30 31 38 39 Data Ascii: lse,"has_edit_user_profile_v2":false,"has_garden_modals":false,"billing_url":"/access/return_to?return_to=https%3A%2F%2Fcodapay.zendesk.com%2Fadmin%2Fbilling%2Fsubscription","is_account_owner":false,"theming_cookie_key":"hc-da39a3ee5e6b4b0d3255bfef9560189
2024-09-27 23:47:51 UTC	1369	IN	Data Raw: 2c 20 31 31 34 2c 20 31 29 22 2c 22 6c 69 6e 6b 5f 63 6f 6c 6f 72 22 3a 22 72 67 62 61 28 33 30 2c 20 31 30 38 2c 20 32 31 39 2c 20 31 29 22 2c 22 62 61 63 6b 67 72 6f 75 6e 64 5f 63 6f 6c 6f 72 22 3a 22 23 46 46 46 46 46 46 22 2c 22 68 65 61 64 69 6e 67 5f 66 6f 6e 74 22 3a 22 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 42 6c 69 6e 6b 4d 61 63 53 79 73 74 65 6d 46 6f 6e 74 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 22 2c 22 74 65 78 74 5f 66 6f 6e 74 22 3a 22 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 42 6c 69 6e 6b 4d 61 63 53 79 73 74 65 6d 46 6f 6e 74 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 Data Ascii: , 114, 1)","link_color":"rgba(30, 108, 219, 1)","background_color":"#FFFFFF","heading_font":"-apple-system, BlinkMacSystemFont, 'Segoe UI', Helvetica, Arial, sans-serif","text_font":"-apple-system, BlinkMacSystemFont, 'Segoe UI', Helvetica, Arial, sans-se
2024-09-27 23:47:51 UTC	948	IN	Data Raw: 3e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 76 61 72 20 62 3d 61 2e 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 7c 7c 61 2e 63 6f 6e 74 65 6e 74 57 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 3b 69 66 28 62 29 7b 76 61 72 20 64 3d 62 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b 64 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 77 69 6e 64 6f 77 2e 5f 5f 43 46 24 63 76 24 70 61 72 61 6d 73 3d 7b 72 3a 27 38 63 39 66 36 31 39 33 65 61 61 34 34 32 33 34 27 2c 74 3a 27 4d 54 63 79 4e 7a 51 34 4d 44 67 33 4d 53 34 77 4d 44 41 77 4d 44 41 3d 27 7d 3b 76 61 72 20 61 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b 61 2e 6e 6f 6e 63 65 3d 27 27 3b 61 2e 73 72 Data Ascii: >(function(){function c(){var b=a.contentDocument\|\|a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'8c9f6193eaa44234',t:'MTcyNzQ4MDg3MS4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.sr

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
136	192.168.2.7	49924	216.198.53.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:52 UTC	797	OUT	GET /hc/theming_assets/592660/165805/style.css?digest=33371583435033 HTTP/1.1 Host: support.codapay.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
2024-09-27 23:47:52 UTC	1285	IN	HTTP/1.1 403 Forbidden Date: Fri, 27 Sep 2024 23:47:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() Referrer-Policy: same-origin X-Content-Options: nosniff X-Frame-Options: SAMEORIGIN cf-mitigated: challenge
2024-09-27 23:47:52 UTC	716	IN	Data Raw: 63 66 2d 63 68 6c 2d 6f 75 74 3a 20 50 53 78 67 38 6d 4f 31 59 2f 78 34 4e 33 52 55 49 5a 47 46 5a 62 45 6b 61 6b 41 67 4a 69 37 44 30 66 4c 66 73 56 4c 48 34 59 35 37 50 6a 74 43 77 78 72 50 77 7a 63 6b 30 72 39 76 72 70 4b 4c 4a 41 57 47 6b 6f 70 41 34 46 79 33 68 68 64 57 54 45 41 6d 49 65 44 39 48 4e 30 57 50 6a 2f 6a 50 6c 64 53 6a 58 76 63 58 48 32 41 45 58 73 44 6c 74 4d 75 79 4f 52 54 7a 75 49 78 4b 38 51 73 61 32 65 79 4f 48 6c 66 64 61 7a 73 50 4b 42 38 47 31 56 34 4b 41 3d 3d 24 7a 2b 75 46 77 62 67 6f 37 65 5a 67 6b 67 48 33 37 6b 6d 59 63 41 3d 3d 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 70 72 69 76 61 74 65 2c 20 6d 61 78 2d 61 67 65 3d 30 2c 20 6e 6f 2d 73 74 6f 72 65 2c 20 6e 6f 2d 63 61 63 68 65 2c 20 6d 75 73 74 2d 72 65 76 61 Data Ascii: cf-chl-out: PSxg8mO1Y/x4N3RUIZGFZbEkakAgJi7D0fLfsVLH4Y57PjtCwxrPwzck0r9vrpKLJAWGkopA4Fy3hhdWTEAmIeD9HN0WPj/jPldSjXvcXH2AEXsDltMuyORTzuIxK8Qsa2eyOHlfdazsPKB8G1V4KA==$z+uFwbgo7eZgkgH37kmYcA==Cache-Control: private, max-age=0, no-store, no-cache, must-reva
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 32 37 62 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d Data Ascii: 27b4<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><meta name="robots" content="noindex,nofollow"><meta name=
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 75 4d 7a 67 34 4c 6a 51 77 4e 79 34 7a 4f 44 6b 75 4e 44 41 33 4c 6a 6b 35 4e 43 41 77 49 43 34 31 4f 54 59 74 4c 6a 51 77 4e 79 34 35 4f 44 51 74 4c 6a 4d 35 4e 79 34 7a 4f 53 30 78 4c 6a 41 31 4e 79 34 7a 4f 44 6b 74 4c 6a 59 31 49 44 41 74 4d 53 34 77 4e 54 59 74 4c 6a 4d 34 4f 53 30 75 4d 7a 6b 34 4c 53 34 7a 4f 44 6b 74 4c 6a 4d 35 4f 43 30 75 4f 54 67 30 49 44 41 74 4c 6a 55 35 4e 79 34 7a 4f 54 67 74 4c 6a 6b 34 4e 53 34 30 4d 44 59 74 4c 6a 4d 35 4e 79 41 78 4c 6a 41 31 4e 69 30 75 4d 7a 6b 33 49 69 38 2b 50 43 39 7a 64 6d 63 2b 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 6e 74 61 69 6e 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 33 34 70 78 7d 40 6d Data Ascii: uMzg4LjQwNy4zODkuNDA3Ljk5NCAwIC41OTYtLjQwNy45ODQtLjM5Ny4zOS0xLjA1Ny4zODktLjY1IDAtMS4wNTYtLjM4OS0uMzk4LS4zODktLjM5OC0uOTg0IDAtLjU5Ny4zOTgtLjk4NS40MDYtLjM5NyAxLjA1Ni0uMzk3Ii8+PC9zdmc+);background-repeat:no-repeat;background-size:contain;padding-left:34px}@m
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 32 67 7a 68 34 53 41 66 78 66 58 57 32 41 62 61 77 61 52 61 37 79 56 76 38 70 4e 4b 6d 6f 4c 52 71 6a 38 5a 35 58 59 57 71 63 61 6a 7a 74 77 63 62 34 68 66 33 31 7a 4e 33 72 77 69 4a 45 78 4e 5a 74 5a 75 71 6d 32 50 79 55 6f 4a 79 68 36 37 56 69 36 36 63 5a 48 73 63 45 49 6c 51 52 4b 31 68 34 53 55 6e 4a 6a 48 45 39 56 4d 4f 39 4d 37 64 6f 55 6a 6d 4e 57 79 72 43 7a 5a 39 6c 6a 51 66 74 69 63 2e 2e 46 5f 57 41 67 67 5f 77 64 64 30 59 4f 43 30 75 38 69 5f 57 47 6d 70 39 70 4e 41 68 32 74 62 72 39 67 36 57 75 43 69 7a 32 6b 6d 37 76 4f 66 35 78 51 44 45 79 58 78 76 32 56 44 52 6e 4f 77 41 54 37 57 57 4a 39 4e 6b 65 64 51 49 73 49 6c 73 30 78 74 4e 46 5f 51 78 48 57 61 6a 46 56 31 78 45 5f 65 68 58 72 55 6d 74 50 6c 71 44 44 5a 6c 76 73 33 4e 72 77 2e 50 4e Data Ascii: 2gzh4SAfxfXW2AbawaRa7yVv8pNKmoLRqj8Z5XYWqcajztwcb4hf31zN3rwiJExNZtZuqm2PyUoJyh67Vi66cZHscEIlQRK1h4SUnJjHE9VMO9M7doUjmNWyrCzZ9ljQftic..F_WAgg_wdd0YOC0u8i_WGmp9pNAh2tbr9g6WuCiz2km7vOf5xQDEyXxv2VDRnOwAT7WWJ9NkedQIsIls0xtNF_QxHWajFV1xE_ehXrUmtPlqDDZlvs3Nrw.PN
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 5a 36 49 62 4d 58 37 44 53 70 49 70 7a 30 4d 6f 70 57 68 48 4e 58 57 4f 47 5a 39 2e 46 6a 32 45 64 51 6e 57 5f 51 66 68 42 31 30 77 5f 69 48 4d 77 4f 35 30 73 57 78 32 39 72 6a 35 54 78 7a 66 34 6b 68 53 34 45 53 35 66 61 72 6c 4f 50 65 59 5f 54 73 59 73 73 61 2e 50 48 57 6f 41 61 56 74 73 4c 37 59 66 39 4b 52 51 30 47 74 75 44 5f 37 4a 78 69 56 63 43 46 77 49 45 43 39 42 37 51 61 42 6d 6c 4d 69 5f 37 38 79 44 68 30 74 69 31 72 61 6d 36 76 41 78 75 6b 65 37 63 53 34 6d 43 56 67 6c 46 38 63 50 67 6a 51 46 55 53 4e 46 67 41 6b 65 4f 66 6a 51 34 49 46 41 6c 4c 6a 62 68 59 53 4d 54 62 66 4c 38 4c 4a 70 68 62 6a 5f 37 52 53 46 45 31 61 77 64 4b 34 59 49 57 70 71 35 50 78 69 6c 4e 4e 59 31 6a 6b 58 6d 39 50 50 61 47 48 78 4a 4c 42 38 53 50 76 61 78 6a 38 64 4e Data Ascii: Z6IbMX7DSpIpz0MopWhHNXWOGZ9.Fj2EdQnW_QfhB10w_iHMwO50sWx29rj5Txzf4khS4ES5farlOPeY_TsYssa.PHWoAaVtsL7Yf9KRQ0GtuD_7JxiVcCFwIEC9B7QaBmlMi_78yDh0ti1ram6vAxuke7cS4mCVglF8cPgjQFUSNFgAkeOfjQ4IFAlLjbhYSMTbfL8LJphbj_7RSFE1awdK4YIWpq5PxilNNY1jkXm9PPaGHxJLB8SPvaxj8dN
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 32 6a 77 39 66 69 6a 71 30 30 30 68 35 6d 33 38 76 31 38 6b 6a 79 31 55 51 6e 35 70 76 50 2e 7a 64 6c 39 6f 4d 54 48 7a 4d 65 78 58 78 64 69 51 38 53 68 70 74 74 61 73 65 34 73 39 6a 46 78 2e 41 6d 39 5a 68 39 62 79 4d 4e 6e 45 35 6b 79 45 7a 36 4e 41 6a 36 6f 71 6e 4b 33 69 44 66 6b 71 78 56 2e 64 6b 49 32 6d 75 6c 58 51 38 74 4d 34 41 67 55 79 35 52 38 64 50 6b 50 73 37 4c 6c 5f 64 32 72 78 75 4a 4c 64 48 4e 48 67 69 48 35 65 6c 43 58 52 74 38 48 5a 35 71 59 66 5a 42 51 52 58 63 6a 61 51 6c 69 5a 58 4a 70 7a 55 6f 4b 6c 58 65 6a 34 70 6a 76 61 45 44 39 47 74 42 36 46 59 51 62 31 64 56 54 61 61 52 42 4e 6b 55 79 4f 4e 37 2e 51 73 58 4f 77 48 78 34 57 69 42 6e 39 38 42 31 79 4b 66 61 74 71 63 74 4a 62 66 79 75 65 4f 6b 61 71 73 59 70 53 7a 33 52 34 35 73 Data Ascii: 2jw9fijq000h5m38v18kjy1UQn5pvP.zdl9oMTHzMexXxdiQ8Shpttase4s9jFx.Am9Zh9byMNnE5kyEz6NAj6oqnK3iDfkqxV.dkI2mulXQ8tM4AgUy5R8dPkPs7Ll_d2rxuJLdHNHgiH5elCXRt8HZ5qYfZBQRXcjaQliZXJpzUoKlXej4pjvaED9GtB6FYQb1dVTaaRBNkUyON7.QsXOwHx4WiBn98B1yKfatqctJbfyueOkaqsYpSz3R45s
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 54 4a 41 70 66 75 52 65 54 49 77 30 6f 73 44 55 34 6a 65 37 55 6e 30 69 53 30 63 74 54 32 42 57 65 34 6d 36 52 32 5f 4d 35 36 67 6c 70 6b 67 61 6b 49 78 5f 4d 75 56 64 74 62 4e 4a 4e 67 75 46 54 6e 75 62 6a 78 61 6d 79 52 66 35 38 57 6b 76 4b 62 4a 38 63 62 50 4a 32 6e 68 79 56 4b 35 4d 41 67 52 30 6d 6c 42 44 69 37 70 35 6a 7a 2e 59 56 6d 69 32 41 31 66 39 6c 74 42 2e 4e 79 78 5f 79 50 65 4a 30 30 46 69 39 50 32 59 53 57 47 38 76 33 72 56 56 7a 5a 51 5a 75 75 38 4a 51 7a 64 43 73 6c 4e 4e 76 51 33 73 37 77 32 56 5f 32 66 73 46 33 73 4f 44 63 44 49 44 42 68 59 70 38 41 62 5f 6f 70 35 51 44 71 62 7a 5a 38 5f 79 55 50 70 4e 67 73 51 72 56 77 75 76 36 73 4b 50 48 33 5f 7a 6a 58 49 76 74 45 75 64 78 56 62 33 5f 58 76 75 64 37 38 6b 63 6b 72 47 78 7a 65 4d 34 Data Ascii: TJApfuReTIw0osDU4je7Un0iS0ctT2BWe4m6R2_M56glpkgakIx_MuVdtbNJNguFTnubjxamyRf58WkvKbJ8cbPJ2nhyVK5MAgR0mlBDi7p5jz.YVmi2A1f9ltB.Nyx_yPeJ00Fi9P2YSWG8v3rVVzZQZuu8JQzdCslNNvQ3s7w2V_2fsF3sODcDIDBhYp8Ab_op5QDqbzZ8_yUPpNgsQrVwuv6sKPH3_zjXIvtEudxVb3_Xvud78kckrGxzeM4
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 4e 6a 51 37 49 48 67 32 4e 43 6b 67 51 58 42 77 62 47 56 58 5a 57 4a 4c 61 58 51 76 4e 54 4d 33 4c 6a 4d 32 49 43 68 4c 53 46 52 4e 54 43 77 67 62 47 6c 72 5a 53 42 48 5a 57 4e 72 62 79 6b 67 51 32 68 79 62 32 31 6c 4c 7a 45 78 4e 79 34 77 4c 6a 41 75 4d 43 42 54 59 57 5a 68 63 6d 6b 76 4e 54 4d 33 4c 6a 4d 32 27 2c 64 3a 20 27 6a 79 44 6a 55 4f 38 4b 79 4f 4d 43 4c 66 5a 6d 5a 6a 36 64 39 6c 4a 43 69 7a 50 4d 32 50 57 4f 42 58 49 37 6d 61 54 78 39 35 51 68 56 4a 39 75 42 32 44 63 32 41 4e 37 59 66 74 50 43 65 45 5a 4d 4c 4a 61 30 45 2f 69 57 51 2b 5a 6d 79 5a 63 69 4c 54 5a 2b 4a 67 71 58 54 2b 7a 36 71 34 43 52 6a 34 72 45 6a 7a 6d 6a 66 4e 58 6c 7a 67 66 57 49 72 57 71 6a 69 59 4b 6a 49 4f 77 6d 65 42 72 6e 58 36 74 32 56 49 4b 46 52 6e 54 30 66 6f 6c Data Ascii: NjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjAuMCBTYWZhcmkvNTM3LjM2',d: 'jyDjUO8KyOMCLfZmZj6d9lJCizPM2PWOBXI7maTx95QhVJ9uB2Dc2AN7YftPCeEZMLJa0E/iWQ+ZmyZciLTZ+JgqXT+z6q4CRj4rEjzmjfNXlzgfWIrWqjiYKjIOwmeBrnX6t2VIKFRnT0fol
2024-09-27 23:47:52 UTC	589	IN	Data Raw: 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 48 61 73 68 2e 6c 65 6e 67 74 68 29 2e 69 6e 64 65 78 4f 66 28 27 3f 27 29 20 21 3d 3d 20 2d 31 20 3f 20 27 3f 27 20 3a 20 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 3b 69 66 20 28 77 69 6e 64 6f 77 2e 68 69 73 74 6f 72 79 20 26 26 20 77 69 6e 64 6f 77 2e 68 69 73 74 6f 72 79 2e 72 65 70 6c 61 63 65 53 74 61 74 65 29 20 7b 76 61 72 20 6f 67 55 20 3d 20 6c 6f 63 61 74 69 6f 6e 2e 70 61 74 68 6e 61 6d 65 20 2b 20 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 51 75 65 72 79 20 2b 20 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 48 61 73 68 3b 68 69 73 74 6f 72 79 2e 72 65 70 6c 61 63 65 53 74 61 74 65 28 6e 75 6c 6c 2c 20 6e 75 6c 6c 2c 20 22 5c 2f 68 63 Data Ascii: ow._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;if (window.history && window.history.replaceState) {var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;history.replaceState(null, null, "\/hc
2024-09-27 23:47:52 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
137	192.168.2.7	49925	35.190.80.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:52 UTC	542	OUT	OPTIONS /report/v4?s=NIKWRz%2BMSr2GLls2dpMrtsIsW2CuueKbRJKFHQC6Tzm5cUVxOcIeaGwAtddOFlUvBMnDhBkXDeu0q01Fl28FRQohXc8Mr6RD3PwgbQy5fVS1vQbwzaIkwTn1KexA%2Beanc2tYzvg%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://support.codapay.com Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:52 UTC	336	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-max-age: 86400 access-control-allow-methods: OPTIONS, POST access-control-allow-origin: * access-control-allow-headers: content-length, content-type date: Fri, 27 Sep 2024 23:47:52 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
138	192.168.2.7	49927	104.18.70.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:52 UTC	594	OUT	GET /hc/assets/application-a42a464885a505c24ac3b0ab35047489.css HTTP/1.1 Host: static.zdassets.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:52 UTC	1109	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:52 GMT Content-Type: text/css Content-Length: 56029 Connection: close x-amz-id-2: nzoQTqVYWo4SdeXd08MJ8RqL9t21wIynzJo/vYD7ZjnD9MvPjOE5lK/4RaemG342dlrorTyh0Jg= x-amz-request-id: 1C8YN4V31R0NZZB8 x-amz-replication-status: COMPLETED Last-Modified: Thu, 30 May 2024 07:49:10 GMT ETag: "5191d4ea06bcc144e6774b0fe859528e" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=604800 x-amz-version-id: Jm6bpbzCyZBWEX5rCECLgE.G9YmLzcCg CF-Cache-Status: HIT Age: 143705 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKscOKL8DtyIS353KEf%2FeIDtik21Y4kKIhkvnw6%2FJJZ4rx1WWL8LLpKNu%2FwJIqvQdWQHQuMNcunfUSC3x68JJZJoIiQvFWZs3kWonziXvU6ovbzYwwMRtDcAwcPXZHBwiaEoXPk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f619d2d6772a7-EWR
2024-09-27 23:47:52 UTC	260	IN	Data Raw: 3a 72 6f 6f 74 7b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 62 6c 61 63 6b 3a 20 23 30 30 30 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e 2d 31 30 30 3a 20 23 65 64 66 38 66 34 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e 2d 32 30 30 3a 20 23 64 31 65 38 64 66 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e 2d 33 30 30 3a 20 23 61 65 63 66 63 32 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e 2d 34 30 30 3a 20 23 35 65 61 65 39 31 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e 2d 35 30 30 3a 20 23 32 32 38 66 36 37 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e 2d 36 30 30 3a 20 23 30 33 38 31 35 33 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e 2d 37 30 30 3a 20 23 31 38 36 31 34 36 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 65 6e Data Ascii: :root{--zd-color-black: #000;--zd-color-green-100: #edf8f4;--zd-color-green-200: #d1e8df;--zd-color-green-300: #aecfc2;--zd-color-green-400: #5eae91;--zd-color-green-500: #228f67;--zd-color-green-600: #038153;--zd-color-green-700: #186146;--zd-color-green
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 20 23 30 62 33 62 32 39 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 31 30 30 3a 20 23 66 38 66 39 66 39 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 32 30 30 3a 20 23 65 39 65 62 65 64 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 33 30 30 3a 20 23 64 38 64 63 64 65 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 34 30 30 3a 20 23 63 32 63 38 63 63 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 35 30 30 3a 20 23 38 37 39 32 39 64 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 36 30 30 3a 20 23 36 38 37 33 37 64 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 37 30 30 3a 20 23 34 39 35 34 35 63 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 67 72 65 79 2d 38 30 30 3a 20 23 32 66 33 39 34 31 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 62 6c 75 Data Ascii: #0b3b29;--zd-color-grey-100: #f8f9f9;--zd-color-grey-200: #e9ebed;--zd-color-grey-300: #d8dcde;--zd-color-grey-400: #c2c8cc;--zd-color-grey-500: #87929d;--zd-color-grey-600: #68737d;--zd-color-grey-700: #49545c;--zd-color-grey-800: #2f3941;--zd-color-blu
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 66 75 73 63 68 69 61 2d 34 30 30 3a 20 23 64 36 35 33 63 32 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 66 75 73 63 68 69 61 2d 36 30 30 3a 20 23 61 38 31 38 39 37 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 6c 65 6d 6f 6e 2d 34 30 30 3a 20 23 66 66 64 34 32 34 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 6c 65 6d 6f 6e 2d 36 30 30 3a 20 23 66 66 62 62 31 30 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 6c 69 6d 65 2d 34 30 30 3a 20 23 34 33 62 33 32 34 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 6c 69 6d 65 2d 36 30 30 3a 20 23 32 65 38 32 30 30 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 Data Ascii: color-secondary-fuschia-400: #d653c2;--zd-color-secondary-fuschia-600: #a81897;--zd-color-secondary-lemon-400: #ffd424;--zd-color-secondary-lemon-600: #ffbb10;--zd-color-secondary-lime-400: #43b324;--zd-color-secondary-lime-600: #2e8200;--zd-color-seconda
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 32 33 61 35 64 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 70 75 72 70 6c 65 2d 4d 34 30 30 3a 20 23 62 30 37 32 63 63 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 70 75 72 70 6c 65 2d 4d 36 30 30 3a 20 23 39 33 35 38 62 30 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 72 6f 79 61 6c 2d 4d 34 30 30 3a 20 23 37 39 38 36 64 38 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 72 6f 79 61 6c 2d 4d 36 30 30 3a 20 23 34 62 36 31 63 33 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 74 65 61 6c 2d 4d 34 30 30 3a 20 23 32 64 39 65 38 66 3b 2d 2d 7a 64 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 2d 74 65 61 6c 2d 4d 36 30 30 3a 20 23 33 63 37 38 37 33 3b 2d 2d 7a Data Ascii: 23a5d;--zd-color-secondary-purple-M400: #b072cc;--zd-color-secondary-purple-M600: #9358b0;--zd-color-secondary-royal-M400: #7986d8;--zd-color-secondary-royal-M600: #4b61c3;--zd-color-secondary-teal-M400: #2d9e8f;--zd-color-secondary-teal-M600: #3c7873;--z
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 30 3b 2d 2d 7a 64 2d 66 6f 6e 74 2d 77 65 69 67 68 74 2d 62 6f 6c 64 3a 20 37 30 30 3b 2d 2d 7a 64 2d 66 6f 6e 74 2d 77 65 69 67 68 74 2d 65 78 74 72 61 62 6f 6c 64 3a 20 38 30 30 3b 2d 2d 7a 64 2d 66 6f 6e 74 2d 77 65 69 67 68 74 2d 62 6c 61 63 6b 3a 20 39 30 30 3b 2d 2d 7a 64 2d 66 6f 6e 74 2d 77 65 69 67 68 74 2d 75 6c 74 72 61 6c 69 67 68 74 3a 20 32 30 30 3b 2d 2d 7a 64 2d 66 6f 6e 74 2d 77 65 69 67 68 74 2d 75 6c 74 72 61 62 6f 6c 64 3a 20 38 30 30 3b 2d 2d 7a 64 2d 66 6f 6e 74 2d 77 65 69 67 68 74 2d 68 65 61 76 79 3a 20 39 30 30 3b 2d 2d 7a 64 2d 6c 69 6e 65 2d 68 65 69 67 68 74 2d 73 6d 3a 20 31 36 70 78 3b 2d 2d 7a 64 2d 6c 69 6e 65 2d 68 65 69 67 68 74 2d 6d 64 3a 20 32 30 70 78 3b 2d 2d 7a 64 2d 6c 69 6e 65 2d 68 65 69 67 68 74 2d 6c 67 3a 20 Data Ascii: 0;--zd-font-weight-bold: 700;--zd-font-weight-extrabold: 800;--zd-font-weight-black: 900;--zd-font-weight-ultralight: 200;--zd-font-weight-ultrabold: 800;--zd-font-weight-heavy: 900;--zd-line-height-sm: 16px;--zd-line-height-md: 20px;--zd-line-height-lg:
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 69 67 6e 2d 65 6e 64 7b 63 6c 65 61 72 3a 6e 6f 6e 65 7d 5b 64 69 72 3d 22 6c 74 72 22 5d 20 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 62 6c 6f 63 6b 2d 73 69 64 65 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 2e 35 65 6d 7d 5b 64 69 72 3d 22 72 74 6c 22 5d 20 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 62 6c 6f 63 6b 2d 73 69 64 65 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 2e 35 65 6d 7d 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 62 6c 6f 63 6b 2d 73 69 64 65 7b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 78 2d 77 69 64 74 68 3a 35 30 25 7d 5b 64 69 72 3d 22 6c 74 72 22 5d 20 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 61 6c 69 67 6e 2d 73 74 61 72 74 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 2e 35 65 6d 7d 5b 64 69 72 3d 22 72 74 6c 22 5d 20 2e Data Ascii: ign-end{clear:none}[dir="ltr"] .wysiwyg-image-block-side{margin-left:1.5em}[dir="rtl"] .wysiwyg-image-block-side{margin-right:1.5em}.wysiwyg-image-block-side{float:right;max-width:50%}[dir="ltr"] .wysiwyg-image-align-start{margin-right:1.5em}[dir="rtl"] .
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 69 6e 2d 62 6f 74 74 6f 6d 3a 63 61 6c 63 28 31 2e 35 65 6d 20 2f 20 32 29 7d 5b 64 69 72 3d 22 6c 74 72 22 5d 20 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 69 6e 6c 69 6e 65 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 61 6c 69 67 6e 2d 73 74 61 72 74 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 63 61 6c 63 28 31 2e 35 65 6d 20 2f 20 32 29 7d 5b 64 69 72 3d 22 72 74 6c 22 5d 20 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 69 6e 6c 69 6e 65 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 61 6c 69 67 6e 2d 73 74 61 72 74 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 63 61 6c 63 28 31 2e 35 65 6d 20 2f 20 32 29 7d 5b 64 69 72 3d 22 6c 74 72 22 5d 20 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 69 6e 6c 69 6e 65 2e 77 79 73 69 77 79 67 2d 69 6d 61 67 65 2d 61 6c 69 67 Data Ascii: in-bottom:calc(1.5em / 2)}[dir="ltr"] .wysiwyg-image-inline.wysiwyg-image-align-start{margin-right:calc(1.5em / 2)}[dir="rtl"] .wysiwyg-image-inline.wysiwyg-image-align-start{margin-left:calc(1.5em / 2)}[dir="ltr"] .wysiwyg-image-inline.wysiwyg-image-alig
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 6f 6c 6f 72 3a 23 39 30 30 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 72 65 64 31 33 30 7b 63 6f 6c 6f 72 3a 23 36 30 30 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 6f 72 61 6e 67 65 39 30 7b 63 6f 6c 6f 72 3a 23 66 66 61 64 33 33 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 6f 72 61 6e 67 65 38 30 7b 63 6f 6c 6f 72 3a 23 66 66 63 32 36 36 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 6f 72 61 6e 67 65 37 30 7b 63 6f 6c 6f 72 3a 23 66 66 64 36 39 39 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 6f 72 61 6e 67 65 31 31 30 7b 63 6f 6c 6f 72 3a 23 63 63 37 61 30 30 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 6f 72 61 6e 67 65 31 32 30 7b 63 6f 6c 6f 72 3a 23 39 39 35 63 30 30 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 6f 72 61 6e 67 Data Ascii: olor:#900}.wysiwyg-color-red130{color:#600}.wysiwyg-color-orange90{color:#ffad33}.wysiwyg-color-orange80{color:#ffc266}.wysiwyg-color-orange70{color:#ffd699}.wysiwyg-color-orange110{color:#cc7a00}.wysiwyg-color-orange120{color:#995c00}.wysiwyg-color-orang
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 63 6f 6c 6f 72 2d 70 69 6e 6b 38 30 7b 63 6f 6c 6f 72 3a 23 66 36 66 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 70 69 6e 6b 37 30 7b 63 6f 6c 6f 72 3a 23 66 39 66 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 70 69 6e 6b 31 31 30 7b 63 6f 6c 6f 72 3a 23 63 30 63 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 70 69 6e 6b 31 32 30 7b 63 6f 6c 6f 72 3a 23 39 30 39 7d 2e 77 79 73 69 77 79 67 2d 63 6f 6c 6f 72 2d 70 69 6e 6b 31 33 30 7b 63 6f 6c 6f 72 3a 23 36 30 36 7d 2e 77 79 73 69 77 79 67 2d 66 6f 6e 74 2d 73 69 7a 65 2d 73 6d 61 6c 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 78 2d 73 6d 61 6c 6c 7d 2e 77 79 73 69 77 79 67 2d 66 6f 6e 74 2d 73 69 7a 65 2d 6d 65 64 69 75 6d 7b 66 6f 6e 74 2d 73 69 7a 65 3a 73 6d 61 6c 6c 7d 2e 77 79 73 69 77 79 67 2d 66 6f Data Ascii: color-pink80{color:#f6f}.wysiwyg-color-pink70{color:#f9f}.wysiwyg-color-pink110{color:#c0c}.wysiwyg-color-pink120{color:#909}.wysiwyg-color-pink130{color:#606}.wysiwyg-font-size-small{font-size:x-small}.wysiwyg-font-size-medium{font-size:small}.wysiwyg-fo
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 68 74 3a 38 30 70 78 7d 2e 77 79 73 69 77 79 67 2d 69 6e 64 65 6e 74 39 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 39 30 70 78 7d 5b 64 69 72 3d 72 74 6c 5d 20 2e 77 79 73 69 77 79 67 2d 69 6e 64 65 6e 74 39 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 39 30 70 78 7d 2e 77 79 73 69 77 79 67 2d 69 6e 64 65 6e 74 31 30 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 30 30 70 78 7d 5b 64 69 72 3d 72 74 6c 5d 20 2e 77 79 73 69 77 79 67 2d 69 6e 64 65 6e 74 31 30 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 30 30 70 78 7d 2e 77 79 73 69 77 79 67 2d 69 6e 64 65 6e 74 31 31 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 31 30 70 78 7d 5b 64 69 72 3d 72 74 6c Data Ascii: ht:80px}.wysiwyg-indent9{padding-left:90px}[dir=rtl] .wysiwyg-indent9{padding-left:auto;padding-right:90px}.wysiwyg-indent10{padding-left:100px}[dir=rtl] .wysiwyg-indent10{padding-left:auto;padding-right:100px}.wysiwyg-indent11{padding-left:110px}[dir=rtl

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
139	192.168.2.7	49926	104.18.70.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:52 UTC	601	OUT	GET /hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css HTTP/1.1 Host: static.zdassets.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:52 UTC	1128	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:52 GMT Content-Type: text/css Content-Length: 9380 Connection: close x-amz-id-2: zMkAx6jyqiio1l801tP+2F2hc2/MnZik+s+k9HxLLQgM15NN8eQUyTXRjK/UssGUu3OYRtv8mSlg2gUN05dFdycJPQjkljpU x-amz-request-id: 1TYG730YKPQPBSFA x-amz-replication-status: COMPLETED Last-Modified: Tue, 09 Apr 2024 13:28:59 GMT ETag: "359c3fce9769020f14763e4e3615597d" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=604800 x-amz-version-id: ll1Uyexen4pkNq816YOEFcGv6IrZ10YT CF-Cache-Status: HIT Age: 193634 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C74Dgv9EQGLQgvIVKDerHPJnXiMsrB%2FvQfSAOb4lDJyFnVYakAfcJ7lY1M1QdNaHKFjMML3BiW3Qt3gNAgCDGw40kLh0SBl2DgTodiIYUQ4TeaXvojBaum%2FhVneOe8%2FchiYP7UE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f619d2d22435e-EWR
2024-09-27 23:47:52 UTC	241	IN	Data Raw: 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 2a 2f 68 74 6d 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 61 6e 73 2d 73 65 72 69 66 3b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 7d 61 72 74 69 63 6c 65 2c 61 73 69 64 65 2c 64 65 74 61 69 6c 73 2c 66 69 67 63 61 70 74 69 6f 6e 2c 66 69 67 75 72 65 2c 66 6f 6f 74 65 72 2c 68 65 61 64 65 72 2c 68 67 72 6f 75 70 2c 6d 61 69 6e 2c 6d Data Ascii: /! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css /html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,m
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 65 6e 75 2c 6e 61 76 2c 73 65 63 74 69 6f 6e 2c 73 75 6d 6d 61 72 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 61 75 64 69 6f 2c 63 61 6e 76 61 73 2c 70 72 6f 67 72 65 73 73 2c 76 69 64 65 6f 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 62 61 73 65 6c 69 6e 65 7d 61 75 64 69 6f 3a 6e 6f 74 28 5b 63 6f 6e 74 72 6f 6c 73 5d 29 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 68 65 69 67 68 74 3a 30 7d 5b 68 69 64 64 65 6e 5d 2c 74 65 6d 70 6c 61 74 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 61 3a 61 63 74 69 76 65 2c 61 3a 68 6f 76 65 72 7b 6f 75 74 6c 69 6e 65 3a 30 7d 61 62 62 72 5b 74 69 74 6c 65 5d Data Ascii: enu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 2d 73 65 61 72 63 68 2d 63 61 6e 63 65 6c 2d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 64 65 63 6f 72 61 74 69 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 66 69 65 6c 64 73 65 74 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 73 69 6c 76 65 72 3b 6d 61 72 67 69 6e 3a 30 20 32 70 78 3b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 36 32 35 65 6d 20 2e 37 35 65 6d 7d 6c 65 67 65 6e 64 7b 62 6f 72 64 65 72 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 74 65 78 74 61 72 65 61 7b 6f 76 65 72 66 6c 6f 77 3a 61 75 74 6f 7d 6f 70 74 67 72 6f 75 70 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 74 61 62 6c 65 7b 62 6f 72 64 65 72 2d 63 6f Data Ascii: -search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}legend{border:0;padding:0}textarea{overflow:auto}optgroup{font-weight:bold}table{border-co
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 74 65 78 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2b 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2d 31 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 74 6f 70 3a 2d 31 70 78 7d 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 65 72 72 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 65 64 65 64 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 66 37 63 62 63 62 7d 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 65 72 72 6f 72 20 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 69 63 6f 6e 3a 3a 62 65 66 6f 72 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 Data Ascii: l-align:middle}.notification-text{padding:0 15px;width:100%}.notification+.notification{margin-bottom:-1px;position:relative;top:-1px}.notification-error{background:#ffeded;border-color:#f7cbcb}.notification-error .notification-icon::before{background-ima
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 20 68 65 69 67 68 74 3d 25 32 37 31 32 25 32 37 20 66 6f 63 75 73 61 62 6c 65 3d 25 32 37 66 61 6c 73 65 25 32 37 20 76 69 65 77 42 6f 78 3d 25 32 37 30 20 30 20 31 32 20 31 32 25 32 37 25 33 45 25 33 43 70 61 74 68 20 66 69 6c 6c 3d 25 32 37 6e 6f 6e 65 25 32 37 20 73 74 72 6f 6b 65 3d 25 32 37 25 32 33 61 64 35 65 31 38 25 32 37 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 25 32 37 72 6f 75 6e 64 25 32 37 20 64 3d 25 32 37 4d 35 2e 30 36 20 31 2e 32 37 6c 2d 34 2e 35 20 38 2e 35 63 2d 2e 31 38 2e 33 33 2e 30 36 2e 37 33 2e 34 34 2e 37 33 68 39 63 2e 33 38 20 30 20 2e 36 32 2d 2e 34 2e 34 34 2d 2e 37 33 6c 2d 34 2e 35 2d 38 2e 35 61 2e 34 39 34 2e 34 39 34 20 30 20 30 30 2d 2e 38 38 20 30 7a 4d 35 2e 35 20 34 76 32 25 32 37 2f 25 33 45 25 33 43 63 69 Data Ascii: height=%2712%27 focusable=%27false%27 viewBox=%270 0 12 12%27%3E%3Cpath fill=%27none%27 stroke=%27%23ad5e18%27 stroke-linecap=%27round%27 d=%27M5.06 1.27l-4.5 8.5c-.18.33.06.73.44.73h9c.38 0 .62-.4.44-.73l-4.5-8.5a.494.494 0 00-.88 0zM5.5 4v2%27/%3E%3Cci
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 3a 31 70 78 20 73 6f 6c 69 64 20 23 65 33 35 62 36 36 3b 63 6f 6c 6f 72 3a 23 65 33 35 62 36 36 3b 63 6f 6e 74 65 6e 74 3a 22 21 22 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 38 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 68 65 69 67 68 74 3a 31 32 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 2d 32 70 78 20 35 70 78 20 30 20 30 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 77 69 64 74 68 3a 31 32 70 78 7d 5b 64 69 72 3d 72 74 6c 5d 20 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 69 6e 6c 69 6e 65 2e 6e 6f Data Ascii: :1px solid #e35b66;color:#e35b66;content:"!";display:inline-block;font-family:sans-serif;font-size:8px;font-weight:normal;height:12px;line-height:12px;margin:-2px 5px 0 0;text-align:center;vertical-align:middle;width:12px}[dir=rtl] .notification-inline.no
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 70 64 6f 77 6e 2d 6d 65 6e 75 20 5b 72 6f 6c 65 3d 6d 65 6e 75 69 74 65 6d 5d 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 5b 64 69 72 3d 22 72 74 6c 22 5d 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 5b 72 6f 6c 65 3d 6d 65 6e 75 69 74 65 6d 5d 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 5b 72 6f 6c 65 3d 6d 65 6e 75 69 74 65 6d 5d 7b 63 6f 6c 6f 72 3a 23 33 33 33 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 3a 37 70 78 20 34 30 70 78 20 37 70 78 20 32 30 70 78 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a Data Ascii: pdown-menu [role=menuitem]{text-align:left}[dir="rtl"] .dropdown-menu [role=menuitem]{text-align:right}.dropdown-menu [role=menuitem]{color:#333;cursor:pointer;display:block;padding:7px 40px 7px 20px;white-space:nowrap;background-color:transparent;border:
2024-09-27 23:47:52 UTC	925	IN	Data Raw: 6d 65 6e 75 2d 65 6e 64 7b 6c 65 66 74 3a 61 75 74 6f 3b 72 69 67 68 74 3a 30 7d 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 65 6e 64 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 63 61 72 65 74 3a 3a 62 65 66 6f 72 65 7b 6c 65 66 74 3a 61 75 74 6f 3b 72 69 67 68 74 3a 39 70 78 7d 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 65 6e 64 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 63 61 72 65 74 3a 3a 61 66 74 65 72 7b 6c 65 66 74 3a 61 75 74 6f 3b 72 69 67 68 74 3a 31 30 70 78 7d 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 74 6f 70 7b 62 6f 74 74 6f 6d 3a 31 30 30 25 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 70 78 7d 5b 64 69 72 3d 72 74 6c 5d 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 7b 6c 65 66 74 3a 61 75 74 6f 3b 72 69 67 68 74 3a 30 3b 74 65 Data Ascii: menu-end{left:auto;right:0}.dropdown-menu-end.dropdown-menu-caret::before{left:auto;right:9px}.dropdown-menu-end.dropdown-menu-caret::after{left:auto;right:10px}.dropdown-menu-top{bottom:100%;margin-bottom:1px}[dir=rtl] .dropdown-menu{left:auto;right:0;te

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
140	192.168.2.7	49928	104.18.70.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:52 UTC	574	OUT	GET /hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js HTTP/1.1 Host: static.zdassets.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:52 UTC	1137	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:52 GMT Content-Type: application/javascript Content-Length: 92460 Connection: close x-amz-id-2: +uBiO8D1DJLDGFmSLNLKoy6n5ANGPPlxKG3Yasg6PXR51K480O/sUsz7gvXC4qEg0qwu8Ekqdrldnmyt0vWrbg== x-amz-request-id: JA270QCR3AZTPBNN x-amz-replication-status: COMPLETED Last-Modified: Tue, 11 Jun 2024 09:19:04 GMT ETag: "06821d0f1e25137c2297502c6ced525d" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=604800 x-amz-version-id: de3lWxEA2PehENJUolMMFXlB.nwX03Eg CF-Cache-Status: HIT Age: 193634 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fghjdlq8v0T292rONRSx7Pv22xeHLYJMR8jNBbiHIYCa62IjDwxe8UW4lgH1bMTokdTgWPE43IE%2F1KyNCjpAYBEIBeKxBEeSh8njIkdeEni1Z%2BxxIE%2BjnDfvc%2BRuSExdOgFy5OM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f619d4cff436c-EWR
2024-09-27 23:47:52 UTC	232	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 72 28 65 29 7b 21 73 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 22 6c 6f 61 64 22 21 3d 3d 65 2e 74 79 70 65 26 26 22 63 6f 6d 70 6c 65 74 65 22 21 3d 3d 73 2e 72 65 61 64 79 53 74 61 74 65 7c 7c 28 71 28 29 2c 77 2e 72 65 61 64 79 28 29 29 7d 76 61 72 20 69 2c 6f 2c 61 3d 74 79 70 65 6f 66 20 74 2c 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 2c 75 3d 65 2e 6c 6f 63 61 74 69 6f 6e 2c 6c 3d 65 2e 6a 51 75 65 72 79 2c 63 3d 65 2e 24 2c 66 3d 7b 7d 2c 70 3d 5b 5d 2c 64 3d 22 31 2e 39 2e 31 22 2c 68 Data Ascii: !function(e,t){function n(e,t){return t.toUpperCase()}function r(e){!s.addEventListener&&"load"!==e.type&&"complete"!==s.readyState\|\|(q(),w.ready())}var i,o,a=typeof t,s=e.document,u=e.location,l=e.jQuery,c=e.$,f={},p=[],d="1.9.1",h
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 3d 70 2e 63 6f 6e 63 61 74 2c 67 3d 70 2e 70 75 73 68 2c 6d 3d 70 2e 73 6c 69 63 65 2c 79 3d 70 2e 69 6e 64 65 78 4f 66 2c 76 3d 66 2e 74 6f 53 74 72 69 6e 67 2c 62 3d 66 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 78 3d 64 2e 74 72 69 6d 2c 77 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 77 2e 66 6e 2e 69 6e 69 74 28 65 2c 74 2c 6f 29 7d 2c 54 3d 2f 5b 2b 2d 5d 3f 28 3f 3a 5c 64 2a 5c 2e 7c 29 5c 64 2b 28 3f 3a 5b 65 45 5d 5b 2b 2d 5d 3f 5c 64 2b 7c 29 2f 2e 73 6f 75 72 63 65 2c 4e 3d 2f 5c 53 2b 2f 67 2c 43 3d 2f 5e 5b 5c 73 5c 75 46 45 46 46 5c 78 41 30 5d 2b 7c 5b 5c 73 5c 75 46 45 46 46 5c 78 41 30 5d 2b 24 2f 67 2c 6b 3d 2f 5e 28 3f 3a 28 3c 5b 5c 77 5c 57 5d 2b 3e 29 5b 5e 3e 5d 2a 7c 23 28 5b 5c 77 2d 5d 2a 29 Data Ascii: =p.concat,g=p.push,m=p.slice,y=p.indexOf,v=f.toString,b=f.hasOwnProperty,x=d.trim,w=function(e,t){return new w.fn.init(e,t,o)},T=/[+-]?(?:\d\.\|)\d+(?:[eE][+-]?\d+\|)/.source,N=/\S+/g,C=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,k=/^(?:(<[\w\W]+>)[^>]\|#([\w-]*)
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 65 73 74 28 69 5b 31 5d 29 26 26 77 2e 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 28 6e 29 29 66 6f 72 28 69 20 69 6e 20 6e 29 77 2e 69 73 46 75 6e 63 74 69 6f 6e 28 74 68 69 73 5b 69 5d 29 3f 74 68 69 73 5b 69 5d 28 6e 5b 69 5d 29 3a 74 68 69 73 2e 61 74 74 72 28 69 2c 6e 5b 69 5d 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 69 66 28 28 6f 3d 73 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 5b 32 5d 29 29 26 26 6f 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7b 69 66 28 6f 2e 69 64 21 3d 3d 69 5b 32 5d 29 72 65 74 75 72 6e 20 72 2e 66 69 6e 64 28 65 29 3b 74 68 69 73 2e 6c 65 6e 67 74 68 3d 31 2c 74 68 69 73 5b 30 5d 3d 6f 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 63 6f 6e 74 65 78 74 3d 73 2c 74 68 69 73 2e 73 65 6c 65 63 74 6f 72 3d 65 2c 74 68 69 73 7d 2c 73 65 6c Data Ascii: est(i[1])&&w.isPlainObject(n))for(i in n)w.isFunction(this[i])?this[i](n[i]):this.attr(i,n[i]);return this}if((o=s.getElementById(i[2]))&&o.parentNode){if(o.id!==i[2])return r.find(e);this.length=1,this[0]=o}return this.context=s,this.selector=e,this},sel
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 72 26 26 28 77 2e 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 28 72 29 7c 7c 28 6e 3d 77 2e 69 73 41 72 72 61 79 28 72 29 29 29 3f 28 61 3d 6e 3f 28 6e 3d 21 31 2c 65 26 26 77 2e 69 73 41 72 72 61 79 28 65 29 3f 65 3a 5b 5d 29 3a 65 26 26 77 2e 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 28 65 29 3f 65 3a 7b 7d 2c 73 5b 69 5d 3d 77 2e 65 78 74 65 6e 64 28 63 2c 61 2c 72 29 29 3a 72 21 3d 3d 74 26 26 28 73 5b 69 5d 3d 72 29 29 3b 72 65 74 75 72 6e 20 73 7d 2c 77 2e 65 78 74 65 6e 64 28 7b 6e 6f 43 6f 6e 66 6c 69 63 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 24 3d 3d 3d 77 26 26 28 65 2e 24 3d 63 29 2c 74 26 26 65 2e 6a 51 75 65 72 79 3d 3d 3d 77 26 26 28 65 2e 6a 51 75 65 72 79 3d 6c 29 2c 77 7d 2c 69 73 52 65 61 64 79 3a 21 31 2c 72 65 61 Data Ascii: r&&(w.isPlainObject(r)\|\|(n=w.isArray(r)))?(a=n?(n=!1,e&&w.isArray(e)?e:[]):e&&w.isPlainObject(e)?e:{},s[i]=w.extend(c,a,r)):r!==t&&(s[i]=r));return s},w.extend({noConflict:function(t){return e.$===w&&(e.$=c),t&&e.jQuery===w&&(e.jQuery=l),w},isReady:!1,rea
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 45 6c 65 6d 65 6e 74 28 72 5b 31 5d 29 5d 3a 28 72 3d 77 2e 62 75 69 6c 64 46 72 61 67 6d 65 6e 74 28 5b 65 5d 2c 74 2c 69 29 2c 69 26 26 77 28 69 29 2e 72 65 6d 6f 76 65 28 29 2c 77 2e 6d 65 72 67 65 28 5b 5d 2c 72 2e 63 68 69 6c 64 4e 6f 64 65 73 29 29 7d 2c 70 61 72 73 65 4a 53 4f 4e 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 4a 53 4f 4e 26 26 65 2e 4a 53 4f 4e 2e 70 61 72 73 65 3f 65 2e 4a 53 4f 4e 2e 70 61 72 73 65 28 74 29 3a 6e 75 6c 6c 3d 3d 3d 74 3f 74 3a 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 28 74 3d 77 2e 74 72 69 6d 28 74 29 29 26 26 53 2e 74 65 73 74 28 74 2e 72 65 70 6c 61 63 65 28 6a 2c 22 40 22 29 2e 72 65 70 6c 61 63 65 28 44 2c 22 5d 22 29 2e 72 65 70 6c 61 63 65 28 41 2c 22 22 29 29 3f 6e 65 Data Ascii: Element(r[1])]:(r=w.buildFragment([e],t,i),i&&w(i).remove(),w.merge([],r.childNodes))},parseJSON:function(t){return e.JSON&&e.JSON.parse?e.JSON.parse(t):null===t?t:"string"==typeof t&&(t=w.trim(t))&&S.test(t.replace(j,"@").replace(D,"]").replace(A,""))?ne
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 65 29 29 2c 6e 7d 2c 69 6e 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3b 69 66 28 74 29 7b 69 66 28 79 29 72 65 74 75 72 6e 20 79 2e 63 61 6c 6c 28 74 2c 65 2c 6e 29 3b 66 6f 72 28 72 3d 74 2e 6c 65 6e 67 74 68 2c 6e 3d 6e 3f 6e 3c 30 3f 4d 61 74 68 2e 6d 61 78 28 30 2c 72 2b 6e 29 3a 6e 3a 30 3b 6e 3c 72 3b 6e 2b 2b 29 69 66 28 6e 20 69 6e 20 74 26 26 74 5b 6e 5d 3d 3d 3d 65 29 72 65 74 75 72 6e 20 6e 7d 72 65 74 75 72 6e 2d 31 7d 2c 6d 65 72 67 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 72 3d 6e 2e 6c 65 6e 67 74 68 2c 69 3d 65 2e 6c 65 6e 67 74 68 2c 6f 3d 30 3b 69 66 28 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 72 29 66 6f 72 28 3b 6f 3c 72 3b 6f 2b 2b 29 65 5b 69 2b 2b 5d 3d 6e 5b 6f 5d Data Ascii: e)),n},inArray:function(e,t,n){var r;if(t){if(y)return y.call(t,e,n);for(r=t.length,n=n?n<0?Math.max(0,r+n):n:0;n<r;n++)if(n in t&&t[n]===e)return n}return-1},merge:function(e,n){var r=n.length,i=e.length,o=0;if("number"==typeof r)for(;o<r;o++)e[i++]=n[o]
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 31 29 2c 65 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 72 2c 21 31 29 3b 65 6c 73 65 7b 73 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 22 2c 72 29 2c 65 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 6c 6f 61 64 22 2c 72 29 3b 76 61 72 20 6e 3d 21 31 3b 74 72 79 7b 6e 3d 6e 75 6c 6c 3d 3d 65 2e 66 72 61 6d 65 45 6c 65 6d 65 6e 74 26 26 73 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 7d 63 61 74 63 68 28 74 29 7b 7d 6e 26 26 6e 2e 64 6f 53 63 72 6f 6c 6c 26 26 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 69 66 28 21 77 2e 69 73 52 65 61 64 79 29 7b 74 72 79 7b 6e 2e 64 6f 53 63 72 6f 6c 6c 28 22 6c 65 66 74 22 29 7d 63 61 74 63 68 28 74 29 7b 72 65 74 75 72 6e 20 73 65 74 54 Data Ascii: 1),e.addEventListener("load",r,!1);else{s.attachEvent("onreadystatechange",r),e.attachEvent("onload",r);var n=!1;try{n=null==e.frameElement&&s.documentElement}catch(t){}n&&n.doScroll&&function e(){if(!w.isReady){try{n.doScroll("left")}catch(t){return setT
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 6c 6f 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 3d 74 2c 72 7c 7c 66 2e 64 69 73 61 62 6c 65 28 29 2c 74 68 69 73 7d 2c 6c 6f 63 6b 65 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 21 6c 7d 2c 66 69 72 65 57 69 74 68 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 3d 5b 65 2c 28 74 3d 74 7c 7c 5b 5d 29 2e 73 6c 69 63 65 3f 74 2e 73 6c 69 63 65 28 29 3a 74 5d 2c 21 75 7c 7c 69 26 26 21 6c 7c 7c 28 6e 3f 6c 2e 70 75 73 68 28 74 29 3a 63 28 74 29 29 2c 74 68 69 73 7d 2c 66 69 72 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 2e 66 69 72 65 57 69 74 68 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 2c 74 68 69 73 7d 2c 66 69 72 65 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e Data Ascii: lock:function(){return l=t,r\|\|f.disable(),this},locked:function(){return!l},fireWith:function(e,t){return t=[e,(t=t\|\|[]).slice?t.slice():t],!u\|\|i&&!l\|\|(n?l.push(t):c(t)),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 74 69 66 79 57 69 74 68 28 74 2c 72 29 3a 2d 2d 75 7c 7c 6c 2e 72 65 73 6f 6c 76 65 57 69 74 68 28 74 2c 72 29 7d 7d 76 61 72 20 6e 2c 72 2c 69 2c 6f 3d 30 2c 61 3d 6d 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 2c 73 3d 61 2e 6c 65 6e 67 74 68 2c 75 3d 31 21 3d 3d 73 7c 7c 65 26 26 77 2e 69 73 46 75 6e 63 74 69 6f 6e 28 65 2e 70 72 6f 6d 69 73 65 29 3f 73 3a 30 2c 6c 3d 31 3d 3d 3d 75 3f 65 3a 77 2e 44 65 66 65 72 72 65 64 28 29 3b 69 66 28 31 3c 73 29 66 6f 72 28 6e 3d 6e 65 77 20 41 72 72 61 79 28 73 29 2c 72 3d 6e 65 77 20 41 72 72 61 79 28 73 29 2c 69 3d 6e 65 77 20 41 72 72 61 79 28 73 29 3b 6f 3c 73 3b 6f 2b 2b 29 61 5b 6f 5d 26 26 77 2e 69 73 46 75 6e 63 74 69 6f 6e 28 61 5b 6f 5d 2e 70 72 6f 6d 69 73 65 29 3f 61 5b 6f 5d 2e 70 72 6f 6d 69 73 Data Ascii: tifyWith(t,r):--u\|\|l.resolveWith(t,r)}}var n,r,i,o=0,a=m.call(arguments),s=a.length,u=1!==s\|\|e&&w.isFunction(e.promise)?s:0,l=1===u?e:w.Deferred();if(1<s)for(n=new Array(s),r=new Array(s),i=new Array(s);o<s;o++)a[o]&&w.isFunction(a[o].promise)?a[o].promis
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 6f 75 74 3a 21 31 2c 73 68 72 69 6e 6b 57 72 61 70 42 6c 6f 63 6b 73 3a 21 31 2c 72 65 6c 69 61 62 6c 65 4d 61 72 67 69 6e 52 69 67 68 74 3a 21 30 2c 62 6f 78 53 69 7a 69 6e 67 52 65 6c 69 61 62 6c 65 3a 21 30 2c 70 69 78 65 6c 50 6f 73 69 74 69 6f 6e 3a 21 31 7d 2c 69 2e 63 68 65 63 6b 65 64 3d 21 30 2c 74 2e 6e 6f 43 6c 6f 6e 65 43 68 65 63 6b 65 64 3d 69 2e 63 6c 6f 6e 65 4e 6f 64 65 28 21 30 29 2e 63 68 65 63 6b 65 64 2c 6f 2e 64 69 73 61 62 6c 65 64 3d 21 30 2c 74 2e 6f 70 74 44 69 73 61 62 6c 65 64 3d 21 6c 2e 64 69 73 61 62 6c 65 64 3b 74 72 79 7b 64 65 6c 65 74 65 20 64 2e 74 65 73 74 7d 63 61 74 63 68 28 6e 29 7b 74 2e 64 65 6c 65 74 65 45 78 70 61 6e 64 6f 3d 21 31 7d 66 6f 72 28 70 20 69 6e 28 69 3d 73 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 Data Ascii: out:!1,shrinkWrapBlocks:!1,reliableMarginRight:!0,boxSizingReliable:!0,pixelPosition:!1},i.checked=!0,t.noCloneChecked=i.cloneNode(!0).checked,o.disabled=!0,t.optDisabled=!l.disabled;try{delete d.test}catch(n){t.deleteExpando=!1}for(p in(i=s.createElement

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
141	192.168.2.7	49929	216.198.53.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:52 UTC	783	OUT	GET /hc/theming_assets/592660/165805/script.js?digest=33371583435033 HTTP/1.1 Host: support.codapay.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
2024-09-27 23:47:52 UTC	982	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:52 GMT Content-Type: text/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-Ray: 8c9f619d4cbe19c7-EWR CF-Cache-Status: HIT Age: 365441 Cache-Control: max-age=604800, public ETag: W/"e419b62ae35cc3a7204d6b535399f76b" Strict-Transport-Security: max-age=259200; includeSubDomains Vary: Accept, Accept-Encoding Protocol: HTTP/1.1 always X-Request-ID: 8c7c87b416065e68-EWR x-runtime: 0.023685 x-ua-compatible: IE=edge x-zendesk-origin-server: app-server-d88c9dd99-9np2q x-zendesk-processed-host-header: support.codapay.com X-Zendesk-Zorg: yes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pZwidjxuYJJq8N%2Fe9KbOWcuFLRdoingqwrUgUW3LIoqzriXNSJAtdSMR%2FPB52n5mGHpD6R0pQ8YdOsnmXx%2F4acHLeWTiyMhyT7II5YmklDCdsHRWBmJM2RnVZ%2FXZwH0NfOssR4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Server: cloudflare
2024-09-27 23:47:52 UTC	387	IN	Data Raw: 33 34 30 34 0d 0a 64 6f 63 75 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 20 20 2f 2f 20 4b 65 79 20 6d 61 70 0a 20 20 76 61 72 20 45 4e 54 45 52 20 3d 20 31 33 3b 0a 20 20 76 61 72 20 45 53 43 41 50 45 20 3d 20 32 37 3b 0a 20 20 76 61 72 20 53 50 41 43 45 20 3d 20 33 32 3b 0a 20 20 76 61 72 20 55 50 20 3d 20 33 38 3b 0a 20 20 76 61 72 20 44 4f 57 4e 20 3d 20 34 30 3b 0a 20 20 76 61 72 20 54 41 42 20 3d 20 39 3b 0a 0a 20 20 66 75 6e 63 74 69 6f 6e 20 63 6c 6f 73 65 73 74 20 28 65 6c 65 6d 65 6e 74 2c 20 73 65 6c 65 63 74 6f 72 29 20 7b 0a 20 20 20 20 69 66 20 28 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 6f 73 65 73 74 Data Ascii: 3404document.addEventListener('DOMContentLoaded', function() { // Key map var ENTER = 13; var ESCAPE = 27; var SPACE = 32; var UP = 38; var DOWN = 40; var TAB = 9; function closest (element, selector) { if (Element.prototype.closest
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 7c 7c 20 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 6d 73 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 20 26 26 20 65 6c 65 6d 65 6e 74 2e 6d 73 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 28 73 65 6c 65 63 74 6f 72 29 0a 20 20 20 20 20 20 20 20 7c 7c 20 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 77 65 62 6b 69 74 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 20 26 26 20 65 6c 65 6d 65 6e 74 2e 77 65 62 6b 69 74 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 28 73 65 6c 65 63 74 6f 72 29 29 20 7b 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 65 6c 65 6d 65 6e 74 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 65 6c 65 6d 65 6e 74 20 3d 20 65 6c 65 6d 65 6e 74 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 20 7c 7c 20 65 6c 65 6d 65 6e 74 Data Ascii: \|\| Element.prototype.msMatchesSelector && element.msMatchesSelector(selector) \|\| Element.prototype.webkitMatchesSelector && element.webkitMatchesSelector(selector)) { return element; } element = element.parentElement \|\| element
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 6d 65 6e 74 2d 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 73 2c 20 2e 63 6f 6d 6d 65 6e 74 2d 63 63 73 27 29 3b 0a 0a 20 20 69 66 20 28 63 6f 6d 6d 65 6e 74 43 6f 6e 74 61 69 6e 65 72 54 65 78 74 61 72 65 61 29 20 7b 0a 20 20 20 20 63 6f 6d 6d 65 6e 74 43 6f 6e 74 61 69 6e 65 72 54 65 78 74 61 72 65 61 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 66 6f 63 75 73 27 2c 20 66 75 6e 63 74 69 6f 6e 20 66 6f 63 75 73 43 6f 6d 6d 65 6e 74 43 6f 6e 74 61 69 6e 65 72 54 65 78 74 61 72 65 61 28 29 20 7b 0a 20 20 20 20 20 20 63 6f 6d 6d 65 6e 74 43 6f 6e 74 61 69 6e 65 72 46 6f 72 6d 43 6f 6e 74 72 6f 6c 73 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 20 3d 20 27 62 6c 6f 63 6b 27 3b 0a 20 20 20 20 20 20 63 6f 6d 6d 65 6e 74 43 6f 6e 74 61 69 6e 65 72 54 65 78 74 Data Ascii: ment-form-controls, .comment-ccs'); if (commentContainerTextarea) { commentContainerTextarea.addEventListener('focus', function focusCommentContainerTextarea() { commentContainerFormControls.style.display = 'block'; commentContainerText
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 4d 61 72 6b 41 73 53 6f 6c 76 65 64 42 75 74 74 6f 6e 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 2e 72 65 71 75 65 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 6d 61 72 6b 2d 61 73 2d 73 6f 6c 76 65 64 3a 6e 6f 74 28 5b 64 61 74 61 2d 64 69 73 61 62 6c 65 64 5d 29 27 29 2c 0a 20 20 20 20 72 65 71 75 65 73 74 4d 61 72 6b 41 73 53 6f 6c 76 65 64 43 68 65 63 6b 62 6f 78 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 2e 72 65 71 75 65 73 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6d 6d 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 20 69 6e 70 75 74 5b 74 79 70 65 3d 63 68 65 63 6b 62 6f 78 5d 27 29 2c 0a 20 20 20 20 72 65 71 75 65 73 74 43 6f 6d 6d 65 6e 74 53 75 62 6d 69 74 42 75 74 74 6f 6e 20 Data Ascii: MarkAsSolvedButton = document.querySelector('.request-container .mark-as-solved:not([data-disabled])'), requestMarkAsSolvedCheckbox = document.querySelector('.request-container .comment-container input[type=checkbox]'), requestCommentSubmitButton
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 61 29 20 7b 0a 20 20 20 20 72 65 71 75 65 73 74 43 6f 6d 6d 65 6e 74 54 65 78 74 61 72 65 61 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 69 6e 70 75 74 27 2c 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 20 20 20 20 20 20 69 66 20 28 69 73 45 6d 70 74 79 28 72 65 71 75 65 73 74 43 6f 6d 6d 65 6e 74 54 65 78 74 61 72 65 61 2e 76 61 6c 75 65 29 29 20 7b 0a 20 20 20 20 20 20 20 20 69 66 20 28 72 65 71 75 65 73 74 4d 61 72 6b 41 73 53 6f 6c 76 65 64 42 75 74 74 6f 6e 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 72 65 71 75 65 73 74 4d 61 72 6b 41 73 53 6f 6c 76 65 64 42 75 74 74 6f 6e 2e 69 6e 6e 65 72 54 65 78 74 20 3d 20 72 65 71 75 65 73 74 4d 61 72 6b 41 73 53 6f 6c 76 65 64 42 75 74 74 6f 6e 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 27 64 61 74 61 Data Ascii: a) { requestCommentTextarea.addEventListener('input', function() { if (isEmpty(requestCommentTextarea.value)) { if (requestMarkAsSolvedButton) { requestMarkAsSolvedButton.innerText = requestMarkAsSolvedButton.getAttribute('data
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 52 29 20 7b 0a 20 20 20 20 20 20 65 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 3b 0a 20 20 20 20 20 20 73 61 76 65 46 6f 63 75 73 28 29 3b 0a 20 20 20 20 20 20 63 6c 6f 73 65 73 74 28 74 68 69 73 2c 20 27 66 6f 72 6d 27 29 2e 73 75 62 6d 69 74 28 29 3b 0a 20 20 20 20 7d 0a 20 20 7d 29 3b 0a 0a 20 20 66 75 6e 63 74 69 6f 6e 20 74 6f 67 67 6c 65 4e 61 76 69 67 61 74 69 6f 6e 28 74 6f 67 67 6c 65 2c 20 6d 65 6e 75 29 20 7b 0a 20 20 20 20 76 61 72 20 69 73 45 78 70 61 6e 64 65 64 20 3d 20 6d 65 6e 75 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 27 61 72 69 61 2d 65 78 70 61 6e 64 65 64 27 29 20 3d 3d 3d 20 27 74 72 75 65 27 3b 0a 20 20 20 20 6d 65 6e 75 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 27 61 72 69 61 2d 65 78 70 61 6e 64 65 64 27 2c 20 21 69 Data Ascii: R) { e.stopPropagation(); saveFocus(); closest(this, 'form').submit(); } }); function toggleNavigation(toggle, menu) { var isExpanded = menu.getAttribute('aria-expanded') === 'true'; menu.setAttribute('aria-expanded', !i
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 0a 0a 20 20 20 20 65 6c 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 6b 65 79 75 70 27 2c 20 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0a 20 20 20 20 20 20 69 66 20 28 65 2e 6b 65 79 43 6f 64 65 20 3d 3d 3d 20 45 53 43 41 50 45 29 20 7b 0a 20 20 20 20 20 20 20 20 63 6c 6f 73 65 4e 61 76 69 67 61 74 69 6f 6e 28 74 6f 67 67 6c 65 2c 20 74 68 69 73 29 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 7d 29 3b 0a 20 20 7d 29 3b 0a 0a 20 20 2f 2f 20 53 75 62 6d 69 74 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 20 66 6f 72 6d 20 69 6e 20 74 68 65 20 72 65 71 75 65 73 74 20 70 61 67 65 0a 20 20 76 61 72 20 72 65 71 75 65 73 74 4f 72 67 61 6e 69 73 61 74 69 6f 6e 53 65 6c 65 63 74 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 23 72 Data Ascii: el.addEventListener('keyup', function(e) { if (e.keyCode === ESCAPE) { closeNavigation(toggle, this); } }); }); // Submit organization form in the request page var requestOrganisationSelect = document.querySelector('#r
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 70 65 6f 66 20 6e 6f 74 69 66 69 63 61 74 69 6f 6e 45 6c 6d 2e 70 72 65 76 69 6f 75 73 45 6c 65 6d 65 6e 74 53 69 62 6c 69 6e 67 2e 66 6f 63 75 73 20 3d 3d 3d 20 22 66 75 6e 63 74 69 6f 6e 22 0a 20 20 29 20 7b 0a 20 20 20 20 6e 6f 74 69 66 69 63 61 74 69 6f 6e 45 6c 6d 2e 70 72 65 76 69 6f 75 73 45 6c 65 6d 65 6e 74 53 69 62 6c 69 6e 67 2e 66 6f 63 75 73 28 29 3b 0a 20 20 7d 0a 0a 20 20 2f 2f 20 44 72 6f 70 64 6f 77 6e 73 0a 20 20 0a 20 20 66 75 6e 63 74 69 6f 6e 20 44 72 6f 70 64 6f 77 6e 28 74 6f 67 67 6c 65 2c 20 6d 65 6e 75 29 20 7b 0a 20 20 20 20 74 68 69 73 2e 74 6f 67 67 6c 65 20 3d 20 74 6f 67 67 6c 65 3b 0a 20 20 20 20 74 68 69 73 2e 6d 65 6e 75 20 3d 20 6d 65 6e 75 3b 0a 0a 20 20 20 20 74 68 69 73 2e 6d 65 6e 75 50 6c 61 63 65 6d 65 6e 74 20 3d Data Ascii: peof notificationElm.previousElementSibling.focus === "function" ) { notificationElm.previousElementSibling.focus(); } // Dropdowns function Dropdown(toggle, menu) { this.toggle = toggle; this.menu = menu; this.menuPlacement =
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 2c 0a 20 20 20 20 20 20 20 20 62 6f 74 74 6f 6d 3a 20 72 65 63 74 2e 74 6f 70 20 3c 20 30 20 7c 7c 20 72 65 63 74 2e 74 6f 70 20 2b 20 72 65 63 74 2e 68 65 69 67 68 74 20 3e 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 0a 20 20 20 20 20 20 7d 3b 0a 0a 20 20 20 20 20 20 69 66 20 28 6f 76 65 72 66 6c 6f 77 2e 72 69 67 68 74 20 7c 7c 20 74 68 69 73 2e 6d 65 6e 75 50 6c 61 63 65 6d 65 6e 74 2e 65 6e 64 29 20 7b 0a 20 20 20 20 20 20 20 20 74 68 69 73 2e 6d 65 6e 75 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 22 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 65 6e 64 22 29 3b 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 69 66 20 28 6f 76 65 72 66 6c 6f 77 2e 62 6f 74 74 6f 6d 20 7c 7c 20 74 68 69 Data Ascii: window.innerWidth, bottom: rect.top < 0 \|\| rect.top + rect.height > window.innerHeight }; if (overflow.right \|\| this.menuPlacement.end) { this.menu.classList.add("dropdown-menu-end"); } if (overflow.bottom \|\| thi
2024-09-27 23:47:52 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 74 68 69 73 2e 6f 70 65 6e 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 74 68 69 73 2e 66 6f 63 75 73 4e 65 78 74 4d 65 6e 75 49 74 65 6d 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 62 72 65 61 6b 3b 0a 20 20 20 20 20 20 20 20 63 61 73 65 20 55 50 3a 0a 20 20 20 20 20 20 20 20 20 20 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 74 68 69 73 2e 6f 70 65 6e 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 74 68 69 73 2e 66 6f 63 75 73 50 72 65 76 69 6f 75 73 4d 65 6e 75 49 74 65 6d 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 62 72 65 61 6b 3b 0a 20 20 20 20 20 20 20 20 63 61 73 65 20 45 53 43 41 50 45 3a 0a 20 20 20 20 20 20 20 20 20 20 74 68 69 73 2e 64 69 73 6d 69 73 73 28 29 3b 0a 20 20 20 20 20 Data Ascii: this.open(); this.focusNextMenuItem(); break; case UP: e.preventDefault(); this.open(); this.focusPreviousMenuItem(); break; case ESCAPE: this.dismiss();

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
142	192.168.2.7	49932	104.18.70.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:53 UTC	561	OUT	GET /hc/assets/en-us.99b0131b1f198c72c323.js HTTP/1.1 Host: static.zdassets.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:53 UTC	1146	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:53 GMT Content-Type: application/javascript Content-Length: 216255 Connection: close x-amz-id-2: Rw+wmmGyVzIB6V3IJe/m8vPnbOhUvNVJnjMA9eMbM+P8DJRhW8HT8YjBtQEQPeMK4itPjmoI+Sr87usWxHTMT2I0pkESoWPG x-amz-request-id: 41PT1B2F0KMYZFQA x-amz-replication-status: COMPLETED Last-Modified: Wed, 25 Sep 2024 15:08:58 GMT ETag: "99b0131b1f198c72c3231a8b78504a0a" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=604800 x-amz-version-id: wDlOKQIniUXfkEQtyen3MnR8GDaaBi0Y CF-Cache-Status: HIT Age: 203788 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6mQWcnJDyocYEvE2FLUM%2FemXG%2FvhjB96em8ZjvXTHe0xCVJcO7bS6mYoVwsHhKKFza98HxK5AikbNx%2FdXkl2suXrKyGgDZRwxFTZB1sDRCp%2FJHvZ9tDP38PyEgh8zLwQBy9cgI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f61a14d025e7f-EWR
2024-09-27 23:47:53 UTC	223	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 77 69 6e 64 6f 77 2e 49 31 38 4e 3d 77 69 6e 64 6f 77 2e 49 31 38 4e 7c 7c 7b 7d 3b 76 61 72 20 65 2c 74 3d 7b 6c 6f 63 61 6c 65 3a 22 65 6e 2d 75 73 22 2c 64 69 72 65 63 74 69 6f 6e 3a 22 6c 74 72 22 2c 74 72 61 6e 73 6c 61 74 69 6f 6e 73 3a 7b 22 61 63 74 69 76 65 6d 6f 64 65 6c 2e 61 74 74 72 69 62 75 74 65 73 2e 72 65 71 75 65 73 74 2e 61 6e 6f 6e 79 6d 6f 75 73 5f 72 65 71 75 65 73 74 65 72 5f 65 6d 61 69 6c 22 3a 22 41 6e 6f 6e 79 6d 6f 75 73 20 72 65 71 75 65 73 74 65 72 20 65 6d 61 69 6c 3a 22 2c 22 61 63 74 69 76 65 6d 6f 64 65 6c 2e 61 74 74 72 69 62 75 74 65 73 2e 72 65 71 75 65 73 74 2e 72 65 63 61 70 74 63 68 61 Data Ascii: !function(){window.I18N=window.I18N\|\|{};var e,t={locale:"en-us",direction:"ltr",translations:{"activemodel.attributes.request.anonymous_requester_email":"Anonymous requester email:","activemodel.attributes.request.recaptcha
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 22 3a 22 52 65 63 61 70 74 63 68 61 3a 22 2c 22 61 63 74 69 76 65 6d 6f 64 65 6c 2e 65 72 72 6f 72 73 2e 6d 6f 64 65 6c 73 2e 74 6f 70 69 63 5f 66 6f 72 6d 2e 61 74 74 72 69 62 75 74 65 73 2e 62 61 73 65 2e 74 6f 70 69 63 5f 6c 69 6d 69 74 22 3a 22 59 6f 75 20 68 61 76 65 20 72 65 61 63 68 65 64 20 74 68 65 20 6d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 74 6f 70 69 63 73 20 66 6f 72 20 79 6f 75 72 20 61 63 63 6f 75 6e 74 3a 20 25 7b 74 6f 70 69 63 5f 6c 69 6d 69 74 7d 22 2c 22 61 63 74 69 76 65 72 65 63 6f 72 64 2e 61 74 74 72 69 62 75 74 65 73 2e 63 6f 6d 6d 65 6e 74 2e 62 6f 64 79 22 3a 22 43 6f 6d 6d 65 6e 74 3a 22 2c 22 61 63 74 69 76 65 72 65 63 6f 72 64 2e 61 74 74 72 69 62 75 74 65 73 2e 63 6f 6d 6d 75 6e 69 74 79 5f 63 6f 6d 6d 65 6e 74 Data Ascii: ":"Recaptcha:","activemodel.errors.models.topic_form.attributes.base.topic_limit":"You have reached the maximum number of topics for your account: %{topic_limit}","activerecord.attributes.comment.body":"Comment:","activerecord.attributes.community_comment
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 65 63 6f 72 64 2e 65 72 72 6f 72 73 2e 6d 6f 64 65 6c 73 2e 75 73 65 72 5f 73 65 67 6d 65 6e 74 2e 61 74 74 72 69 62 75 74 65 73 2e 67 72 6f 75 70 5f 72 65 73 74 72 69 63 74 69 6f 6e 73 2e 6e 6f 74 5f 6f 6e 5f 73 61 6d 65 5f 61 63 63 6f 75 6e 74 22 3a 22 63 6f 75 6c 64 20 6e 6f 74 20 66 69 6e 64 20 6f 6e 65 20 6f 72 20 6d 6f 72 65 20 6f 66 20 74 68 65 20 73 70 65 63 69 66 69 65 64 20 67 72 6f 75 70 73 22 2c 22 61 63 74 69 76 65 72 65 63 6f 72 64 2e 65 72 72 6f 72 73 2e 6d 6f 64 65 6c 73 2e 75 73 65 72 5f 73 65 67 6d 65 6e 74 2e 61 74 74 72 69 62 75 74 65 73 2e 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 5f 72 65 73 74 72 69 63 74 69 6f 6e 73 2e 69 6e 76 61 6c 69 64 5f 72 65 73 74 72 69 63 74 69 6f 6e 73 5f 66 6f 72 5f 75 73 65 72 5f 74 79 70 65 22 3a 22 6f 72 67 Data Ascii: ecord.errors.models.user_segment.attributes.group_restrictions.not_on_same_account":"could not find one or more of the specified groups","activerecord.errors.models.user_segment.attributes.organization_restrictions.invalid_restrictions_for_user_type":"org
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 67 22 3a 22 46 69 6c 65 20 74 6f 6f 20 62 69 67 22 2c 22 65 72 72 6f 72 73 2e 66 6f 72 6d 61 74 22 3a 22 25 7b 61 74 74 72 69 62 75 74 65 7d 20 25 7b 6d 65 73 73 61 67 65 7d 22 2c 22 65 72 72 6f 72 73 2e 6d 65 73 73 61 67 65 73 2e 61 63 63 65 73 73 5f 70 6f 6c 69 63 79 2e 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 5f 72 65 73 74 72 69 63 74 69 6f 6e 73 2e 6e 65 77 5f 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 5f 72 65 73 74 72 69 63 74 69 6f 6e 73 5f 6e 6f 74 5f 61 6c 6c 6f 77 65 64 5f 62 79 5f 70 6c 61 6e 22 3a 22 59 6f 75 72 20 70 6c 61 6e 20 64 6f 65 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 20 74 68 69 73 20 66 65 61 74 75 72 65 2e 20 59 6f 75 20 63 61 6e 6e 6f 74 20 61 64 64 20 6e 65 77 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 20 72 65 73 74 72 69 63 74 69 6f 6e 73 2e Data Ascii: g":"File too big","errors.format":"%{attribute} %{message}","errors.messages.access_policy.organization_restrictions.new_organization_restrictions_not_allowed_by_plan":"Your plan does not support this feature. You cannot add new organization restrictions.
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 64 5f 61 74 74 61 63 68 6d 65 6e 74 73 5f 65 78 70 69 72 65 64 22 3a 22 55 70 6c 6f 61 64 65 64 20 61 74 74 61 63 68 6d 65 6e 74 73 20 65 78 70 69 72 65 64 2e 20 50 6c 65 61 73 65 20 72 65 6d 6f 76 65 20 74 68 65 20 61 74 74 61 63 68 6d 65 6e 74 73 20 61 6e 64 20 72 65 75 70 6c 6f 61 64 20 74 68 65 6d 20 62 65 66 6f 72 65 20 73 75 62 6d 69 74 74 69 6e 67 20 61 67 61 69 6e 2e 22 2c 22 65 72 72 6f 72 73 2e 6d 65 73 73 61 67 65 73 2e 73 61 6d 65 5f 61 63 63 6f 75 6e 74 22 3a 22 64 6f 65 73 20 6e 6f 74 20 62 65 6c 6f 6e 67 20 74 6f 20 61 20 76 61 6c 69 64 20 61 63 63 6f 75 6e 74 22 2c 22 68 65 6c 70 65 72 73 2e 73 65 6c 65 63 74 2e 70 72 6f 6d 70 74 22 3a 22 50 6c 65 61 73 65 20 73 65 6c 65 63 74 22 2c 22 68 65 6c 70 65 72 73 2e 73 75 62 6d 69 74 2e 63 72 65 Data Ascii: d_attachments_expired":"Uploaded attachments expired. Please remove the attachments and reupload them before submitting again.","errors.messages.same_account":"does not belong to a valid account","helpers.select.prompt":"Please select","helpers.submit.cre
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 22 2c 22 6e 75 6d 62 65 72 2e 68 75 6d 61 6e 2e 73 74 6f 72 61 67 65 5f 75 6e 69 74 73 2e 75 6e 69 74 73 2e 62 79 74 65 2e 6f 6e 65 22 3a 22 42 79 74 65 22 2c 22 6e 75 6d 62 65 72 2e 68 75 6d 61 6e 2e 73 74 6f 72 61 67 65 5f 75 6e 69 74 73 2e 75 6e 69 74 73 2e 62 79 74 65 2e 6f 74 68 65 72 22 3a 22 42 79 74 65 73 22 2c 22 6e 75 6d 62 65 72 2e 68 75 6d 61 6e 2e 73 74 6f 72 61 67 65 5f 75 6e 69 74 73 2e 75 6e 69 74 73 2e 67 62 22 3a 22 47 42 22 2c 22 6e 75 6d 62 65 72 2e 68 75 6d 61 6e 2e 73 74 6f 72 61 67 65 5f 75 6e 69 74 73 2e 75 6e 69 74 73 2e 6b 62 22 3a 22 4b 42 22 2c 22 6e 75 6d 62 65 72 2e 68 75 6d 61 6e 2e 73 74 6f 72 61 67 65 5f 75 6e 69 74 73 2e 75 6e 69 74 73 2e 6d 62 22 3a 22 4d 42 22 2c 22 6e 75 6d 62 65 72 2e 68 75 6d 61 6e 2e 73 74 6f 72 61 Data Ascii: ","number.human.storage_units.units.byte.one":"Byte","number.human.storage_units.units.byte.other":"Bytes","number.human.storage_units.units.gb":"GB","number.human.storage_units.units.kb":"KB","number.human.storage_units.units.mb":"MB","number.human.stora
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 65 73 2e 6f 74 68 65 72 22 3a 22 54 72 61 6e 73 6c 61 74 69 6f 6e 20 6c 6f 63 61 6c 65 20 76 61 6c 75 65 73 20 28 25 7b 76 61 6c 75 65 73 7d 29 20 61 72 65 20 69 6e 76 61 6c 69 64 20 66 6f 72 20 74 68 69 73 20 48 65 6c 70 20 43 65 6e 74 65 72 2e 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 61 72 74 69 63 6c 65 2e 65 72 72 6f 72 2e 6d 69 73 73 69 6e 67 5f 70 65 72 6d 69 73 73 69 6f 6e 5f 67 72 6f 75 70 5f 69 64 22 3a 22 59 6f 75 20 6d 75 73 74 20 70 72 6f 76 69 64 65 20 70 65 72 6d 69 73 73 69 6f 6e 5f 67 72 6f 75 70 5f 69 64 2e 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 61 72 74 69 63 6c 65 2e 65 72 72 6f 72 2e 6d 69 73 73 69 6e 67 5f 75 73 65 72 5f 73 65 67 6d 65 6e 74 5f 69 64 22 3a 22 59 6f 75 20 6d 75 73 74 20 70 72 6f 76 69 Data Ascii: es.other":"Translation locale values (%{values}) are invalid for this Help Center.","txt.help_center.article.error.missing_permission_group_id":"You must provide permission_group_id.","txt.help_center.article.error.missing_user_segment_id":"You must provi
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 69 6d 65 2e 64 22 3a 22 31 20 64 61 79 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 61 73 73 65 74 73 2e 6a 61 76 61 73 63 72 69 70 74 73 2e 6d 6f 6d 65 6e 74 2e 72 65 6c 61 74 69 76 65 5f 74 69 6d 65 2e 64 64 22 3a 22 25 64 20 64 61 79 73 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 61 73 73 65 74 73 2e 6a 61 76 61 73 63 72 69 70 74 73 2e 6d 6f 6d 65 6e 74 2e 72 65 6c 61 74 69 76 65 5f 74 69 6d 65 2e 66 75 74 75 72 65 22 3a 22 69 6e 20 25 73 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 61 73 73 65 74 73 2e 6a 61 76 61 73 63 72 69 70 74 73 2e 6d 6f 6d 65 6e 74 2e 72 65 6c 61 74 69 76 65 5f 74 69 6d 65 2e 68 22 3a 22 31 20 68 6f 75 72 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 61 73 73 65 74 73 2e 6a 61 76 Data Ascii: ime.d":"1 day","txt.help_center.assets.javascripts.moment.relative_time.dd":"%d days","txt.help_center.assets.javascripts.moment.relative_time.future":"in %s","txt.help_center.assets.javascripts.moment.relative_time.h":"1 hour","txt.help_center.assets.jav
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 22 3a 22 45 6e 74 65 72 20 61 20 76 61 6c 69 64 20 65 6d 61 69 6c 20 61 64 64 72 65 73 73 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 63 6f 6e 74 61 63 74 5f 64 65 74 61 69 6c 73 5f 6d 6f 64 61 6c 2e 61 64 64 45 6d 61 69 6c 42 75 74 74 6f 6e 2e 6c 61 62 65 6c 22 3a 22 41 64 64 20 65 6d 61 69 6c 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 63 6f 6e 74 61 63 74 5f 64 65 74 61 69 6c 73 5f 6d 6f 64 61 6c 2e 61 64 64 50 68 6f 6e 65 42 75 74 74 6f 6e 2e 6c 61 62 65 6c 22 3a 22 41 64 64 20 70 68 6f 6e 65 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 63 6f 6e 74 61 63 74 5f 64 65 74 61 69 6c 73 5f 6d 6f 64 61 6c 2e 61 64 64 50 68 6f 6e 65 4e 75 6d 62 65 72 46 69 65 6c 64 2e 6c 61 62 65 6c 22 3a 22 41 64 64 20 70 68 6f 6e 65 20 Data Ascii: ":"Enter a valid email address","txt.help_center.contact_details_modal.addEmailButton.label":"Add email","txt.help_center.contact_details_modal.addPhoneButton.label":"Add phone","txt.help_center.contact_details_modal.addPhoneNumberField.label":"Add phone
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 61 63 68 65 64 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 63 6f 6e 74 61 63 74 5f 64 65 74 61 69 6c 73 5f 6d 6f 64 61 6c 2e 65 6d 61 69 6c 56 65 72 69 66 69 63 61 74 69 6f 6e 41 6c 65 72 74 2e 62 6f 64 79 22 3a 22 41 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 65 6d 61 69 6c 20 77 61 73 20 73 65 6e 74 20 74 6f 20 7b 7b 65 6d 61 69 6c 5f 61 64 64 72 65 73 73 7d 7d 2e 20 49 66 20 79 6f 75 20 64 6f 6e 27 74 20 73 65 65 20 69 74 2c 20 63 68 65 63 6b 20 79 6f 75 72 20 73 70 61 6d 20 6f 72 20 7b 7b 23 72 65 73 65 6e 64 5f 6c 69 6e 6b 7d 7d 72 65 73 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 7b 7b 2f 72 65 73 65 6e 64 5f 6c 69 6e 6b 7d 7d 2e 22 2c 22 74 78 74 2e 68 65 6c 70 5f 63 65 6e 74 65 72 2e 63 6f 6e 74 61 63 74 5f 64 65 74 61 69 6c 73 5f Data Ascii: ached","txt.help_center.contact_details_modal.emailVerificationAlert.body":"A verification email was sent to {{email_address}}. If you don't see it, check your spam or {{#resend_link}}resend verification{{/resend_link}}.","txt.help_center.contact_details_

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
143	192.168.2.7	49930	35.190.80.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:53 UTC	480	OUT	POST /report/v4?s=NIKWRz%2BMSr2GLls2dpMrtsIsW2CuueKbRJKFHQC6Tzm5cUVxOcIeaGwAtddOFlUvBMnDhBkXDeu0q01Fl28FRQohXc8Mr6RD3PwgbQy5fVS1vQbwzaIkwTn1KexA%2Beanc2tYzvg%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 433 Content-Type: application/reports+json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:53 UTC	433	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 35 30 33 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 30 34 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 32 31 36 2e 31 39 38 2e 35 33 2e 31 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 63 6f 64 61 70 61 Data Ascii: [{"age":503,"body":{"elapsed_time":1049,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"216.198.53.1","status_code":404,"type":"http.error"},"type":"network-error","url":"https://support.codapa
2024-09-27 23:47:53 UTC	168	IN	HTTP/1.1 200 OK Content-Length: 0 date: Fri, 27 Sep 2024 23:47:53 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
144	192.168.2.7	49931	216.198.53.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:53 UTC	824	OUT	GET /hc/theming_assets/01HZKT0CF0E8BFEJ2QCVF3XY2M HTTP/1.1 Host: support.codapay.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://support.codapay.com/hc/en-us/categories/360000012223-Indonesia Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cfruid=a13c32e0de1962d3df24a02ecf7910a294c00cb2-1727480871; _cfuvid=FRU1_yJddr_OM4BIeB4.VZvjB.yUHY_0Cc.WD7PtkqU-1727480871383-0.0.1.1-604800000
2024-09-27 23:47:53 UTC	1285	IN	HTTP/1.1 403 Forbidden Date: Fri, 27 Sep 2024 23:47:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() Referrer-Policy: same-origin X-Content-Options: nosniff X-Frame-Options: SAMEORIGIN cf-mitigated: challenge
2024-09-27 23:47:53 UTC	716	IN	Data Raw: 63 66 2d 63 68 6c 2d 6f 75 74 3a 20 69 78 41 7a 39 55 64 43 68 74 33 67 48 34 76 69 7a 38 33 6e 73 6f 36 47 63 45 4a 64 2b 67 6f 7a 50 79 70 6a 74 6c 42 67 33 69 55 54 78 6e 43 72 72 43 48 5a 79 46 35 38 31 73 55 72 47 68 73 6c 75 30 5a 61 74 6f 34 47 57 7a 34 58 6a 69 33 58 37 44 53 61 6e 6d 79 7a 49 42 44 53 41 6d 34 42 54 62 43 61 50 74 4f 42 45 2f 6b 65 45 6d 32 6c 78 69 30 39 62 51 68 33 74 56 33 6e 31 78 2b 46 72 36 50 48 67 39 2b 4a 75 37 55 37 32 4d 52 6f 48 66 76 44 61 67 3d 3d 24 45 6f 74 44 54 4f 75 53 4e 74 34 42 78 6a 56 54 75 79 31 2f 57 41 3d 3d 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 70 72 69 76 61 74 65 2c 20 6d 61 78 2d 61 67 65 3d 30 2c 20 6e 6f 2d 73 74 6f 72 65 2c 20 6e 6f 2d 63 61 63 68 65 2c 20 6d 75 73 74 2d 72 65 76 61 Data Ascii: cf-chl-out: ixAz9UdCht3gH4viz83nso6GcEJd+gozPypjtlBg3iUTxnCrrCHZyF581sUrGhslu0Zato4GWz4Xji3X7DSanmyzIBDSAm4BTbCaPtOBE/keEm2lxi09bQh3tV3n1x+Fr6PHg9+Ju7U72MRoHfvDag==$EotDTOuSNt4BxjVTuy1/WA==Cache-Control: private, max-age=0, no-store, no-cache, must-reva
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 32 37 34 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d Data Ascii: 2744<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><meta name="robots" content="noindex,nofollow"><meta name=
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 75 4d 7a 67 34 4c 6a 51 77 4e 79 34 7a 4f 44 6b 75 4e 44 41 33 4c 6a 6b 35 4e 43 41 77 49 43 34 31 4f 54 59 74 4c 6a 51 77 4e 79 34 35 4f 44 51 74 4c 6a 4d 35 4e 79 34 7a 4f 53 30 78 4c 6a 41 31 4e 79 34 7a 4f 44 6b 74 4c 6a 59 31 49 44 41 74 4d 53 34 77 4e 54 59 74 4c 6a 4d 34 4f 53 30 75 4d 7a 6b 34 4c 53 34 7a 4f 44 6b 74 4c 6a 4d 35 4f 43 30 75 4f 54 67 30 49 44 41 74 4c 6a 55 35 4e 79 34 7a 4f 54 67 74 4c 6a 6b 34 4e 53 34 30 4d 44 59 74 4c 6a 4d 35 4e 79 41 78 4c 6a 41 31 4e 69 30 75 4d 7a 6b 33 49 69 38 2b 50 43 39 7a 64 6d 63 2b 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 6e 74 61 69 6e 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 33 34 70 78 7d 40 6d Data Ascii: uMzg4LjQwNy4zODkuNDA3Ljk5NCAwIC41OTYtLjQwNy45ODQtLjM5Ny4zOS0xLjA1Ny4zODktLjY1IDAtMS4wNTYtLjM4OS0uMzk4LS4zODktLjM5OC0uOTg0IDAtLjU5Ny4zOTgtLjk4NS40MDYtLjM5NyAxLjA1Ni0uMzk3Ii8+PC9zdmc+);background-repeat:no-repeat;background-size:contain;padding-left:34px}@m
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 74 4e 61 67 37 47 66 58 75 62 73 53 50 69 64 75 39 5a 47 4a 30 6f 57 38 56 6f 31 64 63 71 4e 46 43 79 39 4f 71 71 64 4f 53 51 70 48 4e 43 30 70 64 5f 4f 72 47 69 5a 58 42 55 5f 69 69 33 43 30 57 4d 6f 46 64 4c 7a 36 57 31 31 6a 36 66 4c 36 41 36 4b 6c 6f 63 61 36 47 54 77 65 49 6c 32 6f 55 6f 74 6b 6d 66 30 44 4e 58 75 31 47 48 32 4e 66 73 47 70 5f 6b 38 30 77 53 4f 38 63 41 4a 68 36 51 51 57 46 66 57 6e 77 52 74 77 74 79 43 5f 63 4e 64 59 65 71 73 49 34 4c 77 52 56 52 79 6c 66 69 57 2e 32 4f 50 6a 6e 43 47 46 6d 6a 72 55 66 66 54 34 6a 31 6b 6e 54 6f 71 78 43 73 4f 68 38 52 6f 65 38 34 62 71 6f 68 66 45 61 69 61 4e 4a 66 55 5a 64 70 6c 6a 78 4b 55 67 61 53 31 53 32 7a 30 38 38 6f 66 4a 4c 61 43 51 69 74 7a 39 47 52 74 59 67 6c 58 31 68 37 47 35 55 41 54 Data Ascii: tNag7GfXubsSPidu9ZGJ0oW8Vo1dcqNFCy9OqqdOSQpHNC0pd_OrGiZXBU_ii3C0WMoFdLz6W11j6fL6A6Kloca6GTweIl2oUotkmf0DNXu1GH2NfsGp_k80wSO8cAJh6QQWFfWnwRtwtyC_cNdYeqsI4LwRVRylfiW.2OPjnCGFmjrUffT4j1knToqxCsOh8Roe84bqohfEaiaNJfUZdpljxKUgaS1S2z088ofJLaCQitz9GRtYglX1h7G5UAT
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 64 5f 69 4f 63 32 59 36 50 52 7a 68 68 68 43 65 6b 69 4f 79 34 74 64 53 4e 66 70 64 6e 51 6c 5f 58 48 39 6f 4f 30 35 4c 49 74 74 59 68 68 38 4f 43 31 65 4e 39 5f 6b 50 5f 64 38 70 44 37 41 50 6d 33 70 45 79 54 74 43 79 43 69 5a 42 52 39 43 68 74 47 78 49 32 62 39 59 5a 43 6b 43 45 65 52 37 71 2e 32 50 75 39 72 73 34 61 68 42 53 44 38 4f 37 69 69 50 4f 5a 5f 4e 65 37 6e 69 38 68 67 53 59 49 64 33 50 6d 49 35 75 47 6e 67 30 46 44 78 38 43 35 42 45 6f 74 6a 43 6c 5a 6e 63 78 79 61 31 37 52 72 4a 41 4b 61 63 73 59 4b 41 66 6c 32 38 76 69 4f 51 77 71 55 77 66 42 33 37 59 48 74 4e 55 33 4d 4c 64 74 2e 77 68 46 67 43 63 78 52 56 32 48 75 78 50 6f 6c 6b 4a 35 78 70 53 66 44 32 66 37 4c 4a 6a 73 54 6f 42 35 70 50 56 56 38 79 64 4e 4e 61 6f 50 33 72 79 63 76 48 4c Data Ascii: d_iOc2Y6PRzhhhCekiOy4tdSNfpdnQl_XH9oO05LIttYhh8OC1eN9_kP_d8pD7APm3pEyTtCyCiZBR9ChtGxI2b9YZCkCEeR7q.2Pu9rs4ahBSD8O7iiPOZ_Ne7ni8hgSYId3PmI5uGng0FDx8C5BEotjClZncxya17RrJAKacsYKAfl28viOQwqUwfB37YHtNU3MLdt.whFgCcxRV2HuxPolkJ5xpSfD2f7LJjsToB5pPVV8ydNNaoP3rycvHL
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 41 65 43 46 43 33 55 69 63 47 35 5f 68 51 32 56 76 48 74 4e 6a 41 48 70 50 57 72 48 6a 6a 77 48 61 75 53 45 77 65 38 4d 5f 38 61 46 68 4c 4c 55 32 62 66 68 6a 78 6a 55 6b 78 64 5f 36 51 51 6d 5f 62 6f 33 48 4e 61 75 6e 49 4b 6a 72 6b 50 4b 56 4f 5f 30 53 30 38 48 75 65 53 4f 46 5a 69 57 69 49 33 36 33 45 71 71 2e 68 30 67 5a 63 30 58 78 30 35 69 63 32 54 45 41 78 51 56 65 62 33 6b 6b 32 4d 4b 36 4b 6d 65 38 4f 73 49 32 79 70 42 4d 61 35 41 41 5a 55 75 37 6a 62 56 6f 52 66 31 45 70 61 36 6b 31 69 4c 43 66 58 38 66 66 70 6e 47 6a 6b 64 54 36 37 6a 6c 78 49 4a 59 39 37 49 33 45 33 4d 77 37 44 4e 78 77 64 69 55 31 38 54 46 50 56 44 51 4c 47 64 58 68 41 6f 64 68 66 7a 2e 4a 33 70 34 67 74 6b 53 45 76 46 4b 66 30 44 51 47 70 50 71 4d 43 39 34 73 79 76 73 43 6f Data Ascii: AeCFC3UicG5_hQ2VvHtNjAHpPWrHjjwHauSEwe8M_8aFhLLU2bfhjxjUkxd_6QQm_bo3HNaunIKjrkPKVO_0S08HueSOFZiWiI363Eqq.h0gZc0Xx05ic2TEAxQVeb3kk2MK6Kme8OsI2ypBMa5AAZUu7jbVoRf1Epa6k1iLCfX8ffpnGjkdT67jlxIJY97I3E3Mw7DNxwdiU18TFPVDQLGdXhAodhfz.J3p4gtkSEvFKf0DQGpPqMC94syvsCo
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 5f 6a 4b 6d 72 66 71 34 76 78 67 30 53 30 42 66 62 6d 6d 5f 5a 42 58 78 55 55 35 68 71 4e 2e 30 65 70 44 43 38 35 49 4e 49 76 45 4c 77 4d 6d 35 45 43 76 6d 52 63 57 57 30 59 5a 56 4b 58 56 4c 61 75 42 62 4b 5a 68 45 46 4f 78 35 4b 53 67 44 2e 62 6b 33 47 72 72 56 38 74 35 5f 6e 64 33 33 4c 79 65 63 59 65 77 6f 39 4e 6d 79 59 45 37 59 78 6a 39 34 54 6a 71 75 58 6c 47 51 75 4d 67 6b 2e 57 78 47 74 53 6c 37 4f 48 34 51 4f 67 34 6c 37 59 7a 76 48 63 61 33 4b 50 61 6c 39 70 74 43 34 65 2e 48 37 43 67 35 57 6e 65 66 6d 53 42 72 37 39 6d 38 6d 5a 31 38 63 75 41 4d 72 76 64 77 51 54 54 57 6f 76 36 46 77 47 75 72 5f 63 54 44 69 72 71 68 33 39 74 77 35 45 79 61 55 59 6f 5f 44 64 4c 46 65 32 4b 30 44 52 67 7a 68 73 79 6c 32 56 4c 57 6e 53 34 69 5a 6c 6f 42 38 5a 58 Data Ascii: _jKmrfq4vxg0S0Bfbmm_ZBXxUU5hqN.0epDC85INIvELwMm5ECvmRcWW0YZVKXVLauBbKZhEFOx5KSgD.bk3GrrV8t5_nd33LyecYewo9NmyYE7Yxj94TjquXlGQuMgk.WxGtSl7OH4QOg4l7YzvHca3KPal9ptC4e.H7Cg5WnefmSBr79m8mZ18cuAMrvdwQTTWov6FwGur_cTDirqh39tw5EyaUYo_DdLFe2K0DRgzhsyl2VLWnS4iZloB8ZX
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 68 63 6d 6b 76 4e 54 4d 33 4c 6a 4d 32 27 2c 64 3a 20 27 54 78 4e 74 68 69 55 52 67 34 50 41 37 61 38 6c 46 4b 31 62 43 70 57 30 47 43 39 54 58 4f 36 67 4e 2f 35 66 45 6b 76 46 70 4b 70 73 47 4f 34 4b 54 6a 6a 46 79 54 74 46 72 58 78 31 37 43 56 38 5a 34 63 6d 6e 6c 33 45 67 54 51 6c 46 75 32 79 4c 52 67 44 6a 30 54 6d 2b 56 30 66 74 4f 78 58 33 6f 6b 46 45 66 30 6b 42 45 53 33 38 79 6c 34 38 41 74 36 62 35 62 41 6f 66 6e 54 30 67 31 71 53 49 54 44 5a 6a 61 61 35 50 55 33 45 68 46 48 44 6b 72 6a 44 7a 6c 30 47 75 61 37 49 2b 34 52 38 2f 33 65 78 70 52 56 70 62 4b 69 4c 71 6f 39 64 4e 57 4b 64 59 4d 53 6c 72 58 74 77 2b 4e 49 57 64 75 48 51 38 52 69 4b 69 72 71 68 79 39 35 6d 38 6d 33 33 65 4c 39 66 4c 55 68 34 53 78 65 77 67 7a 31 33 71 74 68 34 44 67 37 Data Ascii: hcmkvNTM3LjM2',d: 'TxNthiURg4PA7a8lFK1bCpW0GC9TXO6gN/5fEkvFpKpsGO4KTjjFyTtFrXx17CV8Z4cmnl3EgTQlFu2yLRgDj0Tm+V0ftOxX3okFEf0kBES38yl48At6b5bAofnT0g1qSITDZjaa5PU3EhFHDkrjDzl0Gua7I+4R8/3expRVpbKiLqo9dNWKdYMSlrXtw+NIWduHQ8RiKirqhy95m8m33eL9fLUh4Sxewgz13qth4Dg7
2024-09-27 23:47:53 UTC	477	IN	Data Raw: 6f 72 79 20 26 26 20 77 69 6e 64 6f 77 2e 68 69 73 74 6f 72 79 2e 72 65 70 6c 61 63 65 53 74 61 74 65 29 20 7b 76 61 72 20 6f 67 55 20 3d 20 6c 6f 63 61 74 69 6f 6e 2e 70 61 74 68 6e 61 6d 65 20 2b 20 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 51 75 65 72 79 20 2b 20 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 48 61 73 68 3b 68 69 73 74 6f 72 79 2e 72 65 70 6c 61 63 65 53 74 61 74 65 28 6e 75 6c 6c 2c 20 6e 75 6c 6c 2c 20 22 5c 2f 68 63 5c 2f 74 68 65 6d 69 6e 67 5f 61 73 73 65 74 73 5c 2f 30 31 48 5a 4b 54 30 43 46 30 45 38 42 46 45 4a 32 51 43 56 46 33 58 59 32 4d 3f 5f 5f 63 66 5f 63 68 6c 5f 72 74 5f 74 6b 3d 57 6e 6c 64 47 6e 64 77 43 34 39 33 51 36 75 49 66 36 75 73 62 53 4a 36 58 73 64 75 37 51 69 Data Ascii: ory && window.history.replaceState) {var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;history.replaceState(null, null, "\/hc\/theming_assets\/01HZKT0CF0E8BFEJ2QCVF3XY2M?__cf_chl_rt_tk=WnldGndwC493Q6uIf6usbSJ6Xsdu7Qi
2024-09-27 23:47:53 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
145	192.168.2.7	49933	104.18.70.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:53 UTC	574	OUT	GET /hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js HTTP/1.1 Host: static.zdassets.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:53 UTC	1117	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:53 GMT Content-Type: application/javascript Content-Length: 24274 Connection: close x-amz-id-2: yXeTqWKKYuLEqtBgP57M0YM1VkmYdCEHImH5NeXthvtIj1Kld5S6dLkhdRR9+ut7C6KJRVmEmF0= x-amz-request-id: 3FRTWH6M7H3PQRCH x-amz-replication-status: COMPLETED Last-Modified: Thu, 21 Mar 2024 14:12:11 GMT ETag: "e1ae1e8e526e50ac4d8ce91396726097" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=604800 x-amz-version-id: XoC5vTL1yAIftJ6P14CXitdiTtXTWRsZ CF-Cache-Status: HIT Age: 198285 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOkPPlvTe7G8RDGTHN3AIcnhjJIjnXLH5GGYighPSgD0wwzlhCyhqmzlOJPg5HFSNclSSlANDOckFvpqKm1kvUFu7AQMI7xMbg6WGRTG1XkftQIuBTqqAQpuXpNRtrQpSDW59wk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f61a3eec24400-EWR
2024-09-27 23:47:53 UTC	252	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 6e 2c 73 3d 4d 61 74 68 2e 72 6f 75 6e 64 2c 72 3d 7b 7d 2c 69 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 2c 61 3d 2f 5e 5c 2f 3f 44 61 74 65 5c 28 28 5c 2d 3f 5c 64 2b 29 2f 69 2c 6f 3d 2f 28 5c 2d 29 3f 28 3f 3a 28 5c 64 2a 29 5c 2e 29 3f 28 5c 64 2b 29 5c 3a 28 5c 64 2b 29 28 3f 3a 5c 3a 28 5c 64 2b 29 5c 2e 3f 28 5c 64 7b 33 7d 29 3f 29 3f 2f 2c 75 3d 2f 5e 28 2d 29 3f 50 28 3f 3a 28 3f 3a 28 5b 30 2d 39 2c 2e 5d 2a 29 59 29 3f 28 3f 3a 28 5b 30 2d 39 2c 2e 5d 2a 29 4d 29 3f 28 3f 3a 28 5b 30 2d 39 2c 2e 5d 2a 29 44 29 3f 28 3f 3a 54 28 3f 3a 28 5b 30 2d 39 2c 2e 5d 2a 29 48 29 3f 28 3f 3a 28 5b 30 2d Data Ascii: (function(t){var e,n,s=Math.round,r={},i="undefined"!=typeof module&&module.exports,a=/^\/?Date\((\-?\d+)/i,o=/(\-)?(?:(\d)\.)?(\d+)\:(\d+)(?:\:(\d+)\.?(\d{3})?)?/,u=/^(-)?P(?:(?:([0-9,.])Y)?(?:([0-9,.])M)?(?:([0-9,.])D)?(?:T(?:([0-9,.]*)H)?(?:([0-
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 39 2c 2e 5d 2a 29 4d 29 3f 28 3f 3a 28 5b 30 2d 39 2c 2e 5d 2a 29 53 29 3f 29 3f 7c 28 5b 30 2d 39 2c 2e 5d 2a 29 57 29 24 2f 2c 68 3d 2f 28 5c 5b 5b 5e 5c 5b 5d 2a 5c 5d 29 7c 28 5c 5c 29 3f 28 4d 6f 7c 4d 4d 3f 4d 3f 4d 3f 7c 44 6f 7c 44 44 44 6f 7c 44 44 3f 44 3f 44 3f 7c 64 64 64 3f 64 3f 7c 64 6f 3f 7c 77 5b 6f 7c 77 5d 3f 7c 57 5b 6f 7c 57 5d 3f 7c 59 59 59 59 59 7c 59 59 59 59 7c 59 59 7c 67 67 28 67 67 67 3f 29 3f 7c 47 47 28 47 47 47 3f 29 3f 7c 65 7c 45 7c 61 7c 41 7c 68 68 3f 7c 48 48 3f 7c 6d 6d 3f 7c 73 73 3f 7c 53 7b 31 2c 34 7d 7c 58 7c 7a 7a 3f 7c 5a 5a 3f 7c 2e 29 2f 67 2c 64 3d 2f 28 5c 5b 5b 5e 5c 5b 5d 2a 5c 5d 29 7c 28 5c 5c 29 3f 28 4c 54 7c 4c 4c 3f 4c 3f 4c 3f 7c 6c 7b 31 2c 34 7d 29 2f 67 2c 63 3d 2f 5c 64 5c 64 3f 2f 2c 66 3d 2f Data Ascii: 9,.])M)?(?:([0-9,.])S)?)?\|([0-9,.])W)$/,h=/(\[[^\[]\])\|(\\)?(Mo\|MM?M?M?\|Do\|DDDo\|DD?D?D?\|ddd?d?\|do?\|w[o\|w]?\|W[o\|W]?\|YYYYY\|YYYY\|YY\|gg(ggg?)?\|GG(GGG?)?\|e\|E\|a\|A\|hh?\|HH?\|mm?\|ss?\|S{1,4}\|X\|zz?\|ZZ?\|.)/g,d=/(\[[^\[]*\])\|(\\)?(LT\|LL?L?L?\|l{1,4})/g,c=/\d\d?/,f=/
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 61 6e 67 28 29 2e 6d 6f 6e 74 68 73 53 68 6f 72 74 28 74 68 69 73 2c 74 29 7d 2c 4d 4d 4d 4d 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 61 6e 67 28 29 2e 6d 6f 6e 74 68 73 28 74 68 69 73 2c 74 29 7d 2c 44 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 64 61 74 65 28 29 7d 2c 44 44 44 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 64 61 79 4f 66 59 65 61 72 28 29 7d 2c 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 64 61 79 28 29 7d 2c 64 64 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 61 6e 67 28 29 2e 77 65 65 6b 64 61 79 73 4d 69 6e Data Ascii: :function(t){return this.lang().monthsShort(this,t)},MMMM:function(t){return this.lang().months(this,t)},D:function(){return this.date()},DDD:function(){return this.dayOfYear()},d:function(){return this.day()},dd:function(t){return this.lang().weekdaysMin
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 53 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5a 28 74 68 69 73 2e 6d 69 6c 6c 69 73 65 63 6f 6e 64 73 28 29 2c 33 29 7d 2c 5a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 2d 74 68 69 73 2e 7a 6f 6e 65 28 29 2c 65 3d 22 2b 22 3b 72 65 74 75 72 6e 20 74 3c 30 26 26 28 74 3d 2d 74 2c 65 3d 22 2d 22 29 2c 65 2b 5a 28 58 28 74 2f 36 30 29 2c 32 29 2b 22 3a 22 2b 5a 28 58 28 74 29 25 36 30 2c 32 29 7d 2c 5a 5a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 2d 74 68 69 73 2e 7a 6f 6e 65 28 29 2c 65 3d 22 2b 22 3b 72 65 74 75 72 6e 20 74 3c 30 26 26 28 74 3d 2d 74 2c 65 3d 22 2d 22 29 2c 65 2b 5a 28 58 28 31 30 2a 74 2f 36 29 2c 34 29 7d 2c 7a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 7a 6f 6e 65 41 62 Data Ascii: S:function(){return Z(this.milliseconds(),3)},Z:function(){var t=-this.zone(),e="+";return t<0&&(t=-t,e="-"),e+Z(X(t/60),2)+":"+Z(X(t)%60,2)},ZZ:function(){var t=-this.zone(),e="+";return t<0&&(t=-t,e="-"),e+Z(X(10*t/6),4)},z:function(){return this.zoneAb
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 73 29 2c 68 26 26 74 2e 6d 6f 6e 74 68 28 74 2e 6d 6f 6e 74 68 28 29 2b 68 2a 73 29 2c 6f 26 26 21 72 26 26 65 2e 75 70 64 61 74 65 4f 66 66 73 65 74 28 74 29 2c 28 75 7c 7c 68 29 26 26 28 74 2e 6d 69 6e 75 74 65 28 69 29 2c 74 2e 68 6f 75 72 28 61 29 29 7d 66 75 6e 63 74 69 6f 6e 20 45 28 74 29 7b 72 65 74 75 72 6e 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 3d 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 24 28 74 2c 65 2c 6e 29 7b 76 61 72 20 73 2c 72 3d 4d 61 74 68 2e 6d 69 6e 28 74 2e 6c 65 6e 67 74 68 2c 65 2e 6c 65 6e 67 74 68 29 2c 69 3d 4d 61 74 68 2e 61 62 73 28 74 2e 6c 65 6e 67 74 68 2d 65 2e 6c 65 6e 67 74 68 29 2c 61 3d 30 3b 66 6f 72 28 73 3d 30 3b Data Ascii: s),h&&t.month(t.month()+h*s),o&&!r&&e.updateOffset(t),(u\|\|h)&&(t.minute(i),t.hour(a))}function E(t){return"[object Array]"===Object.prototype.toString.call(t)}function $(t,e,n){var s,r=Math.min(t.length,e.length),i=Math.abs(t.length-e.length),a=0;for(s=0;
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 75 73 65 64 54 6f 6b 65 6e 73 3a 5b 5d 2c 75 6e 75 73 65 64 49 6e 70 75 74 3a 5b 5d 2c 6f 76 65 72 66 6c 6f 77 3a 2d 32 2c 63 68 61 72 73 4c 65 66 74 4f 76 65 72 3a 30 2c 6e 75 6c 6c 49 6e 70 75 74 3a 21 31 2c 69 6e 76 61 6c 69 64 4d 6f 6e 74 68 3a 6e 75 6c 6c 2c 69 6e 76 61 6c 69 64 46 6f 72 6d 61 74 3a 21 31 2c 75 73 65 72 49 6e 76 61 6c 69 64 61 74 65 64 3a 21 31 2c 69 73 6f 3a 21 31 7d 7d 66 75 6e 63 74 69 6f 6e 20 74 74 28 74 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 74 2e 5f 69 73 56 61 6c 69 64 26 26 28 74 2e 5f 69 73 56 61 6c 69 64 3d 21 69 73 4e 61 4e 28 74 2e 5f 64 2e 67 65 74 54 69 6d 65 28 29 29 26 26 74 2e 5f 70 66 2e 6f 76 65 72 66 6c 6f 77 3c 30 26 26 21 74 2e 5f 70 66 2e 65 6d 70 74 79 26 26 21 74 2e 5f 70 66 2e 69 6e 76 61 6c 69 64 4d Data Ascii: usedTokens:[],unusedInput:[],overflow:-2,charsLeftOver:0,nullInput:!1,invalidMonth:null,invalidFormat:!1,userInvalidated:!1,iso:!1}}function tt(t){return null==t._isValid&&(t._isValid=!isNaN(t._d.getTime())&&t._pf.overflow<0&&!t._pf.empty&&!t._pf.invalidM
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 69 6f 6e 20 69 74 28 74 2c 65 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 44 44 44 44 22 3a 72 65 74 75 72 6e 20 6c 3b 63 61 73 65 22 59 59 59 59 22 3a 63 61 73 65 22 47 47 47 47 22 3a 63 61 73 65 22 67 67 67 67 22 3a 72 65 74 75 72 6e 20 5f 3b 63 61 73 65 22 59 59 59 59 59 22 3a 63 61 73 65 22 47 47 47 47 47 22 3a 63 61 73 65 22 67 67 67 67 67 22 3a 72 65 74 75 72 6e 20 6d 3b 63 61 73 65 22 53 22 3a 63 61 73 65 22 53 53 22 3a 63 61 73 65 22 53 53 53 22 3a 63 61 73 65 22 44 44 44 22 3a 72 65 74 75 72 6e 20 66 3b 63 61 73 65 22 4d 4d 4d 22 3a 63 61 73 65 22 4d 4d 4d 4d 22 3a 63 61 73 65 22 64 64 22 3a 63 61 73 65 22 64 64 64 22 3a 63 61 73 65 22 64 64 64 64 22 3a 72 65 74 75 72 6e 20 70 3b 63 61 73 65 22 61 22 3a 63 61 73 65 22 41 22 3a 72 65 74 75 Data Ascii: ion it(t,e){switch(t){case"DDDD":return l;case"YYYY":case"GGGG":case"gggg":return _;case"YYYYY":case"GGGGG":case"ggggg":return m;case"S":case"SS":case"SSS":case"DDD":return f;case"MMM":case"MMMM":case"dd":case"ddd":case"dddd":return p;case"a":case"A":retu
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 62 72 65 61 6b 3b 63 61 73 65 22 73 22 3a 63 61 73 65 22 73 73 22 3a 72 5b 35 5d 3d 58 28 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 53 22 3a 63 61 73 65 22 53 53 22 3a 63 61 73 65 22 53 53 53 22 3a 63 61 73 65 22 53 53 53 53 22 3a 72 5b 36 5d 3d 58 28 31 65 33 2a 28 22 30 2e 22 2b 65 29 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 58 22 3a 6e 2e 5f 64 3d 6e 65 77 20 44 61 74 65 28 31 65 33 2a 70 61 72 73 65 46 6c 6f 61 74 28 65 29 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 5a 22 3a 63 61 73 65 22 5a 5a 22 3a 6e 2e 5f 75 73 65 55 54 43 3d 21 30 2c 6e 2e 5f 74 7a 6d 3d 61 74 28 65 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 77 22 3a 63 61 73 65 22 77 77 22 3a 63 61 73 65 22 57 22 3a 63 61 73 65 22 57 57 22 3a 63 61 73 65 22 64 22 3a 63 61 73 65 22 64 64 22 3a 63 61 73 65 Data Ascii: break;case"s":case"ss":r[5]=X(e);break;case"S":case"SS":case"SSS":case"SSSS":r[6]=X(1e3("0."+e));break;case"X":n._d=new Date(1e3parseFloat(e));break;case"Z":case"ZZ":n._useUTC=!0,n._tzm=at(e);break;case"w":case"ww":case"W":case"WW":case"d":case"dd":case
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 74 2c 65 2c 6e 2c 73 2c 72 2c 69 2c 61 29 7b 76 61 72 20 6f 3d 6e 65 77 20 44 61 74 65 28 74 2c 65 2c 6e 2c 73 2c 72 2c 69 2c 61 29 3b 72 65 74 75 72 6e 20 74 3c 31 39 37 30 26 26 6f 2e 73 65 74 46 75 6c 6c 59 65 61 72 28 74 29 2c 6f 7d 29 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 66 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 68 74 28 74 29 7b 74 2e 5f 61 3d 5b 5d 2c 74 2e 5f 70 66 2e 65 6d 70 74 79 3d 21 30 3b 76 61 72 20 65 2c 6e 2c 73 2c 72 2c 69 2c 61 3d 6e 74 28 74 2e 5f 6c 29 2c 6f 3d 22 22 2b 74 2e 5f 69 2c 75 3d 6f 2e 6c 65 6e 67 74 68 2c 64 3d 30 3b 66 6f 72 28 73 3d 72 74 28 74 2e 5f 66 2c 61 29 2e 6d 61 74 63 68 28 68 29 7c 7c 5b 5d 2c 65 3d 30 3b 65 3c 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 28 6e 3d 28 69 74 28 72 3d 73 5b 65 5d 2c 74 29 2e 65 78 65 63 28 Data Ascii: t,e,n,s,r,i,a){var o=new Date(t,e,n,s,r,i,a);return t<1970&&o.setFullYear(t),o}).apply(null,f)}}function ht(t){t._a=[],t._pf.empty=!0;var e,n,s,r,i,a=nt(t._l),o=""+t._i,u=o.length,d=0;for(s=rt(t._f,a).match(h)\|\|[],e=0;e<s.length;e++)(n=(it(r=s[e],t).exec(
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 6e 2c 73 2c 72 2c 69 3b 69 66 28 30 3d 3d 3d 74 2e 5f 66 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 74 2e 5f 70 66 2e 69 6e 76 61 6c 69 64 46 6f 72 6d 61 74 3d 21 30 2c 74 2e 5f 64 3d 6e 65 77 20 44 61 74 65 28 4e 61 4e 29 3b 66 6f 72 28 72 3d 30 3b 72 3c 74 2e 5f 66 2e 6c 65 6e 67 74 68 3b 72 2b 2b 29 69 3d 30 2c 51 28 65 3d 49 28 7b 7d 2c 74 29 29 2c 65 2e 5f 66 3d 74 2e 5f 66 5b 72 5d 2c 68 74 28 65 29 2c 74 74 28 65 29 26 26 28 69 2b 3d 65 2e 5f 70 66 2e 63 68 61 72 73 4c 65 66 74 4f 76 65 72 2c 69 2b 3d 31 30 2a 65 2e 5f 70 66 2e 75 6e 75 73 65 64 54 6f 6b 65 6e 73 2e 6c 65 6e 67 74 68 2c 65 2e 5f 70 66 2e 73 63 6f 72 65 3d 69 2c 28 6e 75 6c 6c 3d 3d 73 7c 7c 69 3c 73 29 26 26 28 73 3d 69 2c 6e 3d 65 Data Ascii: nction(t){var e,n,s,r,i;if(0===t._f.length)return t._pf.invalidFormat=!0,t._d=new Date(NaN);for(r=0;r<t._f.length;r++)i=0,Q(e=I({},t)),e._f=t._f[r],ht(e),tt(e)&&(i+=e._pf.charsLeftOver,i+=10*e._pf.unusedTokens.length,e._pf.score=i,(null==s\|\|i<s)&&(s=i,n=e

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
146	192.168.2.7	49934	104.18.70.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:53 UTC	578	OUT	GET /hc/assets/hc_enduser-860d7ece999603256af395ffcccc86d7.js HTTP/1.1 Host: static.zdassets.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:53 UTC	1150	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:53 GMT Content-Type: application/javascript Content-Length: 743814 Connection: close x-amz-id-2: PLJ0AYoV1mgJokcKL63omauLovuQaBvTbDZ01h86LCXP5GFfjr7ALmtZJTgW9nT8I0IwTLO+qrY5Iqy4e7/o3dJ5142SZcK0 x-amz-request-id: 0VTNX0J8QCYRDP1B x-amz-replication-status: COMPLETED Last-Modified: Wed, 25 Sep 2024 15:09:01 GMT ETag: "c918d2070e4e24ba39ace5df456fec9d" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=604800 x-amz-version-id: mW4ri9HjvBRMB0wMkLLDECsJm7ZFg0yi CF-Cache-Status: HIT Age: 203788 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JC3sDul6oek%2F8nKjRHp2nKVm9kxajKlrv9b1xM05rmVxKl%2BN0IqFJ139XNhNzJehifCbtd6n8KVO6%2F4mqY9U8XMYxEWMw9HLiKeLN%2BsgVUBBam%2F52armWhFLGzxvATM6FF%2Fh6go%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f61a419ed4288-EWR
2024-09-27 23:47:53 UTC	219	IN	Data Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 68 63 5f 65 6e 64 75 73 65 72 2d 38 36 30 64 37 65 63 65 39 39 39 36 30 33 32 35 36 61 66 33 39 35 66 66 63 63 63 63 38 36 64 37 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 6e 2c 72 2c 61 3d 7b 33 38 30 31 36 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 65 2e 65 78 70 6f 72 74 73 3d 6e 28 36 36 33 34 31 29 7d 2c 38 39 36 38 32 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 65 29 7b 72 65 Data Ascii: /! For license information please see hc_enduser-860d7ece999603256af395ffcccc86d7.js.LICENSE.txt /!function(){var e,t,n,r,a={38016:function(e,t,n){e.exports=n(66341)},89682:function(e,t){"use strict";function n(e){re
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 74 75 72 6e 20 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 65 2e 6d 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 3f 28 74 3d 65 2c 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 73 6f 72 74 28 29 2e 6d 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3b 72 65 74 75 72 6e 28 6e 3d 7b 7d 29 5b 65 5d 3d 74 5b 65 5d 2c 6e 7d 29 29 29 3a 65 3b 76 61 72 20 74 7d 29 29 29 7d 74 2e 64 65 66 61 75 6c 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 74 26 26 28 74 3d 7b 7d 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 72 2c 61 3d 5b 5d 2c 6f 3d 30 3b 6f 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 Data Ascii: turn JSON.stringify(e.map((function(e){return e&&"object"==typeof e?(t=e,Object.keys(t).sort().map((function(e){var n;return(n={})[e]=t[e],n}))):e;var t})))}t.default=function(e,t){return void 0===t&&(t={}),function(){for(var r,a=[],o=0;o<arguments.length
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 20 45 72 72 6f 72 28 22 43 6f 75 6c 64 20 6e 6f 74 20 6c 6f 61 64 20 73 63 72 69 70 74 3a 20 22 2b 65 29 29 7d 2c 61 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 29 7d 2c 72 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 7d 7d 2c 31 32 35 35 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 2e 73 6f 72 74 28 29 2e 72 65 64 75 63 65 28 28 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 29 7b 72 65 74 75 72 6e 20 74 5b 6e 5d 3d 65 5b 6e 5d 2c 74 7d 29 2c 7b 7d 29 7d 7d 2c 33 37 35 36 36 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 65 78 70 6f 72 74 73 3d 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 Data Ascii: Error("Could not load script: "+e))},a.onload=function(){t()},r.appendChild(a)}},1255:function(e){e.exports=function(e){return Object.keys(e).sort().reduce((function(t,n){return t[n]=e[n],t}),{})}},37566:function(e){e.exports={get:function(){if("undefine
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 72 69 6e 67 3f 28 22 22 21 3d 3d 6e 26 26 28 74 2e 70 75 73 68 28 6e 29 2c 6e 3d 22 22 29 2c 74 2e 70 75 73 68 28 61 29 29 3a 6e 2b 3d 61 29 7d 72 65 74 75 72 6e 22 22 21 3d 3d 6e 26 26 74 2e 70 75 73 68 28 6e 29 2c 30 3d 3d 3d 74 2e 6c 65 6e 67 74 68 3f 22 22 3a 31 3d 3d 3d 74 2e 6c 65 6e 67 74 68 3f 74 5b 30 5d 3a 74 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 65 3f 74 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 28 74 2c 6e 29 3a 65 7d 66 75 6e 63 74 69 6f 6e 20 68 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 65 2b 74 29 2c 5b 7b 74 79 70 65 3a 22 74 65 78 74 22 2c 76 61 6c 75 65 3a 74 7d 5d 7d 66 75 6e 63 74 69 6f 6e 20 67 28 65 2c 74 Data Ascii: ring?(""!==n&&(t.push(n),n=""),t.push(a)):n+=a)}return""!==n&&t.push(n),0===t.length?"":1===t.length?t[0]:t}function p(e,t,n){return void 0===e?t:"function"==typeof e?e(t,n):e}function h(e,t){return console.warn(e+t),[{type:"text",value:t}]}function g(e,t
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 63 61 6c 65 29 7d 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 49 6e 74 6c 52 65 6c 61 74 69 76 65 46 6f 72 6d 61 74 29 7b 63 6f 6e 73 74 20 65 3d 61 28 49 6e 74 6c 52 65 6c 61 74 69 76 65 46 6f 72 6d 61 74 29 3b 62 2e 72 65 6c 61 74 69 76 65 46 6f 72 6d 61 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 63 6f 6e 73 74 20 6e 3d 22 6e 6f 22 3d 3d 3d 62 2e 6c 6f 63 61 6c 65 3f 22 6e 6e 22 3a 62 2e 6c 6f 63 61 6c 65 3b 72 65 74 75 72 6e 20 65 28 6e 2c 74 29 7d 7d 7d 62 2e 66 6f 72 6d 61 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 64 28 67 28 65 2c 74 29 29 7d 2c 62 2e 70 61 72 74 73 3d 67 2c 62 2e 67 65 74 4c 6f 63 61 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 28 29 2c 69 2e 67 65 74 28 29 2e Data Ascii: cale)}if("undefined"!=typeof IntlRelativeFormat){const e=a(IntlRelativeFormat);b.relativeFormat=function(t){const n="no"===b.locale?"nn":b.locale;return e(n,t)}}}b.format=function(e,t){return d(g(e,t))},b.parts=g,b.getLocale=function(){return l(),i.get().
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 2e 67 65 74 43 6c 64 72 28 29 7d 7d 29 29 2c 62 2e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 28 65 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 29 72 65 74 75 72 6e 20 74 28 65 29 3b 6d 28 29 2c 74 28 29 7d 29 29 7d 2c 62 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 63 6f 6e 73 74 20 74 3d 65 2e 6c 6f 63 61 6c 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 3d 65 2e 72 74 6c 3f 22 72 74 6c 22 3a 22 6c 74 72 22 2c 72 3d 6f 28 65 2e 74 72 61 6e 73 6c 61 74 69 6f 6e 73 29 2c 61 3d 65 2e 63 6c 64 72 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 69 2e 67 65 74 28 29 29 69 2e 69 6e 69 74 28 7b 6c 6f 63 61 6c 65 3a 74 2c 64 69 72 65 63 74 69 6f 6e 3a 6e 2c 74 72 61 6e 73 6c Data Ascii: :function(){return b.getCldr()}})),b.load=function(e,t){r(e,(function(e){if(e)return t(e);m(),t()}))},b.set=function(e){const t=e.locale.toLowerCase(),n=e.rtl?"rtl":"ltr",r=o(e.translations),a=e.cldr;if(void 0===i.get())i.init({locale:t,direction:n,transl
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72 65 74 75 72 6e 20 6e 2e 64 28 74 2c 22 61 22 2c 74 29 2c 74 7d 2c 6e 2e 6f 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 65 2c 74 29 7d 2c 6e 2e 70 3d 22 22 2c 6e 28 6e 2e 73 3d 31 29 7d 28 5b 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c Data Ascii: tion(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=1)}([function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 65 5b 6e 5d 29 3b 72 65 74 75 72 6e 20 74 2e 64 65 66 61 75 6c 74 3d 65 2c 74 7d 28 6e 28 32 29 29 3b 74 2e 64 65 66 61 75 6c 74 3d 72 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 74 2e 72 65 64 69 72 65 63 74 54 6f 4c 6f 67 49 6e 3d 74 2e 61 64 64 49 64 6c 65 53 74 61 74 65 4c 69 73 74 65 6e 65 72 3d 74 2e 67 65 74 57 61 72 6e 69 6e 67 4c 69 73 74 65 6e 65 72 73 3d 74 2e 61 64 64 57 61 72 6e 69 6e 67 4c 69 73 74 65 6e 65 72 3d 74 2e 67 65 74 50 6f 6c 6c 50 65 72 69 6f 64 3d 74 2e 66 65 74 63 68 53 65 73 73 69 6f 6e 45 78 70 69 72 61 74 69 6f 6e 3d 74 2e 67 65 74 Data Ascii: e[n]);return t.default=e,t}(n(2));t.default=r},function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.redirectToLogIn=t.addIdleStateListener=t.getWarningListeners=t.addWarningListener=t.getPollPeriod=t.fetchSessionExpiration=t.get
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 63 74 69 6f 6e 28 29 7b 76 28 29 2c 6c 3d 73 65 74 54 69 6d 65 6f 75 74 28 6d 2c 70 29 7d 2c 77 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 75 5b 65 5d 2e 74 69 6d 65 6f 75 74 3d 6e 75 6c 6c 3b 76 61 72 20 74 3d 75 5b 65 5d 2e 6c 69 73 74 65 6e 65 72 73 3b 67 28 29 2e 74 68 65 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6b 28 29 3c 3d 65 3f 74 2e 63 61 6c 6c 28 64 29 3a 78 28 65 29 7d 29 29 2e 63 61 74 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 63 61 6c 6c 28 64 29 7d 29 29 7d 2c 41 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 75 5b 65 5d 2e 74 69 6d 65 6f 75 74 26 26 28 72 2e 64 65 66 61 75 6c 74 2e 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 75 5b 65 5d 2e 74 69 6d 65 6f 75 74 29 2c 75 5b 65 5d 2e 74 69 6d 65 6f 75 74 3d 6e 75 6c 6c 29 7d 2c 78 3d 66 75 6e 63 74 Data Ascii: ction(){v(),l=setTimeout(m,p)},w=function(e){u[e].timeout=null;var t=u[e].listeners;g().then((function(){k()<=e?t.call(d):x(e)})).catch((function(){t.call(d)}))},A=function(e){u[e].timeout&&(r.default.clearTimeout(u[e].timeout),u[e].timeout=null)},x=funct
2024-09-27 23:47:53 UTC	1369	IN	Data Raw: 2c 22 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 22 5d 2c 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 2e 72 65 64 75 63 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 5b 74 5d 3d 77 69 6e 64 6f 77 5b 74 5d 2c 65 7d 29 2c 7b 7d 29 7d 2c 6f 3d 61 28 29 3b 6e 28 34 29 3b 76 61 72 20 69 3d 61 28 29 3b 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 77 69 6e 64 6f 77 2c 6f 29 2c 74 2e 64 65 66 61 75 6c 74 3d 69 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 2f 4d 53 49 45 20 31 30 2f 69 2e 74 65 73 74 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 29 74 72 79 7b 76 61 72 20 74 3d 6e 65 77 20 42 6c 6f 62 28 5b 22 76 61 72 20 66 61 6b 65 49 64 54 6f 49 64 20 Data Ascii: ,"clearInterval"],a=function(){return r.reduce((function(e,t){return e[t]=window[t],e}),{})},o=a();n(4);var i=a();Object.assign(window,o),t.default=i},function(e,t){!function(e){if(!/MSIE 10/i.test(navigator.userAgent))try{var t=new Blob(["var fakeIdToId

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
147	192.168.2.7	49935	216.198.53.1	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:53 UTC	552	OUT	GET /auth/v2/host/without_iframe.js HTTP/1.1 Host: codapay.zendesk.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:53 UTC	1310	IN	HTTP/1.1 302 Found Date: Fri, 27 Sep 2024 23:47:53 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR" vary: Accept x-xss-protection: 1; mode=block location: https://static.zdassets.com/auth/8aef649c7f65aed5d506b8bdce18780ab400dcd2/v2/host-without-iframe.js cache-control: max-age=86400, public strict-transport-security: max-age=31536000; includeSubDomains x-zendesk-origin-server: classic-app-server-75589648dc-54j7h x-runtime: 0.057474 X-Zendesk-Zorg: yes X-Request-ID: 8c99c318fd8d876c-ATL CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSWUMx2Y292OMCxjI8vwO%2FsbrJiebavEeyDHDFI9f2GtHEXhOb7jj%2BXpg%2FB7lFUW0rWcm61lYkUKrqC7oUEKL813QKbc0IUfphHfEWBlMpsQ5iu%2Fvtc4r4X6xB%2FjBkNUHlg59wA%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Set-Cookie: __cfruid=0953afc4ecda22f01b735f3543dc80ac54db309b-1727480873; path=/; domain=.codapay.zendesk.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=0vfXA1iZXOX2EXuXg9x1.bpNbhbTgalYvijB0q6VxRc-1727480873678-0.0.1.1-604800000; path=/; domain=.codapay.zendesk.com; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 8c9f61a42b5d41af-EWR
2024-09-27 23:47:53 UTC	59	IN	Data Raw: 61 35 0d 0a 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 59 6f 75 20 61 72 65 20 62 65 69 6e 67 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 7a 64 61 73 73 Data Ascii: a5<html><body>You are being <a href="https://static.zdass
2024-09-27 23:47:53 UTC	112	IN	Data Raw: 65 74 73 2e 63 6f 6d 2f 61 75 74 68 2f 38 61 65 66 36 34 39 63 37 66 36 35 61 65 64 35 64 35 30 36 62 38 62 64 63 65 31 38 37 38 30 61 62 34 30 30 64 63 64 32 2f 76 32 2f 68 6f 73 74 2d 77 69 74 68 6f 75 74 2d 69 66 72 61 6d 65 2e 6a 73 22 3e 72 65 64 69 72 65 63 74 65 64 3c 2f 61 3e 2e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: ets.com/auth/8aef649c7f65aed5d506b8bdce18780ab400dcd2/v2/host-without-iframe.js">redirected</a>.</body></html>
2024-09-27 23:47:53 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
148	192.168.2.7	49938	104.18.72.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:54 UTC	395	OUT	GET /hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js HTTP/1.1 Host: static.zdassets.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:54 UTC	1129	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:54 GMT Content-Type: application/javascript Content-Length: 92460 Connection: close x-amz-id-2: +uBiO8D1DJLDGFmSLNLKoy6n5ANGPPlxKG3Yasg6PXR51K480O/sUsz7gvXC4qEg0qwu8Ekqdrldnmyt0vWrbg== x-amz-request-id: JA270QCR3AZTPBNN x-amz-replication-status: COMPLETED Last-Modified: Tue, 11 Jun 2024 09:19:04 GMT ETag: "06821d0f1e25137c2297502c6ced525d" x-amz-server-side-encryption: AES256 Cache-Control: public, max-age=604800 x-amz-version-id: de3lWxEA2PehENJUolMMFXlB.nwX03Eg CF-Cache-Status: HIT Age: 193636 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpYmhK8NLU5J4V7PyGYFDxidlESN6u9MkRCQywSSbDim1Ppx1Nf7G9WdeXeqdigkNFHvyNxlYlVpXhSAeqJrYeO51LIHPWRBc0IPCUMZrbWqdbuGbe6zjYWYTg3fFICGryTlNyo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f61ab3bf44308-EWR
2024-09-27 23:47:54 UTC	240	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 72 28 65 29 7b 21 73 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 22 6c 6f 61 64 22 21 3d 3d 65 2e 74 79 70 65 26 26 22 63 6f 6d 70 6c 65 74 65 22 21 3d 3d 73 2e 72 65 61 64 79 53 74 61 74 65 7c 7c 28 71 28 29 2c 77 2e 72 65 61 64 79 28 29 29 7d 76 61 72 20 69 2c 6f 2c 61 3d 74 79 70 65 6f 66 20 74 2c 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 2c 75 3d 65 2e 6c 6f 63 61 74 69 6f 6e 2c 6c 3d 65 2e 6a 51 75 65 72 79 2c 63 3d 65 2e 24 2c 66 3d 7b 7d 2c 70 3d 5b 5d 2c 64 3d 22 31 2e 39 2e 31 22 2c 68 3d 70 2e 63 6f 6e 63 61 Data Ascii: !function(e,t){function n(e,t){return t.toUpperCase()}function r(e){!s.addEventListener&&"load"!==e.type&&"complete"!==s.readyState\|\|(q(),w.ready())}var i,o,a=typeof t,s=e.document,u=e.location,l=e.jQuery,c=e.$,f={},p=[],d="1.9.1",h=p.conca
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 74 2c 67 3d 70 2e 70 75 73 68 2c 6d 3d 70 2e 73 6c 69 63 65 2c 79 3d 70 2e 69 6e 64 65 78 4f 66 2c 76 3d 66 2e 74 6f 53 74 72 69 6e 67 2c 62 3d 66 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 78 3d 64 2e 74 72 69 6d 2c 77 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 77 2e 66 6e 2e 69 6e 69 74 28 65 2c 74 2c 6f 29 7d 2c 54 3d 2f 5b 2b 2d 5d 3f 28 3f 3a 5c 64 2a 5c 2e 7c 29 5c 64 2b 28 3f 3a 5b 65 45 5d 5b 2b 2d 5d 3f 5c 64 2b 7c 29 2f 2e 73 6f 75 72 63 65 2c 4e 3d 2f 5c 53 2b 2f 67 2c 43 3d 2f 5e 5b 5c 73 5c 75 46 45 46 46 5c 78 41 30 5d 2b 7c 5b 5c 73 5c 75 46 45 46 46 5c 78 41 30 5d 2b 24 2f 67 2c 6b 3d 2f 5e 28 3f 3a 28 3c 5b 5c 77 5c 57 5d 2b 3e 29 5b 5e 3e 5d 2a 7c 23 28 5b 5c 77 2d 5d 2a 29 29 24 2f 2c 45 3d 2f 5e Data Ascii: t,g=p.push,m=p.slice,y=p.indexOf,v=f.toString,b=f.hasOwnProperty,x=d.trim,w=function(e,t){return new w.fn.init(e,t,o)},T=/[+-]?(?:\d\.\|)\d+(?:[eE][+-]?\d+\|)/.source,N=/\S+/g,C=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,k=/^(?:(<[\w\W]+>)[^>]\|#([\w-]*))$/,E=/^
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 29 26 26 77 2e 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 28 6e 29 29 66 6f 72 28 69 20 69 6e 20 6e 29 77 2e 69 73 46 75 6e 63 74 69 6f 6e 28 74 68 69 73 5b 69 5d 29 3f 74 68 69 73 5b 69 5d 28 6e 5b 69 5d 29 3a 74 68 69 73 2e 61 74 74 72 28 69 2c 6e 5b 69 5d 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 69 66 28 28 6f 3d 73 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 5b 32 5d 29 29 26 26 6f 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7b 69 66 28 6f 2e 69 64 21 3d 3d 69 5b 32 5d 29 72 65 74 75 72 6e 20 72 2e 66 69 6e 64 28 65 29 3b 74 68 69 73 2e 6c 65 6e 67 74 68 3d 31 2c 74 68 69 73 5b 30 5d 3d 6f 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 63 6f 6e 74 65 78 74 3d 73 2c 74 68 69 73 2e 73 65 6c 65 63 74 6f 72 3d 65 2c 74 68 69 73 7d 2c 73 65 6c 65 63 74 6f 72 3a 22 22 Data Ascii: )&&w.isPlainObject(n))for(i in n)w.isFunction(this[i])?this[i](n[i]):this.attr(i,n[i]);return this}if((o=s.getElementById(i[2]))&&o.parentNode){if(o.id!==i[2])return r.find(e);this.length=1,this[0]=o}return this.context=s,this.selector=e,this},selector:""
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 50 6c 61 69 6e 4f 62 6a 65 63 74 28 72 29 7c 7c 28 6e 3d 77 2e 69 73 41 72 72 61 79 28 72 29 29 29 3f 28 61 3d 6e 3f 28 6e 3d 21 31 2c 65 26 26 77 2e 69 73 41 72 72 61 79 28 65 29 3f 65 3a 5b 5d 29 3a 65 26 26 77 2e 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 28 65 29 3f 65 3a 7b 7d 2c 73 5b 69 5d 3d 77 2e 65 78 74 65 6e 64 28 63 2c 61 2c 72 29 29 3a 72 21 3d 3d 74 26 26 28 73 5b 69 5d 3d 72 29 29 3b 72 65 74 75 72 6e 20 73 7d 2c 77 2e 65 78 74 65 6e 64 28 7b 6e 6f 43 6f 6e 66 6c 69 63 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 24 3d 3d 3d 77 26 26 28 65 2e 24 3d 63 29 2c 74 26 26 65 2e 6a 51 75 65 72 79 3d 3d 3d 77 26 26 28 65 2e 6a 51 75 65 72 79 3d 6c 29 2c 77 7d 2c 69 73 52 65 61 64 79 3a 21 31 2c 72 65 61 64 79 57 61 69 74 3a 31 Data Ascii: PlainObject(r)\|\|(n=w.isArray(r)))?(a=n?(n=!1,e&&w.isArray(e)?e:[]):e&&w.isPlainObject(e)?e:{},s[i]=w.extend(c,a,r)):r!==t&&(s[i]=r));return s},w.extend({noConflict:function(t){return e.$===w&&(e.$=c),t&&e.jQuery===w&&(e.jQuery=l),w},isReady:!1,readyWait:1
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 72 5b 31 5d 29 5d 3a 28 72 3d 77 2e 62 75 69 6c 64 46 72 61 67 6d 65 6e 74 28 5b 65 5d 2c 74 2c 69 29 2c 69 26 26 77 28 69 29 2e 72 65 6d 6f 76 65 28 29 2c 77 2e 6d 65 72 67 65 28 5b 5d 2c 72 2e 63 68 69 6c 64 4e 6f 64 65 73 29 29 7d 2c 70 61 72 73 65 4a 53 4f 4e 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 4a 53 4f 4e 26 26 65 2e 4a 53 4f 4e 2e 70 61 72 73 65 3f 65 2e 4a 53 4f 4e 2e 70 61 72 73 65 28 74 29 3a 6e 75 6c 6c 3d 3d 3d 74 3f 74 3a 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 28 74 3d 77 2e 74 72 69 6d 28 74 29 29 26 26 53 2e 74 65 73 74 28 74 2e 72 65 70 6c 61 63 65 28 6a 2c 22 40 22 29 2e 72 65 70 6c 61 63 65 28 44 2c 22 5d 22 29 2e 72 65 70 6c 61 63 65 28 41 2c 22 22 29 29 3f 6e 65 77 20 46 75 6e 63 74 69 Data Ascii: r[1])]:(r=w.buildFragment([e],t,i),i&&w(i).remove(),w.merge([],r.childNodes))},parseJSON:function(t){return e.JSON&&e.JSON.parse?e.JSON.parse(t):null===t?t:"string"==typeof t&&(t=w.trim(t))&&S.test(t.replace(j,"@").replace(D,"]").replace(A,""))?new Functi
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 6e 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3b 69 66 28 74 29 7b 69 66 28 79 29 72 65 74 75 72 6e 20 79 2e 63 61 6c 6c 28 74 2c 65 2c 6e 29 3b 66 6f 72 28 72 3d 74 2e 6c 65 6e 67 74 68 2c 6e 3d 6e 3f 6e 3c 30 3f 4d 61 74 68 2e 6d 61 78 28 30 2c 72 2b 6e 29 3a 6e 3a 30 3b 6e 3c 72 3b 6e 2b 2b 29 69 66 28 6e 20 69 6e 20 74 26 26 74 5b 6e 5d 3d 3d 3d 65 29 72 65 74 75 72 6e 20 6e 7d 72 65 74 75 72 6e 2d 31 7d 2c 6d 65 72 67 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 72 3d 6e 2e 6c 65 6e 67 74 68 2c 69 3d 65 2e 6c 65 6e 67 74 68 2c 6f 3d 30 3b 69 66 28 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 72 29 66 6f 72 28 3b 6f 3c 72 3b 6f 2b 2b 29 65 5b 69 2b 2b 5d 3d 6e 5b 6f 5d 3b 65 6c 73 65 20 66 6f Data Ascii: nArray:function(e,t,n){var r;if(t){if(y)return y.call(t,e,n);for(r=t.length,n=n?n<0?Math.max(0,r+n):n:0;n<r;n++)if(n in t&&t[n]===e)return n}return-1},merge:function(e,n){var r=n.length,i=e.length,o=0;if("number"==typeof r)for(;o<r;o++)e[i++]=n[o];else fo
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 72 2c 21 31 29 3b 65 6c 73 65 7b 73 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 22 2c 72 29 2c 65 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 6c 6f 61 64 22 2c 72 29 3b 76 61 72 20 6e 3d 21 31 3b 74 72 79 7b 6e 3d 6e 75 6c 6c 3d 3d 65 2e 66 72 61 6d 65 45 6c 65 6d 65 6e 74 26 26 73 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 7d 63 61 74 63 68 28 74 29 7b 7d 6e 26 26 6e 2e 64 6f 53 63 72 6f 6c 6c 26 26 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 69 66 28 21 77 2e 69 73 52 65 61 64 79 29 7b 74 72 79 7b 6e 2e 64 6f 53 63 72 6f 6c 6c 28 22 6c 65 66 74 22 29 7d 63 61 74 63 68 28 74 29 7b 72 65 74 75 72 6e 20 73 65 74 54 69 6d 65 6f 75 74 28 65 Data Ascii: EventListener("load",r,!1);else{s.attachEvent("onreadystatechange",r),e.attachEvent("onload",r);var n=!1;try{n=null==e.frameElement&&s.documentElement}catch(t){}n&&n.doScroll&&function e(){if(!w.isReady){try{n.doScroll("left")}catch(t){return setTimeout(e
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 3d 74 2c 72 7c 7c 66 2e 64 69 73 61 62 6c 65 28 29 2c 74 68 69 73 7d 2c 6c 6f 63 6b 65 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 21 6c 7d 2c 66 69 72 65 57 69 74 68 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 3d 5b 65 2c 28 74 3d 74 7c 7c 5b 5d 29 2e 73 6c 69 63 65 3f 74 2e 73 6c 69 63 65 28 29 3a 74 5d 2c 21 75 7c 7c 69 26 26 21 6c 7c 7c 28 6e 3f 6c 2e 70 75 73 68 28 74 29 3a 63 28 74 29 29 2c 74 68 69 73 7d 2c 66 69 72 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 2e 66 69 72 65 57 69 74 68 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 2c 74 68 69 73 7d 2c 66 69 72 65 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 21 21 69 7d 7d 3b 72 65 Data Ascii: ction(){return l=t,r\|\|f.disable(),this},locked:function(){return!l},fireWith:function(e,t){return t=[e,(t=t\|\|[]).slice?t.slice():t],!u\|\|i&&!l\|\|(n?l.push(t):c(t)),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!i}};re
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 28 74 2c 72 29 3a 2d 2d 75 7c 7c 6c 2e 72 65 73 6f 6c 76 65 57 69 74 68 28 74 2c 72 29 7d 7d 76 61 72 20 6e 2c 72 2c 69 2c 6f 3d 30 2c 61 3d 6d 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 2c 73 3d 61 2e 6c 65 6e 67 74 68 2c 75 3d 31 21 3d 3d 73 7c 7c 65 26 26 77 2e 69 73 46 75 6e 63 74 69 6f 6e 28 65 2e 70 72 6f 6d 69 73 65 29 3f 73 3a 30 2c 6c 3d 31 3d 3d 3d 75 3f 65 3a 77 2e 44 65 66 65 72 72 65 64 28 29 3b 69 66 28 31 3c 73 29 66 6f 72 28 6e 3d 6e 65 77 20 41 72 72 61 79 28 73 29 2c 72 3d 6e 65 77 20 41 72 72 61 79 28 73 29 2c 69 3d 6e 65 77 20 41 72 72 61 79 28 73 29 3b 6f 3c 73 3b 6f 2b 2b 29 61 5b 6f 5d 26 26 77 2e 69 73 46 75 6e 63 74 69 6f 6e 28 61 5b 6f 5d 2e 70 72 6f 6d 69 73 65 29 3f 61 5b 6f 5d 2e 70 72 6f 6d 69 73 65 28 29 2e 64 6f 6e 65 Data Ascii: (t,r):--u\|\|l.resolveWith(t,r)}}var n,r,i,o=0,a=m.call(arguments),s=a.length,u=1!==s\|\|e&&w.isFunction(e.promise)?s:0,l=1===u?e:w.Deferred();if(1<s)for(n=new Array(s),r=new Array(s),i=new Array(s);o<s;o++)a[o]&&w.isFunction(a[o].promise)?a[o].promise().done
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 68 72 69 6e 6b 57 72 61 70 42 6c 6f 63 6b 73 3a 21 31 2c 72 65 6c 69 61 62 6c 65 4d 61 72 67 69 6e 52 69 67 68 74 3a 21 30 2c 62 6f 78 53 69 7a 69 6e 67 52 65 6c 69 61 62 6c 65 3a 21 30 2c 70 69 78 65 6c 50 6f 73 69 74 69 6f 6e 3a 21 31 7d 2c 69 2e 63 68 65 63 6b 65 64 3d 21 30 2c 74 2e 6e 6f 43 6c 6f 6e 65 43 68 65 63 6b 65 64 3d 69 2e 63 6c 6f 6e 65 4e 6f 64 65 28 21 30 29 2e 63 68 65 63 6b 65 64 2c 6f 2e 64 69 73 61 62 6c 65 64 3d 21 30 2c 74 2e 6f 70 74 44 69 73 61 62 6c 65 64 3d 21 6c 2e 64 69 73 61 62 6c 65 64 3b 74 72 79 7b 64 65 6c 65 74 65 20 64 2e 74 65 73 74 7d 63 61 74 63 68 28 6e 29 7b 74 2e 64 65 6c 65 74 65 45 78 70 61 6e 64 6f 3d 21 31 7d 66 6f 72 28 70 20 69 6e 28 69 3d 73 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 6e 70 75 74 22 Data Ascii: hrinkWrapBlocks:!1,reliableMarginRight:!0,boxSizingReliable:!0,pixelPosition:!1},i.checked=!0,t.noCloneChecked=i.cloneNode(!0).checked,o.disabled=!0,t.optDisabled=!l.disabled;try{delete d.test}catch(n){t.deleteExpando=!1}for(p in(i=s.createElement("input"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
149	192.168.2.7	49939	104.18.70.113	443	6704	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 23:47:54 UTC	593	OUT	GET /auth/8aef649c7f65aed5d506b8bdce18780ab400dcd2/v2/host-without-iframe.js HTTP/1.1 Host: static.zdassets.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://support.codapay.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 23:47:54 UTC	1101	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 23:47:54 GMT Content-Type: application/javascript Content-Length: 3712 Connection: close x-amz-id-2: t7aewETZf7SVDNmq7IGjBCf/p+7gWaiUE5G0C/RSzJJfM9RYaDKhRARRInbSKksbOYAvY9vwISe1tYvKQisFIv8ENZwPG9LE x-amz-request-id: VR2W0TTY8ZRCPG9R x-amz-replication-status: COMPLETED Last-Modified: Thu, 26 Sep 2024 13:54:03 GMT ETag: "c3b6aebb4bb6348bdbc97877d611b398" x-amz-server-side-encryption: AES256 x-amz-version-id: hnITtVKeIZ0v3sUC37l.O.9CT7TWLAmx CF-Cache-Status: HIT Age: 4395 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X56xFBquyF5IAwu70CCs%2FAW3qZ1g3wF5XOmtBjLd1Eygw%2FIlKeLyC2DFAwRkmK%2BgFjfNYI8eUcg7qIPbSjay9ZCDAB12DEuAJTwTlWXAf8fktVgEuLgVNOtfHNWmaO3aDktrtTU%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=0 Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Origin: * Access-Control-Max-Age: 0 Server: cloudflare CF-RAY: 8c9f61ab3d214325-EWR
2024-09-27 23:47:54 UTC	268	IN	Data Raw: 28 28 29 3d 3e 7b 76 61 72 20 74 3d 7b 37 38 3a 28 74 2c 65 2c 72 29 3d 3e 7b 76 61 72 20 6e 3d 72 28 34 32 37 29 3b 74 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 69 66 28 21 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 4d 69 73 73 69 6e 67 20 65 6c 6d 22 29 3b 76 61 72 20 72 3d 7b 7d 3b 72 65 74 75 72 6e 28 65 7c 7c 5b 5d 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6f 3d 22 64 61 74 61 2d 22 2b 6e 28 65 29 2c 69 3d 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 6f 29 3b 2f 5e 28 74 72 75 65 7c 66 61 6c 73 65 29 24 2f 2e 74 65 73 74 28 69 29 26 26 28 69 3d 22 74 72 75 65 22 3d 3d 3d 69 29 2c 2f 5e 5c 64 2b 24 2f 2e 74 65 73 74 28 69 29 26 26 28 69 3d 70 61 72 73 65 49 6e 74 28 69 2c Data Ascii: (()=>{var t={78:(t,e,r)=>{var n=r(427);t.exports=function(t,e){if(!t)throw new Error("Missing elm");var r={};return(e\|\|[]).forEach((function(e){var o="data-"+n(e),i=t.getAttribute(o);/^(true\|false)$/.test(i)&&(i="true"===i),/^\d+$/.test(i)&&(i=parseInt(i,
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 26 26 28 72 5b 65 5d 3d 69 29 7d 29 29 2c 72 7d 7d 2c 34 32 37 3a 74 3d 3e 7b 74 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 28 74 7c 7c 22 22 29 2e 72 65 70 6c 61 63 65 28 2f 28 5b 41 2d 5a 5d 29 2f 67 2c 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 22 2d 22 2e 63 6f 6e 63 61 74 28 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 7d 29 29 7d 7d 2c 34 36 32 3a 74 3d 3e 7b 74 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 28 74 7c 7c 22 22 29 2e 72 65 70 6c 61 63 65 28 2f 28 5b 41 2d 5a 5d 29 2f 67 2c 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 22 5f 22 2e 63 6f 6e 63 61 74 28 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 7d 29 29 7d 7d 2c 35 34 3a 28 74 2c 65 Data Ascii: &&(r[e]=i)})),r}},427:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"-".concat(t.toLowerCase())}))}},462:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"_".concat(t.toLowerCase())}))}},54:(t,e
2024-09-27 23:47:54 UTC	1369	IN	Data Raw: 72 65 66 3d 74 7d 2c 67 65 74 50 61 72 61 6d 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 2c 65 3d 5b 5d 2c 72 3d 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 72 65 74 75 72 6e 54 6f 29 2c 6e 3d 72 2e 6d 61 74 63 68 28 2f 28 68 74 74 70 3a 5c 2f 5c 2f 7c 68 74 74 70 73 3a 5c 2f 5c 2f 29 2b 28 2e 2a 29 28 5c 2f 61 64 6d 69 6e 7c 5c 2f 61 67 65 6e 74 7c 5c 2f 63 68 61 74 7c 5c 2f 63 6f 6e 6e 65 63 74 7c 5c 2f 65 78 70 6c 6f 72 65 7c 5c 2f 73 65 6c 6c 7c 6f 61 75 74 68 5c 2f 29 2f 29 3b 74 68 69 73 2e 76 61 6c 69 64 50 61 72 61 6d 73 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 72 29 7b 74 2e 6f 70 74 69 6f 6e 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 72 29 26 26 Data Ascii: ref=t},getParams:function(){var t=this,e=[],r=decodeURIComponent(this.options.returnTo),n=r.match(/(http:\/\/\|https:\/\/)+(.*)(\/admin\|\/agent\|\/chat\|\/connect\|\/explore\|\/sell\|oauth\/)/);this.validParams.forEach((function(r){t.options.hasOwnProperty(r)&&
2024-09-27 23:47:54 UTC	706	IN	Data Raw: 2c 22 74 6f 6b 65 6e 22 2c 22 6c 6f 63 61 6c 65 22 2c 22 62 72 61 6e 64 49 64 22 2c 22 61 75 74 68 4f 72 69 67 69 6e 22 2c 22 61 75 74 68 44 6f 6d 61 69 6e 22 2c 22 73 68 6f 77 4d 6f 62 69 6c 65 44 65 65 70 6c 69 6e 6b 22 2c 22 6d 6f 62 69 6c 65 44 65 65 70 6c 69 6e 6b 50 61 72 61 6d 73 22 2c 22 61 63 74 69 6f 6e 22 5d 2c 74 68 69 73 2e 65 6c 6d 3d 64 6f 63 75 6d 65 6e 74 2e 63 75 72 72 65 6e 74 53 63 72 69 70 74 7c 7c 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 73 63 72 69 70 74 5b 73 72 63 2a 3d 22 2f 61 75 74 68 2f 76 32 22 5d 27 29 2c 21 74 68 69 73 2e 65 6c 6d 7c 7c 22 53 43 52 49 50 54 22 21 3d 3d 74 68 69 73 2e 65 6c 6d 2e 74 61 67 4e 61 6d 65 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 43 6f 75 6c 64 20 6e 6f Data Ascii: ,"token","locale","brandId","authOrigin","authDomain","showMobileDeeplink","mobileDeeplinkParams","action"],this.elm=document.currentScript\|\|document.querySelector('script[src*="/auth/v2"]'),!this.elm\|\|"SCRIPT"!==this.elm.tagName)throw new Error("Could no

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 432, Parent PID: 6244

General

Target ID:	0
Start time:	19:46:59
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff6c4390000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6704, Parent PID: 432

General

Target ID:	2
Start time:	19:47:01
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 --field-trial-handle=2336,i,10133034961393377045,834136538600171457,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff6c4390000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 7152, Parent PID: 6244

General

Target ID:	10
Start time:	19:47:04
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.card.xn--6qq986b3xl/higgs-domino/"
Imagebase:	0x7ff6c4390000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly