Edit tour

Windows Analysis Report
http://www.queleas.com/

Overview

General Information

Sample URL:	http://www.queleas.com/
Analysis ID:	1541646
Tags:	urlscan
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 6256 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2700 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1780,i,7870229911543219832,10178106981525847804,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2292 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.queleas.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: http://google.com

URL Reputation: Label: malware

Source: https://www.queleas.com/

HTTP Parser: Base64 decoded: [null,null,null,3]

Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4306
Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1729811047&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.queleas.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811043036&bpp=10&bdt=5571&idt=4260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1074x280&nras=1&correlator=8300578125854&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4275
Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4306
Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1729811047&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.queleas.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811043036&bpp=10&bdt=5571&idt=4260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1074x280&nras=1&correlator=8300578125854&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4275
Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4306
Source: https://www.queleas.com/	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1729811047&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.queleas.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811043036&bpp=10&bdt=5571&idt=4260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1074x280&nras=1&correlator=8300578125854&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4275

Source: https://www.queleas.com/	HTTP Parser: No favicon
Source: https://www.queleas.com/	HTTP Parser: No favicon
Source: https://www.queleas.com/	HTTP Parser: No favicon
Source: https://www.queleas.com/	HTTP Parser: No favicon
Source: https://www.queleas.com/	HTTP Parser: No favicon
Source: https://www.queleas.com/	HTTP Parser: No favicon
Source: https://www.queleas.com/	HTTP Parser: No favicon

Source: https://www.queleas.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.queleas.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.queleas.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.queleas.com/	HTTP Parser: No <meta name="author".. found

Source: https://www.queleas.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.queleas.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.queleas.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.queleas.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.8:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.8:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:49830 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8T5NVdSvpx9lzXd&MD=SA+xU976 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.queleas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4306 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.queleas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/ads?client=ca-pub-4838201668166700&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1729811047&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.queleas.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811043036&bpp=10&bdt=5571&idt=4260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1074x280&nras=1&correlator=8300578125854&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4275 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.queleas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/adview?ai=CqVJqaNIaZ7nEKY6YjuwP6bS4mQvUyenHesDumbe0E_TCtauuARABIJKKjipgyQagAbzE-JsByAEJqAMByAPLBKoE3QFP0B3-SqaRTdrdBLznVjGlHz_36Gw8aIalPkqk-1_s_14raijXMxGAe__Zq15Di95QmiJCr7eLKdI2QgUbAU2j6FX1irGg37NowBJXUbQw4cEyhDrdDP760kXKWEmPVvEWBppT2qRp5nWmGsXOeB8cvW_uVYLqONOAYFu6g8L3eRydptPJLHEfsI77xQOluyNHcly6_7Agx79gEfcnIQPdJUPMbP3y5u7R3JamAtrB2Dmxv2gNxeAtiC2SQOgjDn14EoCE_SZJatPJzJNLifJnwuZh9xXPKQP0zHhfysAE453j2ecDiAW94-urN5IFBAgEGAGSBQQIBRgEoAYugAesu4fkAqgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ2eIE0ggoCIDhgGAQARgfMgLLAjoLgECAwICAgKCogAJIvf3BOljl_NaokKiJA5oJigJodHRwczovL3d3dy5mbGludGhpbGwub3JnLz91dG1fdGVybT0mdXRtX2NhbXBhaWduPUZlZWRlcnMrJTI2K0NvbXBldGl0aW9uJnV0bV9zb3VyY2U9YWR3b3JkcyZ1dG1fbWVkaXVtPXBwYyZoc2FfYWNjPTkwMTU0MjAwODImaHNhX2NhbT0xNDg1NTg5MzQzNyZoc2FfZ3JwPTEzMDkxNjMzOTQyNyZoc2FfYWQ9NzE3NTExMTMwMzQ5JmhzYV9zcmM9ZCZoc2FfdGd0PWt3ZC0wJmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEQoLEJCYuOmRmI7NwgESAgEDuBPkA9gTDdAVAYAXAbIXHgoaCAASFHB1Yi00ODM4MjAxNjY4MTY2NzAwGAAYAboXAjgBshgJEgKLVBguIgEA0BgB&sigh=_H8fkHrO0Ks&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwDpaXnfuMXf17fLnBTeVT9itLV-jr5F2b7pYXhFrQSjL5rWM2cjJVkRqRgbs6h0FcNgA8gAI2Qh9wWlIq7l5POyHs5lsuqWvVGVa6WqD3AYAQ&template_id=484&vis=1&ebtr=1&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source, trigger=navigation-sourceReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLD
Source: global traffic	HTTP traffic detected: GET /btr/view?ai=CqVJqaNIaZ7nEKY6YjuwP6bS4mQvUyenHesDumbe0E_TCtauuARABIJKKjipgyQagAbzE-JsByAEJqAMByAPLBKoE3QFP0B3-SqaRTdrdBLznVjGlHz_36Gw8aIalPkqk-1_s_14raijXMxGAe__Zq15Di95QmiJCr7eLKdI2QgUbAU2j6FX1irGg37NowBJXUbQw4cEyhDrdDP760kXKWEmPVvEWBppT2qRp5nWmGsXOeB8cvW_uVYLqONOAYFu6g8L3eRydptPJLHEfsI77xQOluyNHcly6_7Agx79gEfcnIQPdJUPMbP3y5u7R3JamAtrB2Dmxv2gNxeAtiC2SQOgjDn14EoCE_SZJatPJzJNLifJnwuZh9xXPKQP0zHhfysAE453j2ecDiAW94-urN5IFBAgEGAGSBQQIBRgEoAYugAesu4fkAqgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ2eIE0ggoCIDhgGAQARgfMgLLAjoLgECAwICAgKCogAJIvf3BOljl_NaokKiJA5oJigJodHRwczovL3d3dy5mbGludGhpbGwub3JnLz91dG1fdGVybT0mdXRtX2NhbXBhaWduPUZlZWRlcnMrJTI2K0NvbXBldGl0aW9uJnV0bV9zb3VyY2U9YWR3b3JkcyZ1dG1fbWVkaXVtPXBwYyZoc2FfYWNjPTkwMTU0MjAwODImaHNhX2NhbT0xNDg1NTg5MzQzNyZoc2FfZ3JwPTEzMDkxNjMzOTQyNyZoc2FfYWQ9NzE3NTExMTMwMzQ5JmhzYV9zcmM9ZCZoc2FfdGd0PWt3ZC0wJmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEQoLEJCYuOmRmI7NwgESAgEDuBPkA9gTDdAVAYAXAbIXHgoaCAASFHB1Yi00ODM4MjAxNjY4MTY2NzAwGAAYAboXAjgBshgJEgKLVBguIgEA0BgB&sigh=_H8fkHrO0Ks&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwDpaXnfuMXf17fLnBTeVT9itLV-jr5F2b7pYXhFrQSjL5rWM2cjJVkRqRgbs6h0FcNgA8gAI2Qh9wWlIq7l5POyHs5lsuqWvVGVa6WqD3AYAQ&template_id=484&vis=1&ibtr=1&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source;navigation-source, triggerReferer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt
Source: global traffic	HTTP traffic detected: GET /btr/view?ai=CqVJqaNIaZ7nEKY6YjuwP6bS4mQvUyenHesDumbe0E_TCtauuARABIJKKjipgyQagAbzE-JsByAEJqAMByAPLBKoE3QFP0B3-SqaRTdrdBLznVjGlHz_36Gw8aIalPkqk-1_s_14raijXMxGAe__Zq15Di95QmiJCr7eLKdI2QgUbAU2j6FX1irGg37NowBJXUbQw4cEyhDrdDP760kXKWEmPVvEWBppT2qRp5nWmGsXOeB8cvW_uVYLqONOAYFu6g8L3eRydptPJLHEfsI77xQOluyNHcly6_7Agx79gEfcnIQPdJUPMbP3y5u7R3JamAtrB2Dmxv2gNxeAtiC2SQOgjDn14EoCE_SZJatPJzJNLifJnwuZh9xXPKQP0zHhfysAE453j2ecDiAW94-urN5IFBAgEGAGSBQQIBRgEoAYugAesu4fkAqgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ2eIE0ggoCIDhgGAQARgfMgLLAjoLgECAwICAgKCogAJIvf3BOljl_NaokKiJA5oJigJodHRwczovL3d3dy5mbGludGhpbGwub3JnLz91dG1fdGVybT0mdXRtX2NhbXBhaWduPUZlZWRlcnMrJTI2K0NvbXBldGl0aW9uJnV0bV9zb3VyY2U9YWR3b3JkcyZ1dG1fbWVkaXVtPXBwYyZoc2FfYWNjPTkwMTU0MjAwODImaHNhX2NhbT0xNDg1NTg5MzQzNyZoc2FfZ3JwPTEzMDkxNjMzOTQyNyZoc2FfYWQ9NzE3NTExMTMwMzQ5JmhzYV9zcmM9ZCZoc2FfdGd0PWt3ZC0wJmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEQoLEJCYuOmRmI7NwgESAgEDuBPkA9gTDdAVAYAXAbIXHgoaCAASFHB1Yi00ODM4MjAxNjY4MTY2NzAwGAAYAboXAjgBshgJEgKLVBguIgEA0BgB&sigh=_H8fkHrO0Ks&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwDpaXnfuMXf17fLnBTeVT9itLV-jr5F2b7pYXhFrQSjL5rWM2cjJVkRqRgbs6h0FcNgA8gAI2Qh9wWlIq7l5POyHs5lsuqWvVGVa6WqD3AYAQ&template_id=484&vis=1&ibtr=1&nis=6 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlaQwApMSXxyNMUPi7Fhdfm-qFZR7wqkk-070wyLXCeDWgODOLlrjA5wtZlnf4
Source: global traffic	HTTP traffic detected: GET /getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env HTTP/1.1Host: ep1.adtrafficquality.googleConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.queleas.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.queleas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env HTTP/1.1Host: ep1.adtrafficquality.googleConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sodar/sodar2/232/runner.html HTTP/1.1Host: ep2.adtrafficquality.googleConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.queleas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/aframe HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.queleas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sodar/sodar2.js HTTP/1.1Host: ep2.adtrafficquality.googleConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241023&jk=1508802080077114&bg=!v7ylvPPNAAbl67hexes7ADQBe5WfOO6xBJygRfcp5EogwSSr4CGxcn6BdaTnza087609J7eMuJOFNaBkADESgag5eOJvAgAAALBSAAAABGgBB34ANgRXjvh94iQ9F2CzS8Y1rOV1ldf-wyu0SjnqE3LAk3-EyIU3ZhF62o0jTHetPA9eE16CtBqdAZkCkNpVFXf_klIbvKLtFgTIepLbLDTpF7PEeRA_ayl8jBMdwB1N0VqGkkWKRu0LOhxTaEqybftXo8n8viqArcMLleZpz6r0mF1SP1briJNVE64dzmp6Bteauxl_iAAUdDrx7FaNmw32fH7XqSFHKiedN0-9Hug_iJvMUAc7aqLOiz2bw_zhL0_nSQc-_uQrDrkwvT1p16uUFu0qUfmOqeFSj2b4vqjgAZN0WoRTSaXp4SvOkFhleGiXlf-hdovubBnvcc3hmCE4CG7E-c42EX0_tti7LMgJ4YzDeokcLSermNIbRRGHsydKn_eCbwc5tmIn0dlP0Pu4UKOyoPy8X7wXtgakhqbNGcbYg9RMU5i_OvvYtlFxy7Zj5SQPlb7oUDKZlhEwE2nC9tVoBhf5ufrlr6WAVcDD8ILatdceu8HbhZNiq5Cg1AwnY3oNd5ncoGItzsvxBkvuSbX0cKkz9jNVe-uZt3Tih9f-7JyAE2UFxJlJOUp-NL0KSak1MK2PZNnm2OQ1GB2VYDUR6zeeOkG1GKP4DLxp1CjE0dV94m4tFvhYWYjfKr8LRvBPQsAFik_iwQJ6p93Ry7eINr6-1bq4iulNli9KbeeU1uXfDkVfelMK5lZ1Qe9awA-4XN-Aty9ctkS7fqSXjQf5nQ34_sY0_Lgjk3Xio0KYrKcYKe_UKW_5_x3n-n1k5lwF2cu9cHGD5GFXvDkT_ZlTpSeDNq28TYHMnxW6z32aIkbMwPhH0kD81eLp0FEUZ62uCCohtYw5wdhVMgUF3APATmeHa2Sj4fQztS9B5bWkBrv4JwsI2eoqYNLd1dbPTcwpiZQyuCKSye0UOq5Tne5bhHj8kGtAczZL4CBg822SralJeJmG_V51 HTTP/1.1Host: ep1.adtrafficquality.googleConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.queleas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8T5NVdSvpx9lzXd&MD=SA+xU976 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: chromecache_180.2.dr, chromecache_181.2.dr	String found in binary or memory: src: '//www.youtube.com/embed/%id%?autoplay=1' equals www.youtube.com (Youtube)
Source: chromecache_148.2.dr	String found in binary or memory: Facebook Page <a href="https://www.facebook.com/queleasgames/" target="_blank">Facebook</a><br /> equals www.facebook.com (Facebook)
Source: chromecache_148.2.dr	String found in binary or memory: Youtube <a href="https://www.youtube.com/channel/UCFqqEfR1DA2JZneFYrIa2Zg" target="_blank">Youtube</a><br /> equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.queleas.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: ep1.adtrafficquality.google
Source: global traffic	DNS traffic detected: DNS query: ep2.adtrafficquality.google

Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12282#comment:15
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_173.2.dr	String found in binary or memory: http://creativecommons.org/licenses/by/3.0/
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_180.2.dr, chromecache_181.2.dr	String found in binary or memory: http://dimsemenov.com/plugins/magnific-popup/
Source: chromecache_180.2.dr, chromecache_181.2.dr	String found in binary or memory: http://dimsemenov.com/plugins/magnific-popup/documentation.html#options
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_177.2.dr, chromecache_168.2.dr	String found in binary or memory: http://flipgallery.net/fliplightbox.html
Source: chromecache_177.2.dr, chromecache_168.2.dr	String found in binary or memory: http://flipgallery.net/fliplightbox.html#download
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_148.2.dr	String found in binary or memory: http://fonts.googleapis.com/css?family=Open
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: http://google.com
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: http://googleads.g.doubleclick.net
Source: chromecache_188.2.dr, chromecache_130.2.dr, chromecache_208.2.dr, chromecache_186.2.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_(NS_ERROR_NOT_A
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://json.org/json2.js
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: http://mathiasbynens.be/
Source: chromecache_148.2.dr	String found in binary or memory: http://mixitup.io
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: http://pagead2.googlesyndication.com
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_180.2.dr, chromecache_181.2.dr	String found in binary or memory: http://stackoverflow.com/questions/7264899/detect-css-transitions-using-javascript-and-without-moder
Source: chromecache_173.2.dr	String found in binary or memory: http://w3layouts.com
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_145.2.dr, chromecache_199.2.dr	String found in binary or memory: http://www.mixitup.io
Source: chromecache_196.2.dr, chromecache_139.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_212.2.dr, chromecache_155.2.dr	String found in binary or memory: https://adsense.com.
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://cdn.ampproject.org/amp4ads-host-v0.js
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://cdn.ampproject.org/rtv/$
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://cse.google.com/cse.js
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: chromecache_180.2.dr, chromecache_181.2.dr	String found in binary or memory: https://developers.google.com/mobile/articles/fast_buttons
Source: chromecache_147.2.dr, chromecache_146.2.dr, chromecache_176.2.dr	String found in binary or memory: https://ep1.adtrafficquality.google/bg/
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://ep1.adtrafficquality.google/getconfig/sodar
Source: chromecache_146.2.dr	String found in binary or memory: https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=231
Source: chromecache_147.2.dr, chromecache_176.2.dr	String found in binary or memory: https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=232
Source: chromecache_146.2.dr	String found in binary or memory: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=231
Source: chromecache_147.2.dr, chromecache_176.2.dr	String found in binary or memory: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232
Source: chromecache_176.2.dr	String found in binary or memory: https://ep2.adtrafficquality.google
Source: chromecache_147.2.dr, chromecache_176.2.dr	String found in binary or memory: https://ep2.adtrafficquality.google/sodar/
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://ep2.adtrafficquality.google/sodar/$
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://ep3.adtrafficquality.google/ivt/worklet/caw.js
Source: chromecache_131.2.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Google
Source: chromecache_131.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Google
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_160.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://fundingchoicesmessages.google.com/i/$
Source: chromecache_180.2.dr, chromecache_181.2.dr	String found in binary or memory: https://github.com/dimsemenov/Magnific-Popup/issues/2
Source: chromecache_180.2.dr, chromecache_181.2.dr	String found in binary or memory: https://github.com/ftlabs/fastclick
Source: chromecache_157.2.dr, chromecache_183.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/html/$
Source: chromecache_148.2.dr	String found in binary or memory: https://itunes.apple.com/us/app/preschool-games-for-kids/id996232516?mt=8
Source: chromecache_131.2.dr, chromecache_193.2.dr, chromecache_136.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_147.2.dr, chromecache_146.2.dr, chromecache_176.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/bg/
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/getconfig/sodar
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=error&bin=
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=error&name=invalid_geo&context=10
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fetch&later&lidartos
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fetch&later&start&control&fle=1&s
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-fallback2
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-later2
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-pagehide2
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=
Source: chromecache_165.2.dr, chromecache_194.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=fccs&
Source: chromecache_212.2.dr, chromecache_155.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics
Source: chromecache_146.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=231
Source: chromecache_147.2.dr, chromecache_176.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=232
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/html/$
Source: chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/$
Source: chromecache_148.2.dr, chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=$
Source: chromecache_212.2.dr, chromecache_135.2.dr, chromecache_155.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/err_rep.js
Source: chromecache_212.2.dr, chromecache_135.2.dr, chromecache_155.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/logging_library.js
Source: chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/$
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/ping
Source: chromecache_131.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/ping?e=1
Source: chromecache_162.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/sodar?
Source: chromecache_146.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=231
Source: chromecache_147.2.dr, chromecache_176.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232
Source: chromecache_148.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.queleas.oneohonepuzzles
Source: chromecache_148.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.queleas.preschoolgamesforkids&referrer=utm_source%
Source: chromecache_148.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.queleas.puzzlegamesforkids
Source: chromecache_148.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.queleas.wheelspuzzlesforkids
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://securepubads.g.doubleclick.net/pagead/js/car.js
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://securepubads.g.doubleclick.net/pagead/js/cocar.js
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Source: chromecache_176.2.dr	String found in binary or memory: https://tpc.googlesyndication.com
Source: chromecache_147.2.dr, chromecache_176.2.dr	String found in binary or memory: https://tpc.googlesyndication.com/sodar/
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://tpc.googlesyndication.com/sodar/$
Source: chromecache_148.2.dr	String found in binary or memory: https://twitter.com/queleasgames
Source: chromecache_176.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_212.2.dr, chromecache_155.2.dr	String found in binary or memory: https://www.google.com/adsense
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://www.google.com/adsense/search/async-ads.js
Source: chromecache_147.2.dr, chromecache_146.2.dr, chromecache_135.2.dr, chromecache_176.2.dr, chromecache_131.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/aframe
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://www.google.com/s2/favicons?sz=64&domain_url=
Source: chromecache_126.2.dr, chromecache_192.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/managed/js/activeview/
Source: chromecache_131.2.dr	String found in binary or memory: https://www.gstatic.com
Source: chromecache_135.2.dr, chromecache_131.2.dr	String found in binary or memory: https://www.gstatic.com/prose/protected/$
Source: chromecache_148.2.dr	String found in binary or memory: https://www.instagram.com/queleasgames/
Source: chromecache_148.2.dr	String found in binary or memory: https://www.youtube.com/channel/UCFqqEfR1DA2JZneFYrIa2Zg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.8:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.8:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:49830 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@20/144@26/12

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1780,i,7870229911543219832,10178106981525847804,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.queleas.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1780,i,7870229911543219832,10178106981525847804,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
http://jquery.org/license	0%	URL Reputation	safe
http://sizzlejs.com/	0%	URL Reputation	safe
https://ep2.adtrafficquality.google	0%	URL Reputation	safe
http://google.com	100%	URL Reputation	malware
http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript	0%	URL Reputation	safe
https://bugs.webkit.org/show_bug.cgi?id=29084	0%	URL Reputation	safe
http://www.opensource.org/licenses/mit-license.php	0%	URL Reputation	safe
https://fundingchoicesmessages.google.com/i/$	0%	URL Reputation	safe
https://cdn.ampproject.org/amp4ads-host-v0.js	0%	URL Reputation	safe
https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=231	0%	URL Reputation	safe
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232	0%	URL Reputation	safe
https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=232	0%	URL Reputation	safe
http://dimsemenov.com/plugins/magnific-popup/	0%	URL Reputation	safe
https://cse.google.com/cse.js	0%	URL Reputation	safe
https://cdn.ampproject.org/rtv/$	0%	URL Reputation	safe
http://mathiasbynens.be/	0%	URL Reputation	safe
http://gsgd.co.uk/sandbox/jquery/easing/	0%	URL Reputation	safe
https://developer.mozilla.org/en-US/docs/CSS/display	0%	URL Reputation	safe
http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291	0%	URL Reputation	safe
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=231	0%	URL Reputation	safe
http://javascript.nwbox.com/IEContentLoaded/	0%	URL Reputation	safe
http://jquery.com/	0%	URL Reputation	safe
https://adsense.com.	0%	URL Reputation	safe
https://ep2.adtrafficquality.google/sodar/$	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
googleads.g.doubleclick.net	172.217.16.194	true	false	unknown
ep1.adtrafficquality.google	172.217.16.130	true	false	unknown
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true	false	unknown
www.google.com	142.250.74.196	true	false	unknown
ep2.adtrafficquality.google	142.250.185.225	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
www.queleas.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://ep2.adtrafficquality.google/sodar/sodar2.js	false	unknown
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1729811047&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.queleas.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811043036&bpp=10&bdt=5571&idt=4260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1074x280&nras=1&correlator=8300578125854&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4275	false	unknown
https://www.google.com/recaptcha/api2/aframe	false	unknown
https://www.queleas.com/	false	unknown
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html	false	unknown
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env	false	unknown
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4306	false	unknown
https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.instagram.com/queleasgames/	chromecache_148.2.dr	false		unknown
http://mixitup.io	chromecache_148.2.dr	false		unknown
http://jquery.org/license	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
http://sizzlejs.com/	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
http://flipgallery.net/fliplightbox.html	chromecache_177.2.dr, chromecache_168.2.dr	false		unknown
https://ep2.adtrafficquality.google	chromecache_176.2.dr	false	URL Reputation: safe	unknown
https://play.google.com/store/apps/details?id=com.queleas.puzzlegamesforkids	chromecache_148.2.dr	false		unknown
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
http://google.com	chromecache_135.2.dr, chromecache_131.2.dr	true	URL Reputation: malware	unknown
http://jsperf.com/getall-vs-sizzle/2	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
http://creativecommons.org/licenses/by/3.0/	chromecache_173.2.dr	false		unknown
https://bugs.webkit.org/show_bug.cgi?id=29084	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
http://blindsignals.com/index.php/2009/07/jquery-delay/	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
http://bugs.jquery.com/ticket/12282#comment:15	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
https://www.google.com	chromecache_176.2.dr	false		unknown
http://dev.w3.org/csswg/cssom/#resolved-values	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
http://www.opensource.org/licenses/mit-license.php	chromecache_196.2.dr, chromecache_139.2.dr	false	URL Reputation: safe	unknown
https://www.youtube.com/channel/UCFqqEfR1DA2JZneFYrIa2Zg	chromecache_148.2.dr	false		unknown
https://www.google.com/s2/favicons?sz=64&domain_url=	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
https://fundingchoicesmessages.google.com/i/$	chromecache_135.2.dr, chromecache_131.2.dr	false	URL Reputation: safe	unknown
https://ep1.adtrafficquality.google/bg/	chromecache_147.2.dr, chromecache_146.2.dr, chromecache_176.2.dr	false		unknown
https://cdn.ampproject.org/amp4ads-host-v0.js	chromecache_135.2.dr, chromecache_131.2.dr	false	URL Reputation: safe	unknown
http://w3layouts.com	chromecache_173.2.dr	false		unknown
https://github.com/jquery/jquery/pull/764	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
https://googleads.g.doubleclick.net/pagead/html/$	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
https://www.google.com/adsense	chromecache_212.2.dr, chromecache_155.2.dr	false		unknown
http://www.apache.org/licenses/LICENSE-2.0	chromecache_126.2.dr, chromecache_192.2.dr	false		unknown
https://ep2.adtrafficquality.google/sodar/	chromecache_147.2.dr, chromecache_176.2.dr	false		unknown
https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=231	chromecache_146.2.dr	false	URL Reputation: safe	unknown
http://bugs.jquery.com/ticket/12359	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232	chromecache_147.2.dr, chromecache_176.2.dr	false	URL Reputation: safe	unknown
https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=232	chromecache_147.2.dr, chromecache_176.2.dr	false	URL Reputation: safe	unknown
http://json.org/json2.js	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=649285	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
http://dimsemenov.com/plugins/magnific-popup/	chromecache_180.2.dr, chromecache_181.2.dr	false	URL Reputation: safe	unknown
https://cse.google.com/cse.js	chromecache_135.2.dr, chromecache_131.2.dr	false	URL Reputation: safe	unknown
https://play.google.com/store/apps/details?id=com.queleas.preschoolgamesforkids&referrer=utm_source%	chromecache_148.2.dr	false		unknown
https://googleads.g.doubleclick.net	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
https://cdn.ampproject.org/rtv/$	chromecache_135.2.dr, chromecache_131.2.dr	false	URL Reputation: safe	unknown
https://ep3.adtrafficquality.google/ivt/worklet/caw.js	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
http://flipgallery.net/fliplightbox.html#download	chromecache_177.2.dr, chromecache_168.2.dr	false		unknown
https://securepubads.g.doubleclick.net/pagead/js/cocar.js	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
http://dimsemenov.com/plugins/magnific-popup/documentation.html#options	chromecache_180.2.dr, chromecache_181.2.dr	false		unknown
http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
http://www.mixitup.io	chromecache_145.2.dr, chromecache_199.2.dr	false		unknown
https://securepubads.g.doubleclick.net/pagead/js/car.js	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
http://stackoverflow.com/questions/7264899/detect-css-transitions-using-javascript-and-without-moder	chromecache_180.2.dr, chromecache_181.2.dr	false		unknown
http://mathiasbynens.be/	chromecache_135.2.dr, chromecache_131.2.dr	false	URL Reputation: safe	unknown
http://gsgd.co.uk/sandbox/jquery/easing/	chromecache_188.2.dr, chromecache_130.2.dr, chromecache_208.2.dr, chromecache_186.2.dr	false	URL Reputation: safe	unknown
https://developer.mozilla.org/en-US/docs/CSS/display	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
https://www.google.com/adsense/search/async-ads.js	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
https://ep1.adtrafficquality.google/getconfig/sodar	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
https://developers.google.com/mobile/articles/fast_buttons	chromecache_180.2.dr, chromecache_181.2.dr	false		unknown
https://play.google.com/store/apps/details?id=com.queleas.oneohonepuzzles	chromecache_148.2.dr	false		unknown
https://developer.mozilla.org/en/Security/CSP)	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
https://play.google.com/store/apps/details?id=com.queleas.wheelspuzzlesforkids	chromecache_148.2.dr	false		unknown
https://github.com/dimsemenov/Magnific-Popup/issues/2	chromecache_180.2.dr, chromecache_181.2.dr	false		unknown
https://twitter.com/queleasgames	chromecache_148.2.dr	false		unknown
http://googleads.g.doubleclick.net	chromecache_135.2.dr, chromecache_131.2.dr	false		unknown
http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_(NS_ERROR_NOT_A	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=491668	chromecache_157.2.dr, chromecache_183.2.dr	false		unknown
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=231	chromecache_146.2.dr	false	URL Reputation: safe	unknown
https://github.com/ftlabs/fastclick	chromecache_180.2.dr, chromecache_181.2.dr	false		unknown
http://javascript.nwbox.com/IEContentLoaded/	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
http://jquery.com/	chromecache_157.2.dr, chromecache_183.2.dr	false	URL Reputation: safe	unknown
https://adsense.com.	chromecache_212.2.dr, chromecache_155.2.dr	false	URL Reputation: safe	unknown
https://ep2.adtrafficquality.google/sodar/$	chromecache_135.2.dr, chromecache_131.2.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
216.58.206.34	unknown	United States	15169	GOOGLEUS	false
142.250.185.162	unknown	United States	15169	GOOGLEUS	false
142.250.184.225	unknown	United States	15169	GOOGLEUS	false
142.250.184.226	unknown	United States	15169	GOOGLEUS	false
142.250.74.196	www.google.com	United States	15169	GOOGLEUS	false
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
142.250.186.129	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.16.194	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
172.217.16.130	ep1.adtrafficquality.google	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.8
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1541646
Start date and time:	2024-10-25 01:02:48 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 54s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://www.queleas.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@20/144@26/12
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.18.3, 64.233.167.84, 142.250.185.142, 34.104.35.123, 23.101.118.145, 142.250.185.194, 142.250.185.74, 172.217.18.106, 142.250.184.202, 142.250.186.170, 142.250.181.234, 142.250.186.138, 172.217.16.138, 172.217.18.10, 142.250.186.74, 216.58.206.74, 172.217.16.202, 142.250.186.106, 142.250.186.42, 142.250.185.138, 142.250.184.234, 142.250.185.106, 93.184.221.240, 192.229.221.95, 52.165.164.15, 142.250.181.225, 216.58.206.66, 142.250.74.195, 142.250.186.67, 142.250.186.130, 142.250.185.225, 142.250.185.163, 142.250.181.226, 13.85.23.206, 142.250.186.99
Excluded domains from analysis (whitelisted): www.googleadservices.com, slscr.update.microsoft.com, waws-prod-dm1-003.centralus.cloudapp.azure.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, update.googleapis.com, www.gstatic.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, otelrules.azureedge.net, ctldl.windowsupdate.com, pagead2.googlesyndication.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, tpc.googlesyndication.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://www.queleas.com/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:03:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.978021643964969
Encrypted:	false
SSDEEP:	48:8NK0dXQT30ubgHvidAKZdA1oehwiZUklqehZy+3:8A7P96y
MD5:	387E572261CECCB4C39B84A06A095A17
SHA1:	67590050AF03B05DC3101BD53F974FC906D96384
SHA-256:	5211107C83F87D51B6CAAEC0721E6ED078F83A8567E3282ADF0D30E387A94017
SHA-512:	AE161A8BAFDE87AD23BF08D622335F69EE5AAFF4E756F1B0413F5FF42ECF3BDA520A83715B1D352CABE312FA8227A68763F7E56C1E18CC12AD82A2376F2C5F25
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....g..i&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IXYz.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY\|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.E@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:03:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9964766196167445
Encrypted:	false
SSDEEP:	48:8UOK0dXQT30ubgHvidAKZdA1leh/iZUkAQkqehqy+2:8A7PX9Qry
MD5:	71154D54148945471F8BA4D1EE5232A6
SHA1:	57B22200727300BE8CFABBA1DC86EED32E4307A3
SHA-256:	8BB4E1890202D599DB534FF57D3AADBAE29ED153768A2EA368A7929F6B4DBE15
SHA-512:	DEB0525EA072DB299FA790B36AA86C977D956E5690D94FCFA13D413A43A0E93CA399E45F5488A7425B7257AB8AB13ACB971191B4863B122CC56933DE860AB24C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,........i&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IXYz.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY\|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.E@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.0096050089049555
Encrypted:	false
SSDEEP:	48:8WK0dXQT30ubbHvidAKZdA14t5eh7sFiZUkmgqeh7s8y+BX:8p7PGney
MD5:	7CF09567598EC2E29E9B65C5BC883D5F
SHA1:	80F981CD2234C547EEF94CC7DBF1FC8615F7BB6F
SHA-256:	C935FE594176DA23D34BC1DF7FD42489986E69F15268C19A820B21B3A472EEA9
SHA-512:	01B64A48021F7E79294A247CE83CDA71EAF64E5851378158617E6412FA6CCA5488641EC145AF1283543EA5EF3F195FDD5FA2AB521B5EA97056542971D2435B86
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....C..b...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IXYz.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VEW.@...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.E@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:03:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9949424305346333
Encrypted:	false
SSDEEP:	48:8hK0dXQT30ubgHvidAKZdA16ehDiZUkwqehmy+R:8c7PkEy
MD5:	6B284E63DD5DA49F7D74423A0BCB317B
SHA1:	DF0133CCC7685213A378A4B7474983E3B7D36865
SHA-256:	075269A2DBAB031A4C9FCF909ECC8F3773634A82A7893BB8FFB478A730A7DE6E
SHA-512:	571240B731B6E6CEE74BE09FA508EEC207312C9E68192AC9444D70E07F14FC484A66C47C2CF0FD953FDA72BA3E622B59B8460014CC5FB42B4F95DB63D90B7768
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......i&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IXYz.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY\|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.E@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:03:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.982012066252652
Encrypted:	false
SSDEEP:	48:8rK0dXQT30ubgHvidAKZdA1UehBiZUk1W1qehwy+C:8G7Pk9Qy
MD5:	010E1ADF33F02DE8D84A420243FE2D87
SHA1:	338DD0EC236D0A4E869959E630E06A02678C2262
SHA-256:	FD17E45C427723FFED9A609F954D5E608F3D21D08214B58C44A54BBAE14A68CD
SHA-512:	31EB418E3BB33526F2E31DC076AED7FA73597C3F1805086DC5C314A63F09215808E0403ACBEBB5213D3F57CA4E8C7C0EABF468AAB82FF3132212485BBE0668C8
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....A..i&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IXYz.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY\|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.E@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:03:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.991610558591675
Encrypted:	false
SSDEEP:	48:83K0dXQT30ubgHvidAKZdA1duTrehOuTbbiZUk5OjqehOuTbey+yT+:867PRTYTbxWOvTbey7T
MD5:	FDEE6DCBDAF9FA4CE048F87D54BD4AC3
SHA1:	36BBC050B2CF414A889E5BEF46BDD1EDCAF0FDD0
SHA-256:	D362FB60707D61FF3B94D30ADD981EC33B1744EB590BA55E3D54C4C6212E1FD4
SHA-512:	9765451B47338D8433C8770BD69F805B5BA99A541F6D8D79FE3BA1D91758AA611E65B6C57105C6C877BA1281BC4FB4BB81874D553BE5A1D2AAEA44A7F50A38F0
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....i..i&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IXYz.....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY\|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.E@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3518)
Category:	dropped
Size (bytes):	211858
Entropy (8bit):	5.43477116754567
Encrypted:	false
SSDEEP:	3072:sB+DSmU5OQocOIyGrzrEriruS4EcCYmnzLr6jD4xkRPMU8tGKKbD:sB+DSmNoPyi6jhCY0L4D4xkRH8tGKKf
MD5:	6AF94BBDA7ECB8B8CAA407C9D6F15B76
SHA1:	0D8E5EC9ED1F72269127125822AC2F967457A17F
SHA-256:	24DCCD731E4B42B3C3E43CB9AC9205879143EBB4DE7658AB9222DD3B0458B086
SHA-512:	68A5D0157FBAFB8F1F272E358A9C82611F38A0EABE205C179F14DC5248016B56958827FEEC5C7BCFCE04939902C9A953DFE109081C091710F9B47E8246F48E6B
Malicious:	false
Reputation:	low
Preview:	(function(){var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");},p=ca(this),.u=function(a,b){if(b)a:{var c=p;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}};.u("Symbol",function(a){if(a)return a;var b=function(f,g){this.rg=f;ba(this,"description",{configurable:!0,writable:!0,value:g})};b.prototype.toString=function(){return this.rg};var c="jscomp_symbol_"+(Math.random()*1E9>>>0)+"_",d=0,e=function(f){if(this instanceof e)t

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	52180
Entropy (8bit):	7.992518414862952
Encrypted:	true
SSDEEP:	1536:lDgfMr2tNprsE42Z/WNiKTD4KrieA3Mq6i18:Sf0CprsE42Z/0dT3H0Mq69
MD5:	E721BD5CD8E3DE6204EC963F4C80B384
SHA1:	BE43046EB3E0AF0821AD2ABCB2D60CE37E0B3F63
SHA-256:	22D4C31A950F939F882E7DA9F894F70DE0F4B30DAF998E4C5DB8890142739A71
SHA-512:	CEC539BE791B6DA6E5EC20783AA5AE4C15F268E93382BCE6250DE72AA8D2D75B07F21CB96246E5018841FC3496FA3EC1CD9B4B6712928061A7BAA58C0882F0BC
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/oneohonepuzzles.png
Preview:	.PNG........IHDR...............Z=....pHYs................ cHRM..z%..............u0...`..:....o._.F...ZIDATx..w..Wu...o..;wO...Q....B.........8..9.u.]{.....b.&....B9O...s....t...59...>.S...t.U....s....=BJ.-...MY....`.@_..[.../.-....l..l....`.....[..[...-.-.}..l....`.....[..[...-.-.}..l....`..`.@_..[.../.-....l..l....`.@_..[.../.-....[p.T?..?.y4%.BA..._C\.U"Q.E......+'^CJO5...2.R.`.1.\|B....5!..z.\|.1...x.......N..R:._Y....f....J1.H\|\......D......t-.+.!}........e.....7..Pj .@C..qm....@.....E0....-......B(.T.j.2.G..5..X...%\|....>...X.`...s.t.k.....s..00..,.}..."@;........N..DL..<._..\.8....?.......U.f.`?.........._.....`.&...6...E.;..z.!......\.(.S...c.0..,\|..@..[...&`6.k....sX.GK.3\|.p...SM..$.o../...`.....x...X.+...._.\|.....O...........W.-.n....B@...........g...~....Y..[..K..P......(..w7=......4.3.C......}...........l.T.......:!4C.*..p...Un-..4...o......n..._t.4=Q.....`+..MG.{].I.WQ.n../m.........PT.a..#O..5..j>~....E..@c..\..Y...@....5.m..@

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3
Category:	downloaded
Size (bytes):	17667
Entropy (8bit):	7.958162290496663
Encrypted:	false
SSDEEP:	384:y9OJol/7Nz6/hPr4jcMienWVO55lFgylymPgCuh:9YNkt4jc2WAlKSPgX
MD5:	576530F8EC73A52DE822D30C5B852E78
SHA1:	4BF7F89729E4C0A64D8310A8349A5A321714FE31
SHA-256:	D816DE6187E8228B471D5CE6ACFA8D8E5518AA8966F3B74AF708DF2063E08350
SHA-512:	76C5031B80C3D65294165BDEFFF6B3D8CF0AE6BFB03ABF41ECB57ACA377F6CCB6D22AC1D97F0C33AEDC2B78EAD79AB35E8CCEBBB45983CF06FBFE72015E98F7A
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/posts/Free_Online_Games.jpg
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c007 1.144109, 2011/09/20-18:09:10 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:B4C4659E9BC311E5A675FB14A718D606" xmpMM:InstanceID="xmp.iid:B4C4659D9BC311E5A675FB14A718D606" xmp:CreatorTool="Adobe Photoshop CS6 Windows"> <xmpMM:DerivedFrom stRef:instanceID="8CABE2E150C5A8F8EC29A554A7BEEF7D" stRef:documentID="8CABE2E150C5A8F8EC29A554A7BEEF7D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................................,

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2014:01:16 10:49:54], baseline, precision 8, 20x17, components 3
Category:	dropped
Size (bytes):	23801
Entropy (8bit):	5.809151015614444
Encrypted:	false
SSDEEP:	384:ab6nIPNJAQyppVT9yfFxQljfWaJc0hnm6GiXXestNCSUzSeof0UQ1d6G8hhPJj6o:a2IPBdS9Om19BpHbXxC9SVwAv3RGGEqN
MD5:	DBB5EEA08785B216820BD1AB9452F005
SHA1:	8414582EE1B8574A01D7B63479C7616A023D73F1
SHA-256:	6CEB24E4C2B18D17EC612D0254D8C72906D981799E799048F83CAB3A36FF6A70
SHA-512:	FD867FB5AF66F43E102F8553E055051D46466D1A9BACBAE961CD23E0DA5E7D3C8D4697B3763E91F9120FC7C0D0C03E2810B5C6DC13A8DDA485FF7FB8B5DE0255
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop CS3 Windows.2014:01:16 10:49:54....................................................................................&.(.........................................H.......H..........JFIF.....H.H......Adobe_CM......Adobe.d......................................................................................................................................................"................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..f.:...#V.....i....#!6..#.'.......s....KH...D..{.{.........d.$.24y/..........R.....>...........q.."I.O.b>......z{?...

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (3601)
Category:	dropped
Size (bytes):	5564
Entropy (8bit):	5.551910906243356
Encrypted:	false
SSDEEP:	96:uBm7MaOr8uroJzDV6u3R3zd4j6zp4tSZCHjuwE9nCDTVpWZ:pQaOr8ur83V33R3hq6+uwLvo
MD5:	9CDA9E740BBF260A190F4041132B5105
SHA1:	603599B494C5F0C9ED5D11CCEA03CA6517DA46DC
SHA-256:	ECFC183E33D25D24AA7C06218E0A413488FFF8774E4B4B87543C766DB9B0B8BA
SHA-512:	EB05AE2C63BA13A30C3B4E5D99507FCD70915B2DB611E8005135EAD278F43D6AC09F92DDDC1C50051B3FD01CA2A0708D075D98C9510AB934944B97A543390326
Malicious:	false
Reputation:	low
Preview:	/. jQuery Easing v1.3 - http://gsgd.co.uk/sandbox/jquery/easing/. . Uses the built in easing capabilities added In jQuery 1.1. * to offer multiple easing options. . TERMS OF USE - EASING EQUATIONS. * . * Open source under the BSD License. . * . * Copyright .... 2001 Robert Penner. * All rights reserved.. . TERMS OF USE - jQuery Easing. * . * Open source under the BSD License. . * . * Copyright .... 2008 George McGinley Smith. * All rights reserved.. . Redistribution and use in source and binary forms, with or without modification, . * are permitted provided that the following conditions are met:. * . * Redistributions of source code must retain the above copyright notice, this list of . * conditions and the following disclaimer.. * Redistributions in binary form must reproduce the above copyright notice, this list . * of conditions and the following disclaimer in the documentation and/or other materials . * provided with the distribution.. * . * Neither the nam

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2093)
Category:	downloaded
Size (bytes):	445152
Entropy (8bit):	5.5762134330567665
Encrypted:	false
SSDEEP:	12288:lrLbjvudFZTeHPOv7meLFeCt6lg7Db2oUGsAfTAqsoedKUF3+rWP0sCeUgMujrsY:lrLbjvudFZTeHPOv7meLFeU6lg7Db2o8
MD5:	D610BEFBA2468F5AF0B5FC9E876E7564
SHA1:	6AADA29A50E5D9638E367165CF0E7EB3A5DA9914
SHA-256:	41237965C1A879DFAB9D378F573A0EA1BC6B1316FA0B3BB0739352194643C2AF
SHA-512:	10FFD73543C5C229D4AA6CA0FC8FD87F828BA0E87EBECBB39F35A15AEFE3184402059B0082B38AD513671D2B83985163FC779675B0CD1C63BD9BEFAEE6D27840
Malicious:	false
Reputation:	low
URL:	https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410230101/show_ads_impl_fy2021.js?bust=31088398
Preview:	(function(sttc){'use strict';var q,aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} .var ca=ba(this),da=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",ea={},fa={};function ia(a,b,c){if(!c\|\|a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} .function ja(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in ea?f=ea:f=ca;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=da&&c==="es6"?f[d]:null;b=b(c);b!=null&&(a?aa(ea,d,{configurable:!0,writable:!0,value:b}):b!==c&&(fa[d]===void 0&&(a=Math.random()*1E9>>>0,fa[d]=da?ca.Symbol(d):"$jscp$"+a+"

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=266, bps=182, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x240, components 3
Category:	downloaded
Size (bytes):	33916
Entropy (8bit):	7.762833552259218
Encrypted:	false
SSDEEP:	384:pywfDIak+m77O0nn1w8l6cgm/o40lMxRT7V7kM506aeUNW9jrDuAMQOCdo7oyVw8:1ITp7jRSTZlMxFVT5/tSUOCdG9Ar1g
MD5:	5C38FDB675B57E1472F457327F6F4226
SHA1:	8CEFA43C21988773139DE6A6D6561F25B2002E7D
SHA-256:	372B7950517AC19B070D7FF748BEC1E528C8B884FE851459E1BE09D59396131F
SHA-512:	C524C7222EAB62BE5B23DD5FCF9BE2EA281DD4BD7BAA2E26B742F2F2122B48645B1025466B5BBA0D18C7BE0B41480F8596C9E70E359F9F9A80DB4DB52D9610ED
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/posts/Early_Chilhood_Montessori_Education.jpg
Preview:	......Exif..II*...............,.......................................................................................(...........1...H.......2...........;.......(...........:...i.......L..................'.......'..Adobe Photoshop CS6 (13.020111012.m.258 2011/10/12:21:00:00) (Windows).2017:03:01 11:48:36.Sergey Kolesnikov.Sergey Kolesnikov...........0221....................,...........................................................(.......................................H.......H.............Adobe_CM......Adobe.d......................................................................................................................................................"................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWg

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2200)
Category:	downloaded
Size (bytes):	23678
Entropy (8bit):	5.499582071929141
Encrypted:	false
SSDEEP:	384:PqTcq08AdYSAIdImk7eDivZSPoa5LjcOuq37BroWaIOXXhwpuy4yDCWyj/1gVfj5:Pqr0VdYSAr7ecMPoaNQOHdUWaIOX277t
MD5:	4002AFA3CEF491481AB135657FE8712E
SHA1:	0C27BD429BB943377978552E0FB608BA3EBB2052
SHA-256:	187849C92554869BACCF286F9A45661D5217DE42ECE9328BE7B8FD1A19C5340C
SHA-512:	477B9B69608CB15A5D90AE48BC3C261F79CE670B88C5547A8786A0CA7C2C3151B3BA0A8C6B25D1B2A761A92EA9FBDA44E8D11854A9FC295C7C922E43AB688C1E
Malicious:	false
Reputation:	low
URL:	https://tpc.googlesyndication.com/pagead/js/r20241023/r20110914/abg_lite_fy2021.js
Preview:	(function(){'use strict';/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var m=this\|\|self;function aa(a){m.setTimeout(()=>{throw a;},0)};var ba,n;a:{for(var ca=["CLOSURE_FLAGS"],p=m,da=0;da<ca.length;da++)if(p=p[ca[da]],p==null){n=null;break a}n=p}var fa=n&&n[610401301];ba=fa!=null?fa:!1;var q;const ha=m.navigator;q=ha?ha.userAgentData\|\|null:null;function ia(a){return ba?q?q.brands.some(({brand:b})=>b&&b.indexOf(a)!=-1):!1:!1}function t(a){var b;a:{if(b=m.navigator)if(b=b.userAgent)break a;b=""}return b.indexOf(a)!=-1};function u(){return ba?!!q&&q.brands.length>0:!1}function ja(){return u()?ia("Chromium"):(t("Chrome")\|\|t("CriOS"))&&!(u()?0:t("Edge"))\|\|t("Silk")};function ka(a){ka[" "](a);return a}ka[" "]=function(){};!t("Android")\|\|ja();ja();t("Safari")&&(ja()\|\|(u()?0:t("Coast"))\|\|(u()?0:t("Opera"))\|\|(u()?0:t("Edge"))\|\|(u()?ia("Microsoft Edge"):t("Edg/"))\|\|u()&&ia("Opera"));let la;function ma(){const a=Error();a.__closure__error__context__98438

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 847x565, components 3
Category:	dropped
Size (bytes):	64613
Entropy (8bit):	7.962540163720518
Encrypted:	false
SSDEEP:	1536:LpiiVrJ6Iv2B9RkfZeuZ+7e/E3zBtWTNusHP+7ZTfr:F3Vh2B9qJZ+Z9ttsm75
MD5:	588ED959C79A4AB5A07A9845C92DD9C9
SHA1:	8A2E25B5128355266BA73898074E89AB9B8F4E35
SHA-256:	02829A41515D7F15D0D239AFAA79EFC6E1CDF348F44DC3BF79146E7BF4C42283
SHA-512:	DBBFE4931691ED2ABFDF508461B8B43708A1127561988DAE551EF012395905D38E3A88CBE9ED53AFC07529362AB68F374A82142C3FEA194837F5CB11AB921CAB
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H......Photoshop 3.0.8BIM..........t..subbotina/123RF..x.:47801825 - two kids using tablet pc under blanket at night.....app.....application.....bed.....bedroom.....blanket.....boys.....brothers.....caucasian.....children.....computer.....covers.....darkness.....digital.....duvet.....friends.....fun.....game.....happy.....having.....hiding.....home.....indoors.....internet.....ipad.....kids.....light.....little.....lying.....movie.....networking.....night.....online.....pc.....people.....person.....playing.....reading.....room.....sibling.....sons.....tablet.....taking.....technology.....together.....touching.....touchscreen.....two.....using.....watching.....wireless.....Array....XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........me

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2093)
Category:	dropped
Size (bytes):	445152
Entropy (8bit):	5.5762134330567665
Encrypted:	false
SSDEEP:	12288:lrLbjvudFZTeHPOv7meLFeCt6lg7Db2oUGsAfTAqsoedKUF3+rWP0sCeUgMujrsY:lrLbjvudFZTeHPOv7meLFeU6lg7Db2o8
MD5:	D610BEFBA2468F5AF0B5FC9E876E7564
SHA1:	6AADA29A50E5D9638E367165CF0E7EB3A5DA9914
SHA-256:	41237965C1A879DFAB9D378F573A0EA1BC6B1316FA0B3BB0739352194643C2AF
SHA-512:	10FFD73543C5C229D4AA6CA0FC8FD87F828BA0E87EBECBB39F35A15AEFE3184402059B0082B38AD513671D2B83985163FC779675B0CD1C63BD9BEFAEE6D27840
Malicious:	false
Reputation:	low
Preview:	(function(sttc){'use strict';var q,aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} .var ca=ba(this),da=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",ea={},fa={};function ia(a,b,c){if(!c\|\|a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} .function ja(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in ea?f=ea:f=ca;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=da&&c==="es6"?f[d]:null;b=b(c);b!=null&&(a?aa(ea,d,{configurable:!0,writable:!0,value:b}):b!==c&&(fa[d]===void 0&&(a=Math.random()*1E9>>>0,fa[d]=da?ca.Symbol(d):"$jscp$"+a+"

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text, with very long lines (2015)
Category:	downloaded
Size (bytes):	40512
Entropy (8bit):	5.518199113824284
Encrypted:	false
SSDEEP:	768:8xMuZ0jicWJj1GV2eYcZOYnHKoOFAVUagrLG9JQcgNYTrfgUYyzkoDBRW0sbh3fK:A+xbYcAYb2ZT3ZE3
MD5:	1614EFD8D8B318CA80C151AA5D983224
SHA1:	E27E5A72190F00DDABC4187084B8BD3850388D05
SHA-256:	B682B162DDD14D549C16FDCC70C01AAF1A7C1C5EE9D12F8A45081CAF38499FF4
SHA-512:	32E34011CAD366D6AC1BB0FD694829D233C66BB51813596A8EA6631E2E8516A25308768C988E9866C6B868174E993BCB62443D92AFEAFC9209B0A1C30CECECAB
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/mysidia/1614efd8d8b318ca80c151aa5d983224.js?tag=addon/mysidia_one_click_handler_one_afma
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var m=this\|\|self;const aa=(new Date("2024-01-01T00:00:00Z")).getTime();.function ba(a){a=a.s;const b=encodeURIComponent;let c="";a.platform&&(c+="&uap="+b(a.platform));a.platformVersion&&(c+="&uapv="+b(a.platformVersion));a.uaFullVersion&&(c+="&uafv="+b(a.uaFullVersion));a.architecture&&(c+="&uaa="+b(a.architecture));a.model&&(c+="&uam="+b(a.model));a.bitness&&(c+="&uab="+b(a.bitness));a.fullVersionList&&(c+="&uafvl="+b(a.fullVersionList.map(d=>b(d.brand)+";"+b(d.version)).join("\|")));typeof a.wow64!=="undefined"&&(c+="&uaw="+Number(a.wow64));return c}.function ca(a,b){return a.g?a.m.slice(0,a.g.index)+b+a.m.slice(a.g.index):a.m+b}function da(a,b=0){let c="&act=1";b===0?c+="&ri=1":b===1?c+="&ri=24":b===2&&(c+="&ri=25");a.l&&a.s&&(c+=ba(a));a.h&&(c+="&suid="+a.o);return ca(a,c)}function ea(a,b){if(a.l&&a.i){if(b==1)return a.i\|\|""}else if(a.h){if(b==1)return ca(a,"&dct=1&suid="+a.o);if(b==3)re

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (53745)
Category:	downloaded
Size (bytes):	55038
Entropy (8bit):	5.716457869428952
Encrypted:	false
SSDEEP:	1536:jRNi/VOk89/CpRhQAFyRwclJbfmKGMCKwBRzxH:LidOopRJodGGO1H
MD5:	0D007A22229AE1C6599D3DDA06610B9A
SHA1:	5B2FB4BFC3BC736137406D73BD604C29CE98816E
SHA-256:	C0261E20FE1B5D5D2B8C91A994B94B6DF9A322E94B2B226D690DF364C583354D
SHA-512:	238578B32CE241B059ED5A0D1C2ACB92B40FBCEBF739129D00661A63577A02826534FB9CD4F7780E5DFC06651BD35A21967B2E3EBFC09695569C3CB3407346B0
Malicious:	false
Reputation:	low
URL:	https://pagead2.googlesyndication.com/bg/wCYeIP4bXV0rjJGplLlLbfmjIulLKyJtaQ3zZMWDNU0.js
Preview:	//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlbnQiOlsiICJdLCJuYW1lcyI6WyJjbG9zdXJlRHluYW1pY0J1dHRvbiJdLCJtYXBwaW5ncyI6IkFBQUE7QUFBQTtBQUFBO0FBQUE7QUFBQTtBQUFBO0FBQUEifQ==.(function(){function w(A){return A}var h=this\|\|self,p=function(A){return w.call(this,A)},u=function(A,P,g,Z,e,E,c,J,Q,N,V,t){for(V=(t=16,50);;)try{if(t==98)break;else if(t==16)Q=c,J=h.trustedTypes,t=56;else if(t==g)V=Z,Q=J.createPolicy(E,{createHTML:p,createScript:p,createScriptURL:p}),t=86;else{if(t==86)return V=50,Q;if(t==56)t=J&&J.createPolicy?g:A;else{if(t==A)return Q;t==46?(h.console[e](N.message),t=86):t==P?(V=50,t=19):t==19&&(t=h.console?46:86)}}}catch(B){if(V==50)throw B;V==Z&&(N=B,t=P)}};(0,eval)(function(A,P){return(P=u(68,90,36,28,"error","bg",null))&&A.eval(P.createScript("1"))===1?function(g){return P.createScript(g)}:function(g){return""+g}}(h)(Array(Math.random()*7824\|0).join("\n")+['//# sourceMappingURL=data:application/json;char

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3
Category:	dropped
Size (bytes):	14467
Entropy (8bit):	7.941998533765167
Encrypted:	false
SSDEEP:	384:EgejuPFO12IH8Kixe72uK6ul/sEWkf8nuwE0:Xe2IcU7hulIkf8nuK
MD5:	4FAE1DE31E2BF71429DFEB5BB817B597
SHA1:	A4CF467BD53251983B5793100D6C9446DC95AD5D
SHA-256:	7717900A9B06E12EA4DC0D28F4C5F32F4CE88A6E29D95D8EB57930060893A4DA
SHA-512:	8A9A0148A7C37E455A23F11C68C75B344B95F40EC7FD2D72BF01895B48837415DD2261FB3BE7393052020129517B800224732DC2C8BDB1331A3332A97977F244
Malicious:	false
Reputation:	low
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c007 1.144109, 2011/09/20-18:09:10 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:7F33A1CA9BC211E599E58F3B9F31ED72" xmpMM:InstanceID="xmp.iid:7F33A1C99BC211E599E58F3B9F31ED72" xmp:CreatorTool="Adobe Photoshop CS6 Windows"> <xmpMM:DerivedFrom stRef:instanceID="83C408C6429F9BCAB5D0054051C90FA6" stRef:documentID="83C408C6429F9BCAB5D0054051C90FA6"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................................,

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39035)
Category:	dropped
Size (bytes):	39330
Entropy (8bit):	5.336378339286664
Encrypted:	false
SSDEEP:	768:2Up+FrCU1OYvR7qO218kwiA2gRDLMjmQyrshT7Db3E8J1KTuDvniryxn7OqOPOt6:pDU1Ox62LvniFFl36+
MD5:	FB5074C5CF40020F7D0AB68A6D96DB97
SHA1:	D008C82675D94C4DD3A6C49E3361736D7504647B
SHA-256:	4A3AE52D3526E37040A8196CC9E7E926B8F77A57E0FC65462247F070C52485D0
SHA-512:	0A14F9DB778211FA003980626DBAEA7726849C485D401811F304A41DB3A182EDB2EF460C4C686551EF6348577AF0269B035D163FE739975838139669F2D5C0B6
Malicious:	false
Reputation:	low
Preview:	// Camera slideshow v1.3.3 - a jQuery slideshow with many effects, transitions, easy to customize, using canvas and mobile ready, based on jQuery 1.4+.// Copyright (c) 2012 by Manuel Masia - www.pixedelic.com.// Licensed under the MIT license: http://www.opensource.org/licenses/mit-license.php.;(function(a){a.fn.camera=function(b,c){function e(){if(navigator.userAgent.match(/Android/i)\|\|navigator.userAgent.match(/webOS/i)\|\|navigator.userAgent.match(/iPad/i)\|\|navigator.userAgent.match(/iPhone/i)\|\|navigator.userAgent.match(/iPod/i)){return true}}function H(){var b=a(s).width();a("li",s).removeClass("camera_visThumb");a("li",s).each(function(){var c=a(this).position(),d=a("ul",s).outerWidth(),e=a("ul",s).offset().left,f=a("> div",s).offset().left,g=f-e;if(g>0){a(".camera_prevThumbs",V).removeClass("hideNav")}else{a(".camera_prevThumbs",V).addClass("hideNav")}if(d-g>b){a(".camera_nextThumbs",V).removeClass("hideNav")}else{a(".camera_nextThumbs",V).addClass("hideNav")}var h=c.left,i=c.left+

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	97460
Entropy (8bit):	7.994960756305788
Encrypted:	true
SSDEEP:	1536:zwMe6L/m+39u+ecpHwpFgx35kYU//tN59OnJvZQzQwGaFDFWHCJbU0ih+pHvlu:zLeqm+MSaFgxqYUntyR8QZ4hWiX0stu
MD5:	93C62622DD353A3945FC94EC4241C81C
SHA1:	65066C5CA68CF723610C51C3D5462DE3F45BCB49
SHA-256:	922B39D4B3B181CC3121F2922CEA76A824895B19A7B7A037B86A86D225B337D2
SHA-512:	EDC4E7365ECFC7C71D2E388D4D9CA5EC79F93448982F909A5DC6337D2678AF99BEF80B2F5BCA412A22FEC7A3DB03AB250939B9E22450BB3D99983D35F78AFDDE
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...............Z=....pHYs................ cHRM..z%..............u0...`..:....o._.F..\|:IDATx...w.e.U..~c......U]...:..n..(.....\|....m0.=0.c....d....H...Pj$.j..R....r..N.a.9.x..1.Z{.SU.5.....J..:..4.....1.=..........3.=..0..+.#0....0. .....P....G...b..5.......0D C.Q..Y.2.`...c.....k....,...~.-.<..."p`.......b.....g.03.!....(..3...A`........V..A.&`@..c.B..% . ....%D..x...,B....'..16.~.1...}q6.'@.....`.@.&Dy.......`.h..U.....(...s...cD..L.yFf..s...1.......9...(@F_+.1DXkA....{.B...0.....8....!......U... .. _S.. ]3!.....c2@.1.l0.Zp.`...}.F.s..dH.....Y..s.,.....!.r..........#JW......`...q.....O.r...e........a......Z.cY...!1...`.y. ...a..8.I6...1F.......0Xc@F.,.......,.C.Y..=....(..^?Tc.....#B.c... ........=.9.k..\}.!FXk.C.....P..z.........i.t.u.....A.%y^......<b.0.Xk.C..! .%.."Y.$?=.y....K.. D.&...!B`..fc...2...(.9".A,.!.p'"y.,..=..nH..t...Z.....a_U..,.\|.rH.\|>V..t.:g.Y^........\|fz..(.+.(....k.r2....P......D..... ..b...b.........+...@.....?..U..

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1055)
Category:	dropped
Size (bytes):	2690
Entropy (8bit):	5.39866636776827
Encrypted:	false
SSDEEP:	48:Otg7xBqHIN7QaE9Fa9FZpPiNmgrZyHicju8m5I0zRHkFRCmTx:fN7Qabhiwdicju8WhRHMnTx
MD5:	76A4D84DE75340D59CA06503A14184D4
SHA1:	2FE3C4A95AF88BE57D1912BB09DC463F69924402
SHA-256:	66E9BF446316F6EEC5EAEFA7098592BBD2144A60EB38C481DB233A6CA8B8D94A
SHA-512:	2ABE6C816B265B72A8023E8F832B9BED0FFD2C931BA07C5DA1AE0CB5D60178CBD1CEA9CE6AE0BB88F77614954C20836342AD6BAFE25EB1CA4D2AEB495E4E2BD2
Malicious:	false
Reputation:	low
Preview:	(function(){'use strict';function f(a,b,e){a.addEventListener&&a.addEventListener(b,e,!1)};/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .function g(a,b,e){if(Array.isArray(b))for(var c=0;c<b.length;c++)g(a,String(b[c]),e);else b!=null&&e.push(a+(b===""?"":"="+encodeURIComponent(String(b))))};function l(a=document){return a.createElement("img")};function m(a,b,e=null,c=!1){n(a,b,e,c)}function n(a,b,e,c){a.google_image_requests\|\|(a.google_image_requests=[]);const d=l(a.document);if(e\|\|c){const k=h=>{e&&e(h);if(c){h=a.google_image_requests;const v=Array.prototype.indexOf.call(h,d,void 0);v>=0&&Array.prototype.splice.call(h,v,1)}d.removeEventListener&&d.removeEventListener("load",k,!1);d.removeEventListener&&d.removeEventListener("error",k,!1)};f(d,"load",k);f(d,"error",k)}d.src=b;a.google_image_requests.push(d)};function p(a=null){return a&&a.getAttribute("data-jc")==="22"?a:document.querySelector('[data-jc="22"]')};var q=document,r=window;functi

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2827
Entropy (8bit):	7.863101292782728
Encrypted:	false
SSDEEP:	48:V/6DocieftI9G9f6A+FIDOWu0lDl+gm7QyTtctIInQSy6IVpqlnBcODZ:VSDZ/I09Da01l+gmkyTt6Hk8nTZ
MD5:	1784A2C7D71B8D7F756F85041F34C318
SHA1:	3A42AEA1AB96749D6D5F2ED30FABAC50D0D45359
SHA-256:	09850C2068EA599E998B16020360CEC9BE5224EB6C86D0EEA17FED29EDEA9477
SHA-512:	FEB3BAC5850907BD27FD2FAF174651C6E6CE84544B7A70B3762DBFA289A226D3F04E273F92BDEE83EF579A8BC279164A37616488647FA07D2A20ED5529893912
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2924
Entropy (8bit):	7.863519453376282
Encrypted:	false
SSDEEP:	48:e/6DocieftI9G9f6A+FIDOWu0lDl+gm7QyTtctIInQSy6IVpqlnBcOD7LWQtk:eSDZ/I09Da01l+gmkyTt6Hk8nT76QS
MD5:	48C62B11172C1F8E5BF77E7AD8BCD641
SHA1:	FCE3C07F2FC197FE0E312599E712086B17569852
SHA-256:	058F420411861FBB6EEF014039296FEEC17A1E1317984CAD1767F3DC55225E62
SHA-512:	6AD4EADEE9E7DBEAA61102934B339E4E9C8D0451D8BED2791801B7E4B6000AA8B32E154CFE2A6093881B8CE913F5F0AF70CE4136026DA65FBDB74882213AD7AB
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...(...(........m....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 400x190, components 3
Category:	dropped
Size (bytes):	40104
Entropy (8bit):	7.887947294704592
Encrypted:	false
SSDEEP:	768:bP+hXkuaCjkUmWjKo/3cN5MJWlku8JMxbloyaRmx58Ptn6fmo57gx0:kXPZXGo/QlXgMxbhyg5sYcx0
MD5:	D1DCE63FF256F3AA1A9041132BE5BEB0
SHA1:	AFBA0487AD22002012A701FEA620B8A7BE95FDAF
SHA-256:	14E5E8F2495E33B1F93F738D8994E4C444B5294DEC864BC877B72E5EEF4F429B
SHA-512:	2B3AABFAC587EBF9081DC2F983D82B21E66E211944012CF2D839C3D10948FA6A7DB5D9009C70473FFC416138770D25B405A63ED89570C4FDB1ECA14AD9735CEA
Malicious:	false
Reputation:	low
Preview:	......JFIF.....d.d......Ducky.......d......Adobe.d............................................................................................................................................................................................................................................u........!.."..1.A2#..QB.a$3.Rq..b.%C...&4r....5'.S6..DTsEF7Gc(UVW......d.t..e.....)8f.u9:HIJXYZghijvwxyz.......................................................................m.....!..1..".AQ.2a.q.B.#..R.b.3..$..Cr...4%.S.cD.&5.T6Ed'.s..Ft....UeuV7........)...............(GWf8v........gw........HXhx........9IYiy........:JZjz....................?.........D..Q.....$z....V..._..... .H.0.......8.}9.....T...\...D../...=.Q.....j$..N?...~....T....1...I...._H.Z.......Y.p1.Z...................#.......~../.{...5..\@...'.........G...u.....?_...Q.e.^......?..[.=.Q.Z.]s.=^.......z..=\.).W.\|..x....O...mG.x.M(:....6.......}......@...5........Y..j.Ni^.&..l>.r?.....R:.H......~....I>..\|F<z.)

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (521)
Category:	dropped
Size (bytes):	14033
Entropy (8bit):	5.265976794283657
Encrypted:	false
SSDEEP:	384:Mh1c3uiEDoAzTZaBU4FKaxvF+Sdyh2Gr0CAjgAFv8961GlUEF:MreLE3Daxhdyh2GrHAjgsv8961GlBF
MD5:	D775F75525F575C811DEBB9391FF31AE
SHA1:	E5388A167013024C894240CD331280F475BD8DD6
SHA-256:	0DB3BC73C926B8B585B7D25C419E11ECC45E62B62E4444241A84EFD608E57F42
SHA-512:	F3F915E910991472F796FC006A51D17A4A3E0401FA0ECE56A9D6BC91C3D78E29687035809D510F5395431FE5AAF7500ECB8A8A6A5A674FE0F5E8EEA27873C1E7
Malicious:	false
Reputation:	low
Preview:	/. MIXITUP - A CSS3 & JQuery Filter and Sort Plugin.* Version: 1.4.0.* Author: Patrick Kunka.* Copyright 2012-2013 Patrick Kunka, All Rights Reserved.* FREE FOR NON-COMMERCIAL USE.* http://www.mixitup.io.*/.(function(e){function m(d,b,h,c,a){function j(){k.unbind();b&&v(b,h,c,a);a.startOrder=[];a.newOrder=[];a.origSort=[];a.checkSort=[];u.removeStyle(a.prefix+"filter, filter, "+a.prefix+"transform, transform, opacity, display").css(a.clean).removeAttr("data-checksum");window.atob\|\|u.css({display:"none",opacity:"0"});k.removeStyle(a.prefix+"transition, transition, "+a.prefix+"perspective, perspective, "+a.prefix+"perspective-origin, perspective-origin, "+(a.resizeContainer?"height":""));"list"==a.layoutMode?.(q.css({display:a.targetDisplayList,opacity:"1"}),a.origDisplay=a.targetDisplayList):(q.css({display:a.targetDisplayGrid,opacity:"1"}),a.origDisplay=a.targetDisplayGrid);a.origLayout=a.layoutMode;setTimeout(function(){u.removeStyle(a.prefix+"transition, transition");a.mixing=!1;if

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2008)
Category:	downloaded
Size (bytes):	13020
Entropy (8bit):	5.338335125035746
Encrypted:	false
SSDEEP:	192:pl/66sGOASROqI3wgh5MXnYY9EAhMmK3qzfaGxCLLgIJQaYmx:rnsGN6JIVs3LLK3qzf6gIZYmx
MD5:	D1F231B50B152372A6C3100F4AED1973
SHA1:	1BF10951BE06DA03D1371A904E19C0419F2A3637
SHA-256:	9DEC95894AF322B087AB6E87F9C8CE66D849646CF33B375D33C957F4569ED081
SHA-512:	00093B7FC4AFFA2D2230622F5D7DA69730246B74620AD4DE30AC64E41FB9AC927AFD2AB426034D71DC85A3DFEE9A46E73DF48DA7E2636A54579EA9AAAC4CAFF6
Malicious:	false
Reputation:	low
URL:	https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Preview:	<!DOCTYPE html>.<meta charset=utf-8><script>.(function(){'use strict';function m(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var p=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function aa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var r=aa(this),u=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",v={},w={};function x(a,b,c){if(!c\|\|a!=null){c=w[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}}.function y(a,b,c){if(b)a:{var e=a.split(".");a=e.length===1;var f=e[0],h;!a&&f in v?h=v:h=r;for(f=0;f<e.length-1;f++){var d=e[f];if(!(d in h))break a;h=h[d]}e=e[e.length-1];c=u&&c==="es6"?h[e]:null;b=b(c);b!=null&&(a?p(v,e,{config

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1382)
Category:	dropped
Size (bytes):	17945
Entropy (8bit):	5.330388445341784
Encrypted:	false
SSDEEP:	384:AbnElW+CdYyqBFy9G/JtCHAOgRImVWsc5JZB:Ll3CdnqC9ct2A1ImVWsc5h
MD5:	3B071D5606CC1CF92AE307F5BDB4E540
SHA1:	E191068CC90E5489130489A1CF173FE50BBA28B8
SHA-256:	FF3DE130872FE0FB5B770DFA2BC9F0DAF8AB320403A34A60D089436F08D24F99
SHA-512:	8A1287D7528B2B65D61D6E0A639F2CBE5658AFC3EDB5E2AF9494E8CC876AA6C8060A55D3BD4AA85A0B3B82733E64F7F7A6B4A5F2597FD99FD37136A83A6BBCAD
Malicious:	false
Reputation:	low
Preview:	(function(){'use strict';function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var k=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var n=ba(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",r={},u={};function w(a,b,c){if(!c\|\|a!=null){c=u[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}}.function x(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var g=d[0],f;!a&&g in r?f=r:f=n;for(g=0;g<d.length-1;g++){var e=d[g];if(!(e in f))break a;f=f[e]}d=d[d.length-1];c=p&&c==="es6"?f[d]:null;b=b(c);b!=null&&(a?k(r,d,{configurable:!0,writable:!0,value:b}):b!==c&&(u[d]

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (2720), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	31040
Entropy (8bit):	4.431006488244195
Encrypted:	false
SSDEEP:	768:z7cnCXMuzhciJH5hFF7F4uFiNuRApP5XzGGUcW:8nCXMehciJH5hFF7F4uFiNuRsoGK
MD5:	22A204EBC254A9CFE7D5F48127FF7BBA
SHA1:	E9E7B900BAF5C59AADC120205D6B3564A3E5179B
SHA-256:	A38A1EDEE37FB063D501E7BE42A9EA4240DDC45C983628EF6079267E8F00BA7B
SHA-512:	12F9A6A63B255FD5B04BFE49670217EBF80D57BDF40056F1E84027DDEF04081293A051FD7A64EBC3646F1FA6088D0A45F04E1D7AFB8A5B2FEE99E05E46FEB680
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/
Preview:	......<!DOCTYPE html>....<html>..<head>.. <title>Queleas \| Home</title>.. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />.. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />.. <link href='http://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css' />.. <link href="css/style.css" rel="stylesheet" type="text/css" media="all" />.. <script type="text/javascript" src="js/jquery.js"></script>.. jQuery -->.. start slider-->.. <link href="css/camera.css" rel="stylesheet" type="text/css" media="all" />.. <script src="js/jquery.min.js"></script>.. <script type='text/javascript' src="js/jquery.mobile.customized.min.js"></script>.. <script type='text/javascript' src="js/jquery.easing.1.3.js"></script>.. <script type='text/javascript' src="js/camera.min.js"></script>.. <script>.. jQuery(function () {.... jQuery('#camera_wrap_2').camera({....

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2250x1170, components 3
Category:	dropped
Size (bytes):	164214
Entropy (8bit):	7.828225274313593
Encrypted:	false
SSDEEP:	3072:ETxxclV9Oj8KMFgWJy/N2lD9ibW0/YFTqmwGBNys7ERzvy7AW:WUgj7MeDvy0qTqmJbys7Oy7b
MD5:	3A791D917CC24557403B1BB8BF265969
SHA1:	8CCF7C3F415DF07FEE5962E3D7B3F661AE70E2F0
SHA-256:	ABE30124879A128854499C8A6D2836511C0F66A6F20F6CBB2A55E4FFB20B757C
SHA-512:	D95FE95A805101D29AEFDA7FA630579D288B68199E0580C81F45D4EC75422C20507C30C88F30A633A620317BC33BCD9E4A73643281E0C0DB4AD8D352E166C47F
Malicious:	false
Reputation:	low
Preview:	......JFIF...................................................+#..(...%5%(-/222."8=70<+12/.........../...//////////////////////////////////////////////////....................................................D.......................!..1A"Qaq..2....#BR......3br..$CS...4.c..T................................$.......................!1A.Q."a2q.............?.....X..X....`..`..`..a..,..V.`..`U..c..........@..`..`..`..`..X.a..XQ`..X..XS...;.XS...XA`..`..X..X..Y.`.......Q.<..l...#...T..X.W.../+...$x.).6e'..35.TxW.2.H.K....c..3Y........:8.....T.h...Z.4.Z..(...M...#D.t@..P.!.&.`.b.@......S....R......(9.>`..../.......<....["...@GO.b...E....9.,...,.`..`;....N@e. ).....@..(...........................J3...~oh..R...;f..U....u.....$...].yy;.\o.....+.......w...E'...........7.Ox.z.>......=>g...q......G..eMQ.9W....U.._...f.).W.:^]...t.fb\|^..{J'F+%.'.uD...^7O.oc..\jk.;1......?.......W.y.u...e.ES.\|.>L.]Y..+........m.o.,..g.0..7..W,..]?.b.-.......\...=6?...D\-s8...*....U..sy~3.

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	1268
Entropy (8bit):	4.982071405927825
Encrypted:	false
SSDEEP:	24:U3zYL03gXrYdVaxuv9kb0cmSuPW6k6IGVGjMdlfUol6Uq+a387s+b:ezYuhG4tLSuPW6DUAqr+w873
MD5:	C6A89D7098B845EE883A36C2C114D725
SHA1:	80A18896CE75659DBEC875FB17DD546B1872682C
SHA-256:	BBD47871C790776A3EF9EECC12FD3C9B836283B493EEB28AFD3393A6F9CE5AD9
SHA-512:	4934A509D1AED0EF3A9EE3ED1A85EBEF4745FB6D2D2D09AB5F5BC463C1EB18B765BEC9950A6AA019A6C93262136F889E014CF39D511696C25A644D16C77A0706
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/responsive-nav.js
Preview:	.var ww = document.body.clientWidth;..$(document).ready(function() {..$(".nav li a").each(function() {...if ($(this).next().length > 0) {....$(this).addClass("parent");...};..})....$(".toggleMenu").click(function(e) {...e.preventDefault();...$(this).toggleClass("active");...$(".nav").toggle();..});..adjustMenu();.})..$(window).bind('resize orientationchange', function() {..ww = document.body.clientWidth;..adjustMenu();.});..var adjustMenu = function() {..if (ww < 800) {...$(".toggleMenu").css("display", "inline-block");...if (!$(".toggleMenu").hasClass("active")) {....$(".nav").hide();...} else {....$(".nav").show();...}...$(".nav li").unbind('mouseenter mouseleave');...$(".nav li a.parent").unbind('click').bind('click', function(e) {....// must be attached to anchor element to prevent bubbling....e.preventDefault();....$(this).parent("li").toggleClass("hover");...});..} ..else if (ww >= 800) {...$(".toggleMenu").css("display", "none");...$(".nav").show();...$(".nav li").removeClass("h

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 847x565, components 3
Category:	downloaded
Size (bytes):	64613
Entropy (8bit):	7.962540163720518
Encrypted:	false
SSDEEP:	1536:LpiiVrJ6Iv2B9RkfZeuZ+7e/E3zBtWTNusHP+7ZTfr:F3Vh2B9qJZ+Z9ttsm75
MD5:	588ED959C79A4AB5A07A9845C92DD9C9
SHA1:	8A2E25B5128355266BA73898074E89AB9B8F4E35
SHA-256:	02829A41515D7F15D0D239AFAA79EFC6E1CDF348F44DC3BF79146E7BF4C42283
SHA-512:	DBBFE4931691ED2ABFDF508461B8B43708A1127561988DAE551EF012395905D38E3A88CBE9ED53AFC07529362AB68F374A82142C3FEA194837F5CB11AB921CAB
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/posts/Kids_Tablet_Blanket.jpg
Preview:	......JFIF.....H.H......Photoshop 3.0.8BIM..........t..subbotina/123RF..x.:47801825 - two kids using tablet pc under blanket at night.....app.....application.....bed.....bedroom.....blanket.....boys.....brothers.....caucasian.....children.....computer.....covers.....darkness.....digital.....duvet.....friends.....fun.....game.....happy.....having.....hiding.....home.....indoors.....internet.....ipad.....kids.....light.....little.....lying.....movie.....networking.....night.....online.....pc.....people.....person.....playing.....reading.....room.....sibling.....sons.....tablet.....taking.....technology.....together.....touching.....touchscreen.....two.....using.....watching.....wireless.....Array....XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........me

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1268
Entropy (8bit):	4.982071405927825
Encrypted:	false
SSDEEP:	24:U3zYL03gXrYdVaxuv9kb0cmSuPW6k6IGVGjMdlfUol6Uq+a387s+b:ezYuhG4tLSuPW6DUAqr+w873
MD5:	C6A89D7098B845EE883A36C2C114D725
SHA1:	80A18896CE75659DBEC875FB17DD546B1872682C
SHA-256:	BBD47871C790776A3EF9EECC12FD3C9B836283B493EEB28AFD3393A6F9CE5AD9
SHA-512:	4934A509D1AED0EF3A9EE3ED1A85EBEF4745FB6D2D2D09AB5F5BC463C1EB18B765BEC9950A6AA019A6C93262136F889E014CF39D511696C25A644D16C77A0706
Malicious:	false
Reputation:	low
Preview:	.var ww = document.body.clientWidth;..$(document).ready(function() {..$(".nav li a").each(function() {...if ($(this).next().length > 0) {....$(this).addClass("parent");...};..})....$(".toggleMenu").click(function(e) {...e.preventDefault();...$(this).toggleClass("active");...$(".nav").toggle();..});..adjustMenu();.})..$(window).bind('resize orientationchange', function() {..ww = document.body.clientWidth;..adjustMenu();.});..var adjustMenu = function() {..if (ww < 800) {...$(".toggleMenu").css("display", "inline-block");...if (!$(".toggleMenu").hasClass("active")) {....$(".nav").hide();...} else {....$(".nav").show();...}...$(".nav li").unbind('mouseenter mouseleave');...$(".nav li a.parent").unbind('click').bind('click', function(e) {....// must be attached to anchor element to prevent bubbling....e.preventDefault();....$(this).parent("li").toggleClass("hover");...});..} ..else if (ww >= 800) {...$(".toggleMenu").css("display", "none");...$(".nav").show();...$(".nav li").removeClass("h

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	59323
Entropy (8bit):	7.994651044208876
Encrypted:	true
SSDEEP:	1536:5VAtczxqe0EogNXNP9Gf1ylPyng/subDX2rpx:5VAtSke0kOd2Pyn6Krj
MD5:	07B6B22BDFCA2E1B778ACC63E97B9FD1
SHA1:	709090D67C58EF2602151174FC4CDE3699494E3F
SHA-256:	5928B133D20D41571891F28669C4E887843A0A360C74F459DA1DB2F9A3772929
SHA-512:	9DD6A415ABAA0127BB61E4A4F72363F3078F72B5C49220E86A955F2D392BEDA78062AE094A5039C29EA9DFD982AFA9799E06DAEECF92F36F5AA078C97F00BFBF
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/preschoolgamesforkids.png
Preview:	.PNG........IHDR................j....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:08EBB3CDC39711E6864EDB9C4B5DE57F" xmpMM:DocumentID="xmp.did:08EBB3CEC39711E6864EDB9C4B5DE57F"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:08EBB3CBC39711E6864EDB9C4B5DE57F" stRef:documentID="xmp.did:08EBB3CCC39711E6864EDB9C4B5DE57F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.r....1IDATx.}..]Wu.^..^.j4..E....lc...i.@.y.@ !$.^.G...@ ..!<H..$.S.....c.{..%....4E..;.........>...X.f..{.>k......?6

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	97460
Entropy (8bit):	7.994960756305788
Encrypted:	true
SSDEEP:	1536:zwMe6L/m+39u+ecpHwpFgx35kYU//tN59OnJvZQzQwGaFDFWHCJbU0ih+pHvlu:zLeqm+MSaFgxqYUntyR8QZ4hWiX0stu
MD5:	93C62622DD353A3945FC94EC4241C81C
SHA1:	65066C5CA68CF723610C51C3D5462DE3F45BCB49
SHA-256:	922B39D4B3B181CC3121F2922CEA76A824895B19A7B7A037B86A86D225B337D2
SHA-512:	EDC4E7365ECFC7C71D2E388D4D9CA5EC79F93448982F909A5DC6337D2678AF99BEF80B2F5BCA412A22FEC7A3DB03AB250939B9E22450BB3D99983D35F78AFDDE
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/puzzlegamesforkids.png
Preview:	.PNG........IHDR...............Z=....pHYs................ cHRM..z%..............u0...`..:....o._.F..\|:IDATx...w.e.U..~c......U]...:..n..(.....\|....m0.=0.c....d....H...Pj$.j..R....r..N.a.9.x..1.Z{.SU.5.....J..:..4.....1.=..........3.=..0..+.#0....0. .....P....G...b..5.......0D C.Q..Y.2.`...c.....k....,...~.-.<..."p`.......b.....g.03.!....(..3...A`........V..A.&`@..c.B..% . ....%D..x...,B....'..16.~.1...}q6.'@.....`.@.&Dy.......`.h..U.....(...s...cD..L.yFf..s...1.......9...(@F_+.1DXkA....{.B...0.....8....!......U... .. _S.. ]3!.....c2@.1.l0.Zp.`...}.F.s..dH.....Y..s.,.....!.r..........#JW......`...q.....O.r...e........a......Z.cY...!1...`.y. ...a..8.I6...1F.......0Xc@F.,.......,.C.Y..=....(..^?Tc.....#B.c... ........=.9.k..\}.!FXk.C.....P..z.........i.t.u.....A.%y^......<b.0.Xk.C..! .%.."Y.$?=.y....K.. D.&...!B`..fc...2...(.9".A,.!.p'"y.,..=..nH..t...Z.....a_U..,.\|.rH.\|>V..t.:g.Y^........\|fz..(.+.(....k.r2....P......D..... ..b...b.........+...@.....?..U..

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3672)
Category:	dropped
Size (bytes):	158536
Entropy (8bit):	5.597960337493897
Encrypted:	false
SSDEEP:	3072:FRaw99JXVyhJlkGWVnjNgIFfWiP863+EVtS+rZZJt7lq9sgLFEzFv/4RLKhb:FRaw9XVyhJlkGWVnjNgIVHP863+QtSMF
MD5:	619C7BC3923D00B1D557F87F3438C82E
SHA1:	C3476A46C79A2309C4D742836B9FBE3E04DC702F
SHA-256:	57B91203FA3E1EA0C7658978A6E3224E1AE5FCB797B49DDC60818771E6DACC0C
SHA-512:	118747FBFB7CC6105D8F5AAC19B0297E1E122B04E2FDC50CB22D11F4E23E2B3D9354541C0D74DCDD28991EB18DBF430C6ED06EA4A84658C044031019E58897C1
Malicious:	false
Reputation:	low
Preview:	(function(sttc){'use strict';var aa,ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} .var da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",fa={},ha={};function ia(a,b,c){if(!c\|\|a!=null){c=ha[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} .function ja(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in fa?f=fa:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=ea&&c==="es6"?f[d]:null;b=b(c);b!=null&&(a?ba(fa,d,{configurable:!0,writable:!0,value:b}):b!==c&&(ha[d]===void 0&&(a=Math.random()*1E9>>>0,ha[d]=ea?da.Symbol(d):"$jscp$"+a+

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	103
Entropy (8bit):	4.1716187943968235
Encrypted:	false
SSDEEP:	3:GACW0RXxKbFEuFX4MfY1hgSF7nKXl0QgKHJu:SW0xxsFfX820QFpu
MD5:	96C5637E1EB8F8F8C34172F2D23EAFC6
SHA1:	2A416F86C3C9E26F9C34BF1F8B1BB5DAA46E86F9
SHA-256:	90B2D35CD5E08370ED20DB81197DD9DA1A4DBB421F71293FD5733EA49EB7B3E1
SHA-512:	4686BA81D38403B2DCFDB0514F1151DF5BF555EB12EA47214FFA2E8EA2BED44348144D6731A01EBA38890B33726A76DFA26822B4233EB59BF12ED58E9EBB86D3
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/undefined?1729811041326
Preview:	The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	268381
Entropy (8bit):	5.072141999174343
Encrypted:	false
SSDEEP:	6144:UvD8eq9mPKl4OfKcknEHZciGhjZPdDwjdwTJFPk78vmAnhZSxwI14i:UE4OfcaZhfOeATG14i
MD5:	08C235D357750C657AC1DB7D1CF656A9
SHA1:	9257AFD2D46C3A189EC0D40A45722701D47E9CA5
SHA-256:	7BD80D06C01C0340C1B9159B9B4A197DB882CA18CBAC8E9B9AA025E68F998D40
SHA-512:	D62700E7A1FF41F9D6326CA024BA2BE1D391BC8FBB2AEAE0F427D74837899B230940BF7C2DF3D193F5300A68BB3686706D4C31328234B5CDA026A1BF52EF9E70
Malicious:	false
Reputation:	low
Preview:	/!. jQuery JavaScript Library v1.9.1. * http://jquery.com/. . Includes Sizzle.js. * http://sizzlejs.com/. . Copyright 2005, 2012 jQuery Foundation, Inc. and other contributors. * Released under the MIT license. * http://jquery.org/license. . Date: 2013-2-4. */.(function( window, undefined ) {..// Can't do this because several apps including ASP.NET trace.// the stack via arguments.caller.callee and Firefox dies if.// you try to trace through "use strict" call chains. (#13335).// Support: Firefox 18+.//"use strict";.var..// The deferred used on DOM ready..readyList,...// A central reference to the root jQuery(document)..rootjQuery,...// Support: IE<9..// For `typeof node.method` instead of `node.method !== undefined`..core_strundefined = typeof undefined,...// Use the correct document accordingly with window argument (sandbox)..document = window.document,..location = window.location,...// Map over jQuery in case of overwrite.._jQuery = window.jQuery,...// Map over the $ in c

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2014:01:16 10:49:54], baseline, precision 8, 20x17, components 3
Category:	downloaded
Size (bytes):	23801
Entropy (8bit):	5.809151015614444
Encrypted:	false
SSDEEP:	384:ab6nIPNJAQyppVT9yfFxQljfWaJc0hnm6GiXXestNCSUzSeof0UQ1d6G8hhPJj6o:a2IPBdS9Om19BpHbXxC9SVwAv3RGGEqN
MD5:	DBB5EEA08785B216820BD1AB9452F005
SHA1:	8414582EE1B8574A01D7B63479C7616A023D73F1
SHA-256:	6CEB24E4C2B18D17EC612D0254D8C72906D981799E799048F83CAB3A36FF6A70
SHA-512:	FD867FB5AF66F43E102F8553E055051D46466D1A9BACBAE961CD23E0DA5E7D3C8D4697B3763E91F9120FC7C0D0C03E2810B5C6DC13A8DDA485FF7FB8B5DE0255
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/line.jpg
Preview:	......JFIF.....H.H......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop CS3 Windows.2014:01:16 10:49:54....................................................................................&.(.........................................H.......H..........JFIF.....H.H......Adobe_CM......Adobe.d......................................................................................................................................................"................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..f.:...#V.....i....#!6..#.'.......s....KH...D..{.{.........d.$.24y/..........R.....>...........q.."I.O.b>......z{?...

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (53493)
Category:	downloaded
Size (bytes):	54798
Entropy (8bit):	5.706853302721694
Encrypted:	false
SSDEEP:	768:jbn7iRX/84lLztuypQnpr3MMhT7tUQL5jq7hETnMg2b2YKbK271Y6xM0W74scaes:jbnl4lvtapD9t5L5pnzYKHxyx/Ol/W
MD5:	8A4BEE23CF08904AB2A0CA49F29C04ED
SHA1:	2639946ECA2B433E8FCF0CC8ECBDBAF3DFA32B51
SHA-256:	36FC4574A17A9E031E609FE70EE8FCA204EA8A0095D88AD9A9357367E06ABFE0
SHA-512:	7E24E4E7FAD0322E4F9AECA95D105ECC177AFE844B8FA56B74E2AA8A55179451D212DB0C9E2659732AC3CBA591988D775929B7C0A6AC0C77142C96F13B0FF109
Malicious:	false
Reputation:	low
URL:	https://pagead2.googlesyndication.com/bg/NvxFdKF6ngMeYJ_nDuj8ogTqigCV2IrZqTVzZ-Bqv-A.js
Preview:	//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlbnQiOlsiICJdLCJuYW1lcyI6WyJjbG9zdXJlRHluYW1pY0J1dHRvbiJdLCJtYXBwaW5ncyI6IkFBQUE7QUFBQTtBQUFBO0FBQUE7QUFBQTtBQUFBO0FBQUEifQ==.(function(){function u(f){return f}var l=function(f,a,L,U,R,c,W,B,I,k,D,e){for(D=(k=10,61);;)try{if(k==87)break;else{if(k==49)return B;if(k==a)b.console[R](e.message),k=67;else if(k==L)D=72,B=I.createPolicy(c,{createHTML:C,createScript:C,createScriptURL:C}),k=67;else if(k==10)B=W,I=b.trustedTypes,k=73;else if(k==U)k=b.console?a:67;else if(k==f)D=61,k=U;else{if(k==67)return D=61,B;k==73&&(k=I&&I.createPolicy?L:49)}}}catch(w){if(D==61)throw w;D==72&&(e=w,k=f)}},C=function(f){return u.call(this,f)},b=this\|\|self;(0,eval)(function(f,a){return(a=l(46,44,55,31,"error","bg",null))&&f.eval(a.createScript("1"))===1?function(L){return a.createScript(L)}:function(L){return""+L}}(b)(Array(Math.random()*7824\|0).join("\n")+['//# sourceMappingURL=data:applicati

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	6713
Entropy (8bit):	5.399676175832158
Encrypted:	false
SSDEEP:	192:pN55N+NRNY3qNkNCXNlNOQNNNiNk3XNPN4qNYaNU1NHNUN13eN/NDTNl:v5fUH2QieLOeD4CdFRlU7tyF0VVl
MD5:	D116B73DFF2C9F62F993ADC80FE34649
SHA1:	BD4FA49EDF892A9E4EF7EB54E9991AE6763BBB26
SHA-256:	FE53B72DE605EAEAA413BD918760961DDF0D8557891CA23E74B3AD6785B733CC
SHA-512:	B735D9083814693EA91ACBAAF1DB2286779D72DA2F3E9E24CF943CD5F6E12785D7DE0D1BFEBC0528E73BD3244B88AA1C9B6841B26CF6B692CBDADA33D665C7E3
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2) format('woff2');. unicode-ra

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3
Category:	dropped
Size (bytes):	17667
Entropy (8bit):	7.958162290496663
Encrypted:	false
SSDEEP:	384:y9OJol/7Nz6/hPr4jcMienWVO55lFgylymPgCuh:9YNkt4jc2WAlKSPgX
MD5:	576530F8EC73A52DE822D30C5B852E78
SHA1:	4BF7F89729E4C0A64D8310A8349A5A321714FE31
SHA-256:	D816DE6187E8228B471D5CE6ACFA8D8E5518AA8966F3B74AF708DF2063E08350
SHA-512:	76C5031B80C3D65294165BDEFFF6B3D8CF0AE6BFB03ABF41ECB57ACA377F6CCB6D22AC1D97F0C33AEDC2B78EAD79AB35E8CCEBBB45983CF06FBFE72015E98F7A
Malicious:	false
Reputation:	low
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c007 1.144109, 2011/09/20-18:09:10 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:B4C4659E9BC311E5A675FB14A718D606" xmpMM:InstanceID="xmp.iid:B4C4659D9BC311E5A675FB14A718D606" xmp:CreatorTool="Adobe Photoshop CS6 Windows"> <xmpMM:DerivedFrom stRef:instanceID="8CABE2E150C5A8F8EC29A554A7BEEF7D" stRef:documentID="8CABE2E150C5A8F8EC29A554A7BEEF7D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................................,

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (829), with no line terminators
Category:	downloaded
Size (bytes):	829
Entropy (8bit):	5.404851116724414
Encrypted:	false
SSDEEP:	24:4Hksg6lXnq5/Jz2pRNrBZJuvu8goqc0ioNhc++F4+mI:2fqz2bNrVENtmN+u+j
MD5:	6AAB62ED0E05DEE33A609CF97967393B
SHA1:	4F9FA5299F8A1984773ECA6837C0AF0CBE81E59C
SHA-256:	74B1DA365E3F3905E7E44B14927C653770483255238ADA87C1EDC8A3B4FED488
SHA-512:	90DD9331DB37FACE8C82FC50781D8636C5347AE74F5623A86F02AF732A5B538BA924B5A0AB1683FEA5AA0FD5C09D1640EF07A1DB7AA09CD9E9FA0698F43AB862
Malicious:	false
Reputation:	low
URL:	https://www.google.com/recaptcha/api2/aframe
Preview:	<!DOCTYPE HTML><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"></head><body><script nonce="YjbfMGLeWNKGcrMC_F2G-g">/** Anti-fraud and anti-abuse applications only. See google.com/recaptcha / try{var clients={'sodar':'https://pagead2.googlesyndication.com/pagead/sodar?'};window.addEventListener("message",function(a){try{if(a.source===window.parent){var b=JSON.parse(a.data);var c=clients[b['id']];if(c){var d=document.createElement('img');d.src=c+b['params']+'&rc='+(localStorage.getItem("rc::a")?sessionStorage.getItem("rc::b"):"");window.document.body.appendChild(d);sessionStorage.setItem("rc::e",parseInt(sessionStorage.getItem("rc::e")\|\|0)+1);localStorage.setItem("rc::h",'1729811058953');}}}catch(b){}});window.parent.postMessage("_grecaptcha_ready", "");}catch(b){}</script></body></html>

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	52180
Entropy (8bit):	7.992518414862952
Encrypted:	true
SSDEEP:	1536:lDgfMr2tNprsE42Z/WNiKTD4KrieA3Mq6i18:Sf0CprsE42Z/0dT3H0Mq69
MD5:	E721BD5CD8E3DE6204EC963F4C80B384
SHA1:	BE43046EB3E0AF0821AD2ABCB2D60CE37E0B3F63
SHA-256:	22D4C31A950F939F882E7DA9F894F70DE0F4B30DAF998E4C5DB8890142739A71
SHA-512:	CEC539BE791B6DA6E5EC20783AA5AE4C15F268E93382BCE6250DE72AA8D2D75B07F21CB96246E5018841FC3496FA3EC1CD9B4B6712928061A7BAA58C0882F0BC
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...............Z=....pHYs................ cHRM..z%..............u0...`..:....o._.F...ZIDATx..w..Wu...o..;wO...Q....B.........8..9.u.]{.....b.&....B9O...s....t...59...>.S...t.U....s....=BJ.-...MY....`.@_..[.../.-....l..l....`.....[..[...-.-.}..l....`.....[..[...-.-.}..l....`..`.@_..[.../.-....l..l....`.@_..[.../.-....[p.T?..?.y4%.BA..._C\.U"Q.E......+'^CJO5...2.R.`.1.\|B....5!..z.\|.1...x.......N..R:._Y....f....J1.H\|\......D......t-.+.!}........e.....7..Pj .@C..qm....@.....E0....-......B(.T.j.2.G..5..X...%\|....>...X.`...s.t.k.....s..00..,.}..."@;........N..DL..<._..\.8....?.......U.f.`?.........._.....`.&...6...E.;..z.!......\.(.S...c.0..,\|..@..[...&`6.k....sX.GK.3\|.p...SM..$.o../...`.....x...X.+...._.\|.....O...........W.-.n....B@...........g...~....Y..[..K..P......(..w7=......4.3.C......}...........l.T.......:!4C.*..p...Un-..4...o......n..._t.4=Q.....`+..MG.{].I.WQ.n../m.........PT.a..#O..5..j>~....E..@c..\..Y...@....5.m..@

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	44
Entropy (8bit):	4.697845823084411
Encrypted:	false
SSDEEP:	3:OSunS6winaKthUjn:ONSWbCj
MD5:	3844C91AF821B01EC78DD78EA3ACD3C1
SHA1:	44CF952F1A32DE49AAA82620ECAB7605C697F046
SHA-256:	A4A40F65C12CAB7EFE41DD47F38627574B70797B1B871B8CB7CCCD89B682A6CA
SHA-512:	0140E88EECF03FB2EC592597C88CDCA5584E5AD855A47D30E223AABA42570F87917BE3FE93728E362912043ED49D553F7994814498DB9DD590F3140505DFF922
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwkm5soPfbd5HBIFDZRU-s8SBQ14bxIZEhAJ54_2A7uw9FUSBQ14bxIZ?alt=proto
Preview:	ChIKBw2UVPrPGgAKBw14bxIZGgAKCQoHDXhvEhkaAA==

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2586)
Category:	dropped
Size (bytes):	22537
Entropy (8bit):	5.532838453720538
Encrypted:	false
SSDEEP:	384:4qopQl6FtO53n+8svyf53Fo5oeHvVFBIuwRatEDTJi/EDdBC6ZcuLI4Xhw/XgsB6:4qopQlwOFn+DCFoeeFqYt2TJisnC6ZcU
MD5:	EC3C9F3C47B1AF207A73CCF2C74B1750
SHA1:	50BB39E227E1B1C6BCF3D99C01B916FE21259127
SHA-256:	38F4583C6BA3F8A4DEFF750B08424F18EA56E87B5013057BF6621A00B0B78144
SHA-512:	966B44A7375D3924E29160B53D804CDEE669E32B1BB9B6CCE4D4F2F5BB179A17C5FE9A180C9A355E065AF131D55CB2587B45A275FF0586BF49218A85F5110EBF
Malicious:	false
Reputation:	low
Preview:	(function(){'use strict';var aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ca=ba(this); .function da(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}}da("Symbol.dispose",function(a){return a?a:Symbol("Symbol.dispose")});/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var n=this\|\|self;function ea(a,b,c){return a.call.apply(a.bind,arguments)}function p(a,b,c){p=ea;return p.apply(null,arguments)}function fa(a,b){function c(){}c.pr

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	17006
Entropy (8bit):	6.017490960052639
Encrypted:	false
SSDEEP:	384:ttzUWx+/u/uLylOZx7cS/wIEu5JB4OWerTz6V30vQmq:tJUdEuLcOn7ckV5JBfvT2V3fmq
MD5:	454579A1FBE8F8E4312F97643EF9580B
SHA1:	CB94472BDA9BCEAFA7B976D221459E7812498AFC
SHA-256:	3AC43F72BBD770CD1C791862704429556236FD8E170DC279F96C8C91B9DB2E5D
SHA-512:	7120A8101AD9AD864A0071859B4F7F1506B69A637DABB49360C59BC7FE6F104B4631B57D9009BC05C9B68117FBEB314FF5F3888A608A64D0ACC7CF54803F0556
Malicious:	false
Reputation:	low
URL:	https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env
Preview:	{"sodar_query_id":"b9IaZ9zhN6box_AP6b_r-Q0","injector_basename":"sodar2","bg_hash_basename":"wCYeIP4bXV0rjJGplLlLbfmjIulLKyJtaQ3zZMWDNU0","bg_binary":"HlVkSKRyLP2zCEe5oL2V1azKDtP6NBXQyyCy4Onii/H923goHQBD+FboNqT3fNBXTOOHAQpkTiTrSnh+91ZhKYW2s2xeZN6NCdhLu4fnYbrpCzzwilKO8zQyvpWpxlSP46zpKD+MuHzd4oWm1vrxWvewzfjX2erbdTlGgLKdhS8zq3Ccer4O7+Cz/cnM2vulgKJvtKRw0yxQtXClE2u/xzXGCwK6XHzfrQMJuN6kcISLGiR5F50kByJhhhywHlnuEjXyGsm5iske0a7ivk6Z7Pj2d2I4xe1ZZGMj1GnxwVusg4F9UMvjdc3pvBvF98S8pzxdysEqaihH91sroSpbD/laCDWSuGRuNYfFTudiVFNz/CFRwxz6mai+nR+H+Hr1+jstEQi5BKw9yFiAMPPmD6ovz27AoFNGKFjCo/LNl7xNUMQuSKyPrBY5OIaDgJBoX9/7WAt/bDmrMPqci7vW6XmPLbuyk3gPFRwjraZGrtPt5957CQS532Jl/ARK57PqAibmxY7GPx71q5p9azv6je5kh9fhbSfB/DORwR0yr81HNEpKGaj9IEVEsiVzt+el1pzi0k4zhAWd4PMTJtRB47AZiA8H93gNLGbuwLku1XfLxfL1Wi1srq30npvuWsCySRC83yLvYjKXbruENHpy5k4bz0qSX5dtNqWvqlqu+0XOylSZ3/OienKAr30g/xahs5zYvyIpGhitCiUNQ26vGcwHRdyZWO+1qgFuaTAGVObCCW5YgsGd75FzsBiR2Jfac/i7nq2hsGz9Iixy34GAGKLpKYcqOYYhbYhlVCx3pj/2KYnjWqT09tTVakV0f0F4nWjVjt7uhMkhwe/8B

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (53745)
Category:	dropped
Size (bytes):	55038
Entropy (8bit):	5.716457869428952
Encrypted:	false
SSDEEP:	1536:jRNi/VOk89/CpRhQAFyRwclJbfmKGMCKwBRzxH:LidOopRJodGGO1H
MD5:	0D007A22229AE1C6599D3DDA06610B9A
SHA1:	5B2FB4BFC3BC736137406D73BD604C29CE98816E
SHA-256:	C0261E20FE1B5D5D2B8C91A994B94B6DF9A322E94B2B226D690DF364C583354D
SHA-512:	238578B32CE241B059ED5A0D1C2ACB92B40FBCEBF739129D00661A63577A02826534FB9CD4F7780E5DFC06651BD35A21967B2E3EBFC09695569C3CB3407346B0
Malicious:	false
Reputation:	low
Preview:	//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlbnQiOlsiICJdLCJuYW1lcyI6WyJjbG9zdXJlRHluYW1pY0J1dHRvbiJdLCJtYXBwaW5ncyI6IkFBQUE7QUFBQTtBQUFBO0FBQUE7QUFBQTtBQUFBO0FBQUEifQ==.(function(){function w(A){return A}var h=this\|\|self,p=function(A){return w.call(this,A)},u=function(A,P,g,Z,e,E,c,J,Q,N,V,t){for(V=(t=16,50);;)try{if(t==98)break;else if(t==16)Q=c,J=h.trustedTypes,t=56;else if(t==g)V=Z,Q=J.createPolicy(E,{createHTML:p,createScript:p,createScriptURL:p}),t=86;else{if(t==86)return V=50,Q;if(t==56)t=J&&J.createPolicy?g:A;else{if(t==A)return Q;t==46?(h.console[e](N.message),t=86):t==P?(V=50,t=19):t==19&&(t=h.console?46:86)}}}catch(B){if(V==50)throw B;V==Z&&(N=B,t=P)}};(0,eval)(function(A,P){return(P=u(68,90,36,28,"error","bg",null))&&A.eval(P.createScript("1"))===1?function(g){return P.createScript(g)}:function(g){return""+g}}(h)(Array(Math.random()*7824\|0).join("\n")+['//# sourceMappingURL=data:application/json;char

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11887)
Category:	downloaded
Size (bytes):	13947
Entropy (8bit):	5.389348762415302
Encrypted:	false
SSDEEP:	96:YbidwkrRCHG0fzbICtzhsXIE9N7Tl+8lVSWToW9QEUhne4q9MUJj79ehe8rmrxr+:YGdwkrGI2QAXkb829jjKR/gRe/z
MD5:	E7EAF0CCCB0B1F16D743849ED08E7F3E
SHA1:	F7791A9C72EB8FC63E23A1B9CADA4758333B986B
SHA-256:	6F7821414FD535E61BC801D49562C818DEDB3F526AA58EBC186464069F48D1CB
SHA-512:	F9D5B89E896E074358E33750A17CBD049B7ED350064EFFE9F2A957D02459512487FD0645574DCF6C344CF713594EA5C38A3B379521DA374D0DE7B8441D01E3BF
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/fliplightbox.min.js
Preview:	/!. flipLightBox - Responsive Lightbox jQuery Plugin. * version: 1.0.1. * @requires jQuery v1.5 or later. . License at http://flipgallery.net/fliplightbox.html#download. * . * Example at http://flipgallery.net/fliplightbox.html. . Copyright 2013 flipGallery.net. . /..(function( $ ){. .$.fn.flipLightBox = function(flb_options) {..var flb_settings = $.extend({. . // FLIP MODE SETTINGS. // ------------------. . flip_mode: 1,. . // 1 = Flip On & 0 = Flip Off (fade).. . // VISUAL SETTINGS. // ---------------. . lightbox_background_opacity: 0.8,. . lightbox_border_width: 10, // (pixels). . lightbox_border_color: '#fff',. . lightbox_z_index: '1000',. . // SPEED SETTINGS. // --------------. . lightbox_flip_speed: 800,. . // Speed of complete lightbox flip or fade (milliseconds).. . // TEXT SETTINGS. //

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2827
Entropy (8bit):	7.863101292782728
Encrypted:	false
SSDEEP:	48:V/6DocieftI9G9f6A+FIDOWu0lDl+gm7QyTtctIInQSy6IVpqlnBcODZ:VSDZ/I09Da01l+gmkyTt6Hk8nTZ
MD5:	1784A2C7D71B8D7F756F85041F34C318
SHA1:	3A42AEA1AB96749D6D5F2ED30FABAC50D0D45359
SHA-256:	09850C2068EA599E998B16020360CEC9BE5224EB6C86D0EEA17FED29EDEA9477
SHA-512:	FEB3BAC5850907BD27FD2FAF174651C6E6CE84544B7A70B3762DBFA289A226D3F04E273F92BDEE83EF579A8BC279164A37616488647FA07D2A20ED5529893912
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/nav.png
Preview:	.PNG........IHDR.....................pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	333530
Entropy (8bit):	7.997458849469445
Encrypted:	true
SSDEEP:	6144:A69Y1x0JgwNGk3oXSTvlk0RJKCWanugyibiAXOBArHN0l3AqGoJp5/a2:DY1x0SwNGk3ySrlkUVWa8ifrt0l3kept
MD5:	B765AFAD34AB26AC81D8BB5D3B0B7108
SHA1:	91BE5A547755CF0ED35EAB8C42648BB0E3270DB0
SHA-256:	0539C98E6B4A86F2633477C99162203C492A5B28967F077913A2AA4A05FA3C50
SHA-512:	E35D942B3912FEB0698F4A71097009A68E7E46F6EA6FCB0D6B791A25B4B2EF23B5AAACB7C8A098AFC699ADF7EB257BC201E1DD76F270E3C8E5E57136C6E9AEDE
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/wheelspuzzlesforkids.png
Preview:	.PNG........IHDR..............x......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C735E406D73611E6BACDE2DFE7D546D2" xmpMM:DocumentID="xmp.did:C735E407D73611E6BACDE2DFE7D546D2"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C735E404D73611E6BACDE2DFE7D546D2" stRef:documentID="xmp.did:C735E405D73611E6BACDE2DFE7D546D2"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.Ila...PIDATx..y...U.....w....o.z.VK...-Y...........;..c"l'ap.I.Tq..$..C..\...cB...)L.!$...%..HB........{.....9.<.

Chrome Cache Entry: 171

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	27783
Entropy (8bit):	5.187288043583997
Encrypted:	false
SSDEEP:	192:DtsD6roc0wkdwk/wkQnN7ZDFBxJbtLOb/+luajba3nI4zQDaRzBBpCJyJU7V04Cp:C+PNcCJyJUwp
MD5:	706541EF5CF29C09B3F8E97EC23132D9
SHA1:	60F9AB768AA141F42745AE325639FA577D62D080
SHA-256:	EAF9121381667A7D86D2A9DFFF7445F092BE67BBBFC4E34F756E5C2665F80E0E
SHA-512:	C45E359BEE3B9C2F6224478DE66DCD99D19496C42745F42264321503775B3E2B12F665E6BA97911F934109B35D86202F318840F74F3D9F2BB771A26491E0DC36
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/css/camera.css
Preview:	/*************************...GENERAL..**************************/..camera_wrap a, .camera_wrap img, ..camera_wrap ol, .camera_wrap ul, .camera_wrap li,..camera_wrap table, .camera_wrap tbody, .camera_wrap tfoot, .camera_wrap thead, .camera_wrap tr, .camera_wrap th, .camera_wrap td..camera_thumbs_wrap a, .camera_thumbs_wrap img, ..camera_thumbs_wrap ol, .camera_thumbs_wrap ul, .camera_thumbs_wrap li,..camera_thumbs_wrap table, .camera_thumbs_wrap tbody, .camera_thumbs_wrap tfoot, .camera_thumbs_wrap thead, .camera_thumbs_wrap tr, .camera_thumbs_wrap th, .camera_thumbs_wrap td {..background: none;..border: 0;..font: inherit;..font-size: 100%;..margin: 0;..padding: 0;..vertical-align: baseline;..list-style: none.}..camera_wrap {..display: none;..float: left;..position: relative;..z-index: 0;.}..camera_wrap img {..max-width: none!important;.}..camera_fakehover {..height: 100%;..min-height: 60px;..position: relative;..width: 100%;..z-index: 1;.}..camera_wrap {..width: 100%;...}..camera_

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1055)
Category:	downloaded
Size (bytes):	2690
Entropy (8bit):	5.39866636776827
Encrypted:	false
SSDEEP:	48:Otg7xBqHIN7QaE9Fa9FZpPiNmgrZyHicju8m5I0zRHkFRCmTx:fN7Qabhiwdicju8WhRHMnTx
MD5:	76A4D84DE75340D59CA06503A14184D4
SHA1:	2FE3C4A95AF88BE57D1912BB09DC463F69924402
SHA-256:	66E9BF446316F6EEC5EAEFA7098592BBD2144A60EB38C481DB233A6CA8B8D94A
SHA-512:	2ABE6C816B265B72A8023E8F832B9BED0FFD2C931BA07C5DA1AE0CB5D60178CBD1CEA9CE6AE0BB88F77614954C20836342AD6BAFE25EB1CA4D2AEB495E4E2BD2
Malicious:	false
Reputation:	low
URL:	https://tpc.googlesyndication.com/pagead/js/r20241023/r20110914/client/window_focus_fy2021.js
Preview:	(function(){'use strict';function f(a,b,e){a.addEventListener&&a.addEventListener(b,e,!1)};/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .function g(a,b,e){if(Array.isArray(b))for(var c=0;c<b.length;c++)g(a,String(b[c]),e);else b!=null&&e.push(a+(b===""?"":"="+encodeURIComponent(String(b))))};function l(a=document){return a.createElement("img")};function m(a,b,e=null,c=!1){n(a,b,e,c)}function n(a,b,e,c){a.google_image_requests\|\|(a.google_image_requests=[]);const d=l(a.document);if(e\|\|c){const k=h=>{e&&e(h);if(c){h=a.google_image_requests;const v=Array.prototype.indexOf.call(h,d,void 0);v>=0&&Array.prototype.splice.call(h,v,1)}d.removeEventListener&&d.removeEventListener("load",k,!1);d.removeEventListener&&d.removeEventListener("error",k,!1)};f(d,"load",k);f(d,"error",k)}d.src=b;a.google_image_requests.push(d)};function p(a=null){return a&&a.getAttribute("data-jc")==="22"?a:document.querySelector('[data-jc="22"]')};var q=document,r=window;functi

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (493), with CRLF line terminators
Category:	downloaded
Size (bytes):	49455
Entropy (8bit):	5.234980838740877
Encrypted:	false
SSDEEP:	1536:DWGm6SuvTmwd+qfccLTnOq6fHKx/VW5KxkeFQsKxLvvFIsqgvDgaQ:SmSuCwd+qFLTnOq6fHKx/EKxkkKxLPqT
MD5:	79767DF18D34314AD412FCCF6A158200
SHA1:	3B50CF9FA46AFF673B70F13714074E9EB6711378
SHA-256:	F7ABDCAA4050EB51594D35DDC4DAB4559D318C237AE95C4D1B29797A2144FAB0
SHA-512:	55E57A1C7DAB3988088CE575ED685FBCEAE019B1E838C496ADA3A625F34FB7256B2F7D95BC60D98B42EA252D94A8B107A44841EB584178DB59E0E4B0728EC90A
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/css/style.css
Preview:	/..Author: W3layouts..Author URL: http://w3layouts.com..License: Creative Commons Attribution 3.0 Unported..License URL: http://creativecommons.org/licenses/by/3.0/.. / reset /..html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,dl,dt,dd,ol,nav ul,nav li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td,article,aside,canvas,details,embed,figure,figcaption,footer,header,hgroup,menu,nav,output,ruby,section,summary,time,mark,audio,video{margin:0;padding:0;border:0;font-size:100%;font:inherit;vertical-align:baseline;}..article, aside, details, figcaption, figure,footer, header, hgroup, menu, nav, section {display: block;}..ol,ul{list-style:none;margin:0;padding:0;}..blockquote,q{quotes:none;}..blockquote:before,blockquote:after,q:before,q:after{content:'';content:none;}..table{border-collapse:collapse;border-spacing:0;}../ start editing

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	103
Entropy (8bit):	4.1716187943968235
Encrypted:	false
SSDEEP:	3:GACW0RXxKbFEuFX4MfY1hgSF7nKXl0QgKHJu:SW0xxsFfX820QFpu
MD5:	96C5637E1EB8F8F8C34172F2D23EAFC6
SHA1:	2A416F86C3C9E26F9C34BF1F8B1BB5DAA46E86F9
SHA-256:	90B2D35CD5E08370ED20DB81197DD9DA1A4DBB421F71293FD5733EA49EB7B3E1
SHA-512:	4686BA81D38403B2DCFDB0514F1151DF5BF555EB12EA47214FFA2E8EA2BED44348144D6731A01EBA38890B33726A76DFA26822B4233EB59BF12ED58E9EBB86D3
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/gallery_zoom.jpg
Preview:	The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17219)
Category:	downloaded
Size (bytes):	17519
Entropy (8bit):	5.330118477006385
Encrypted:	false
SSDEEP:	384:AKCda0BL3liEPys8C5w+J1HAZ3vePKL3VYb2:A9Ddys8CuYKZ3vePKL3Wi
MD5:	EA59FE8222CC61FFDBD41119CE23FD25
SHA1:	737D9996CD2705B3457167B1F0A352232A10253A
SHA-256:	654595CF8B565940EF6B5765D3047AF2794B13EFEB6FDC661DED7F5CCF32CE0C
SHA-512:	6094B5FE8CE03C2A7E31A66F5753F4BB21C00937B360B860453D022827E81F33F289FA8A3A69E0E653ADE21E801EF578AE9EC3AD1D8218E78D4BFB09868867A2
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/jquery.mobile.customized.min.js
Preview:	//.jQuery Mobile framework customized for Camera slideshow, made by.//.'jquery.mobile.define.js',.//.'jquery.ui.widget.js',.//.'jquery.mobile.widget.js',.//.'jquery.mobile.media.js',.//.'jquery.mobile.support.js',.//.'jquery.mobile.vmouse.js',.//.'jquery.mobile.event.js',.//.'jquery.mobile.core.js'.window.define=function(){Array.prototype.slice.call(arguments).pop()(window.jQuery)};define(["jquery"],function(a){(function(a,b){if(a.cleanData){var c=a.cleanData;a.cleanData=function(b){for(var d=0,e;(e=b[d])!=null;d++){a(e).triggerHandler("remove")}c(b)}}else{var d=a.fn.remove;a.fn.remove=function(b,c){return this.each(function(){if(!c){if(!b\|\|a.filter(b,[this]).length){a("*",this).add([this]).each(function(){a(this).triggerHandler("remove")})}}return d.call(a(this),b,c)})}}a.widget=function(b,c,d){var e=b.split(".")[0],f;b=b.split(".")[1];f=e+"-"+b;if(!d){d=c;c=a.Widget}a.expr[":"][f]=function(c){return!!a.data(c,b)};a[e]=a[e]\|\|{};a[e][b]=function(a,b){if(arguments.length){this._createWi

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1382)
Category:	downloaded
Size (bytes):	17945
Entropy (8bit):	5.330388445341784
Encrypted:	false
SSDEEP:	384:AbnElW+CdYyqBFy9G/JtCHAOgRImVWsc5JZB:Ll3CdnqC9ct2A1ImVWsc5h
MD5:	3B071D5606CC1CF92AE307F5BDB4E540
SHA1:	E191068CC90E5489130489A1CF173FE50BBA28B8
SHA-256:	FF3DE130872FE0FB5B770DFA2BC9F0DAF8AB320403A34A60D089436F08D24F99
SHA-512:	8A1287D7528B2B65D61D6E0A639F2CBE5658AFC3EDB5E2AF9494E8CC876AA6C8060A55D3BD4AA85A0B3B82733E64F7F7A6B4A5F2597FD99FD37136A83A6BBCAD
Malicious:	false
Reputation:	low
URL:	https://ep2.adtrafficquality.google/sodar/sodar2.js
Preview:	(function(){'use strict';function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var k=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var n=ba(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",r={},u={};function w(a,b,c){if(!c\|\|a!=null){c=u[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}}.function x(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var g=d[0],f;!a&&g in r?f=r:f=n;for(g=0;g<d.length-1;g++){var e=d[g];if(!(e in f))break a;f=f[e]}d=d[d.length-1];c=p&&c==="es6"?f[d]:null;b=b(c);b!=null&&(a?k(r,d,{configurable:!0,writable:!0,value:b}):b!==c&&(u[d]

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11887)
Category:	dropped
Size (bytes):	13947
Entropy (8bit):	5.389348762415302
Encrypted:	false
SSDEEP:	96:YbidwkrRCHG0fzbICtzhsXIE9N7Tl+8lVSWToW9QEUhne4q9MUJj79ehe8rmrxr+:YGdwkrGI2QAXkb829jjKR/gRe/z
MD5:	E7EAF0CCCB0B1F16D743849ED08E7F3E
SHA1:	F7791A9C72EB8FC63E23A1B9CADA4758333B986B
SHA-256:	6F7821414FD535E61BC801D49562C818DEDB3F526AA58EBC186464069F48D1CB
SHA-512:	F9D5B89E896E074358E33750A17CBD049B7ED350064EFFE9F2A957D02459512487FD0645574DCF6C344CF713594EA5C38A3B379521DA374D0DE7B8441D01E3BF
Malicious:	false
Reputation:	low
Preview:	/!. flipLightBox - Responsive Lightbox jQuery Plugin. * version: 1.0.1. * @requires jQuery v1.5 or later. . License at http://flipgallery.net/fliplightbox.html#download. * . * Example at http://flipgallery.net/fliplightbox.html. . Copyright 2013 flipGallery.net. . /..(function( $ ){. .$.fn.flipLightBox = function(flb_options) {..var flb_settings = $.extend({. . // FLIP MODE SETTINGS. // ------------------. . flip_mode: 1,. . // 1 = Flip On & 0 = Flip Off (fade).. . // VISUAL SETTINGS. // ---------------. . lightbox_background_opacity: 0.8,. . lightbox_border_width: 10, // (pixels). . lightbox_border_color: '#fff',. . lightbox_z_index: '1000',. . // SPEED SETTINGS. // --------------. . lightbox_flip_speed: 800,. . // Speed of complete lightbox flip or fade (milliseconds).. . // TEXT SETTINGS. //

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Category:	downloaded
Size (bytes):	18536
Entropy (8bit):	7.986571198050597
Encrypted:	false
SSDEEP:	384:IhocXmE6eM871P7td/mcOKA454H2orQEONKrOqxw:f6WeL1P//9D54WCCKc
MD5:	8EFF0B8045FD1959E117F85654AE7770
SHA1:	227FEE13CEB7C410B5C0BB8000258B6643CB6255
SHA-256:	89978E658E840B927DDDB5CB3A835C7D8526ECE79933BD9F3096B301FE1A8571
SHA-512:	2E4FB65CAAB06F02E341E9BA4FB217D682338881DABA3518A0DF8DF724E0496E1AF613DB8E2F65B42B9E82703BA58916B5F5ABB68C807C78A88577030A6C2058
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......Hh..........H..............................Z..\|.`..J.T..<.....H..U..Z...x.6.$..0. ..t. ..I....p.0.VU.......1....AQ...d..x.....R..4.-.c..C$fUc.c..IX..@..~g.xs.....%...O...eJ.w..U.\|.......%..{.......U+..T#.S......`.n.....V.w.4..~P"..zk.%..../........=3...F.........V.FL..;Bc.........A.Uk.U1.b!Y.BH.DL...s.s...F.m.9a..GJ..1..#.`m5..DI..X5#.........B.Akm.....&..0...{.L.....G......-(.......O4.@3....=......f..l...$.....j..NO...e.Y.tJ2J>F.(.c....08..e...~....D2S7s:.G'Gm........!.7.........r.c.`,.....~.).......c>1.......Y.g2^...T-1.7./r./....>...g.ov@u.?.U.+._...'M..,.,g....!g..9."..yBF.#r+.Ps...%.d=....U...5.b.$:`.4R.II.<A....Q)....e...k.....M.8.z....+.....5}..F........F.d._...].~-](.Lf....Y..W....;-z...;. .@x._v../.%UIm....=s...P.C....G...^..Q.!g.!b._.P....at..?.}....t.z...O(..Y6..R.2.X....k.R..K.gw(.F.K?m..R...7....dj..7. .r.U..be.4......8.].w.B..B......Y..:..8.N..U...NEm...\.^q..f}.......{..6.". ...y-.Y...N.+.M E..`......R.$T

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x225, components 3
Category:	downloaded
Size (bytes):	22597
Entropy (8bit):	7.9611352308923875
Encrypted:	false
SSDEEP:	384:2nX1qjo8Yo/2rv4jn5PSca2TKE41PLC7ULdvkDR3gTWDpV2nC/S:2XEe81MoKE4kCc3WqpV/S
MD5:	25CD4B2832DF917132499324029AC5B2
SHA1:	E0AAD419A9CCEF8881C6DB05BFD2775E9D7AB440
SHA-256:	0D9DCEA367252139D88ACB378C18CFCE2C29EA6271FC8693C2C2BC648D8AD559
SHA-512:	BF241464991A400CB2FB7AF5F823038A9B034B60F84CEB9DEAAD3BED9CFBB852873EF822AE9B82CF918E5441BDA7619DEE6EEEA4DFB04E429DF06D2D432547B0
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/posts/HomeSchooling.jpg
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c007 1.144109, 2011/09/20-18:09:10 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmpMM:DocumentID="xmp.did:578A8DF29D6111E58317836E80FE8560" xmpMM:InstanceID="xmp.iid:578A8DF19D6111E58317836E80FE8560" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="466088E57091A300993ACC88D552D31E" stRef:documentID="466088E57091A300993ACC88D552D31E"/> <dc:creator> <rdf:Seq> <rdf:li>SERGEY NIVENS</rdf:li> </rdf:Seq> </dc:creator> <dc:title> <rdf:Alt> <rdf:li xml:lang="x-default">Time to do my homework</rdf:li> </rdf:Alt> </

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	45732
Entropy (8bit):	5.2102854752873
Encrypted:	false
SSDEEP:	768:nx9vyeNJxyPtwiurw5KfaH4C1xSS81nL0SUYtput/aRIM0Ro:nx9vyeNJxyPtwiTCal8S81nL0SUYt88J
MD5:	C8F9C10F7B896EDAAA478913D146BD7E
SHA1:	EB7B3CD6FFD1CBA8582738CFA0A1FD98629170C8
SHA-256:	DEBB4142A4402A9B2089022FC47313200C7B48AE9E9C64C14859C1A94132E5E2
SHA-512:	83A7BA0857DABED0293FF5CE481A1584ECB728C4AD73C6611E097986B78A07A1C4535BCE1783763B431308831ED7D963EEBCC6F68755696BBDA546F6368C8007
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/jquery.magnific-popup.js
Preview:	/! Magnific Popup - v0.9.9 - 2013-11-15. http://dimsemenov.com/plugins/magnific-popup/.* Copyright (c) 2013 Dmitry Semenov; /.;(function($) {../>>core/./. . * Magnific Popup Core JS file. * . /.../. Private static constants. /.var CLOSE_EVENT = 'Close',..BEFORE_CLOSE_EVENT = 'BeforeClose',..AFTER_CLOSE_EVENT = 'AfterClose',..BEFORE_APPEND_EVENT = 'BeforeAppend',..MARKUP_PARSE_EVENT = 'MarkupParse',..OPEN_EVENT = 'Open',..CHANGE_EVENT = 'Change',..NS = 'mfp',..EVENT_NS = '.' + NS,..READY_CLASS = 'mfp-ready',..REMOVING_CLASS = 'mfp-removing',..PREVENT_CLOSE_CLASS = 'mfp-prevent-close';.../. Private vars . /.var mfp, // As we have only one instance of MagnificPopup object, we define it locally to not to use 'this'..MagnificPopup = function(){},.._isJQ = !!(window.jQuery),.._prevStatus,.._window = $(window),.._body,.._document,.._prevContentType,.._wrapClasses,.._currPopupType;.../. Private functions. */.var _mfpOn = function(name, f) {...mfp.ev.on(NS + name + EVENT

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	45732
Entropy (8bit):	5.2102854752873
Encrypted:	false
SSDEEP:	768:nx9vyeNJxyPtwiurw5KfaH4C1xSS81nL0SUYtput/aRIM0Ro:nx9vyeNJxyPtwiTCal8S81nL0SUYt88J
MD5:	C8F9C10F7B896EDAAA478913D146BD7E
SHA1:	EB7B3CD6FFD1CBA8582738CFA0A1FD98629170C8
SHA-256:	DEBB4142A4402A9B2089022FC47313200C7B48AE9E9C64C14859C1A94132E5E2
SHA-512:	83A7BA0857DABED0293FF5CE481A1584ECB728C4AD73C6611E097986B78A07A1C4535BCE1783763B431308831ED7D963EEBCC6F68755696BBDA546F6368C8007
Malicious:	false
Reputation:	low
Preview:	/! Magnific Popup - v0.9.9 - 2013-11-15. http://dimsemenov.com/plugins/magnific-popup/.* Copyright (c) 2013 Dmitry Semenov; /.;(function($) {../>>core/./. . * Magnific Popup Core JS file. * . /.../. Private static constants. /.var CLOSE_EVENT = 'Close',..BEFORE_CLOSE_EVENT = 'BeforeClose',..AFTER_CLOSE_EVENT = 'AfterClose',..BEFORE_APPEND_EVENT = 'BeforeAppend',..MARKUP_PARSE_EVENT = 'MarkupParse',..OPEN_EVENT = 'Open',..CHANGE_EVENT = 'Change',..NS = 'mfp',..EVENT_NS = '.' + NS,..READY_CLASS = 'mfp-ready',..REMOVING_CLASS = 'mfp-removing',..PREVENT_CLOSE_CLASS = 'mfp-prevent-close';.../. Private vars . /.var mfp, // As we have only one instance of MagnificPopup object, we define it locally to not to use 'this'..MagnificPopup = function(){},.._isJQ = !!(window.jQuery),.._prevStatus,.._window = $(window),.._body,.._document,.._prevContentType,.._wrapClasses,.._currPopupType;.../. Private functions. */.var _mfpOn = function(name, f) {...mfp.ev.on(NS + name + EVENT

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (786)
Category:	downloaded
Size (bytes):	1672
Entropy (8bit):	5.286735414643417
Encrypted:	false
SSDEEP:	48:bFj15yMuJcZ2E9uIic2u8aYlPFs3l7Q2xtHS:Fey2EYIic2u8bl9sJu
MD5:	AB304529064B2C30C88FC41AD81913E0
SHA1:	14091E21A049D97B052DD56FF4076898F6F7D0CC
SHA-256:	88C5A7E6C9B3319F4BE9CD873D1E19766A62BE628EA9921156DD2702F1D15031
SHA-512:	6F8A7C3D2516C88E172D6AF1F88B0F32242A737BA128F95E0668D57EE004384DAFE4011A84FC543BA477A7BC82A8D47862F1F276F0C89FA0087D63E4D3B72691
Malicious:	false
Reputation:	low
URL:	https://tpc.googlesyndication.com/pagead/js/r20241023/r20110914/client/load_preloaded_resource_fy2021.js
Preview:	(function(){'use strict';let e=[];const f=()=>{const a=e;e=[];for(const b of a)try{b()}catch{}};function g(a=document){return a.createElement("img")};function h(a=null){return a&&a.getAttribute("data-jc")==="26"?a:document.querySelector('[data-jc="26"]')};var k=document;/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var m=()=>{var a=k.querySelectorAll("link[data-reload-stylesheet][as=style][rel=preload]");for(var b=0;b<a.length;b++){var c=a[b],d="link",l=document;d=String(d);l.contentType==="application/xhtml+xml"&&(d=d.toLowerCase());d=l.createElement(d);d.setAttribute("rel","stylesheet");d.setAttribute("href",c.getAttribute("href"));k.head.appendChild(d)}if(a.length>0&&!(Math.random()>.01)){a=(a=h(document.currentScript))&&a.getAttribute("data-jc-rcd")==="true"?"pagead2.googlesyndication-cn.com":"pagead2.googlesyndication.com"; .b=(b=h(document.currentScript))&&b.getAttribute("data-jc-version")\|\|"unknown";a=`https://${a}/pagead/gen_204?id=jca

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	268381
Entropy (8bit):	5.072141999174343
Encrypted:	false
SSDEEP:	6144:UvD8eq9mPKl4OfKcknEHZciGhjZPdDwjdwTJFPk78vmAnhZSxwI14i:UE4OfcaZhfOeATG14i
MD5:	08C235D357750C657AC1DB7D1CF656A9
SHA1:	9257AFD2D46C3A189EC0D40A45722701D47E9CA5
SHA-256:	7BD80D06C01C0340C1B9159B9B4A197DB882CA18CBAC8E9B9AA025E68F998D40
SHA-512:	D62700E7A1FF41F9D6326CA024BA2BE1D391BC8FBB2AEAE0F427D74837899B230940BF7C2DF3D193F5300A68BB3686706D4C31328234B5CDA026A1BF52EF9E70
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/jquery.js
Preview:	/!. jQuery JavaScript Library v1.9.1. * http://jquery.com/. . Includes Sizzle.js. * http://sizzlejs.com/. . Copyright 2005, 2012 jQuery Foundation, Inc. and other contributors. * Released under the MIT license. * http://jquery.org/license. . Date: 2013-2-4. */.(function( window, undefined ) {..// Can't do this because several apps including ASP.NET trace.// the stack via arguments.caller.callee and Firefox dies if.// you try to trace through "use strict" call chains. (#13335).// Support: Firefox 18+.//"use strict";.var..// The deferred used on DOM ready..readyList,...// A central reference to the root jQuery(document)..rootjQuery,...// Support: IE<9..// For `typeof node.method` instead of `node.method !== undefined`..core_strundefined = typeof undefined,...// Use the correct document accordingly with window argument (sandbox)..document = window.document,..location = window.location,...// Map over jQuery in case of overwrite.._jQuery = window.jQuery,...// Map over the $ in c

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3
Category:	downloaded
Size (bytes):	14467
Entropy (8bit):	7.941998533765167
Encrypted:	false
SSDEEP:	384:EgejuPFO12IH8Kixe72uK6ul/sEWkf8nuwE0:Xe2IcU7hulIkf8nuK
MD5:	4FAE1DE31E2BF71429DFEB5BB817B597
SHA1:	A4CF467BD53251983B5793100D6C9446DC95AD5D
SHA-256:	7717900A9B06E12EA4DC0D28F4C5F32F4CE88A6E29D95D8EB57930060893A4DA
SHA-512:	8A9A0148A7C37E455A23F11C68C75B344B95F40EC7FD2D72BF01895B48837415DD2261FB3BE7393052020129517B800224732DC2C8BDB1331A3332A97977F244
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/posts/Online_Games_For_Kids.jpg
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c007 1.144109, 2011/09/20-18:09:10 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:7F33A1CA9BC211E599E58F3B9F31ED72" xmpMM:InstanceID="xmp.iid:7F33A1C99BC211E599E58F3B9F31ED72" xmp:CreatorTool="Adobe Photoshop CS6 Windows"> <xmpMM:DerivedFrom stRef:instanceID="83C408C6429F9BCAB5D0054051C90FA6" stRef:documentID="83C408C6429F9BCAB5D0054051C90FA6"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................................,

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text, with very long lines (2873)
Category:	downloaded
Size (bytes):	9031
Entropy (8bit):	5.527216820529872
Encrypted:	false
SSDEEP:	192:B1/6bZSDg3eksiGBpuMo5gXKl7LOjbke3CT2itXedSlFI:B1/6bZSDqeYGBbnal7LCbkkCT2oXedS8
MD5:	0A69A7A3530DE318072DE6182E31A0C6
SHA1:	9BF1165A0064FB85DD8F29DDC6C45AD5B9574EE9
SHA-256:	BF1E2557855835794A8A1D9C1403AC53373CCEA3006325357E5CB384E93D7514
SHA-512:	9B24B0255A19285BF345BB199BAFF4DCCACBB55521FA0581E2AB196D5C28EC936749C6F9A21233261CBDE37033DA5C91D7F03A3A1FE4B25D8F325A7717760740
Malicious:	false
Reputation:	low
URL:	https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Preview:	<!DOCTYPE html><script>.(function(){'use strict';/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var l=this\|\|self;var m,n;a:{for(var aa=["CLOSURE_FLAGS"],v=l,z=0;z<aa.length;z++)if(v=v[aa[z]],v==null){n=null;break a}n=v}var ba=n&&n[610401301];m=ba!=null?ba:!1;function ca(){var a=l.navigator;return a&&(a=a.userAgent)?a:""}var A;const da=l.navigator;A=da?da.userAgentData\|\|null:null;function B(a){return m?A?A.brands.some(({brand:b})=>b&&b.indexOf(a)!=-1):!1:!1}function C(a){return ca().indexOf(a)!=-1};function E(){return m?!!A&&A.brands.length>0:!1}function F(){return E()?B("Chromium"):(C("Chrome")\|\|C("CriOS"))&&!(E()?0:C("Edge"))\|\|C("Silk")};function ea(a,b){Array.prototype.forEach.call(a,b,void 0)};function G(a){G[" "](a);return a}G[" "]=function(){};var fa=ca().toLowerCase().indexOf("webkit")!=-1&&!C("Edge");!C("Android")\|\|F();F();C("Safari")&&(F()\|\|(E()?0:C("Coast"))\|\|(E()?0:C("Opera"))\|\|(E()?0:C("Edge"))\|\|(E()?B("Microsoft Edge"):C("Edg/"))\|\|E()&&B

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	8097
Entropy (8bit):	5.390616885965898
Encrypted:	false
SSDEEP:	192:pl+Or8ur83V33R3hqRAsfAy4MOr8ur83V33R3hqo:zZr8ur83VHBhm+r8ur83VHBhL
MD5:	6516449ED5089677ED3D7E2F11FC8942
SHA1:	82E40D060BC269A6DDE20C3990CA5A4FEA6CA754
SHA-256:	0757F7FF6E5F6A581922A5E2D42C5E0CF7475D880885A9802E8BDD5E4188DD34
SHA-512:	6EBAE34E9F46E8C90A5F94235F0C00424B1C7C5A4A8B7A248F267F337BC6C3083DA88D66B28CFBCFE11B4012D7B139D52B73CE8D80461DC42F5F7E0614AAFFEC
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/jquery.easing.1.3.js
Preview:	/. jQuery Easing v1.3 - http://gsgd.co.uk/sandbox/jquery/easing/. . Uses the built in easing capabilities added In jQuery 1.1. * to offer multiple easing options. . TERMS OF USE - jQuery Easing. * . * Open source under the BSD License. . * . * Copyright . 2008 George McGinley Smith. * All rights reserved.. * . * Redistribution and use in source and binary forms, with or without modification, . * are permitted provided that the following conditions are met:. * . * Redistributions of source code must retain the above copyright notice, this list of . * conditions and the following disclaimer.. * Redistributions in binary form must reproduce the above copyright notice, this list . * of conditions and the following disclaimer in the documentation and/or other materials . * provided with the distribution.. * . * Neither the name of the author nor the names of contributors may be used to endorse . * or promote products derived from this software without specific prior written permis

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2250x1170, components 3
Category:	downloaded
Size (bytes):	164214
Entropy (8bit):	7.828225274313593
Encrypted:	false
SSDEEP:	3072:ETxxclV9Oj8KMFgWJy/N2lD9ibW0/YFTqmwGBNys7ERzvy7AW:WUgj7MeDvy0qTqmJbys7Oy7b
MD5:	3A791D917CC24557403B1BB8BF265969
SHA1:	8CCF7C3F415DF07FEE5962E3D7B3F661AE70E2F0
SHA-256:	ABE30124879A128854499C8A6D2836511C0F66A6F20F6CBB2A55E4FFB20B757C
SHA-512:	D95FE95A805101D29AEFDA7FA630579D288B68199E0580C81F45D4EC75422C20507C30C88F30A633A620317BC33BCD9E4A73643281E0C0DB4AD8D352E166C47F
Malicious:	false
Reputation:	low
URL:	https://tpc.googlesyndication.com/simgad/8872295530745037077/14763004658117789537
Preview:	......JFIF...................................................+#..(...%5%(-/222."8=70<+12/.........../...//////////////////////////////////////////////////....................................................D.......................!..1A"Qaq..2....#BR......3br..$CS...4.c..T................................$.......................!1A.Q."a2q.............?.....X..X....`..`..`..a..,..V.`..`U..c..........@..`..`..`..`..X.a..XQ`..X..XS...;.XS...XA`..`..X..X..Y.`.......Q.<..l...#...T..X.W.../+...$x.).6e'..35.TxW.2.H.K....c..3Y........:8.....T.h...Z.4.Z..(...M...#D.t@..P.!.&.`.b.@......S....R......(9.>`..../.......<....["...@GO.b...E....9.,...,.`..`;....N@e. ).....@..(...........................J3...~oh..R...;f..U....u.....$...].yy;.\o.....+.......w...E'...........7.Ox.z.>......=>g...q......G..eMQ.9W....U.._...f.).W.:^]...t.fb\|^..{J'F+%.'.uD...^7O.oc..\jk.;1......?.......W.y.u...e.ES.\|.>L.]Y..+........m.o.,..g.0..7..W,..]?.b.-.......\...=6?...D\-s8...*....U..sy~3.

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (3601)
Category:	downloaded
Size (bytes):	5564
Entropy (8bit):	5.551910906243356
Encrypted:	false
SSDEEP:	96:uBm7MaOr8uroJzDV6u3R3zd4j6zp4tSZCHjuwE9nCDTVpWZ:pQaOr8ur83V33R3hq6+uwLvo
MD5:	9CDA9E740BBF260A190F4041132B5105
SHA1:	603599B494C5F0C9ED5D11CCEA03CA6517DA46DC
SHA-256:	ECFC183E33D25D24AA7C06218E0A413488FFF8774E4B4B87543C766DB9B0B8BA
SHA-512:	EB05AE2C63BA13A30C3B4E5D99507FCD70915B2DB611E8005135EAD278F43D6AC09F92DDDC1C50051B3FD01CA2A0708D075D98C9510AB934944B97A543390326
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/jquery.easing.min.js
Preview:	/. jQuery Easing v1.3 - http://gsgd.co.uk/sandbox/jquery/easing/. . Uses the built in easing capabilities added In jQuery 1.1. * to offer multiple easing options. . TERMS OF USE - EASING EQUATIONS. * . * Open source under the BSD License. . * . * Copyright .... 2001 Robert Penner. * All rights reserved.. . TERMS OF USE - jQuery Easing. * . * Open source under the BSD License. . * . * Copyright .... 2008 George McGinley Smith. * All rights reserved.. . Redistribution and use in source and binary forms, with or without modification, . * are permitted provided that the following conditions are met:. * . * Redistributions of source code must retain the above copyright notice, this list of . * conditions and the following disclaimer.. * Redistributions in binary form must reproduce the above copyright notice, this list . * of conditions and the following disclaimer in the documentation and/or other materials . * provided with the distribution.. * . * Neither the nam

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2924
Entropy (8bit):	7.863519453376282
Encrypted:	false
SSDEEP:	48:e/6DocieftI9G9f6A+FIDOWu0lDl+gm7QyTtctIInQSy6IVpqlnBcOD7LWQtk:eSDZ/I09Da01l+gmkyTt6Hk8nT76QS
MD5:	48C62B11172C1F8E5BF77E7AD8BCD641
SHA1:	FCE3C07F2FC197FE0E312599E712086B17569852
SHA-256:	058F420411861FBB6EEF014039296FEEC17A1E1317984CAD1767F3DC55225E62
SHA-512:	6AD4EADEE9E7DBEAA61102934B339E4E9C8D0451D8BED2791801B7E4B6000AA8B32E154CFE2A6093881B8CE913F5F0AF70CE4136026DA65FBDB74882213AD7AB
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/plus.png
Preview:	.PNG........IHDR...(...(........m....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text, with very long lines (2015)
Category:	dropped
Size (bytes):	40512
Entropy (8bit):	5.518199113824284
Encrypted:	false
SSDEEP:	768:8xMuZ0jicWJj1GV2eYcZOYnHKoOFAVUagrLG9JQcgNYTrfgUYyzkoDBRW0sbh3fK:A+xbYcAYb2ZT3ZE3
MD5:	1614EFD8D8B318CA80C151AA5D983224
SHA1:	E27E5A72190F00DDABC4187084B8BD3850388D05
SHA-256:	B682B162DDD14D549C16FDCC70C01AAF1A7C1C5EE9D12F8A45081CAF38499FF4
SHA-512:	32E34011CAD366D6AC1BB0FD694829D233C66BB51813596A8EA6631E2E8516A25308768C988E9866C6B868174E993BCB62443D92AFEAFC9209B0A1C30CECECAB
Malicious:	false
Reputation:	low
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var m=this\|\|self;const aa=(new Date("2024-01-01T00:00:00Z")).getTime();.function ba(a){a=a.s;const b=encodeURIComponent;let c="";a.platform&&(c+="&uap="+b(a.platform));a.platformVersion&&(c+="&uapv="+b(a.platformVersion));a.uaFullVersion&&(c+="&uafv="+b(a.uaFullVersion));a.architecture&&(c+="&uaa="+b(a.architecture));a.model&&(c+="&uam="+b(a.model));a.bitness&&(c+="&uab="+b(a.bitness));a.fullVersionList&&(c+="&uafvl="+b(a.fullVersionList.map(d=>b(d.brand)+";"+b(d.version)).join("\|")));typeof a.wow64!=="undefined"&&(c+="&uaw="+Number(a.wow64));return c}.function ca(a,b){return a.g?a.m.slice(0,a.g.index)+b+a.m.slice(a.g.index):a.m+b}function da(a,b=0){let c="&act=1";b===0?c+="&ri=1":b===1?c+="&ri=24":b===2&&(c+="&ri=25");a.l&&a.s&&(c+=ba(a));a.h&&(c+="&suid="+a.o);return ca(a,c)}function ea(a,b){if(a.l&&a.i){if(b==1)return a.i\|\|""}else if(a.h){if(b==1)return ca(a,"&dct=1&suid="+a.o);if(b==3)re

Chrome Cache Entry: 191

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (786)
Category:	dropped
Size (bytes):	1672
Entropy (8bit):	5.286735414643417
Encrypted:	false
SSDEEP:	48:bFj15yMuJcZ2E9uIic2u8aYlPFs3l7Q2xtHS:Fey2EYIic2u8bl9sJu
MD5:	AB304529064B2C30C88FC41AD81913E0
SHA1:	14091E21A049D97B052DD56FF4076898F6F7D0CC
SHA-256:	88C5A7E6C9B3319F4BE9CD873D1E19766A62BE628EA9921156DD2702F1D15031
SHA-512:	6F8A7C3D2516C88E172D6AF1F88B0F32242A737BA128F95E0668D57EE004384DAFE4011A84FC543BA477A7BC82A8D47862F1F276F0C89FA0087D63E4D3B72691
Malicious:	false
Reputation:	low
Preview:	(function(){'use strict';let e=[];const f=()=>{const a=e;e=[];for(const b of a)try{b()}catch{}};function g(a=document){return a.createElement("img")};function h(a=null){return a&&a.getAttribute("data-jc")==="26"?a:document.querySelector('[data-jc="26"]')};var k=document;/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var m=()=>{var a=k.querySelectorAll("link[data-reload-stylesheet][as=style][rel=preload]");for(var b=0;b<a.length;b++){var c=a[b],d="link",l=document;d=String(d);l.contentType==="application/xhtml+xml"&&(d=d.toLowerCase());d=l.createElement(d);d.setAttribute("rel","stylesheet");d.setAttribute("href",c.getAttribute("href"));k.head.appendChild(d)}if(a.length>0&&!(Math.random()>.01)){a=(a=h(document.currentScript))&&a.getAttribute("data-jc-rcd")==="true"?"pagead2.googlesyndication-cn.com":"pagead2.googlesyndication.com"; .b=(b=h(document.currentScript))&&b.getAttribute("data-jc-version")\|\|"unknown";a=`https://${a}/pagead/gen_204?id=jca

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3518)
Category:	downloaded
Size (bytes):	211858
Entropy (8bit):	5.43477116754567
Encrypted:	false
SSDEEP:	3072:sB+DSmU5OQocOIyGrzrEriruS4EcCYmnzLr6jD4xkRPMU8tGKKbD:sB+DSmNoPyi6jhCY0L4D4xkRH8tGKKf
MD5:	6AF94BBDA7ECB8B8CAA407C9D6F15B76
SHA1:	0D8E5EC9ED1F72269127125822AC2F967457A17F
SHA-256:	24DCCD731E4B42B3C3E43CB9AC9205879143EBB4DE7658AB9222DD3B0458B086
SHA-512:	68A5D0157FBAFB8F1F272E358A9C82611F38A0EABE205C179F14DC5248016B56958827FEEC5C7BCFCE04939902C9A953DFE109081C091710F9B47E8246F48E6B
Malicious:	false
Reputation:	low
URL:	https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Preview:	(function(){var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");},p=ca(this),.u=function(a,b){if(b)a:{var c=p;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}};.u("Symbol",function(a){if(a)return a;var b=function(f,g){this.rg=f;ba(this,"description",{configurable:!0,writable:!0,value:g})};b.prototype.toString=function(){return this.rg};var c="jscomp_symbol_"+(Math.random()*1E9>>>0)+"_",d=0,e=function(f){if(this instanceof e)t

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2200)
Category:	dropped
Size (bytes):	23678
Entropy (8bit):	5.499582071929141
Encrypted:	false
SSDEEP:	384:PqTcq08AdYSAIdImk7eDivZSPoa5LjcOuq37BroWaIOXXhwpuy4yDCWyj/1gVfj5:Pqr0VdYSAr7ecMPoaNQOHdUWaIOX277t
MD5:	4002AFA3CEF491481AB135657FE8712E
SHA1:	0C27BD429BB943377978552E0FB608BA3EBB2052
SHA-256:	187849C92554869BACCF286F9A45661D5217DE42ECE9328BE7B8FD1A19C5340C
SHA-512:	477B9B69608CB15A5D90AE48BC3C261F79CE670B88C5547A8786A0CA7C2C3151B3BA0A8C6B25D1B2A761A92EA9FBDA44E8D11854A9FC295C7C922E43AB688C1E
Malicious:	false
Reputation:	low
Preview:	(function(){'use strict';/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var m=this\|\|self;function aa(a){m.setTimeout(()=>{throw a;},0)};var ba,n;a:{for(var ca=["CLOSURE_FLAGS"],p=m,da=0;da<ca.length;da++)if(p=p[ca[da]],p==null){n=null;break a}n=p}var fa=n&&n[610401301];ba=fa!=null?fa:!1;var q;const ha=m.navigator;q=ha?ha.userAgentData\|\|null:null;function ia(a){return ba?q?q.brands.some(({brand:b})=>b&&b.indexOf(a)!=-1):!1:!1}function t(a){var b;a:{if(b=m.navigator)if(b=b.userAgent)break a;b=""}return b.indexOf(a)!=-1};function u(){return ba?!!q&&q.brands.length>0:!1}function ja(){return u()?ia("Chromium"):(t("Chrome")\|\|t("CriOS"))&&!(u()?0:t("Edge"))\|\|t("Silk")};function ka(a){ka[" "](a);return a}ka[" "]=function(){};!t("Android")\|\|ja();ja();t("Safari")&&(ja()\|\|(u()?0:t("Coast"))\|\|(u()?0:t("Opera"))\|\|(u()?0:t("Edge"))\|\|(u()?ia("Microsoft Edge"):t("Edg/"))\|\|u()&&ia("Opera"));let la;function ma(){const a=Error();a.__closure__error__context__98438

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2586)
Category:	downloaded
Size (bytes):	22537
Entropy (8bit):	5.532838453720538
Encrypted:	false
SSDEEP:	384:4qopQl6FtO53n+8svyf53Fo5oeHvVFBIuwRatEDTJi/EDdBC6ZcuLI4Xhw/XgsB6:4qopQlwOFn+DCFoeeFqYt2TJisnC6ZcU
MD5:	EC3C9F3C47B1AF207A73CCF2C74B1750
SHA1:	50BB39E227E1B1C6BCF3D99C01B916FE21259127
SHA-256:	38F4583C6BA3F8A4DEFF750B08424F18EA56E87B5013057BF6621A00B0B78144
SHA-512:	966B44A7375D3924E29160B53D804CDEE669E32B1BB9B6CCE4D4F2F5BB179A17C5FE9A180C9A355E065AF131D55CB2587B45A275FF0586BF49218A85F5110EBF
Malicious:	false
Reputation:	low
URL:	https://tpc.googlesyndication.com/pagead/js/r20241023/r20110914/client/qs_click_protection_fy2021.js
Preview:	(function(){'use strict';var aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ca=ba(this); .function da(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}}da("Symbol.dispose",function(a){return a?a:Symbol("Symbol.dispose")});/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var n=this\|\|self;function ea(a,b,c){return a.call.apply(a.bind,arguments)}function p(a,b,c){p=ea;return p.apply(null,arguments)}function fa(a,b){function c(){}c.pr

Chrome Cache Entry: 195

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17219)
Category:	dropped
Size (bytes):	17519
Entropy (8bit):	5.330118477006385
Encrypted:	false
SSDEEP:	384:AKCda0BL3liEPys8C5w+J1HAZ3vePKL3VYb2:A9Ddys8CuYKZ3vePKL3Wi
MD5:	EA59FE8222CC61FFDBD41119CE23FD25
SHA1:	737D9996CD2705B3457167B1F0A352232A10253A
SHA-256:	654595CF8B565940EF6B5765D3047AF2794B13EFEB6FDC661DED7F5CCF32CE0C
SHA-512:	6094B5FE8CE03C2A7E31A66F5753F4BB21C00937B360B860453D022827E81F33F289FA8A3A69E0E653ADE21E801EF578AE9EC3AD1D8218E78D4BFB09868867A2
Malicious:	false
Reputation:	low
Preview:	//.jQuery Mobile framework customized for Camera slideshow, made by.//.'jquery.mobile.define.js',.//.'jquery.ui.widget.js',.//.'jquery.mobile.widget.js',.//.'jquery.mobile.media.js',.//.'jquery.mobile.support.js',.//.'jquery.mobile.vmouse.js',.//.'jquery.mobile.event.js',.//.'jquery.mobile.core.js'.window.define=function(){Array.prototype.slice.call(arguments).pop()(window.jQuery)};define(["jquery"],function(a){(function(a,b){if(a.cleanData){var c=a.cleanData;a.cleanData=function(b){for(var d=0,e;(e=b[d])!=null;d++){a(e).triggerHandler("remove")}c(b)}}else{var d=a.fn.remove;a.fn.remove=function(b,c){return this.each(function(){if(!c){if(!b\|\|a.filter(b,[this]).length){a("*",this).add([this]).each(function(){a(this).triggerHandler("remove")})}}return d.call(a(this),b,c)})}}a.widget=function(b,c,d){var e=b.split(".")[0],f;b=b.split(".")[1];f=e+"-"+b;if(!d){d=c;c=a.Widget}a.expr[":"][f]=function(c){return!!a.data(c,b)};a[e]=a[e]\|\|{};a[e][b]=function(a,b){if(arguments.length){this._createWi

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39035)
Category:	downloaded
Size (bytes):	39330
Entropy (8bit):	5.336378339286664
Encrypted:	false
SSDEEP:	768:2Up+FrCU1OYvR7qO218kwiA2gRDLMjmQyrshT7Db3E8J1KTuDvniryxn7OqOPOt6:pDU1Ox62LvniFFl36+
MD5:	FB5074C5CF40020F7D0AB68A6D96DB97
SHA1:	D008C82675D94C4DD3A6C49E3361736D7504647B
SHA-256:	4A3AE52D3526E37040A8196CC9E7E926B8F77A57E0FC65462247F070C52485D0
SHA-512:	0A14F9DB778211FA003980626DBAEA7726849C485D401811F304A41DB3A182EDB2EF460C4C686551EF6348577AF0269B035D163FE739975838139669F2D5C0B6
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/camera.min.js
Preview:	// Camera slideshow v1.3.3 - a jQuery slideshow with many effects, transitions, easy to customize, using canvas and mobile ready, based on jQuery 1.4+.// Copyright (c) 2012 by Manuel Masia - www.pixedelic.com.// Licensed under the MIT license: http://www.opensource.org/licenses/mit-license.php.;(function(a){a.fn.camera=function(b,c){function e(){if(navigator.userAgent.match(/Android/i)\|\|navigator.userAgent.match(/webOS/i)\|\|navigator.userAgent.match(/iPad/i)\|\|navigator.userAgent.match(/iPhone/i)\|\|navigator.userAgent.match(/iPod/i)){return true}}function H(){var b=a(s).width();a("li",s).removeClass("camera_visThumb");a("li",s).each(function(){var c=a(this).position(),d=a("ul",s).outerWidth(),e=a("ul",s).offset().left,f=a("> div",s).offset().left,g=f-e;if(g>0){a(".camera_prevThumbs",V).removeClass("hideNav")}else{a(".camera_prevThumbs",V).addClass("hideNav")}if(d-g>b){a(".camera_nextThumbs",V).removeClass("hideNav")}else{a(".camera_nextThumbs",V).addClass("hideNav")}var h=c.left,i=c.left+

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	16866
Entropy (8bit):	6.016739390852769
Encrypted:	false
SSDEEP:	384:v8yFhQqaaQO9hBDV30YmC1F3KDwlRAbzO9gVLGE5xD:0s6BaQEpCcAXNDxD
MD5:	A0D742D8FD88DE7B3C4A17358FAFDEC5
SHA1:	4D0E4DAE87106234D9D0BC4A6E8FBD8EC58E36BF
SHA-256:	C1C5DAC259EAD28AA914387E05B0FA3E668E20526A5B493229995BE5929F979C
SHA-512:	FB8111927654865D81A1E8F5E9A68BE0805BDA77643141BECB23FFBA7D69382CA0D401D3F0F7A2B96F61D61A9CA2DFBAC8C963818EDCA2E0814009D18AA7444B
Malicious:	false
Reputation:	low
Preview:	{"sodar_query_id":"cdIaZ7GUD66ZjuwPy-apuAw","injector_basename":"sodar2","bg_hash_basename":"1PWLR3m32AKh2SGO2YJyzVos58MX5wejx1DIIGvliek","bg_binary":"mlQe4JL0O+FPBL6+3oemAhwWeUXFOv/F7TaEgx3NCdJxHDGJzGkYDsK0n1A9iE2lR1AhIEKTQGSL04w/M1NCwpKM6Rxk+rmyBgDp0KBWSqOUh6gjXkb1p04/gLnQ8WnOLjpRouTGz82tfG6IMI3E13dSlM1JpH1fQ3mSIY7FvCNrOGp0TUcgXj+kQtFKbEz8q7uES54JD1NwzVr1WKp/RDF34zvGWlP9HLKXms0gjou8JY5t2HQe7Ag7F5zLpYDYyDGUmwAuZ7bmmnBI0pkT+TryO1kfsRHzwERKPBrhAG5mCoHEoDXR2GrUdmCZ3+bLmLnkAskSy+FiEMR0++xAMf3bJXZ1tdvzGW2kz/3kOACtoBQR+701f3UcN2EQzjtI2a5DEWoWBDIacE6OwNM56q4aVg3/051PMWxqQthmpOiTXRET7WcBMxZBvQxDsq8Mwq20QtZferDbHe1+ncu6L0muGf4sW3SmFgebjecfjr8nLCjQc/XoWpG1tqS8KhNu/Cl5nfFCMgGBZ/JDse4Q+MO5JUwg/vUqEq+dKTwnK9iO3r2slYF6J7L1iyyFUFr51BDOzGheL9yENb+QyN/8xC5v6Xn4QHCZackUdC9ehiWp3VIJEwLEtGL82XPX78q/IFQhkVotuOGOPB4AB7vkd23FJpY6sC7W+G5gEU5ye/eF2rHEWhCH1V3MVSqvgGa+rGvMlTnuP1IYNBYiYe48ZYthTngZhw4NCf6dWa6uhvLyBgh4BFTi8FVuFfMUmLmnW8ueUYaZmeiOsIFlL3ZxTV7GmVSoOaF5MYE5ZlTHKBbLijfc9oSjBfgOsdBNi+rZRKjs1WjigU/SSoDAK

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	333530
Entropy (8bit):	7.997458849469445
Encrypted:	true
SSDEEP:	6144:A69Y1x0JgwNGk3oXSTvlk0RJKCWanugyibiAXOBArHN0l3AqGoJp5/a2:DY1x0SwNGk3ySrlkUVWa8ifrt0l3kept
MD5:	B765AFAD34AB26AC81D8BB5D3B0B7108
SHA1:	91BE5A547755CF0ED35EAB8C42648BB0E3270DB0
SHA-256:	0539C98E6B4A86F2633477C99162203C492A5B28967F077913A2AA4A05FA3C50
SHA-512:	E35D942B3912FEB0698F4A71097009A68E7E46F6EA6FCB0D6B791A25B4B2EF23B5AAACB7C8A098AFC699ADF7EB257BC201E1DD76F270E3C8E5E57136C6E9AEDE
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............x......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C735E406D73611E6BACDE2DFE7D546D2" xmpMM:DocumentID="xmp.did:C735E407D73611E6BACDE2DFE7D546D2"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C735E404D73611E6BACDE2DFE7D546D2" stRef:documentID="xmp.did:C735E405D73611E6BACDE2DFE7D546D2"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.Ila...PIDATx..y...U.....w....o.z.VK...-Y...........;..c"l'ap.I.Tq..$..C..\...cB...)L.!$...%..HB........{.....9.<.

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (521)
Category:	downloaded
Size (bytes):	14033
Entropy (8bit):	5.265976794283657
Encrypted:	false
SSDEEP:	384:Mh1c3uiEDoAzTZaBU4FKaxvF+Sdyh2Gr0CAjgAFv8961GlUEF:MreLE3Daxhdyh2GrHAjgsv8961GlBF
MD5:	D775F75525F575C811DEBB9391FF31AE
SHA1:	E5388A167013024C894240CD331280F475BD8DD6
SHA-256:	0DB3BC73C926B8B585B7D25C419E11ECC45E62B62E4444241A84EFD608E57F42
SHA-512:	F3F915E910991472F796FC006A51D17A4A3E0401FA0ECE56A9D6BC91C3D78E29687035809D510F5395431FE5AAF7500ECB8A8A6A5A674FE0F5E8EEA27873C1E7
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/jquery.mixitup.min.js
Preview:	/. MIXITUP - A CSS3 & JQuery Filter and Sort Plugin.* Version: 1.4.0.* Author: Patrick Kunka.* Copyright 2012-2013 Patrick Kunka, All Rights Reserved.* FREE FOR NON-COMMERCIAL USE.* http://www.mixitup.io.*/.(function(e){function m(d,b,h,c,a){function j(){k.unbind();b&&v(b,h,c,a);a.startOrder=[];a.newOrder=[];a.origSort=[];a.checkSort=[];u.removeStyle(a.prefix+"filter, filter, "+a.prefix+"transform, transform, opacity, display").css(a.clean).removeAttr("data-checksum");window.atob\|\|u.css({display:"none",opacity:"0"});k.removeStyle(a.prefix+"transition, transition, "+a.prefix+"perspective, perspective, "+a.prefix+"perspective-origin, perspective-origin, "+(a.resizeContainer?"height":""));"list"==a.layoutMode?.(q.css({display:a.targetDisplayList,opacity:"1"}),a.origDisplay=a.targetDisplayList):(q.css({display:a.targetDisplayGrid,opacity:"1"}),a.origDisplay=a.targetDisplayGrid);a.origLayout=a.layoutMode;setTimeout(function(){u.removeStyle(a.prefix+"transition, transition");a.mixing=!1;if

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (53493)
Category:	dropped
Size (bytes):	54798
Entropy (8bit):	5.706853302721694
Encrypted:	false
SSDEEP:	768:jbn7iRX/84lLztuypQnpr3MMhT7tUQL5jq7hETnMg2b2YKbK271Y6xM0W74scaes:jbnl4lvtapD9t5L5pnzYKHxyx/Ol/W
MD5:	8A4BEE23CF08904AB2A0CA49F29C04ED
SHA1:	2639946ECA2B433E8FCF0CC8ECBDBAF3DFA32B51
SHA-256:	36FC4574A17A9E031E609FE70EE8FCA204EA8A0095D88AD9A9357367E06ABFE0
SHA-512:	7E24E4E7FAD0322E4F9AECA95D105ECC177AFE844B8FA56B74E2AA8A55179451D212DB0C9E2659732AC3CBA591988D775929B7C0A6AC0C77142C96F13B0FF109
Malicious:	false
Reputation:	low
Preview:	//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlbnQiOlsiICJdLCJuYW1lcyI6WyJjbG9zdXJlRHluYW1pY0J1dHRvbiJdLCJtYXBwaW5ncyI6IkFBQUE7QUFBQTtBQUFBO0FBQUE7QUFBQTtBQUFBO0FBQUEifQ==.(function(){function u(f){return f}var l=function(f,a,L,U,R,c,W,B,I,k,D,e){for(D=(k=10,61);;)try{if(k==87)break;else{if(k==49)return B;if(k==a)b.console[R](e.message),k=67;else if(k==L)D=72,B=I.createPolicy(c,{createHTML:C,createScript:C,createScriptURL:C}),k=67;else if(k==10)B=W,I=b.trustedTypes,k=73;else if(k==U)k=b.console?a:67;else if(k==f)D=61,k=U;else{if(k==67)return D=61,B;k==73&&(k=I&&I.createPolicy?L:49)}}}catch(w){if(D==61)throw w;D==72&&(e=w,k=f)}},C=function(f){return u.call(this,f)},b=this\|\|self;(0,eval)(function(f,a){return(a=l(46,44,55,31,"error","bg",null))&&f.eval(a.createScript("1"))===1?function(L){return a.createScript(L)}:function(L){return""+L}}(b)(Array(Math.random()*7824\|0).join("\n")+['//# sourceMappingURL=data:applicati

Chrome Cache Entry: 201

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=266, bps=182, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x240, components 3
Category:	dropped
Size (bytes):	33916
Entropy (8bit):	7.762833552259218
Encrypted:	false
SSDEEP:	384:pywfDIak+m77O0nn1w8l6cgm/o40lMxRT7V7kM506aeUNW9jrDuAMQOCdo7oyVw8:1ITp7jRSTZlMxFVT5/tSUOCdG9Ar1g
MD5:	5C38FDB675B57E1472F457327F6F4226
SHA1:	8CEFA43C21988773139DE6A6D6561F25B2002E7D
SHA-256:	372B7950517AC19B070D7FF748BEC1E528C8B884FE851459E1BE09D59396131F
SHA-512:	C524C7222EAB62BE5B23DD5FCF9BE2EA281DD4BD7BAA2E26B742F2F2122B48645B1025466B5BBA0D18C7BE0B41480F8596C9E70E359F9F9A80DB4DB52D9610ED
Malicious:	false
Reputation:	low
Preview:	......Exif..II*...............,.......................................................................................(...........1...H.......2...........;.......(...........:...i.......L..................'.......'..Adobe Photoshop CS6 (13.020111012.m.258 2011/10/12:21:00:00) (Windows).2017:03:01 11:48:36.Sergey Kolesnikov.Sergey Kolesnikov...........0221....................,...........................................................(.......................................H.......H.............Adobe_CM......Adobe.d......................................................................................................................................................"................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWg

Chrome Cache Entry: 202

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65482), with CRLF line terminators
Category:	downloaded
Size (bytes):	93637
Entropy (8bit):	5.292996107428883
Encrypted:	false
SSDEEP:	1536:96IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:v+vIklosn/BLXjxzMhsSQ
MD5:	E1288116312E4728F98923C79B034B67
SHA1:	8B6BABFF47B8A9793F37036FD1B1A3AD41D38423
SHA-256:	BA6EDA7945AB8D7E57B34CC5A3DD292FA2E4C60A5CED79236ECF1A9E0F0C2D32
SHA-512:	BF28A9A446E50639A9592D7651F89511FC4E583E213F20A0DFF3A44E1A7D73CEEFDB6597DB121C7742BDE92410A27D83D92E2E86466858A19803E72A168E5656
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/js/jquery.min.js
Preview:	/! jQuery v1.8.3 jquery.com \| jquery.org/license /..(function(e,t){function _(e){var t=M[e]={};return v.each(e.split(y),function(e,n){t[n]=!0}),t}function H(e,n,r){if(r===t&&e.nodeType===1){var i="data-"+n.replace(P,"-$1").toLowerCase();r=e.getAttribute(i);if(typeof r=="string"){try{r=r==="true"?!0:r==="false"?!1:r==="null"?null:+r+""===r?+r:D.test(r)?v.parseJSON(r):r}catch(s){}v.data(e,n,r)}else r=t}return r}function B(e){var t;for(t in e){if(t==="data"&&v.isEmptyObject(e[t]))continue;if(t!=="toJSON")return!1}return!0}function et(){return!1}function tt(){return!0}function ut(e){return!e\|\|!e.parentNode\|\|e.parentNode.nodeType===11}function at(e,t){do e=e[t];while(e&&e.nodeType!==1);return e}function ft(e,t,n){t=t\|\|0;if(v.isFunction(t))return v.grep(e,function(e,r){var i=!!t.call(e,r,e);return i===n});if(t.nodeType)return v.grep(e,function(e,r){return e===t===n});if(typeof t=="string"){var r=v.grep(e,function(e){return e.nodeType===1});if(it.test(t))return v.filter(t,r,!n);t=v.filter(t

Chrome Cache Entry: 203

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18492, version 1.0
Category:	downloaded
Size (bytes):	18492
Entropy (8bit):	7.988005025098439
Encrypted:	false
SSDEEP:	384:jHq3alnVfBJBuMlPGCh9NBRLS64LRb0v5waXf0BFY0/rJ8Zw4bzUQb:jHqKf5JMOPdzNPLS64laxsFY0t8XcM
MD5:	7FDA4C62C1BDEAE7A08E6FD438104BAC
SHA1:	B1F626E78F5F6D7BE993303A49EB81F0FA4CE57C
SHA-256:	4DBD328E347E890A801D51F9A5F8D38A3EFD51EC34C0AA22CC83D0A95D6D9D71
SHA-512:	C4A36A3C1FF23023533DFF103A108844B7CFE4E793ABA0B1B5576431E77DD6E9EDF29FAD68132577AD6AD55CA7A011A38723DA2FA15D9071D2C6BA4E02D1DADC
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Preview:	wOF2......H<..........G..............................Z..\|.`..J.X..<.....P..N..Z...x.6.$..0. ..\|. ..:...%l.F.......T.mZ..V.n!.53.l.@..N....CD.!f......I.(;..Cw.2L..@....M....(.H].......1..I&..tE.e....D...}y..6D.h.Z..$y.J.X._....J2 .(.....=M..+Hd.Y.6.f.J.z..:.........#.#...3..;.<..q./.,g.tK.Y.Ne.?......1.b.......S.".~..\|Q.9.1Q.Y.^....MkF......;v..g(.(S...Z.>...l.XW.Z....-Q.h..MR8$..W(..Wh.0....X..;]3...:..\/..L...L.U...6".h?K.....A.....(2z.uRTn...GaJ......+..4..d...I.[!..Ua..x..4.,@..t....3.e..J._'..R.j.p.t...`.4.......aI,.....W..9V..K..c..... g...:.........'..6.O.0+..;Q..&..e..=..sg......Eg.2.R.M..{{w.{{'4.L.O2.L$) ;..`....PeW..O..iS..e..S.l... .....R.R.+.!.uLUE~...C.JN..J.r...@..g..:.\..;..s.n.s........sq4... ;..N.`.H<T.....p.#2.e....H..T...........1....^......L.....R...R.1.!............E..m_Z~....z..L..j....".q~..Pg!X}1.q.!.n......@.d...._5=..x.......[.y.#$Q.d.........j...1n.....&...-(N..P\5<.f.qB..\|.i...q<.'..C.A...\.i.x.9........1.>....

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65482), with CRLF line terminators
Category:	dropped
Size (bytes):	93637
Entropy (8bit):	5.292996107428883
Encrypted:	false
SSDEEP:	1536:96IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:v+vIklosn/BLXjxzMhsSQ
MD5:	E1288116312E4728F98923C79B034B67
SHA1:	8B6BABFF47B8A9793F37036FD1B1A3AD41D38423
SHA-256:	BA6EDA7945AB8D7E57B34CC5A3DD292FA2E4C60A5CED79236ECF1A9E0F0C2D32
SHA-512:	BF28A9A446E50639A9592D7651F89511FC4E583E213F20A0DFF3A44E1A7D73CEEFDB6597DB121C7742BDE92410A27D83D92E2E86466858A19803E72A168E5656
Malicious:	false
Reputation:	low
Preview:	/! jQuery v1.8.3 jquery.com \| jquery.org/license /..(function(e,t){function _(e){var t=M[e]={};return v.each(e.split(y),function(e,n){t[n]=!0}),t}function H(e,n,r){if(r===t&&e.nodeType===1){var i="data-"+n.replace(P,"-$1").toLowerCase();r=e.getAttribute(i);if(typeof r=="string"){try{r=r==="true"?!0:r==="false"?!1:r==="null"?null:+r+""===r?+r:D.test(r)?v.parseJSON(r):r}catch(s){}v.data(e,n,r)}else r=t}return r}function B(e){var t;for(t in e){if(t==="data"&&v.isEmptyObject(e[t]))continue;if(t!=="toJSON")return!1}return!0}function et(){return!1}function tt(){return!0}function ut(e){return!e\|\|!e.parentNode\|\|e.parentNode.nodeType===11}function at(e,t){do e=e[t];while(e&&e.nodeType!==1);return e}function ft(e,t,n){t=t\|\|0;if(v.isFunction(t))return v.grep(e,function(e,r){var i=!!t.call(e,r,e);return i===n});if(t.nodeType)return v.grep(e,function(e,r){return e===t===n});if(typeof t=="string"){var r=v.grep(e,function(e){return e.nodeType===1});if(it.test(t))return v.filter(t,r,!n);t=v.filter(t

Chrome Cache Entry: 205

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	59323
Entropy (8bit):	7.994651044208876
Encrypted:	true
SSDEEP:	1536:5VAtczxqe0EogNXNP9Gf1ylPyng/subDX2rpx:5VAtSke0kOd2Pyn6Krj
MD5:	07B6B22BDFCA2E1B778ACC63E97B9FD1
SHA1:	709090D67C58EF2602151174FC4CDE3699494E3F
SHA-256:	5928B133D20D41571891F28669C4E887843A0A360C74F459DA1DB2F9A3772929
SHA-512:	9DD6A415ABAA0127BB61E4A4F72363F3078F72B5C49220E86A955F2D392BEDA78062AE094A5039C29EA9DFD982AFA9799E06DAEECF92F36F5AA078C97F00BFBF
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................j....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:08EBB3CDC39711E6864EDB9C4B5DE57F" xmpMM:DocumentID="xmp.did:08EBB3CEC39711E6864EDB9C4B5DE57F"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:08EBB3CBC39711E6864EDB9C4B5DE57F" stRef:documentID="xmp.did:08EBB3CCC39711E6864EDB9C4B5DE57F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.r....1IDATx.}..]Wu.^..^.j4..E....lc...i.@.y.@ !$.^.G...@ ..!<H..$.S.....c.{..%....4E..;.........>...X.f..{.>k......?6

Chrome Cache Entry: 206

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Category:	downloaded
Size (bytes):	18596
Entropy (8bit):	7.988788312296589
Encrypted:	false
SSDEEP:	384:h5D5WUhNanar/Z19V6iGCYIqoPfHwfr13GPgqbrxremyFKKWB:h/NaOrBGCYIBPfQD1xqPhl
MD5:	C83E4437A53D7F849F9D32DF3D6B68F3
SHA1:	FABEA5AD92ED3E2431659B02E7624DF30D0C6BBC
SHA-256:	D9BADA3A44BB2FFA66DEC5CC781CAFC9EF17ED876CD9B0C5F7EF18228B63CEBB
SHA-512:	C2CA1630F7229DD2DEC37E0722F769DD94FD115EEFA8EEBA40F9BB09E4FDAB7CC7D15F3DEEA23F50911FEAE22BAE96341A5BACA20B59C7982CAF7A91A51E152F
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Preview:	wOF2......H...........H=................................\|.`..J.H..<........>..Z...x.6.$..0. ..~. ..)...%.m..t.D<...U.c....D....@........@e..a..R./<...p..q..q....S<.nm...X..(ER....e.....O.?Q_..FYH......ml.E..?;X0>.f.Y.,.n.a...._h8c.006U.cS..3.m.Or..I9..5.;.=..'!..c.O...W.K..f....k..&Xq..Y?.r...%.S..y.:q.......uD.d.R..'..Q,L.... e`..=?.{...e%{.....3+$.....NkF2...... ._}..2]....,.F.u.S4O.~w).G..../]}6.nVwKj.h@........5.7P....i..r........U?.........q..Cm......g...\.zu.....P..\|....5G$...4k$..L..g..".y..?..6...O...e..@..0TYh..v........M.....#B...O.i.G$.Bq..m.A.s~...A...c.....25K.....B..<..w.A....G.O...A......A,y"q....q<....N..{Ta..!.\|vzo.;9.5>.>....7I.i.Ld.4..y...].g.....'m_(...O-..}.K.(....R..2.q.z9.D..]..$.#$.:x..:{..m.OF...K[J. ......lpH.#%V....4.;l.<..J.6.T..a...I..\|..zj.k.-...y...#..e.1,s....<.HX.....z{L....'.$. "..tY..m.<.\8P. a.......x.W\.b.%...RA.\.... M.......v1......#...............`.c..%.Nc.d.qP.68....$<.O.S_7...U.].jn>@.3.c..wO..>.>a.qg....\..kb.

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	131965
Entropy (8bit):	6.087984387481155
Encrypted:	false
SSDEEP:	1536:duLqZ+Y7QzNXNb82bMJGqVFSVOgdwvB+cbUM9nD7vVkrXRZYA0VNRFgLklC5xrN3:mLzN9Z/2FSV3dwvB0M9XvVkrXRZd7Dsg
MD5:	E1F6EADB1FB5993497DBA21563E193F0
SHA1:	B2F57014D9648336D433C6864C7CC7B4B4863F75
SHA-256:	0D3A4A9E6C3128773BA519470CB73890D31C3717F897A0DCECA5856DFA58131C
SHA-512:	FABD4ADB77BB7E358A31FB6DF4761AD3E8809A49C37EA7E12F5784666813FE1CBC3F7745A7B6CF30F59B67F0620A02CF055CC2624CAD321D302885A44218CD0B
Malicious:	false
Reputation:	low
URL:	https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4306
Preview:	<!DOCTYPE html><html lang=en><head><meta charset="UTF-8"><script>var jscVersion = 'r20241023';</script><script>var google_casm=[];</script><style>HTML,BODY{height:100%;width:100%;margin:0;padding:0;overflow:hidden;}#mys-wrapper{height: 100%;width:100%;overflow:hidden;position: absolute;top:0;left:0;align-items: center;display:flex;justify-content:center;line-height:normal;}#mys-overlay{height:100%;width:100%;overflow:hidden;position:absolute;top:0;left:0;box-sizing:border-box;pointer-events:none;z-index:1;border:1px solid #E5E5E5;}.mys-wrapper A,.mys-wrapper A:visited,.mys-wrapper A:hover,.mys-wrapper A:active{color:inherit;cursor:pointer;text-decoration:inherit;}[dir=rtl] .flip-on-rtl{transform:scale(-1,1);transform-origin:center;}#mys-content{flex-shrink:0;position:relative;overflow:hidden;z-index:0;}</style><style data-nl="bannerB" data-ns="ns-9njm7" x-phase="assemble">.ns-9njm7-l-bannerB{opacity:.01;position:absolute;top:0;left:0;display:block;width:1074px;height:280px;}.ns-9njm7-e

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text
Category:	dropped
Size (bytes):	8097
Entropy (8bit):	5.390616885965898
Encrypted:	false
SSDEEP:	192:pl+Or8ur83V33R3hqRAsfAy4MOr8ur83V33R3hqo:zZr8ur83VHBhm+r8ur83VHBhL
MD5:	6516449ED5089677ED3D7E2F11FC8942
SHA1:	82E40D060BC269A6DDE20C3990CA5A4FEA6CA754
SHA-256:	0757F7FF6E5F6A581922A5E2D42C5E0CF7475D880885A9802E8BDD5E4188DD34
SHA-512:	6EBAE34E9F46E8C90A5F94235F0C00424B1C7C5A4A8B7A248F267F337BC6C3083DA88D66B28CFBCFE11B4012D7B139D52B73CE8D80461DC42F5F7E0614AAFFEC
Malicious:	false
Reputation:	low
Preview:	/. jQuery Easing v1.3 - http://gsgd.co.uk/sandbox/jquery/easing/. . Uses the built in easing capabilities added In jQuery 1.1. * to offer multiple easing options. . TERMS OF USE - jQuery Easing. * . * Open source under the BSD License. . * . * Copyright . 2008 George McGinley Smith. * All rights reserved.. * . * Redistribution and use in source and binary forms, with or without modification, . * are permitted provided that the following conditions are met:. * . * Redistributions of source code must retain the above copyright notice, this list of . * conditions and the following disclaimer.. * Redistributions in binary form must reproduce the above copyright notice, this list . * of conditions and the following disclaimer in the documentation and/or other materials . * provided with the distribution.. * . * Neither the name of the author nor the names of contributors may be used to endorse . * or promote products derived from this software without specific prior written permis

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x225, components 3
Category:	dropped
Size (bytes):	22597
Entropy (8bit):	7.9611352308923875
Encrypted:	false
SSDEEP:	384:2nX1qjo8Yo/2rv4jn5PSca2TKE41PLC7ULdvkDR3gTWDpV2nC/S:2XEe81MoKE4kCc3WqpV/S
MD5:	25CD4B2832DF917132499324029AC5B2
SHA1:	E0AAD419A9CCEF8881C6DB05BFD2775E9D7AB440
SHA-256:	0D9DCEA367252139D88ACB378C18CFCE2C29EA6271FC8693C2C2BC648D8AD559
SHA-512:	BF241464991A400CB2FB7AF5F823038A9B034B60F84CEB9DEAAD3BED9CFBB852873EF822AE9B82CF918E5441BDA7619DEE6EEEA4DFB04E429DF06D2D432547B0
Malicious:	false
Reputation:	low
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c007 1.144109, 2011/09/20-18:09:10 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmpMM:DocumentID="xmp.did:578A8DF29D6111E58317836E80FE8560" xmpMM:InstanceID="xmp.iid:578A8DF19D6111E58317836E80FE8560" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="466088E57091A300993ACC88D552D31E" stRef:documentID="466088E57091A300993ACC88D552D31E"/> <dc:creator> <rdf:Seq> <rdf:li>SERGEY NIVENS</rdf:li> </rdf:Seq> </dc:creator> <dc:title> <rdf:Alt> <rdf:li xml:lang="x-default">Time to do my homework</rdf:li> </rdf:Alt> </

Chrome Cache Entry: 210

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 400x190, components 3
Category:	downloaded
Size (bytes):	40104
Entropy (8bit):	7.887947294704592
Encrypted:	false
SSDEEP:	768:bP+hXkuaCjkUmWjKo/3cN5MJWlku8JMxbloyaRmx58Ptn6fmo57gx0:kXPZXGo/QlXgMxbhyg5sYcx0
MD5:	D1DCE63FF256F3AA1A9041132BE5BEB0
SHA1:	AFBA0487AD22002012A701FEA620B8A7BE95FDAF
SHA-256:	14E5E8F2495E33B1F93F738D8994E4C444B5294DEC864BC877B72E5EEF4F429B
SHA-512:	2B3AABFAC587EBF9081DC2F983D82B21E66E211944012CF2D839C3D10948FA6A7DB5D9009C70473FFC416138770D25B405A63ED89570C4FDB1ECA14AD9735CEA
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/images/popup.jpg
Preview:	......JFIF.....d.d......Ducky.......d......Adobe.d............................................................................................................................................................................................................................................u........!.."..1.A2#..QB.a$3.Rq..b.%C...&4r....5'.S6..DTsEF7Gc(UVW......d.t..e.....)8f.u9:HIJXYZghijvwxyz.......................................................................m.....!..1..".AQ.2a.q.B.#..R.b.3..$..Cr...4%.S.cD.&5.T6Ed'.s..Ft....UeuV7........)...............(GWf8v........gw........HXhx........9IYiy........:JZjz....................?.........D..Q.....$z....V..._..... .H.0.......8.}9.....T...\...D../...=.Q.....j$..N?...~....T....1...I...._H.Z.......Y.p1.Z...................#.......~../.{...5..\@...'.........G...u.....?_...Q.e.^......?..[.=.Q.Z.]s.=^.......z..=\.).W.\|..x....O...mG.x.M(:....6.......}......@...5........Y..j.Ni^.&..l>.r?.....R:.H......~....I>..\|F<z.)

Chrome Cache Entry: 211

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	103
Entropy (8bit):	4.1716187943968235
Encrypted:	false
SSDEEP:	3:GACW0RXxKbFEuFX4MfY1hgSF7nKXl0QgKHJu:SW0xxsFfX820QFpu
MD5:	96C5637E1EB8F8F8C34172F2D23EAFC6
SHA1:	2A416F86C3C9E26F9C34BF1F8B1BB5DAA46E86F9
SHA-256:	90B2D35CD5E08370ED20DB81197DD9DA1A4DBB421F71293FD5733EA49EB7B3E1
SHA-512:	4686BA81D38403B2DCFDB0514F1151DF5BF555EB12EA47214FFA2E8EA2BED44348144D6731A01EBA38890B33726A76DFA26822B4233EB59BF12ED58E9EBB86D3
Malicious:	false
Reputation:	low
URL:	https://www.queleas.com/favicon.ico
Preview:	The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3673)
Category:	downloaded
Size (bytes):	158566
Entropy (8bit):	5.595721576720842
Encrypted:	false
SSDEEP:	3072:xOWwI3J8nZcz77QwtxS4ye4lHqM/T+Duu0sMft/pUIWIx7lzd6tpriZn/zHRzH0H:xOWwI2nZcz77QwtxS4ye411/T+DuutsE
MD5:	B317A3A172E48AE7882B60374B8B44D7
SHA1:	79B2ACADFA26C0833BDB9C6EA00F19345CA49DE5
SHA-256:	9D8FF7B66C568DEEAF8569D82280351BEA9109DE76E64B8FE027D6B5A24D06AE
SHA-512:	3B9A8D40E265F2C03BC60745E30106B0C59050036FB0B36D55BE895308C0F0501145FA1AE93251E227AAD34F6CE6A4A1E5EE4BA19B938BE1BBF34F2188B27576
Malicious:	false
Reputation:	low
URL:	https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Preview:	(function(sttc){'use strict';var aa,ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} .var da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",fa={},ha={};function ia(a,b,c){if(!c\|\|a!=null){c=ha[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} .function ja(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in fa?f=fa:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=ea&&c==="es6"?f[d]:null;b=b(c);b!=null&&(a?ba(fa,d,{configurable:!0,writable:!0,value:b}):b!==c&&(ha[d]===void 0&&(a=Math.random()*1E9>>>0,ha[d]=ea?da.Symbol(d):"$jscp$"+a+

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 25, 2024 01:03:43.249715090 CEST	49673	443	192.168.2.8	23.206.229.226
Oct 25, 2024 01:03:43.780806065 CEST	49672	443	192.168.2.8	23.206.229.226
Oct 25, 2024 01:03:48.938512087 CEST	49676	443	192.168.2.8	52.182.143.211
Oct 25, 2024 01:03:51.687063932 CEST	49677	80	192.168.2.8	192.229.211.108
Oct 25, 2024 01:03:52.858944893 CEST	49673	443	192.168.2.8	23.206.229.226
Oct 25, 2024 01:03:53.390177965 CEST	49672	443	192.168.2.8	23.206.229.226
Oct 25, 2024 01:03:55.037744999 CEST	443	49703	23.206.229.226	192.168.2.8
Oct 25, 2024 01:03:55.039572001 CEST	49703	443	192.168.2.8	23.206.229.226
Oct 25, 2024 01:03:58.422655106 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:58.422688007 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:03:58.422765017 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:58.423027992 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:58.423038006 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:03:59.465917110 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:03:59.467231989 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:59.467245102 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:03:59.468295097 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:03:59.468419075 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:59.469639063 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:59.469717979 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:03:59.522984982 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:59.523005962 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:03:59.568928003 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:03:59.599337101 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:03:59.599371910 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:03:59.599612951 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:03:59.601574898 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:03:59.601603985 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.471568108 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.471662045 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.489476919 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.489510059 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.489978075 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.534656048 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.572017908 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.615334034 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.816668987 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.816761017 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.816812038 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.816952944 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.816973925 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.817014933 CEST	49729	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.817022085 CEST	443	49729	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.857218981 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.857268095 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:00.857332945 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.857652903 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:00.857671022 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:01.708734035 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:01.708832979 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:01.787620068 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:01.787657022 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:01.788120031 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:01.789825916 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:01.807329893 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:01.807339907 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:01.807440996 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:01.807955027 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:01.807974100 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:01.835330963 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:02.035012960 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:02.035099983 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:02.035229921 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:02.044208050 CEST	49746	443	192.168.2.8	184.28.90.27
Oct 25, 2024 01:04:02.044229984 CEST	443	49746	184.28.90.27	192.168.2.8
Oct 25, 2024 01:04:02.660376072 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:02.687613010 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:02.687648058 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:02.688882113 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:02.688992023 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:03.318841934 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:03.319016933 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:03.374814034 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:03.374834061 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:03.427603960 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:04.850224972 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:04.850266933 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:04.850331068 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:04.851396084 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:04.851409912 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:05.719369888 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:05.719439030 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:05.794148922 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:05.794176102 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:05.795205116 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:05.928563118 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.086592913 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.131335974 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368628979 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368663073 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368674994 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368686914 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368707895 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368710995 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.368719101 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368740082 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.368745089 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.368773937 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.368788004 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.369425058 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.369435072 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.369487047 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.369496107 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.369693995 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:07.369865894 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:07.693078041 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.693098068 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:07.693152905 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.693371058 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.693401098 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:07.693486929 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.693552017 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.693589926 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:07.693679094 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.693830967 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.693841934 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:07.693996906 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.694006920 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:07.694143057 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:07.694161892 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.410783052 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:08.410806894 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:08.410824060 CEST	49774	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:08.410829067 CEST	443	49774	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:08.531930923 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.532222033 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.532253981 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.533305883 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.533355951 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.533799887 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.533865929 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.533993959 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.534003973 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.545396090 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.545599937 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.545625925 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.546785116 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.546838045 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.547168970 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.547231913 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.547293901 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.547324896 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.556380987 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.556771040 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.556793928 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.560029984 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.560082912 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.561079979 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.561192036 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.561276913 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.561306000 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.589735031 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.589756966 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.589771986 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.633285999 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.633297920 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.695266008 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.779592037 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.779634953 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.779660940 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.779685974 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.779711008 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.779788971 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.779827118 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.779834986 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.779925108 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.780188084 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.835901022 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.835922956 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.837234974 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.837300062 CEST	443	49783	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.837371111 CEST	49783	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.893722057 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.893742085 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.894131899 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.894196987 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.894372940 CEST	443	49782	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:08.894422054 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:08.894439936 CEST	49782	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.317373037 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.317416906 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.317472935 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.317502022 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.317521095 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.317529917 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.317574024 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.317583084 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.317615032 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.317687035 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.318878889 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:09.318947077 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:09.319262981 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:04:09.326920986 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.326966047 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.326971054 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.333297968 CEST	49720	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:04:09.333333969 CEST	443	49720	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:09.433196068 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.433238983 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.433244944 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.433335066 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.433372021 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.433372974 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.433379889 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.433778048 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.441526890 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.446108103 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.446149111 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.446152925 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.455137968 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.455208063 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.455213070 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.549164057 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.549190044 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.549220085 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.549227953 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.549257994 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.549268007 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.549272060 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.549295902 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.557480097 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.562632084 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.562680960 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.562691927 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.571010113 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.571053028 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.571084976 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.571089983 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.571135044 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.609739065 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.664731026 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.664783955 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.664804935 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.664822102 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.664957047 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.664968967 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.673047066 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.673104048 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.673118114 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.677858114 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.677911997 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.677934885 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.686739922 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.686798096 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.686813116 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.725409031 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.725470066 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.725486994 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.773437023 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.780549049 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.780690908 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.780807972 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.780817032 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.785293102 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.785340071 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.785346031 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.793450117 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.793503046 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.793546915 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.793557882 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.793593884 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.797399998 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.802385092 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.802642107 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.802651882 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.852404118 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.852416992 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.897078991 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.897155046 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.897175074 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.904853106 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.904953003 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.904953957 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.904982090 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.905036926 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.909394979 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.909574986 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.909627914 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.909636021 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.913464069 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.913518906 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.913526058 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.956340075 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.956361055 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.957071066 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:09.957129002 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:09.957134962 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.007224083 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.012123108 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.020668030 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.020711899 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.020719051 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.025166035 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.025209904 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.025226116 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.025310040 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.025356054 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.025362015 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.029095888 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.029160976 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.029166937 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.029180050 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.029220104 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.035033941 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.035080910 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.035294056 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.035800934 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.035840988 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.073158979 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.115875959 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.115904093 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.128024101 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.128153086 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.128176928 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.137852907 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.137927055 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.137950897 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.141794920 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.141851902 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.141853094 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.141871929 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.141952038 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.141988039 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.141997099 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.142224073 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.145298958 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.185851097 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.188623905 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.188703060 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.188724995 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.188783884 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.188841105 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.242067099 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.243947029 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.252370119 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.252434969 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.252449036 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.252563953 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.252623081 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.252630949 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.252964020 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.253036976 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.253591061 CEST	49784	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.253607988 CEST	443	49784	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.908634901 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.908864975 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.908885002 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.911916971 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.911993980 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.912307024 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.912374973 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.912493944 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:10.912519932 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:10.956343889 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:11.213491917 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:11.263084888 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:11.263122082 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:11.264492035 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:11.264590979 CEST	443	49790	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:11.264782906 CEST	49790	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:12.859327078 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:12.859375000 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:12.859515905 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:12.859725952 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:12.859741926 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:13.731183052 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:13.731414080 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:13.731420994 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:13.732939005 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:13.733004093 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:13.733321905 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:13.733411074 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:13.733472109 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:13.733481884 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:13.774715900 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:13.995271921 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:14.001472950 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:14.001563072 CEST	443	49809	216.58.206.34	192.168.2.8
Oct 25, 2024 01:04:14.001626968 CEST	49809	443	192.168.2.8	216.58.206.34
Oct 25, 2024 01:04:14.331471920 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:14.331502914 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:14.331871033 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:14.337009907 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:14.337021112 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:14.942203999 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:14.942248106 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:14.942297935 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:14.942615986 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:14.942630053 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:15.210319042 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:15.214276075 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:15.214284897 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:15.215754986 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:15.215816975 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:15.216655970 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:15.216747046 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:15.216857910 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:15.216871977 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:15.257958889 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:15.505278111 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:15.511006117 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:15.511112928 CEST	443	49813	142.250.185.162	192.168.2.8
Oct 25, 2024 01:04:15.511176109 CEST	49813	443	192.168.2.8	142.250.185.162
Oct 25, 2024 01:04:15.787492990 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:15.787753105 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:15.787807941 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:15.788856983 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:15.788928986 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:15.789994001 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:15.790074110 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:15.790173054 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:15.790193081 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:15.830298901 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.046987057 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.047030926 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.047055006 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.047081947 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.047111034 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.047148943 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.047171116 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.047394991 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.047594070 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.047605038 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.055366993 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.055428982 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.055449963 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.099884987 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.099910021 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.147203922 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.162785053 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.162849903 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.162961006 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.162980080 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.209331989 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.209355116 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.210141897 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.210264921 CEST	443	49814	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:16.210351944 CEST	49814	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:16.225290060 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:16.225298882 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:16.225354910 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:16.225526094 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:16.225538015 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.075567961 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.098340988 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.098376036 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.099522114 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.099592924 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.120980978 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.121200085 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.124938965 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.124958992 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.167665958 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.383969069 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.384013891 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.384040117 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.384063005 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.384090900 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.384094954 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.384139061 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.384161949 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.384506941 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.384514093 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.392565966 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.392877102 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.392903090 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.446290970 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.446326971 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.499268055 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.499301910 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.499376059 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.499407053 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.499471903 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.503752947 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.545950890 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.545979977 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.592963934 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.624330044 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.624413013 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.624469042 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.730180025 CEST	49818	443	192.168.2.8	142.250.184.226
Oct 25, 2024 01:04:17.730200052 CEST	443	49818	142.250.184.226	192.168.2.8
Oct 25, 2024 01:04:17.932652950 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:17.932694912 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:17.932743073 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:17.933386087 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:17.933428049 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:17.933479071 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:17.934031010 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:17.934042931 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:17.934492111 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:17.934509039 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:18.791445017 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:18.791948080 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:18.791980982 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:18.793000937 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:18.793076992 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:18.793622971 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:18.793698072 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:18.793766022 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:18.794543028 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:18.797450066 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:18.797502995 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:18.797615051 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:18.797899961 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:18.797930002 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:18.798264027 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:18.798276901 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:18.798940897 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:18.799001932 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:18.799607992 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:18.799685955 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:18.800039053 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:18.800050020 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:18.835386992 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:18.839632034 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:18.839682102 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:18.855339050 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:18.886857033 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.080573082 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080624104 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080652952 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080684900 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080713034 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080723047 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.080768108 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080780983 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.080805063 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.080812931 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080847025 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080882072 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080892086 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.080898046 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.080938101 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.081161976 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:20.081876993 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.081947088 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.081960917 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:20.082026958 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.082060099 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:20.085191011 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.085943937 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.085973024 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.087085962 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.087177992 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.104312897 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.104469061 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.104482889 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.108318090 CEST	49819	443	192.168.2.8	172.217.18.4
Oct 25, 2024 01:04:20.108341932 CEST	443	49819	172.217.18.4	192.168.2.8
Oct 25, 2024 01:04:20.109327078 CEST	49820	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:20.109344006 CEST	443	49820	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:20.147342920 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.147970915 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.147994995 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.194839954 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.356471062 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.356522083 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.356554985 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.356587887 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.356596947 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.356631994 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.356647968 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.357245922 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.357436895 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.357445002 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.364847898 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.364909887 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.364931107 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.413598061 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.413623095 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.460472107 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.473687887 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.473756075 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.473797083 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.473824024 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.476003885 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.476041079 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.476102114 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.476118088 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.476155043 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.607031107 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.607112885 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.607156038 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.676291943 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.676336050 CEST	443	49821	142.250.186.129	192.168.2.8
Oct 25, 2024 01:04:20.676352024 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:20.676403046 CEST	49821	443	192.168.2.8	142.250.186.129
Oct 25, 2024 01:04:23.232336998 CEST	49825	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:23.232419014 CEST	443	49825	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:23.232491016 CEST	49825	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:23.232692003 CEST	49825	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:23.232705116 CEST	443	49825	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:23.813853025 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:23.813884974 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:23.813961983 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:23.814188004 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:23.814218998 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.137176037 CEST	443	49825	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:24.137455940 CEST	49825	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:24.137484074 CEST	443	49825	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:24.137814045 CEST	443	49825	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:24.138145924 CEST	49825	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:24.138226986 CEST	443	49825	142.250.184.225	192.168.2.8
Oct 25, 2024 01:04:24.178574085 CEST	49825	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:04:24.683798075 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.684103012 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:24.684146881 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.685162067 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.685235977 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:24.685698986 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:24.685779095 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.685969114 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:24.685987949 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.726222038 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:24.965701103 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.967979908 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:24.968049049 CEST	443	49826	172.217.16.130	192.168.2.8
Oct 25, 2024 01:04:24.968096972 CEST	49826	443	192.168.2.8	172.217.16.130
Oct 25, 2024 01:04:45.214160919 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:45.214204073 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:45.214539051 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:45.215024948 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:45.215038061 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.074421883 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.074493885 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.077472925 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.077491045 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.077740908 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.081475973 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.127326012 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.366920948 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.366946936 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.366964102 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.367041111 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.367058992 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.367090940 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.367125034 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.485810041 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.485868931 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.485914946 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.485928059 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.486001015 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.486026049 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.486133099 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.486212015 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.486224890 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:46.486334085 CEST	49827	443	192.168.2.8	20.12.23.50
Oct 25, 2024 01:04:46.486341953 CEST	443	49827	20.12.23.50	192.168.2.8
Oct 25, 2024 01:04:48.381947994 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:04:48.381961107 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:04:58.465639114 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:04:58.465670109 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:58.465739012 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:04:58.466537952 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:04:58.466548920 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:59.322299957 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:59.322691917 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:04:59.322720051 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:59.323048115 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:59.323503017 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:04:59.323565960 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:04:59.370212078 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:05:03.687616110 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:03.687665939 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:03.687746048 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:03.688256979 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:03.688271046 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.338800907 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:05:04.338911057 CEST	443	49756	172.217.16.194	192.168.2.8
Oct 25, 2024 01:05:04.338996887 CEST	49756	443	192.168.2.8	172.217.16.194
Oct 25, 2024 01:05:04.436657906 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.436729908 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.438668013 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.438677073 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.438920975 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.448100090 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.491337061 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.694087029 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.694104910 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.694143057 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.694255114 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.694268942 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.694291115 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.694319010 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.813220978 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.813242912 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.813363075 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.813380003 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.813430071 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.932214022 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.932234049 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.932418108 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:04.932432890 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:04.932528019 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.051377058 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.051400900 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.052825928 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.052839041 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.053121090 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.170157909 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.170178890 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.170275927 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.170298100 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.170551062 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.288775921 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.288796902 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.289048910 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.289062977 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.289242983 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.407520056 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.407552958 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.407608032 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.407623053 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.407681942 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.527118921 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.527146101 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.527206898 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.527218103 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.527277946 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.645113945 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.645134926 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.645431995 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.645448923 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.645519972 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.686651945 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.686675072 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.686928988 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.686940908 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.686989069 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.765069962 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.765089989 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.765156031 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.765173912 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.765221119 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.883369923 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.883394957 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.883496046 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:05.883511066 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:05.883618116 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.001750946 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.001771927 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.001853943 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.001868010 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.001935005 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.002263069 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.002337933 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.002346992 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.002389908 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.002518892 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.002533913 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.002543926 CEST	49830	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.002549887 CEST	443	49830	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.069304943 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.069339037 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.069691896 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.071286917 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.071321011 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.071419954 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.072129965 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.072143078 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.073244095 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.073261976 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.076033115 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.076061964 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.076219082 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.076373100 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.076385975 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.076667070 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.076684952 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.076802015 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.077265978 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.077271938 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.077299118 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.077308893 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.077389002 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.077495098 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.077500105 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.797576904 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.798218012 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.798234940 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.798955917 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.798960924 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.802840948 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.803323030 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.803350925 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.804629087 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.804635048 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.807161093 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.807585001 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.807595968 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.808049917 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.808054924 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.810040951 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.810755014 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.810775042 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.811482906 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.811490059 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.812362909 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.812772036 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.812783003 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.813343048 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.813347101 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.925112009 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.925664902 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.925723076 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.925795078 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.925802946 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.925820112 CEST	49834	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.925826073 CEST	443	49834	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.931961060 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.931993961 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.932059050 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.932244062 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.932255030 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.933928013 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.933955908 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.934001923 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.934015989 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.934062004 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.934101105 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.934271097 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.934278011 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.934288025 CEST	49835	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.934292078 CEST	443	49835	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.936738014 CEST	49837	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.936774015 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.936830044 CEST	49837	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.936979055 CEST	49837	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.936988115 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.937448025 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.937465906 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.937514067 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.937520027 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.937572956 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.937649965 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.937654018 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.937666893 CEST	49833	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.937669992 CEST	443	49833	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.940021992 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.940045118 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.940102100 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.940218925 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.940229893 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.942744970 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.942764044 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.942895889 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.942904949 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.942955971 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.943032980 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.943037033 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.943057060 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.943214893 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.943249941 CEST	443	49831	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.943289042 CEST	49831	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.943501949 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.943890095 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.943947077 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.943986893 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.943998098 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.944015026 CEST	49832	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.944020987 CEST	443	49832	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.949922085 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.949958086 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.950026035 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.950309038 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.950335979 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.950412035 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.950469971 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.950480938 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:06.950536966 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:06.950545073 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.663058996 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.664194107 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.664242983 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.664849043 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.664877892 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.676939964 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.677397966 CEST	49837	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.677417994 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.677828074 CEST	49837	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.677833080 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.687191963 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.687707901 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.687757969 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.688025951 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.688039064 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.724138021 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.724519968 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.724548101 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.724884033 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.724890947 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.797867060 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.798019886 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.798197985 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.798197985 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.798240900 CEST	49836	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.798261881 CEST	443	49836	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.801129103 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.801167965 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.801235914 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.801397085 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.801405907 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.808408022 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.808605909 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.808852911 CEST	49837	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.809084892 CEST	49837	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.809099913 CEST	443	49837	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.812514067 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.812541008 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.812603951 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.812721014 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.812728882 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.819426060 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.819519043 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.819698095 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.819752932 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.819752932 CEST	49838	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.819773912 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.819788933 CEST	443	49838	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.822762012 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.822794914 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.822994947 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.823101997 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.823118925 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.827164888 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.827624083 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.827646017 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.828113079 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.828116894 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.863699913 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.863776922 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.863868952 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.865550041 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.865550041 CEST	49839	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.865567923 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.865577936 CEST	443	49839	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.869586945 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.869621992 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.869786024 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.869956970 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.869966030 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.957106113 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.957279921 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.957402945 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.957637072 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.957660913 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.957679033 CEST	49840	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.957685947 CEST	443	49840	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.961062908 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.961111069 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:07.961244106 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.961539984 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:07.961549997 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.543323040 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.543495893 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.543806076 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.543823957 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.544270992 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.544275999 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.544644117 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.544672012 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.545398951 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.545406103 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.551187992 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.551738024 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.551763058 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.552376986 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.552387953 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.605834007 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.606434107 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.606456995 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.606903076 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.606909990 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.675589085 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.675983906 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.676053047 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.676095963 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.676095963 CEST	49842	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.676115990 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.676126957 CEST	443	49842	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.676321983 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.676538944 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.676589012 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.676615953 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.676625967 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.676639080 CEST	49843	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.676644087 CEST	443	49843	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.679512024 CEST	49848	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.679550886 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.679582119 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.679613113 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.679622889 CEST	49848	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.679658890 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.679747105 CEST	49848	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.679757118 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.679830074 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.679841042 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.680852890 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.681713104 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.681799889 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.681835890 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.681847095 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.681876898 CEST	49844	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.681884050 CEST	443	49844	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.683778048 CEST	49849	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.683819056 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.683887959 CEST	49849	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.684017897 CEST	49849	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.684031010 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.709433079 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.709835052 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.709851980 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.710294962 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.710299969 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.736265898 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.736335039 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.736380100 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.736501932 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.736512899 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.736525059 CEST	49845	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.736531019 CEST	443	49845	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.739043951 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.739058971 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.739124060 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.739295006 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.739306927 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.841840982 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.841914892 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.841974974 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.842133045 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.842147112 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.842174053 CEST	49846	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.842180014 CEST	443	49846	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.845082045 CEST	49851	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.845149040 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:08.845213890 CEST	49851	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.845570087 CEST	49851	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:08.845587015 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.150449991 CEST	49825	443	192.168.2.8	142.250.184.225
Oct 25, 2024 01:05:09.150461912 CEST	443	49825	142.250.184.225	192.168.2.8
Oct 25, 2024 01:05:09.332679987 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:05:09.332753897 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:05:09.332890034 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:05:09.408449888 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.409571886 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.409595013 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.410818100 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.410824060 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.412319899 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.412991047 CEST	49848	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.413014889 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.417268038 CEST	49848	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.417274952 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.417500019 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.418179989 CEST	49849	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.418195009 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.419292927 CEST	49849	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.419300079 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.481614113 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.482790947 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.482810974 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.483757019 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.483762026 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.537930012 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.541887999 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.541945934 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.542201996 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.542215109 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.542224884 CEST	49847	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.542231083 CEST	443	49847	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.547349930 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.547382116 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.547458887 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.547631979 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.547642946 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.556335926 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.556385994 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.556457996 CEST	49848	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.556924105 CEST	49848	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.556938887 CEST	443	49848	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.557702065 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.561503887 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.561558962 CEST	49849	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.562393904 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.562422991 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.562439919 CEST	49849	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.562453985 CEST	443	49849	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.562484980 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.564366102 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.564374924 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.567229986 CEST	49855	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.567245007 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.567322016 CEST	49855	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.567703009 CEST	49855	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.567713022 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.634109020 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.638597012 CEST	49851	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.638609886 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.639579058 CEST	49851	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.639585018 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.641617060 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.641685963 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.641796112 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.642371893 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.642385960 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.642431021 CEST	49850	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.642436981 CEST	443	49850	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.647577047 CEST	49856	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.647599936 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.647722960 CEST	49856	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.647841930 CEST	49856	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.647850990 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.801134109 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.801217079 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.801275969 CEST	49851	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.833962917 CEST	49851	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.833992004 CEST	443	49851	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.845377922 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.845417023 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:09.845483065 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.846016884 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:09.846024990 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.284789085 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.285696983 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.285732985 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.287688971 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.287700891 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.305234909 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.305999041 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.306015015 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.306400061 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.306406021 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.341247082 CEST	49829	443	192.168.2.8	142.250.74.196
Oct 25, 2024 01:05:10.341269970 CEST	443	49829	142.250.74.196	192.168.2.8
Oct 25, 2024 01:05:10.343204021 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.345535040 CEST	49855	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.345562935 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.346847057 CEST	49855	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.346859932 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.408540964 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.409334898 CEST	49856	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.409353971 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.410516024 CEST	49856	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.410522938 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.413477898 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.413700104 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.413748026 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.414040089 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.414053917 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.414084911 CEST	49853	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.414089918 CEST	443	49853	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.419671059 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.419694901 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.419807911 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.420048952 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.420059919 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.440412998 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.440610886 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.440735102 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.443772078 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.443772078 CEST	49854	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.443800926 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.443809986 CEST	443	49854	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.456054926 CEST	49859	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.456105947 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.456322908 CEST	49859	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.456866026 CEST	49859	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.456875086 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.479262114 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.479537964 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.479619026 CEST	49855	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.486166954 CEST	49855	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.486190081 CEST	443	49855	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.494375944 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.494421005 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.494671106 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.495922089 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.495943069 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.543661118 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.543849945 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.543912888 CEST	49856	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.545712948 CEST	49856	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.545731068 CEST	443	49856	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.559298038 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.559398890 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.559487104 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.560516119 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.560544968 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.573004961 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.573935032 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.573957920 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.574714899 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.574731112 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.702754974 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.702991009 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.703068018 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.703222036 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.703237057 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.703363895 CEST	49857	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.703372955 CEST	443	49857	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.708035946 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.708091974 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:10.708323002 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.708575964 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:10.708595991 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.164663076 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.165855885 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.165872097 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.170458078 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.170464039 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.197701931 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.198546886 CEST	49859	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.198565960 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.199600935 CEST	49859	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.199608088 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.284657001 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.286086082 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.286104918 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.286887884 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.286892891 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.295465946 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.296103954 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.296164989 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.297266006 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.297295094 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.298749924 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.299089909 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.299205065 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.299802065 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.299827099 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.299858093 CEST	49858	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.299865961 CEST	443	49858	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.307693958 CEST	49864	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.307750940 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.307965040 CEST	49864	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.308367014 CEST	49864	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.308389902 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.326626062 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.326745987 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.326958895 CEST	49859	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.327250957 CEST	49859	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.327269077 CEST	443	49859	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.334757090 CEST	49865	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.334786892 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.335190058 CEST	49865	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.335721970 CEST	49865	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.335733891 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.425283909 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.425539970 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.425616026 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.425916910 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.425935984 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.425966978 CEST	49861	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.425972939 CEST	443	49861	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.430156946 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.430221081 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.430375099 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.430562019 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.430583000 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.450489044 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.450803041 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.450872898 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.450912952 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.450934887 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.450947046 CEST	49860	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.450953007 CEST	443	49860	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.454979897 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.455018044 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.455084085 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.455363989 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.455378056 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.458415985 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.458954096 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.458976984 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.459527016 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.459536076 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.589719057 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.589792013 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.589907885 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.590204954 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.590229988 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.590241909 CEST	49862	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.590248108 CEST	443	49862	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.594306946 CEST	49868	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.594350100 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:11.594480991 CEST	49868	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.594715118 CEST	49868	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:11.594724894 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.064780951 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.066313028 CEST	49865	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.066335917 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.070292950 CEST	49865	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.070297956 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.073436975 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.074140072 CEST	49864	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.074177027 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.075334072 CEST	49864	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.075349092 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.175723076 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.179600000 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.179644108 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.180457115 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.180465937 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.195934057 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.196085930 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.196182966 CEST	49865	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.197403908 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.200126886 CEST	49865	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.200141907 CEST	443	49865	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.208792925 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.208806992 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.209027052 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.209151030 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.209209919 CEST	49864	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.210797071 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.210802078 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.258481026 CEST	49864	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.258517981 CEST	443	49864	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.306921959 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.307146072 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.307219028 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.319483995 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.319529057 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.319561005 CEST	49866	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.319578886 CEST	443	49866	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.337421894 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.337518930 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.337879896 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.346513987 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.374900103 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.374917030 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.374936104 CEST	49867	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.374944925 CEST	443	49867	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.377243996 CEST	49868	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.377265930 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.378179073 CEST	49868	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.378184080 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.431478024 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.431512117 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.432137966 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.432967901 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.432990074 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.433296919 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.447146893 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.447170019 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.447252989 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.485017061 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.485033989 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.485315084 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.485348940 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.485609055 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.485615969 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.498544931 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.498568058 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.498651028 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.498832941 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.498843908 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.510780096 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.510844946 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.510965109 CEST	49868	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.637167931 CEST	49868	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.637183905 CEST	443	49868	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.662343979 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.662403107 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:12.662612915 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.663469076 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:12.663487911 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.205826044 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.206528902 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.206549883 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.207053900 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.207058907 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.216358900 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.216947079 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.216969967 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.217164040 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.217576981 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.217592955 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.217624903 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.217631102 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.218029976 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.218034983 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.236205101 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.236819983 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.236850023 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.237354994 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.237360954 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.347382069 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.347464085 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.347610950 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.347812891 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.347831964 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.347856998 CEST	49871	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.347862005 CEST	443	49871	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.349663973 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.349735022 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.349822044 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.349992990 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.350009918 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.350044966 CEST	49870	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.350050926 CEST	443	49870	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.351988077 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.352026939 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.352119923 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.352653027 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.352665901 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.352938890 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.352984905 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.353056908 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.353236914 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.353251934 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.355228901 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.355334044 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.355427027 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.355490923 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.355500937 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.355510950 CEST	49869	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.355515957 CEST	443	49869	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.358114958 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.358140945 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.358206034 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.358340979 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.358372927 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.376101971 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.376171112 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.376386881 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.376430035 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.376444101 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.376455069 CEST	49872	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.376461029 CEST	443	49872	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.379120111 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.379159927 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.379225016 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.379471064 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.379482985 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.406945944 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.407701969 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.407740116 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.408165932 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.408171892 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.539942026 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.540020943 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.540106058 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.544939041 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.544965029 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.544989109 CEST	49873	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.544995070 CEST	443	49873	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.550635099 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.550673962 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:13.551055908 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.551424980 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:13.551433086 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.091101885 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.091203928 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.091784000 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.091816902 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.092040062 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.092070103 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.092324972 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.092329979 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.092581987 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.092586994 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.125489950 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.126176119 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.126188993 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.126698017 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.126702070 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.129184008 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.129571915 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.129609108 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.130032063 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.130038023 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.221412897 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.221637964 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.221795082 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.221833944 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.221857071 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.221867085 CEST	49876	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.221873999 CEST	443	49876	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.223936081 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.224133015 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.224200964 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.224247932 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.224266052 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.224278927 CEST	49874	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.224283934 CEST	443	49874	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.226068974 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.226114035 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.226532936 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.227130890 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.227140903 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.227401018 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.227428913 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.227488041 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.231405973 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.231425047 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.256006002 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.256079912 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.256160021 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.256475925 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.256489992 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.256515980 CEST	49877	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.256520987 CEST	443	49877	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.260535955 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.260576010 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.260874987 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.261059046 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.261071920 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.264708042 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.264827967 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.265021086 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.265054941 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.265072107 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.265084028 CEST	49875	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.265089989 CEST	443	49875	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.271393061 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.271431923 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.271709919 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.271709919 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.271733046 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.284375906 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.285078049 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.285101891 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.285716057 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.285720110 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.415499926 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.415734053 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.415802956 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.415930033 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.415951967 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.415966034 CEST	49878	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.415971994 CEST	443	49878	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.419569969 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.419611931 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.419709921 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.419920921 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.419934034 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.958874941 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.959592104 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.959624052 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.960328102 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.960335016 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.996961117 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.997865915 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.997881889 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.998222113 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.998368979 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.998374939 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.998842001 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.998855114 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:14.999330997 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:14.999336004 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.013237000 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.013878107 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.013889074 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.014254093 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.014267921 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.088613987 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.089077950 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.089152098 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.089314938 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.089339018 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.089354992 CEST	49879	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.089363098 CEST	443	49879	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.093012094 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.093046904 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.093317986 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.093507051 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.093514919 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.130551100 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.130971909 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.131104946 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.131104946 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.131135941 CEST	49881	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.131159067 CEST	443	49881	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.132628918 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.133088112 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.133171082 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.133960962 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.133985996 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.134073973 CEST	49880	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.134087086 CEST	443	49880	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.136591911 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.136641026 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.136846066 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.136909008 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.136950970 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.137017965 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.137151957 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.137160063 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.137249947 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.137267113 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.144561052 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.144642115 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.144733906 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.144906044 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.144906044 CEST	49882	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.144917965 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.144928932 CEST	443	49882	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.148241997 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.148272038 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.148614883 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.148636103 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.148639917 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.161155939 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.161745071 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.161763906 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.162275076 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.162282944 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.292768955 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.292865992 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.292949915 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.293098927 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.293098927 CEST	49883	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.293119907 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.293128967 CEST	443	49883	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.295922995 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.295959949 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.296024084 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.296292067 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.296300888 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.829696894 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.830229044 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.830256939 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.830794096 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.830801010 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.857450008 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.857903957 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.857944965 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.858375072 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.858383894 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.889906883 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.890335083 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.890364885 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.890827894 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.890835047 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.894268990 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.894645929 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.894669056 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.895071983 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.895076990 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.960072041 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.960216045 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.960269928 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.960510969 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.960532904 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.960542917 CEST	49884	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.960551023 CEST	443	49884	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.963526011 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.963588953 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.963674068 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.963859081 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.963876963 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.985420942 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.985559940 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.985636950 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.985693932 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.985717058 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.985728979 CEST	49885	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.985735893 CEST	443	49885	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.989058971 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.989110947 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:15.989187956 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.989443064 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:15.989455938 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.022353888 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.022619963 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.022703886 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.022937059 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.022957087 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.022963047 CEST	49887	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.022969007 CEST	443	49887	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.025928974 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.025979042 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.026026011 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.026232004 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.026253939 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.030152082 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.030366898 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.030417919 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.030462980 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.030483007 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.030497074 CEST	49886	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.030504942 CEST	443	49886	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.032896042 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.032936096 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.033005953 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.033148050 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.033164024 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.037214994 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.037703991 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.037718058 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.038249016 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.038254023 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.169187069 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.169262886 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.169341087 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.169609070 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.169625044 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.169647932 CEST	49888	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.169653893 CEST	443	49888	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.173141956 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.173173904 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.173254013 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.173384905 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.173393011 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.717891932 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.718883991 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.718884945 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.718915939 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.718940973 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.730143070 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.730549097 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.730581999 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.731062889 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.731070042 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.764326096 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.765242100 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.765242100 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.765266895 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.765285015 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.770502090 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.771735907 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.771759033 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.772118092 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.772124052 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.847174883 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.847671986 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.847779989 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.847831011 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.847831011 CEST	49890	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.847846031 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.847861052 CEST	443	49890	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.850788116 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.850816011 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.851051092 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.851051092 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.851070881 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.865276098 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.865531921 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.865756035 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.865850925 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.865850925 CEST	49889	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.865865946 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.865876913 CEST	443	49889	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.868912935 CEST	49895	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.868948936 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.869240999 CEST	49895	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.869240999 CEST	49895	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.869266987 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.901043892 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.901312113 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.901422024 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.901539087 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.901539087 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.901573896 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.901596069 CEST	49892	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.901612997 CEST	443	49892	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.901642084 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.902595997 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.902620077 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.902636051 CEST	49891	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.902642012 CEST	443	49891	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.905338049 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.905348063 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.905374050 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.905401945 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.905483961 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.905668974 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.905683994 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.905694008 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.905698061 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.905702114 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.907742023 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.908246040 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.908271074 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:16.908749104 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:16.908756018 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.039592028 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.039674997 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.039881945 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.039908886 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.039908886 CEST	49893	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.039923906 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.039937019 CEST	443	49893	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.042530060 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.042572975 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.042676926 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.043308020 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.043328047 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.591353893 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.591856956 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.591896057 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.592545986 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.592554092 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.608026028 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.608551979 CEST	49895	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.608582973 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.609273911 CEST	49895	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.609278917 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.662343979 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.666007042 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.666019917 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.666305065 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.666309118 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.667273045 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.670896053 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.670928955 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.672810078 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.672816038 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.721916914 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.721985102 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.723459005 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.726530075 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.726552963 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.726646900 CEST	49894	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.726659060 CEST	443	49894	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.738400936 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.738529921 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.738682985 CEST	49895	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.738898993 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.738941908 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.739074945 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.741326094 CEST	49895	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.741347075 CEST	443	49895	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.747823954 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.747842073 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.748419046 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.748461962 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.748600006 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.748756886 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.748769045 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.792079926 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.792222977 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.792351961 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.792624950 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.792624950 CEST	49896	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.792654037 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.792665005 CEST	443	49896	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.795295954 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.795536041 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.795578957 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.795888901 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.795914888 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.795990944 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.796416998 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.796433926 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.797713041 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.797801018 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.798084021 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.798084021 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.798511028 CEST	49897	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.798527002 CEST	443	49897	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.798577070 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.798604012 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.800136089 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.800179958 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.800242901 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.800337076 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.800348997 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.925302029 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.925365925 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.925446987 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.925645113 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.925645113 CEST	49898	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.925668955 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.925683022 CEST	443	49898	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.928622007 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.928663969 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:17.928867102 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.929073095 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:17.929090977 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.476136923 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.476804972 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.476836920 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.477319002 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.477324963 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.478847027 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.479294062 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.479321003 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.479659081 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.479666948 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.534791946 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.535461903 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.535484076 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.535912991 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.535921097 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.565088987 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.565634966 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.565661907 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.566178083 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.566183090 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.607022047 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.607155085 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.607254982 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.607285976 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.607300997 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.607321024 CEST	49900	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.607326984 CEST	443	49900	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.609031916 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.609275103 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.609694958 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.609781981 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.609807968 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.609819889 CEST	49899	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.609827042 CEST	443	49899	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.610481977 CEST	49904	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.610513926 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.610889912 CEST	49904	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.611114979 CEST	49904	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.611130953 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.612513065 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.612544060 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.612612009 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.612777948 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.612791061 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.665870905 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.666438103 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.666454077 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.667165995 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.667172909 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.689464092 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.689569950 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.689631939 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.689771891 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.689795971 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.689806938 CEST	49901	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.689815998 CEST	443	49901	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.692754030 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.692800045 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.692893028 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.693103075 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.693120956 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.702780008 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.703099966 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.703154087 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.703190088 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.703207970 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.703217030 CEST	49902	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.703223944 CEST	443	49902	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.705921888 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.705962896 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.706307888 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.706454039 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.706466913 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.795587063 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.795661926 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.795766115 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.795980930 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.796008110 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.796019077 CEST	49903	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.796026945 CEST	443	49903	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.798943043 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.798974037 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:18.799046040 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.799175978 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:18.799195051 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.345202923 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.345906973 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.345918894 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.347304106 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.347325087 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.354062080 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.354473114 CEST	49904	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.354501963 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.354996920 CEST	49904	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.355012894 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.431566954 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.432414055 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.432442904 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.432972908 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.432979107 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.446554899 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.447346926 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.447356939 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.447714090 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.447725058 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.477164030 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.477292061 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.477382898 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.477617025 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.477617025 CEST	49905	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.477643013 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.477660894 CEST	443	49905	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.480899096 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.480946064 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.481033087 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.481206894 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.481220007 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.511121988 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.511293888 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.511353970 CEST	49904	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.511606932 CEST	49904	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.511631012 CEST	443	49904	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.514971972 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.515016079 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.515089989 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.515467882 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.515484095 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.533514023 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.534107924 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.534128904 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.534646034 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.534651995 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.563381910 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.563466072 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.563529015 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.563755035 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.563780069 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.563802004 CEST	49906	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.563807964 CEST	443	49906	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.567575932 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.567595959 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.567986012 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.568182945 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.568192959 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.575711012 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.575937033 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.576044083 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.576245070 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.576245070 CEST	49907	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.576261044 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.576275110 CEST	443	49907	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.579032898 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.579066992 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.579133987 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.579272985 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.579287052 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.667896032 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.668111086 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.668395996 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.668395996 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.668395996 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.672327995 CEST	49913	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.672369003 CEST	443	49913	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.672450066 CEST	49913	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.672656059 CEST	49913	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.672662020 CEST	443	49913	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:19.882153988 CEST	49908	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:19.882184982 CEST	443	49908	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.221033096 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.221666098 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.221693993 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.222218990 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.222223997 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.245465994 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.246650934 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.246650934 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.246666908 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.246690035 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.310679913 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.311304092 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.311335087 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.311829090 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.311835051 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.319040060 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.319559097 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.319583893 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.320193052 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.320198059 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.353940964 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.353959084 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.354011059 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.354018927 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.354063034 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.354398966 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.354420900 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.354437113 CEST	49909	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.354444027 CEST	443	49909	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.357990980 CEST	49914	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.358025074 CEST	443	49914	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.358100891 CEST	49914	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.358242035 CEST	49914	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.358254910 CEST	443	49914	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.377566099 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.377645969 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.377780914 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.378170967 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.378170967 CEST	49910	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.378187895 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.378197908 CEST	443	49910	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.381412029 CEST	49915	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.381513119 CEST	443	49915	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.381686926 CEST	49915	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.381793022 CEST	49915	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.381824017 CEST	443	49915	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.392981052 CEST	443	49913	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.393546104 CEST	49913	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.393584967 CEST	443	49913	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.394016027 CEST	49913	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.394031048 CEST	443	49913	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.443141937 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.443922043 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.444040060 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.444127083 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.444127083 CEST	49911	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.444169044 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.444196939 CEST	443	49911	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.448170900 CEST	49916	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.448205948 CEST	443	49916	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.448307037 CEST	49916	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.448539019 CEST	49916	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.448550940 CEST	443	49916	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.448590994 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.448647022 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.448720932 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.448734045 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.448776007 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.448849916 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.449012995 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.449028015 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.449050903 CEST	49912	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.449055910 CEST	443	49912	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.452018976 CEST	49917	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.452105999 CEST	443	49917	13.107.246.45	192.168.2.8
Oct 25, 2024 01:05:20.452191114 CEST	49917	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.452337027 CEST	49917	443	192.168.2.8	13.107.246.45
Oct 25, 2024 01:05:20.452370882 CEST	443	49917	13.107.246.45	192.168.2.8

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 25, 2024 01:03:53.904830933 CEST	53	59030	1.1.1.1	192.168.2.8
Oct 25, 2024 01:03:54.021616936 CEST	53	51287	1.1.1.1	192.168.2.8
Oct 25, 2024 01:03:55.637773037 CEST	53	58692	1.1.1.1	192.168.2.8
Oct 25, 2024 01:03:56.625843048 CEST	57305	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:56.626004934 CEST	57144	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:56.656721115 CEST	51409	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:56.656858921 CEST	53432	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:56.661777020 CEST	53	57144	1.1.1.1	192.168.2.8
Oct 25, 2024 01:03:56.719764948 CEST	53	53432	1.1.1.1	192.168.2.8
Oct 25, 2024 01:03:58.414364100 CEST	63883	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:58.414524078 CEST	53154	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:58.421782017 CEST	53	53154	1.1.1.1	192.168.2.8
Oct 25, 2024 01:03:58.421793938 CEST	53	63883	1.1.1.1	192.168.2.8
Oct 25, 2024 01:03:58.983234882 CEST	64585	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:58.983382940 CEST	51929	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:03:59.028723955 CEST	53	51929	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:01.798523903 CEST	64317	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:01.798804045 CEST	58293	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:01.802968979 CEST	53	51605	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:01.805998087 CEST	53	64317	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:01.806380987 CEST	53	58293	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:07.683919907 CEST	50444	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:07.684048891 CEST	58701	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:07.691788912 CEST	53	58701	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:07.692631006 CEST	53	50444	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:09.341166973 CEST	53	49609	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:10.022336006 CEST	53	55689	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:11.294022083 CEST	53	63568	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:12.968631983 CEST	53	56445	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:14.189944983 CEST	51293	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:14.190150023 CEST	61284	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:14.197303057 CEST	53	61284	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:14.197611094 CEST	53	51293	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:14.932934046 CEST	57610	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:14.933067083 CEST	63938	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:14.940078020 CEST	53	63938	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:14.940242052 CEST	53	57610	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:16.216537952 CEST	53707	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:16.216677904 CEST	51683	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:16.217292070 CEST	60629	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:16.217583895 CEST	50907	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:16.223897934 CEST	53	53707	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:16.224354029 CEST	53	51683	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:16.224422932 CEST	53	60629	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:16.224803925 CEST	53	50907	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:17.922862053 CEST	49259	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:17.923363924 CEST	58267	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:17.923988104 CEST	55827	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:17.924350977 CEST	58386	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:17.930021048 CEST	53	49259	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:17.930952072 CEST	53	58267	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:17.931024075 CEST	53	55827	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:17.931308031 CEST	53	58386	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:18.783395052 CEST	57588	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:18.783751011 CEST	64406	53	192.168.2.8	1.1.1.1
Oct 25, 2024 01:04:18.791344881 CEST	53	57588	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:18.793554068 CEST	53	64406	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:29.737677097 CEST	138	138	192.168.2.8	192.168.2.255
Oct 25, 2024 01:04:32.204855919 CEST	53	61649	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:53.877780914 CEST	53	65214	1.1.1.1	192.168.2.8
Oct 25, 2024 01:04:55.087639093 CEST	53	59706	1.1.1.1	192.168.2.8

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Oct 25, 2024 01:03:56.719851971 CEST	192.168.2.8	1.1.1.1	c2ca	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 25, 2024 01:03:56.625843048 CEST	192.168.2.8	1.1.1.1	0x948a	Standard query (0)	www.queleas.com	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:03:56.626004934 CEST	192.168.2.8	1.1.1.1	0xaf49	Standard query (0)	www.queleas.com	65	IN (0x0001)	false
Oct 25, 2024 01:03:56.656721115 CEST	192.168.2.8	1.1.1.1	0xf6fc	Standard query (0)	www.queleas.com	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:03:56.656858921 CEST	192.168.2.8	1.1.1.1	0x4ffd	Standard query (0)	www.queleas.com	65	IN (0x0001)	false
Oct 25, 2024 01:03:58.414364100 CEST	192.168.2.8	1.1.1.1	0x4bfe	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:03:58.414524078 CEST	192.168.2.8	1.1.1.1	0x894b	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 25, 2024 01:03:58.983234882 CEST	192.168.2.8	1.1.1.1	0xdd4f	Standard query (0)	www.queleas.com	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:03:58.983382940 CEST	192.168.2.8	1.1.1.1	0xd07d	Standard query (0)	www.queleas.com	65	IN (0x0001)	false
Oct 25, 2024 01:04:01.798523903 CEST	192.168.2.8	1.1.1.1	0x52d0	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:01.798804045 CEST	192.168.2.8	1.1.1.1	0x6acb	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Oct 25, 2024 01:04:07.683919907 CEST	192.168.2.8	1.1.1.1	0xce9a	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:07.684048891 CEST	192.168.2.8	1.1.1.1	0xbfb0	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Oct 25, 2024 01:04:14.189944983 CEST	192.168.2.8	1.1.1.1	0xa51a	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:14.190150023 CEST	192.168.2.8	1.1.1.1	0xfbe9	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Oct 25, 2024 01:04:14.932934046 CEST	192.168.2.8	1.1.1.1	0x29b6	Standard query (0)	ep1.adtrafficquality.google	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:14.933067083 CEST	192.168.2.8	1.1.1.1	0x4a58	Standard query (0)	ep1.adtrafficquality.google	65	IN (0x0001)	false
Oct 25, 2024 01:04:16.216537952 CEST	192.168.2.8	1.1.1.1	0x54fb	Standard query (0)	ep2.adtrafficquality.google	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:16.216677904 CEST	192.168.2.8	1.1.1.1	0xf188	Standard query (0)	ep2.adtrafficquality.google	65	IN (0x0001)	false
Oct 25, 2024 01:04:16.217292070 CEST	192.168.2.8	1.1.1.1	0x2bc1	Standard query (0)	ep1.adtrafficquality.google	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:16.217583895 CEST	192.168.2.8	1.1.1.1	0x1777	Standard query (0)	ep1.adtrafficquality.google	65	IN (0x0001)	false
Oct 25, 2024 01:04:17.922862053 CEST	192.168.2.8	1.1.1.1	0x4be4	Standard query (0)	ep2.adtrafficquality.google	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:17.923363924 CEST	192.168.2.8	1.1.1.1	0x9ce1	Standard query (0)	ep2.adtrafficquality.google	65	IN (0x0001)	false
Oct 25, 2024 01:04:17.923988104 CEST	192.168.2.8	1.1.1.1	0xb1c4	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:17.924350977 CEST	192.168.2.8	1.1.1.1	0x4c01	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 25, 2024 01:04:18.783395052 CEST	192.168.2.8	1.1.1.1	0x3836	Standard query (0)	ep2.adtrafficquality.google	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:18.783751011 CEST	192.168.2.8	1.1.1.1	0x8784	Standard query (0)	ep2.adtrafficquality.google	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 25, 2024 01:03:56.661777020 CEST	1.1.1.1	192.168.2.8	0xaf49	No error (0)	www.queleas.com	queleas.azurewebsites.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.661777020 CEST	1.1.1.1	192.168.2.8	0xaf49	No error (0)	queleas.azurewebsites.net	waws-prod-dm1-003.vip.azurewebsites.windows.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.661777020 CEST	1.1.1.1	192.168.2.8	0xaf49	No error (0)	waws-prod-dm1-003.vip.azurewebsites.windows.net	waws-prod-dm1-003.centralus.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.701363087 CEST	1.1.1.1	192.168.2.8	0xf6fc	No error (0)	www.queleas.com	queleas.azurewebsites.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.701363087 CEST	1.1.1.1	192.168.2.8	0xf6fc	No error (0)	queleas.azurewebsites.net	waws-prod-dm1-003.vip.azurewebsites.windows.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.701363087 CEST	1.1.1.1	192.168.2.8	0xf6fc	No error (0)	waws-prod-dm1-003.vip.azurewebsites.windows.net	waws-prod-dm1-003.centralus.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.711226940 CEST	1.1.1.1	192.168.2.8	0x948a	No error (0)	www.queleas.com	queleas.azurewebsites.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.711226940 CEST	1.1.1.1	192.168.2.8	0x948a	No error (0)	queleas.azurewebsites.net	waws-prod-dm1-003.vip.azurewebsites.windows.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.711226940 CEST	1.1.1.1	192.168.2.8	0x948a	No error (0)	waws-prod-dm1-003.vip.azurewebsites.windows.net	waws-prod-dm1-003.centralus.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.719764948 CEST	1.1.1.1	192.168.2.8	0x4ffd	No error (0)	www.queleas.com	queleas.azurewebsites.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.719764948 CEST	1.1.1.1	192.168.2.8	0x4ffd	No error (0)	queleas.azurewebsites.net	waws-prod-dm1-003.vip.azurewebsites.windows.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:56.719764948 CEST	1.1.1.1	192.168.2.8	0x4ffd	No error (0)	waws-prod-dm1-003.vip.azurewebsites.windows.net	waws-prod-dm1-003.centralus.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:58.421782017 CEST	1.1.1.1	192.168.2.8	0x894b	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 25, 2024 01:03:58.421793938 CEST	1.1.1.1	192.168.2.8	0x4bfe	No error (0)	www.google.com		142.250.74.196	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:03:59.028723955 CEST	1.1.1.1	192.168.2.8	0xd07d	No error (0)	www.queleas.com	queleas.azurewebsites.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:59.028723955 CEST	1.1.1.1	192.168.2.8	0xd07d	No error (0)	queleas.azurewebsites.net	waws-prod-dm1-003.vip.azurewebsites.windows.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:59.028723955 CEST	1.1.1.1	192.168.2.8	0xd07d	No error (0)	waws-prod-dm1-003.vip.azurewebsites.windows.net	waws-prod-dm1-003.centralus.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:59.044328928 CEST	1.1.1.1	192.168.2.8	0xdd4f	No error (0)	www.queleas.com	queleas.azurewebsites.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:59.044328928 CEST	1.1.1.1	192.168.2.8	0xdd4f	No error (0)	queleas.azurewebsites.net	waws-prod-dm1-003.vip.azurewebsites.windows.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:03:59.044328928 CEST	1.1.1.1	192.168.2.8	0xdd4f	No error (0)	waws-prod-dm1-003.vip.azurewebsites.windows.net	waws-prod-dm1-003.centralus.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:04:01.805998087 CEST	1.1.1.1	192.168.2.8	0x52d0	No error (0)	googleads.g.doubleclick.net		172.217.16.194	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:01.806380987 CEST	1.1.1.1	192.168.2.8	0x6acb	No error (0)	googleads.g.doubleclick.net			65	IN (0x0001)	false
Oct 25, 2024 01:04:06.483371019 CEST	1.1.1.1	192.168.2.8	0x6b04	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:04:06.483371019 CEST	1.1.1.1	192.168.2.8	0x6b04	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:07.691788912 CEST	1.1.1.1	192.168.2.8	0xbfb0	No error (0)	googleads.g.doubleclick.net			65	IN (0x0001)	false
Oct 25, 2024 01:04:07.692631006 CEST	1.1.1.1	192.168.2.8	0xce9a	No error (0)	googleads.g.doubleclick.net		216.58.206.34	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:14.197303057 CEST	1.1.1.1	192.168.2.8	0xfbe9	No error (0)	googleads.g.doubleclick.net			65	IN (0x0001)	false
Oct 25, 2024 01:04:14.197611094 CEST	1.1.1.1	192.168.2.8	0xa51a	No error (0)	googleads.g.doubleclick.net		142.250.185.162	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:14.940078020 CEST	1.1.1.1	192.168.2.8	0x4a58	No error (0)	ep1.adtrafficquality.google			65	IN (0x0001)	false
Oct 25, 2024 01:04:14.940242052 CEST	1.1.1.1	192.168.2.8	0x29b6	No error (0)	ep1.adtrafficquality.google		172.217.16.130	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:16.223897934 CEST	1.1.1.1	192.168.2.8	0x54fb	No error (0)	ep2.adtrafficquality.google		142.250.185.225	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:16.224422932 CEST	1.1.1.1	192.168.2.8	0x2bc1	No error (0)	ep1.adtrafficquality.google		142.250.184.226	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:16.224803925 CEST	1.1.1.1	192.168.2.8	0x1777	No error (0)	ep1.adtrafficquality.google			65	IN (0x0001)	false
Oct 25, 2024 01:04:17.930021048 CEST	1.1.1.1	192.168.2.8	0x4be4	No error (0)	ep2.adtrafficquality.google		142.250.184.225	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:17.931024075 CEST	1.1.1.1	192.168.2.8	0xb1c4	No error (0)	www.google.com		172.217.18.4	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:17.931308031 CEST	1.1.1.1	192.168.2.8	0x4c01	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 25, 2024 01:04:18.791344881 CEST	1.1.1.1	192.168.2.8	0x3836	No error (0)	ep2.adtrafficquality.google		142.250.186.129	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:20.787252903 CEST	1.1.1.1	192.168.2.8	0x98f6	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:04:20.787252903 CEST	1.1.1.1	192.168.2.8	0x98f6	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:04:47.297225952 CEST	1.1.1.1	192.168.2.8	0xecba	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:04:47.297225952 CEST	1.1.1.1	192.168.2.8	0xecba	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 25, 2024 01:05:03.686532974 CEST	1.1.1.1	192.168.2.8	0xd0b6	No error (0)	shed.dual-low.s-part-0017.t-0009.t-msedge.net	s-part-0017.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 25, 2024 01:05:03.686532974 CEST	1.1.1.1	192.168.2.8	0xd0b6	No error (0)	s-part-0017.t-0009.t-msedge.net		13.107.246.45	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

fs.microsoft.com

slscr.update.microsoft.com

https:

googleads.g.doubleclick.net

ep1.adtrafficquality.google

ep2.adtrafficquality.google

www.google.com

otelrules.azureedge.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.8	49729	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:00 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-24 23:04:00 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF45) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=236502 Date: Thu, 24 Oct 2024 23:04:00 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.8	49746	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:01 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-24 23:04:02 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=236501 Date: Thu, 24 Oct 2024 23:04:01 GMT Content-Length: 55 Connection: close X-CID: 2
2024-10-24 23:04:02 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.8	49774	20.12.23.50	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:07 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8T5NVdSvpx9lzXd&MD=SA+xU976 HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-24 23:04:07 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 2bbe6541-3189-45c1-ae57-cf6222f83ca4 MS-RequestId: 32753312-29d8-49a2-8224-11c371178420 MS-CV: 8lSUv8lW+0CnSEX9.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:06 GMT Connection: close Content-Length: 24490
2024-10-24 23:04:07 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-10-24 23:04:07 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.8	49782	216.58.206.34	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:08 UTC	836	OUT	GET /pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html HTTP/1.1 Host: googleads.g.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw== Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.queleas.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:08 UTC	637	IN	HTTP/1.1 200 OK P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin X-Content-Type-Options: nosniff Server: cafe Content-Length: 9031 X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 22:50:42 GMT Expires: Thu, 07 Nov 2024 22:50:42 GMT Cache-Control: public, max-age=1209600 ETag: 13108003645644964576 Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding Age: 806 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 23:04:08 UTC	741	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 6c 3d 74 68 69 73 7c 7c 73 65 6c 66 3b 76 61 72 20 6d 2c 6e 3b 61 3a 7b 66 6f 72 28 76 61 72 20 61 61 3d 5b 22 43 4c 4f 53 55 52 45 5f 46 4c 41 47 53 22 5d 2c 76 3d 6c 2c 7a 3d 30 3b 7a 3c 61 61 2e 6c 65 6e 67 74 68 3b 7a 2b 2b 29 69 66 28 76 3d 76 5b 61 61 5b 7a 5d 5d 2c 76 3d 3d 6e 75 6c 6c 29 7b 6e 3d 6e 75 6c 6c 3b 62 72 65 61 6b 20 61 7d 6e 3d 76 Data Ascii: <!DOCTYPE html><script>(function(){'use strict';/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var l=this\|\|self;var m,n;a:{for(var aa=["CLOSURE_FLAGS"],v=l,z=0;z<aa.length;z++)if(v=v[aa[z]],v==null){n=null;break a}n=v
2024-10-24 23:04:08 UTC	1378	IN	Data Raw: 7d 3b 66 75 6e 63 74 69 6f 6e 20 47 28 61 29 7b 47 5b 22 20 22 5d 28 61 29 3b 72 65 74 75 72 6e 20 61 7d 47 5b 22 20 22 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 76 61 72 20 66 61 3d 63 61 28 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2e 69 6e 64 65 78 4f 66 28 22 77 65 62 6b 69 74 22 29 21 3d 2d 31 26 26 21 43 28 22 45 64 67 65 22 29 3b 21 43 28 22 41 6e 64 72 6f 69 64 22 29 7c 7c 46 28 29 3b 46 28 29 3b 43 28 22 53 61 66 61 72 69 22 29 26 26 28 46 28 29 7c 7c 28 45 28 29 3f 30 3a 43 28 22 43 6f 61 73 74 22 29 29 7c 7c 28 45 28 29 3f 30 3a 43 28 22 4f 70 65 72 61 22 29 29 7c 7c 28 45 28 29 3f 30 3a 43 28 22 45 64 67 65 22 29 29 7c 7c 28 45 28 29 3f 42 28 22 4d 69 63 72 6f 73 6f 66 74 20 45 64 67 65 22 29 3a 43 28 22 45 64 67 2f 22 29 29 7c 7c 45 28 Data Ascii: };function G(a){G[" "](a);return a}G[" "]=function(){};var fa=ca().toLowerCase().indexOf("webkit")!=-1&&!C("Edge");!C("Android")\|\|F();F();C("Safari")&&(F()\|\|(E()?0:C("Coast"))\|\|(E()?0:C("Opera"))\|\|(E()?0:C("Edge"))\|\|(E()?B("Microsoft Edge"):C("Edg/"))\|\|E(
2024-10-24 23:04:08 UTC	1378	IN	Data Raw: 75 65 73 74 73 7c 7c 28 6c 2e 67 6f 6f 67 6c 65 5f 69 6d 61 67 65 5f 72 65 71 75 65 73 74 73 3d 5b 5d 29 3b 63 6f 6e 73 74 20 62 3d 70 61 28 6c 2e 64 6f 63 75 6d 65 6e 74 29 3b 62 2e 73 72 63 3d 61 3b 6c 2e 67 6f 6f 67 6c 65 5f 69 6d 61 67 65 5f 72 65 71 75 65 73 74 73 2e 70 75 73 68 28 62 29 7d 3b 6c 65 74 20 4a 3d 6e 75 6c 6c 3b 76 61 72 20 72 61 3d 28 29 3d 3e 7b 69 66 28 21 4a 29 62 3a 7b 76 61 72 20 61 3d 6e 61 28 29 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 62 2b 2b 29 74 72 79 7b 63 6f 6e 73 74 20 63 3d 61 5b 62 5d 2e 66 72 61 6d 65 73 2e 67 6f 6f 67 6c 65 5f 65 73 66 3b 69 66 28 63 26 26 49 28 63 29 29 7b 4a 3d 63 3b 62 72 65 61 6b 20 62 7d 7d 63 61 74 63 68 28 63 29 7b 7d 4a 3d 6e 75 6c 6c 7d 28 61 3d 4a 29 3f 28 28 Data Ascii: uests\|\|(l.google_image_requests=[]);const b=pa(l.document);b.src=a;l.google_image_requests.push(b)};let J=null;var ra=()=>{if(!J)b:{var a=na();for(var b=0;b<a.length;b++)try{const c=a[b].frames.google_esf;if(c&&I(c)){J=c;break b}}catch(c){}J=null}(a=J)?((
2024-10-24 23:04:08 UTC	1378	IN	Data Raw: 74 61 73 6b 49 64 3d 74 68 69 73 2e 73 6c 6f 74 49 64 3d 76 6f 69 64 20 30 3b 74 68 69 73 2e 75 6e 69 71 75 65 49 64 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 7d 7d 3b 63 6f 6e 73 74 20 4f 3d 6c 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2c 46 61 3d 21 21 28 4f 26 26 4f 2e 6d 61 72 6b 26 26 4f 2e 6d 65 61 73 75 72 65 26 26 4f 2e 63 6c 65 61 72 4d 61 72 6b 73 29 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 6c 65 74 20 62 3d 21 31 2c 63 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 62 7c 7c 28 63 3d 61 28 29 2c 62 3d 21 30 29 3b 72 65 74 75 72 6e 20 63 7d 7d 28 28 29 3d 3e 7b 76 61 72 20 61 3b 69 66 28 61 3d 46 61 29 7b 76 61 72 20 62 3b 69 66 28 4d 3d 3d 3d 6e 75 6c 6c 29 7b 4d 3d 22 22 3b 74 72 79 7b 61 3d 22 22 3b 74 72 79 7b 61 3d 6c 2e 74 6f 70 2e Data Ascii: taskId=this.slotId=void 0;this.uniqueId=Math.random()}};const O=l.performance,Fa=!!(O&&O.mark&&O.measure&&O.clearMarks),P=function(a){let b=!1,c;return function(){b\|\|(c=a(),b=!0);return c}}(()=>{var a;if(a=Fa){var b;if(M===null){M="";try{a="";try{a=l.top.
2024-10-24 23:04:08 UTC	1378	IN	Data Raw: 5d 3b 66 6f 72 28 6c 65 74 20 68 3d 30 3b 68 3c 61 2e 6c 65 6e 67 74 68 3b 68 2b 2b 29 65 2e 70 75 73 68 28 4a 61 28 61 5b 68 5d 2c 62 2c 63 2c 64 2b 31 2c 66 29 29 3b 72 65 74 75 72 6e 20 65 2e 6a 6f 69 6e 28 63 5b 64 5d 29 7d 7d 65 6c 73 65 20 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 6f 62 6a 65 63 74 22 29 72 65 74 75 72 6e 20 66 7c 7c 28 66 3d 30 29 2c 66 3c 32 3f 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 49 61 28 61 2c 62 2c 63 2c 64 2c 66 2b 31 29 29 3a 22 2e 2e 2e 22 3b 72 65 74 75 72 6e 20 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 53 74 72 69 6e 67 28 61 29 29 7d 66 75 6e 63 74 69 6f 6e 20 4b 61 28 61 29 7b 6c 65 74 20 62 3d 31 3b 66 6f 72 28 63 6f 6e 73 74 20 63 20 69 6e 20 61 2e 68 29 63 2e 6c 65 6e 67 74 68 3e Data Ascii: ];for(let h=0;h<a.length;h++)e.push(Ja(a[h],b,c,d+1,f));return e.join(c[d])}}else if(typeof a==="object")return f\|\|(f=0),f<2?encodeURIComponent(Ia(a,b,c,d,f+1)):"...";return encodeURIComponent(String(a))}function Ka(a){let b=1;for(const c in a.h)c.length>
2024-10-24 23:04:08 UTC	1378	IN	Data Raw: 74 68 2d 31 3b 77 3c 3d 76 61 3b 2b 2b 77 29 6b 5b 77 5d 2e 64 65 70 74 68 3d 76 61 2d 77 3b 67 3d 6c 3b 69 66 28 67 2e 6c 6f 63 61 74 69 6f 6e 26 26 67 2e 6c 6f 63 61 74 69 6f 6e 2e 61 6e 63 65 73 74 6f 72 4f 72 69 67 69 6e 73 26 26 67 2e 6c 6f 63 61 74 69 6f 6e 2e 61 6e 63 65 73 74 6f 72 4f 72 69 67 69 6e 73 2e 6c 65 6e 67 74 68 3d 3d 6b 2e 6c 65 6e 67 74 68 2d 31 29 66 6f 72 28 71 3d 31 3b 71 3c 6b 2e 6c 65 6e 67 74 68 3b 2b 2b 71 29 7b 76 61 72 20 78 3d 6b 5b 71 5d 3b 78 2e 75 72 6c 7c 7c 28 78 2e 75 72 6c 3d 67 2e 6c 6f 63 61 74 69 6f 6e 2e 61 6e 63 65 73 74 6f 72 4f 72 69 67 69 6e 73 5b 71 2d 31 5d 7c 7c 22 22 2c 78 2e 6c 3d 21 30 29 7d 76 61 72 20 74 3d 6b 3b 6c 65 74 20 4e 3d 6e 65 77 20 42 61 28 6c 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 2c 21 Data Ascii: th-1;w<=va;++w)k[w].depth=va-w;g=l;if(g.location&&g.location.ancestorOrigins&&g.location.ancestorOrigins.length==k.length-1)for(q=1;q<k.length;++q){var x=k[q];x.url\|\|(x.url=g.location.ancestorOrigins[q-1]\|\|"",x.l=!0)}var t=k;let N=new Ba(l.location.href,!
2024-10-24 23:04:08 UTC	1378	IN	Data Raw: 6c 65 5f 73 72 74 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 3b 4f 61 28 29 3b 54 3d 6e 65 77 20 4e 61 28 55 29 3b 54 2e 67 3d 28 29 3d 3e 7b 7d 3b 54 2e 69 3d 21 30 3b 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 3d 3d 22 63 6f 6d 70 6c 65 74 65 22 3f 51 61 28 29 3a 55 2e 67 26 26 68 61 28 28 29 3d 3e 7b 51 61 28 29 7d 29 7d 29 28 29 3b 76 61 72 20 52 61 3d 61 3d 3e 7b 54 2e 67 3d 62 3d 3e 7b 65 61 28 61 2c 63 3d 3e 7b 63 28 62 29 7d 29 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 53 61 28 61 29 7b 61 3d 61 3d 3d 3d 6e 75 6c 6c 3f 22 6e 75 6c 6c 22 3a 61 3d 3d 3d 76 6f 69 64 20 30 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 61 3b 48 3d 3d 3d 76 6f 69 64 20 30 26 26 28 48 3d 6a 61 28 29 29 3b 76 61 72 20 62 3d 48 3b 72 65 74 75 72 6e Data Ascii: le_srt=Math.random());Oa();T=new Na(U);T.g=()=>{};T.i=!0;window.document.readyState=="complete"?Qa():U.g&&ha(()=>{Qa()})})();var Ra=a=>{T.g=b=>{ea(a,c=>{c(b)})}};function Sa(a){a=a===null?"null":a===void 0?"undefined":a;H===void 0&&(H=ja());var b=H;return
2024-10-24 23:04:08 UTC	22	IN	Data Raw: 63 61 6c 6c 28 74 68 69 73 29 3b 0a 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: call(this);</script>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.8	49784	216.58.206.34	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:08 UTC	1913	OUT	GET /pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C% [TRUNCATED] Host: googleads.g.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw== Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.queleas.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:09 UTC	759	IN	HTTP/1.1 200 OK P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:09 GMT Server: cafe Cache-Control: private X-XSS-Protection: 0 Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 24-Oct-2024 23:19:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Expires: Thu, 24 Oct 2024 23:04:09 GMT Connection: close Transfer-Encoding: chunked
2024-10-24 23:04:09 UTC	619	IN	Data Raw: 38 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 73 63 72 69 70 74 3e 76 61 72 20 6a 73 63 56 65 72 73 69 6f 6e 20 3d 20 27 72 32 30 32 34 31 30 32 33 27 3b 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 76 61 72 20 67 6f 6f 67 6c 65 5f 63 61 73 6d 3d 5b 5d 3b 3c 2f 73 63 72 69 70 74 3e 3c 73 74 79 6c 65 3e 48 54 4d 4c 2c 42 4f 44 59 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 7d 23 6d 79 73 2d 77 72 61 70 70 65 72 7b 68 65 69 67 68 74 3a 20 31 30 30 25 3b 77 69 64 74 68 3a 31 30 Data Ascii: 8000<!DOCTYPE html><html lang=en><head><meta charset="UTF-8"><script>var jscVersion = 'r20241023';</script><script>var google_casm=[];</script><style>HTML,BODY{height:100%;width:100%;margin:0;padding:0;overflow:hidden;}#mys-wrapper{height: 100%;width:10
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 74 69 76 65 7b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 69 6e 68 65 72 69 74 3b 7d 5b 64 69 72 3d 72 74 6c 5d 20 2e 66 6c 69 70 2d 6f 6e 2d 72 74 6c 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2d 31 2c 31 29 3b 74 72 61 6e 73 66 6f 72 6d 2d 6f 72 69 67 69 6e 3a 63 65 6e 74 65 72 3b 7d 23 6d 79 73 2d 63 6f 6e 74 65 6e 74 7b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 7a 2d 69 6e 64 65 78 3a 30 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 73 74 79 6c 65 20 64 61 74 61 2d 6e 6c 3d 22 62 61 6e 6e 65 72 42 22 20 64 61 74 61 2d 6e 73 3d 22 6e 73 2d 39 6e 6a 6d 37 22 20 78 2d Data Ascii: tive{color:inherit;cursor:pointer;text-decoration:inherit;}[dir=rtl] .flip-on-rtl{transform:scale(-1,1);transform-origin:center;}#mys-content{flex-shrink:0;position:relative;overflow:hidden;z-index:0;}</style><style data-nl="bannerB" data-ns="ns-9njm7" x-
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 7d 2e 6e 73 2d 39 6e 6a 6d 37 2d 65 2d 39 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 33 30 30 3b 2d 6d 79 73 2d 6f 76 65 72 66 6c 6f 77 2d 6c 69 6d 69 74 3a 30 3b 7d 2e 6e 73 2d 39 6e 6a 6d 37 2d 65 2d 31 31 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 33 30 30 3b 2d 6d 79 73 2d 6f 76 65 72 66 6c 6f 77 2d 6c 69 6d 69 74 3a 30 3b 6d 61 72 67 69 6e 3a 31 31 2e 32 70 78 20 30 20 30 20 30 3b 7d 2e 6e 73 2d 39 6e 6a 6d 37 2d 65 2d 31 33 7b 62 6f 78 2d Data Ascii: }.ns-9njm7-e-9{box-sizing:border-box;flex-shrink:0;line-height:1.4em;font-weight:300;-mys-overflow-limit:0;}.ns-9njm7-e-11{box-sizing:border-box;flex-shrink:0;line-height:1.4em;font-weight:300;-mys-overflow-limit:0;margin:11.2px 0 0 0;}.ns-9njm7-e-13{box-
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 25 29 3b 66 69 6c 74 65 72 3a 6f 70 61 63 69 74 79 28 31 30 30 25 29 3b 7d 7d 20 40 6b 65 79 66 72 61 6d 65 73 20 62 6f 75 6e 63 65 7b 66 72 6f 6d 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 2d 31 30 30 25 29 3b 66 69 6c 74 65 72 3a 6f 70 61 63 69 74 79 28 30 25 29 3b 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 25 29 3b 66 69 6c 74 65 72 3a 6f 70 61 63 69 74 79 28 31 30 30 25 29 3b 7d 7d 20 40 6b 65 79 66 72 61 6d 65 73 20 73 6c 69 64 65 2d 69 6e 7b 66 72 6f 6d 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 30 30 25 29 3b 66 69 6c 74 65 72 3a 6f 70 61 63 69 74 79 28 30 25 29 3b 7d 74 6f 7b 74 72 61 6e 73 66 6f Data Ascii: transform:translateY(0%);filter:opacity(100%);}} @keyframes bounce{from{transform:translateY(-100%);filter:opacity(0%);}to{transform:translateY(0%);filter:opacity(100%);}} @keyframes slide-in{from{transform:translateX(-100%);filter:opacity(0%);}to{transfo
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 64 6f 77 3a 30 20 32 70 78 20 32 70 78 20 30 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 35 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 30 37 34 70 78 3b 7d 2e 6e 73 2d 39 6e 6a 6d 37 2d 65 2d 31 36 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 6f 76 65 72 66 6c 6f 77 3a 76 69 73 69 62 6c 65 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 52 6f 62 6f 74 6f 22 2c 52 6f 62 6f 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 6c 69 6e 6b 20 61 73 3d 22 73 74 79 6c 65 22 20 64 61 74 61 2d 72 65 6c 6f 61 64 2d 73 74 79 6c 65 73 68 65 65 74 3d 22 74 72 75 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 25 33 41 33 30 Data Ascii: dow:0 2px 2px 0 rgba(0,0,0,.25);border-radius:1074px;}.ns-9njm7-e-16{color:#fff;overflow:visible;font-family:"Roboto",Roboto,Arial,sans-serif;}</style><link as="style" data-reload-stylesheet="true" href="https://fonts.googleapis.com/css?family=Roboto%3A30
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 30 2c 61 2e 6c 65 6e 67 74 68 2b 31 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 61 2b 22 3a 22 29 7d 63 6f 6e 73 74 20 43 3d 6e 65 77 20 41 28 61 3d 3e 2f 5e 5b 5e 3a 5d 2a 28 5b 2f 3f 23 5d 7c 24 29 2f 2e 74 65 73 74 28 61 29 29 3b 76 61 72 20 44 3d 42 28 22 68 74 74 70 22 29 2c 45 3d 42 28 22 68 74 74 70 73 22 29 2c 46 3d 42 28 22 66 74 70 22 29 2c 47 3d 42 28 22 6d 61 69 6c 74 6f 22 29 3b 63 6f 6e 73 74 20 48 3d 5b 42 28 22 64 61 74 61 22 29 2c 44 2c 45 2c 47 2c 46 2c 43 5d 3b 66 75 6e 63 74 69 6f 6e 20 49 28 61 2c 62 3d 48 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 79 29 72 65 74 75 72 6e 20 61 3b 66 6f 72 28 6c 65 74 20 63 3d 30 3b 63 3c 62 2e 6c 65 6e 67 74 68 3b 2b 2b 63 29 7b 63 6f 6e 73 74 20 64 3d 62 5b 63 5d 3b 69 66 28 64 Data Ascii: 0,a.length+1).toLowerCase()===a+":")}const C=new A(a=>/^[^:]*([/?#]\|$)/.test(a));var D=B("http"),E=B("https"),F=B("ftp"),G=B("mailto");const H=[B("data"),D,E,G,F,C];function I(a,b=H){if(a instanceof y)return a;for(let c=0;c<b.length;++c){const d=b[c];if(d
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 7d 61 26 26 28 4f 3d 28 62 3d 61 2e 6d 61 74 63 68 28 2f 5c 62 64 65 69 64 3d 28 5b 5c 64 2c 5d 2b 29 2f 29 29 3f 62 5b 31 5d 3a 22 22 29 7d 63 61 74 63 68 28 63 29 7b 7d 7d 62 3d 4f 3b 61 3d 21 21 62 2e 69 6e 64 65 78 4f 66 26 26 62 2e 69 6e 64 65 78 4f 66 28 22 31 33 33 37 22 29 3e 3d 30 7d 72 65 74 75 72 6e 20 61 7d 29 3b 66 75 6e 63 74 69 6f 6e 20 56 28 61 29 7b 61 26 26 53 26 26 55 28 29 26 26 28 53 2e 63 6c 65 61 72 4d 61 72 6b 73 28 60 67 6f 6f 67 5f 24 7b 61 2e 6c 61 62 65 6c 7d 5f 24 7b 61 2e 75 6e 69 71 75 65 49 64 7d 5f 73 74 61 72 74 60 29 2c 53 2e 63 6c 65 61 72 4d 61 72 6b 73 28 60 67 6f 6f 67 5f 24 7b 61 2e 6c 61 62 65 6c 7d 5f 24 7b 61 2e 75 6e 69 71 75 65 49 64 7d 5f 65 6e 64 60 29 29 7d 20 63 6c 61 Data Ascii: location.hash}a&&(O=(b=a.match(/\bdeid=([\d,]+)/))?b[1]:"")}catch(c){}}b=O;a=!!b.indexOf&&b.indexOf("1337")>=0}return a});function V(a){a&&S&&U()&&(S.clearMarks(`goog_${a.label}_${a.uniqueId}_start`),S.clearMarks(`goog_${a.label}_${a.uniqueId}_end`))} cla
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 72 65 5f 6a 73 5f 74 69 6d 69 6e 67 7c 7c 28 58 2e 69 3d 21 31 2c 58 2e 67 21 3d 58 2e 6c 2e 67 6f 6f 67 6c 65 5f 6a 73 5f 72 65 70 6f 72 74 69 6e 67 5f 71 75 65 75 65 26 26 28 55 28 29 26 26 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 2e 63 61 6c 6c 28 58 2e 67 2c 56 2c 76 6f 69 64 20 30 29 2c 58 2e 67 2e 6c 65 6e 67 74 68 3d 30 29 29 7d 3b 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 5f 73 72 74 21 3d 3d 22 6e 75 6d 62 65 72 22 26 26 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 5f 73 72 74 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 3b 69 66 28 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 3d 3d 22 63 6f 6d 70 6c 65 74 65 22 29 59 28 29 3b 65 6c 73 65 20 69 66 28 58 2e 69 29 7b 76 61 Data Ascii: re_js_timing\|\|(X.i=!1,X.g!=X.l.google_js_reporting_queue&&(U()&&Array.prototype.forEach.call(X.g,V,void 0),X.g.length=0))};typeof window.google_srt!=="number"&&(window.google_srt=Math.random());if(window.document.readyState=="complete")Y();else if(X.i){va
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 20 61 3f 61 3a 53 79 6d 62 6f 6c 28 22 53 79 6d 62 6f 6c 2e 64 69 73 70 6f 73 65 22 29 7d 29 3b 2f 2a 20 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 20 2a 2f 20 76 61 72 20 6d 3d 74 68 69 73 7c 7c 73 65 6c 66 3b 66 75 6e 63 74 69 6f 6e 20 65 61 28 61 2c 62 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 7d 63 2e 70 72 6f 74 6f 74 79 70 65 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 49 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 70 72 6f 74 6f 74 79 70 65 3d 6e 65 77 20 63 3b 61 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 61 3b 61 2e 61 61 3d 66 75 6e 63 Data Ascii: a?a:Symbol("Symbol.dispose")});/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ var m=this\|\|self;function ea(a,b){function c(){}c.prototype=b.prototype;a.I=b.prototype;a.prototype=new c;a.prototype.constructor=a;a.aa=func
2024-10-24 23:04:09 UTC	1378	IN	Data Raw: 63 3b 74 68 69 73 2e 63 61 70 74 75 72 65 3d 21 21 64 3b 74 68 69 73 2e 73 3d 66 3b 74 68 69 73 2e 6b 65 79 3d 2b 2b 6f 61 3b 74 68 69 73 2e 6d 3d 74 68 69 73 2e 6f 3d 21 31 7d 66 75 6e 63 74 69 6f 6e 20 7a 28 61 29 7b 61 2e 6d 3d 21 30 3b 61 2e 6c 69 73 74 65 6e 65 72 3d 6e 75 6c 6c 3b 61 2e 70 72 6f 78 79 3d 6e 75 6c 6c 3b 61 2e 73 72 63 3d 6e 75 6c 6c 3b 61 2e 73 3d 6e 75 6c 6c 7d 3b 66 75 6e 63 74 69 6f 6e 20 71 61 28 61 29 7b 6c 65 74 20 62 3d 30 3b 66 6f 72 28 63 6f 6e 73 74 20 63 20 69 6e 20 61 29 62 2b 2b 7d 63 6f 6e 73 74 20 72 61 3d 22 63 6f 6e 73 74 72 75 63 74 6f 72 20 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 20 69 73 50 72 6f 74 6f 74 79 70 65 4f 66 20 70 72 6f 70 65 72 74 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 20 74 6f 4c 6f 63 61 6c 65 53 Data Ascii: c;this.capture=!!d;this.s=f;this.key=++oa;this.m=this.o=!1}function z(a){a.m=!0;a.listener=null;a.proxy=null;a.src=null;a.s=null};function qa(a){let b=0;for(const c in a)b++}const ra="constructor hasOwnProperty isPrototypeOf propertyIsEnumerable toLocaleS

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.8	49783	216.58.206.34	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:08 UTC	2255	OUT	GET /pagead/ads?client=ca-pub-4838201668166700&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1729811047&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.queleas.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811043036&bpp=10&bdt=5571&idt=4260&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=1074x280&nras=1&correlator=8300578125854&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=12 [TRUNCATED] Host: googleads.g.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw== Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.queleas.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:08 UTC	696	IN	HTTP/1.1 200 OK P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:08 GMT Server: cafe Content-Length: 0 X-XSS-Protection: 0 Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 24-Oct-2024 23:19:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Expires: Thu, 24 Oct 2024 23:04:08 GMT Cache-Control: private Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.8	49790	216.58.206.34	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:10 UTC	3149	OUT	GET /pagead/adview?ai=CqVJqaNIaZ7nEKY6YjuwP6bS4mQvUyenHesDumbe0E_TCtauuARABIJKKjipgyQagAbzE-JsByAEJqAMByAPLBKoE3QFP0B3-SqaRTdrdBLznVjGlHz_36Gw8aIalPkqk-1_s_14raijXMxGAe__Zq15Di95QmiJCr7eLKdI2QgUbAU2j6FX1irGg37NowBJXUbQw4cEyhDrdDP760kXKWEmPVvEWBppT2qRp5nWmGsXOeB8cvW_uVYLqONOAYFu6g8L3eRydptPJLHEfsI77xQOluyNHcly6_7Agx79gEfcnIQPdJUPMbP3y5u7R3JamAtrB2Dmxv2gNxeAtiC2SQOgjDn14EoCE_SZJatPJzJNLifJnwuZh9xXPKQP0zHhfysAE453j2ecDiAW94-urN5IFBAgEGAGSBQQIBRgEoAYugAesu4fkAqgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ2eIE0ggoCIDhgGAQARgfMgLLAjoLgECAwICAgKCogAJIvf3BOljl_NaokKiJA5oJigJodHRwczovL3d3dy5mbGludGhpbGwub3JnLz91dG1fdGVybT0mdXRtX2NhbXBhaWduPUZlZWRlcnMrJTI2K0NvbXBldGl0aW9uJnV0bV9zb3VyY2U9YWR3b3JkcyZ1dG1fbWVkaXVtPXBwYyZoc2FfYWNjPTkwMTU0MjAwODImaHNhX2NhbT0xNDg1NTg5MzQzNyZoc2FfZ3JwPTEzMDkxNjMzOTQyNyZoc2FfYWQ9NzE3NTExMTMwMzQ5JmhzYV9zcmM9ZCZoc2FfdGd0PWt3ZC0wJmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEQoLEJCYuOmRmI7NwgESAgEDuBPkA9gTDdAVAYAXAbIXHgoaC [TRUNCATED] Host: googleads.g.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw== Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Attribution-Reporting-Eligible: event-source, trigger=navigation-source Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0% [TRUNCATED] Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: test_cookie=CheckForPermission
2024-10-24 23:04:11 UTC	1533	IN	HTTP/1.1 302 Found P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy: script-src 'none'; object-src 'none' Location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9338d61f8f747c260000000000000000","2":"0x774109ff97d52a390000000000000000","3":"0x440f537ead6f247d0000000000000000","4":"0xf50c055c32ee1ceb0000000000000000","5":"0x11f917ef44bd29620000000000000000"},"debug_key":"953228819579463492","debug_reporting":true,"destination":"https://flinthill.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["327033404"],"22":["true"],"4":["10-24"],"6":["true"]},"priority":"500","source_event_id":"15666334058194808161"}&andc=true Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:11 GMT Server: cafe Content-Length: 0 X-XSS-Protection: 0 Set-Cookie: IDE=AHWqTUlaQwApMSXxyNMUPi7Fhdfm-qFZR7wqkk-070wyLXCeDWgODOLlrjA5wtZlnf4; expires=Sat, 24-Oct-2026 23:04:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Set-Cookie: test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.8	49809	216.58.206.34	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:13 UTC	3185	OUT	GET /btr/view?ai=CqVJqaNIaZ7nEKY6YjuwP6bS4mQvUyenHesDumbe0E_TCtauuARABIJKKjipgyQagAbzE-JsByAEJqAMByAPLBKoE3QFP0B3-SqaRTdrdBLznVjGlHz_36Gw8aIalPkqk-1_s_14raijXMxGAe__Zq15Di95QmiJCr7eLKdI2QgUbAU2j6FX1irGg37NowBJXUbQw4cEyhDrdDP760kXKWEmPVvEWBppT2qRp5nWmGsXOeB8cvW_uVYLqONOAYFu6g8L3eRydptPJLHEfsI77xQOluyNHcly6_7Agx79gEfcnIQPdJUPMbP3y5u7R3JamAtrB2Dmxv2gNxeAtiC2SQOgjDn14EoCE_SZJatPJzJNLifJnwuZh9xXPKQP0zHhfysAE453j2ecDiAW94-urN5IFBAgEGAGSBQQIBRgEoAYugAesu4fkAqgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ2eIE0ggoCIDhgGAQARgfMgLLAjoLgECAwICAgKCogAJIvf3BOljl_NaokKiJA5oJigJodHRwczovL3d3dy5mbGludGhpbGwub3JnLz91dG1fdGVybT0mdXRtX2NhbXBhaWduPUZlZWRlcnMrJTI2K0NvbXBldGl0aW9uJnV0bV9zb3VyY2U9YWR3b3JkcyZ1dG1fbWVkaXVtPXBwYyZoc2FfYWNjPTkwMTU0MjAwODImaHNhX2NhbT0xNDg1NTg5MzQzNyZoc2FfZ3JwPTEzMDkxNjMzOTQyNyZoc2FfYWQ9NzE3NTExMTMwMzQ5JmhzYV9zcmM9ZCZoc2FfdGd0PWt3ZC0wJmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEQoLEJCYuOmRmI7NwgESAgEDuBPkA9gTDdAVAYAXAbIXHgoaCAASFH [TRUNCATED] Host: googleads.g.doubleclick.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw== Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Attribution-Reporting-Eligible: event-source;navigation-source, trigger Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4838201668166700&output=html&h=280&slotname=1334458667&adk=3641038832&adf=943920009&pi=t.ma~as.1334458667&w=1074&abgtt=9&fwrn=4&fwrnh=100&lmt=1729811047&rafmt=1&format=1074x280&url=https%3A%2F%2Fwww.queleas.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1729811042978&bpp=58&bdt=5513&idt=4169&shv=r20241023&mjsv=m202410230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=8300578125854&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=95&ady=834&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C95330278%2C95332586%2C95344190%2C95345271%2C31088398%2C95344979&oid=2&pvsid=1508802080077114&tmod=326354993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0% [TRUNCATED] Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: IDE=AHWqTUlaQwApMSXxyNMUPi7Fhdfm-qFZR7wqkk-070wyLXCeDWgODOLlrjA5wtZlnf4
2024-10-24 23:04:13 UTC	493	IN	HTTP/1.1 200 OK P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:13 GMT Server: cafe Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.8	49813	142.250.185.162	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:15 UTC	1797	OUT	GET /btr/view?ai=CqVJqaNIaZ7nEKY6YjuwP6bS4mQvUyenHesDumbe0E_TCtauuARABIJKKjipgyQagAbzE-JsByAEJqAMByAPLBKoE3QFP0B3-SqaRTdrdBLznVjGlHz_36Gw8aIalPkqk-1_s_14raijXMxGAe__Zq15Di95QmiJCr7eLKdI2QgUbAU2j6FX1irGg37NowBJXUbQw4cEyhDrdDP760kXKWEmPVvEWBppT2qRp5nWmGsXOeB8cvW_uVYLqONOAYFu6g8L3eRydptPJLHEfsI77xQOluyNHcly6_7Agx79gEfcnIQPdJUPMbP3y5u7R3JamAtrB2Dmxv2gNxeAtiC2SQOgjDn14EoCE_SZJatPJzJNLifJnwuZh9xXPKQP0zHhfysAE453j2ecDiAW94-urN5IFBAgEGAGSBQQIBRgEoAYugAesu4fkAqgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ2eIE0ggoCIDhgGAQARgfMgLLAjoLgECAwICAgKCogAJIvf3BOljl_NaokKiJA5oJigJodHRwczovL3d3dy5mbGludGhpbGwub3JnLz91dG1fdGVybT0mdXRtX2NhbXBhaWduPUZlZWRlcnMrJTI2K0NvbXBldGl0aW9uJnV0bV9zb3VyY2U9YWR3b3JkcyZ1dG1fbWVkaXVtPXBwYyZoc2FfYWNjPTkwMTU0MjAwODImaHNhX2NhbT0xNDg1NTg5MzQzNyZoc2FfZ3JwPTEzMDkxNjMzOTQyNyZoc2FfYWQ9NzE3NTExMTMwMzQ5JmhzYV9zcmM9ZCZoc2FfdGd0PWt3ZC0wJmhzYV9rdz0maHNhX210PSZoc2FfbmV0PWFkd29yZHMmaHNhX3Zlcj0zJmdhZF9zb3VyY2U9NYAKAcgLAdoMEQoLEJCYuOmRmI7NwgESAgEDuBPkA9gTDdAVAYAXAbIXHgoaCAASFH [TRUNCATED] Host: googleads.g.doubleclick.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw== Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: IDE=AHWqTUlaQwApMSXxyNMUPi7Fhdfm-qFZR7wqkk-070wyLXCeDWgODOLlrjA5wtZlnf4
2024-10-24 23:04:15 UTC	493	IN	HTTP/1.1 200 OK P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:15 GMT Server: cafe Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.8	49814	172.217.16.130	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:15 UTC	605	OUT	GET /getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env HTTP/1.1 Host: ep1.adtrafficquality.google Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.queleas.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.queleas.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:16 UTC	610	IN	HTTP/1.1 200 OK P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Access-Control-Allow-Origin: * Content-Type: application/json; charset=UTF-8 X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Date: Thu, 24 Oct 2024 23:04:15 GMT Server: cafe Cache-Control: private X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 23:04:16 UTC	768	IN	Data Raw: 34 32 36 65 0d 0a 7b 22 73 6f 64 61 72 5f 71 75 65 72 79 5f 69 64 22 3a 22 62 39 49 61 5a 39 7a 68 4e 36 62 6f 78 5f 41 50 36 62 5f 72 2d 51 30 22 2c 22 69 6e 6a 65 63 74 6f 72 5f 62 61 73 65 6e 61 6d 65 22 3a 22 73 6f 64 61 72 32 22 2c 22 62 67 5f 68 61 73 68 5f 62 61 73 65 6e 61 6d 65 22 3a 22 77 43 59 65 49 50 34 62 58 56 30 72 6a 4a 47 70 6c 4c 6c 4c 62 66 6d 6a 49 75 6c 4c 4b 79 4a 74 61 51 33 7a 5a 4d 57 44 4e 55 30 22 2c 22 62 67 5f 62 69 6e 61 72 79 22 3a 22 48 6c 56 6b 53 4b 52 79 4c 50 32 7a 43 45 65 35 6f 4c 32 56 31 61 7a 4b 44 74 50 36 4e 42 58 51 79 79 43 79 34 4f 6e 69 69 2f 48 39 32 33 67 6f 48 51 42 44 2b 46 62 6f 4e 71 54 33 66 4e 42 58 54 4f 4f 48 41 51 70 6b 54 69 54 72 53 6e 68 2b 39 31 5a 68 4b 59 57 32 73 32 78 65 5a 4e 36 4e 43 64 Data Ascii: 426e{"sodar_query_id":"b9IaZ9zhN6box_AP6b_r-Q0","injector_basename":"sodar2","bg_hash_basename":"wCYeIP4bXV0rjJGplLlLbfmjIulLKyJtaQ3zZMWDNU0","bg_binary":"HlVkSKRyLP2zCEe5oL2V1azKDtP6NBXQyyCy4Onii/H923goHQBD+FboNqT3fNBXTOOHAQpkTiTrSnh+91ZhKYW2s2xeZN6NCd
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 75 77 4c 6b 75 31 58 66 4c 78 66 4c 31 57 69 31 73 72 71 33 30 6e 70 76 75 57 73 43 79 53 52 43 38 33 79 4c 76 59 6a 4b 58 62 72 75 45 4e 48 70 79 35 6b 34 62 7a 30 71 53 58 35 64 74 4e 71 57 76 71 6c 71 75 2b 30 58 4f 79 6c 53 5a 33 2f 4f 69 65 6e 4b 41 72 33 30 67 2f 78 61 68 73 35 7a 59 76 79 49 70 47 68 69 74 43 69 55 4e 51 32 36 76 47 63 77 48 52 64 79 5a 57 4f 2b 31 71 67 46 75 61 54 41 47 56 4f 62 43 43 57 35 59 67 73 47 64 37 35 46 7a 73 42 69 52 32 4a 66 61 63 2f 69 37 6e 71 32 68 73 47 7a 39 49 69 78 79 33 34 47 41 47 4b 4c 70 4b 59 63 71 4f 59 59 68 62 59 68 6c 56 43 78 33 70 6a 2f 32 4b 59 6e 6a 57 71 54 30 39 74 54 56 61 6b 56 30 66 30 46 34 6e 57 6a 56 6a 74 37 75 68 4d 6b 68 77 65 2f 38 42 6d 56 48 52 78 38 55 2f 33 39 65 33 31 59 39 4c 4d Data Ascii: uwLku1XfLxfL1Wi1srq30npvuWsCySRC83yLvYjKXbruENHpy5k4bz0qSX5dtNqWvqlqu+0XOylSZ3/OienKAr30g/xahs5zYvyIpGhitCiUNQ26vGcwHRdyZWO+1qgFuaTAGVObCCW5YgsGd75FzsBiR2Jfac/i7nq2hsGz9Iixy34GAGKLpKYcqOYYhbYhlVCx3pj/2KYnjWqT09tTVakV0f0F4nWjVjt7uhMkhwe/8BmVHRx8U/39e31Y9LM
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 45 56 72 37 69 69 65 2b 73 62 46 73 44 6a 56 6c 31 68 42 63 32 5a 73 65 79 36 49 38 51 71 70 63 4a 63 74 58 33 74 2f 73 7a 51 61 37 67 52 2b 57 39 35 41 78 2b 56 35 34 6a 59 31 47 4d 6a 35 44 57 70 36 45 39 44 6d 6f 70 6c 71 35 32 57 6f 46 6f 53 6a 6b 2f 39 61 46 47 61 54 47 42 31 72 6d 43 68 48 79 59 72 35 45 36 42 75 47 36 65 6d 4d 56 71 33 67 2f 74 53 58 68 65 4c 76 71 67 73 54 68 50 2b 72 79 6d 74 30 61 6e 62 4a 31 2f 2b 49 62 30 73 45 6e 37 59 4f 43 46 71 65 58 78 47 77 77 76 6c 52 4c 4f 44 62 58 73 70 57 6f 6e 6d 69 49 49 47 73 75 6d 4e 76 43 78 53 51 33 58 65 50 4b 50 58 65 33 51 63 38 43 5a 34 30 4e 70 76 69 41 56 33 46 4d 4d 58 58 4b 35 4d 4d 49 70 55 48 36 55 76 56 33 7a 47 2f 58 4f 63 47 74 4f 43 70 6a 43 31 62 56 44 4a 6f 6c 62 58 64 73 2f 2b Data Ascii: EVr7iie+sbFsDjVl1hBc2Zsey6I8QqpcJctX3t/szQa7gR+W95Ax+V54jY1GMj5DWp6E9Dmoplq52WoFoSjk/9aFGaTGB1rmChHyYr5E6BuG6emMVq3g/tSXheLvqgsThP+rymt0anbJ1/+Ib0sEn7YOCFqeXxGwwvlRLODbXspWonmiIIGsumNvCxSQ3XePKPXe3Qc8CZ40NpviAV3FMMXXK5MMIpUH6UvV3zG/XOcGtOCpjC1bVDJolbXds/+
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 48 55 53 32 6c 51 58 65 64 74 35 71 2f 6c 69 6b 6a 54 57 2b 75 65 38 39 44 74 70 30 4f 4e 4c 45 54 77 33 53 53 78 43 58 46 55 59 6d 35 53 76 2f 78 39 67 57 4d 62 63 64 74 55 4c 4b 6e 72 57 34 30 63 54 56 2b 65 4b 54 2f 31 7a 52 47 62 71 45 68 6f 4c 54 7a 51 30 38 70 4b 47 76 4b 2b 67 34 75 74 6c 4c 7a 76 5a 36 45 67 6b 42 4f 76 36 2b 51 46 4f 38 66 41 46 36 41 2f 47 65 41 6b 50 57 61 77 63 4f 48 33 39 63 42 4a 67 4a 78 41 38 6a 76 37 47 64 67 56 53 79 36 4b 44 4e 76 44 68 46 71 69 70 70 5a 46 58 70 75 4e 7a 67 71 77 62 50 69 70 30 37 2b 56 57 72 2b 69 64 52 49 6b 43 49 39 47 63 42 45 59 67 34 78 52 52 62 4f 6d 45 6f 54 61 31 75 79 72 69 79 4d 51 6e 7a 41 48 64 76 50 61 78 34 73 44 67 56 7a 70 64 78 4d 2f 51 4a 72 69 6a 6c 36 61 67 79 35 38 30 61 69 44 4d Data Ascii: HUS2lQXedt5q/likjTW+ue89Dtp0ONLETw3SSxCXFUYm5Sv/x9gWMbcdtULKnrW40cTV+eKT/1zRGbqEhoLTzQ08pKGvK+g4utlLzvZ6EgkBOv6+QFO8fAF6A/GeAkPWawcOH39cBJgJxA8jv7GdgVSy6KDNvDhFqippZFXpuNzgqwbPip07+VWr+idRIkCI9GcBEYg4xRRbOmEoTa1uyriyMQnzAHdvPax4sDgVzpdxM/QJrijl6agy580aiDM
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 63 6e 62 76 62 48 65 45 71 37 44 6e 74 69 41 48 6e 78 71 47 52 4c 68 33 62 67 38 64 51 48 4f 79 74 53 51 44 4c 6c 68 31 6a 69 6c 76 4b 6a 74 47 6d 55 75 50 55 76 44 47 55 52 33 4b 70 2f 75 7a 48 2f 4b 78 71 41 6e 57 47 45 41 46 65 75 45 59 66 43 75 31 75 6d 36 4f 77 50 63 76 6a 64 65 46 4a 4b 4d 4e 50 6a 66 4e 32 6a 4c 35 4b 7a 68 62 33 67 32 43 72 65 43 47 33 48 56 33 2f 45 38 37 36 6e 6a 67 64 45 46 72 6d 6e 42 66 4f 32 38 6e 30 2f 34 38 6b 57 2f 70 55 4b 43 62 50 54 78 69 73 71 4a 32 52 77 2f 63 36 33 48 79 6c 42 54 64 53 69 6b 53 71 65 6b 61 67 51 5a 48 4d 39 4e 46 71 45 39 44 65 2f 6b 67 59 2f 36 36 6b 31 63 59 6a 41 53 2f 38 53 53 51 59 49 2f 58 4b 6d 42 79 55 52 49 76 57 6c 6f 74 51 4b 6d 4d 6b 63 67 34 50 67 4f 44 4e 44 76 31 30 66 47 79 62 33 31 Data Ascii: cnbvbHeEq7DntiAHnxqGRLh3bg8dQHOytSQDLlh1jilvKjtGmUuPUvDGUR3Kp/uzH/KxqAnWGEAFeuEYfCu1um6OwPcvjdeFJKMNPjfN2jL5Kzhb3g2CreCG3HV3/E876njgdEFrmnBfO28n0/48kW/pUKCbPTxisqJ2Rw/c63HylBTdSikSqekagQZHM9NFqE9De/kgY/66k1cYjAS/8SSQYI/XKmByURIvWlotQKmMkcg4PgODNDv10fGyb31
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 76 35 52 56 39 4a 44 4a 51 51 44 58 74 71 67 4a 4a 50 38 38 7a 62 31 75 76 72 62 6e 49 69 37 39 6d 36 68 47 71 34 5a 51 54 48 54 4a 38 51 65 74 58 56 68 33 56 39 36 6c 36 30 41 59 44 50 6e 4c 58 70 55 71 73 72 61 34 49 4d 6d 51 78 73 31 79 67 51 68 53 73 78 48 46 64 67 4e 45 75 31 31 30 69 41 75 63 46 70 45 70 50 72 2b 46 2f 4f 6e 39 42 38 63 33 67 4a 41 4a 72 66 47 56 77 38 48 53 32 59 53 48 65 75 6c 6c 44 74 47 73 43 75 6c 42 4f 49 54 4b 34 4d 56 6d 72 4d 35 34 66 71 49 68 55 56 66 65 45 6a 46 67 75 47 54 51 57 4b 50 78 61 51 68 55 39 76 76 47 64 49 71 4c 61 75 31 38 41 69 52 67 37 31 67 63 6b 6d 44 50 77 70 2b 4b 45 63 53 49 4a 63 4f 4c 38 44 37 65 65 63 69 63 49 38 58 42 6d 61 77 32 79 42 32 61 6b 77 75 6f 38 6f 50 76 79 55 6c 78 2b 39 74 4e 4a 68 4e Data Ascii: v5RV9JDJQQDXtqgJJP88zb1uvrbnIi79m6hGq4ZQTHTJ8QetXVh3V96l60AYDPnLXpUqsra4IMmQxs1ygQhSsxHFdgNEu110iAucFpEpPr+F/On9B8c3gJAJrfGVw8HS2YSHeullDtGsCulBOITK4MVmrM54fqIhUVfeEjFguGTQWKPxaQhU9vvGdIqLau18AiRg71gckmDPwp+KEcSIJcOL8D7eecicI8XBmaw2yB2akwuo8oPvyUlx+9tNJhN
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 7a 63 74 46 6f 30 74 6a 5a 6e 48 77 38 46 4b 73 66 5a 2b 71 58 39 7a 45 78 46 52 76 30 43 4b 51 65 62 34 76 5a 4b 5a 67 58 65 66 39 72 66 74 4c 6a 57 41 7a 4b 72 30 6e 53 43 34 39 75 63 51 2b 53 64 76 44 55 44 6f 38 68 59 46 33 52 61 42 7a 43 74 4d 45 72 4c 69 6b 61 47 44 5a 62 39 68 30 6c 36 66 51 66 75 2f 30 74 39 6f 53 72 6d 65 31 49 2b 4d 74 52 4d 2b 41 70 4d 79 4d 6c 61 4e 58 6f 36 50 7a 6d 38 5a 71 37 47 79 6d 6b 48 33 39 70 31 44 5a 32 2f 61 67 7a 4b 39 39 43 77 5a 6c 4d 69 48 52 56 43 4c 36 63 33 41 50 67 4e 4a 6a 75 6d 32 53 57 4d 30 50 56 72 42 2f 56 34 73 30 51 53 55 62 4f 66 41 33 2b 6b 5a 54 55 67 6a 44 53 78 71 55 2f 65 75 62 2f 4e 79 6e 4b 43 6f 4b 7a 42 6f 54 47 43 58 5a 6d 51 74 66 7a 44 73 4b 45 38 70 7a 4e 64 61 72 65 73 5a 55 48 54 68 Data Ascii: zctFo0tjZnHw8FKsfZ+qX9zExFRv0CKQeb4vZKZgXef9rftLjWAzKr0nSC49ucQ+SdvDUDo8hYF3RaBzCtMErLikaGDZb9h0l6fQfu/0t9oSrme1I+MtRM+ApMyMlaNXo6Pzm8Zq7GymkH39p1DZ2/agzK99CwZlMiHRVCL6c3APgNJjum2SWM0PVrB/V4s0QSUbOfA3+kZTUgjDSxqU/eub/NynKCoKzBoTGCXZmQtfzDsKE8pzNdaresZUHTh
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 42 47 53 4c 42 78 42 54 4d 66 6b 76 65 53 47 61 63 50 55 48 63 47 32 38 6e 33 33 43 78 33 74 41 77 6d 55 52 4e 4b 65 65 75 76 6e 70 66 70 38 47 46 6b 75 38 43 76 4f 6c 45 74 57 64 37 75 70 46 32 73 43 2f 61 53 79 47 63 41 63 65 66 74 68 4c 2f 4b 68 4e 6b 2f 5a 48 74 34 56 72 4a 38 49 74 30 53 4e 57 38 59 37 64 6b 5a 77 5a 74 76 31 4a 6a 59 78 50 54 75 52 34 38 6d 69 2b 4b 33 64 65 78 41 6a 67 66 6c 70 52 4b 71 38 68 5a 72 48 30 37 73 33 71 41 34 41 52 62 38 52 6f 70 4c 6e 55 57 74 4d 65 50 7a 7a 2f 41 68 6d 78 6a 69 62 35 64 69 38 68 35 56 76 48 30 4b 59 33 53 68 45 74 43 42 34 63 44 59 44 51 43 54 31 4c 62 56 45 51 53 51 50 2f 53 54 42 2f 4d 4f 41 4b 6b 68 73 4f 7a 32 76 37 68 68 6f 78 79 59 70 76 44 4b 64 7a 78 4b 5a 47 49 4f 4e 4a 37 58 76 54 6a 7a 58 Data Ascii: BGSLBxBTMfkveSGacPUHcG28n33Cx3tAwmURNKeeuvnpfp8GFku8CvOlEtWd7upF2sC/aSyGcAcefthL/KhNk/ZHt4VrJ8It0SNW8Y7dkZwZtv1JjYxPTuR48mi+K3dexAjgflpRKq8hZrH07s3qA4ARb8RopLnUWtMePzz/Ahmxjib5di8h5VvH0KY3ShEtCB4cDYDQCT1LbVEQSQP/STB/MOAKkhsOz2v7hhoxyYpvDKdzxKZGIONJ7XvTjzX
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 79 49 4d 38 66 57 2b 42 4f 78 66 57 69 33 6d 78 4a 6e 36 33 78 4c 63 56 49 75 45 57 6d 32 33 6d 68 69 69 37 4b 41 44 53 69 2f 61 51 4a 49 39 70 6b 4c 43 4b 58 72 4c 62 75 65 72 6a 53 7a 65 54 45 56 51 45 4a 68 72 4c 68 79 57 30 63 76 68 6d 4f 2f 61 50 47 7a 58 6d 31 74 35 30 2b 4c 72 4b 41 62 63 2f 76 49 50 41 4a 62 6c 41 69 5a 46 6f 6e 47 38 70 44 4c 4f 66 4d 6c 68 6d 4b 44 33 5a 58 68 5a 42 32 47 52 46 65 56 34 70 4b 6c 42 54 41 49 47 4e 39 68 74 66 6c 2b 42 77 57 56 4d 48 71 65 30 2f 32 66 49 57 52 32 4d 4c 75 58 72 68 41 50 75 35 74 67 31 65 79 56 51 62 55 4a 4c 78 7a 45 55 79 36 68 65 32 6f 33 6a 65 58 51 6d 4e 46 68 4b 6a 31 6f 48 6c 4d 4e 58 70 53 54 4f 79 77 41 46 34 6c 66 65 70 6d 52 62 38 62 66 4f 2b 55 47 4a 53 33 68 53 48 71 2f 69 4e 48 73 79 Data Ascii: yIM8fW+BOxfWi3mxJn63xLcVIuEWm23mhii7KADSi/aQJI9pkLCKXrLbuerjSzeTEVQEJhrLhyW0cvhmO/aPGzXm1t50+LrKAbc/vIPAJblAiZFonG8pDLOfMlhmKD3ZXhZB2GRFeV4pKlBTAIGN9htfl+BwWVMHqe0/2fIWR2MLuXrhAPu5tg1eyVQbUJLxzEUy6he2o3jeXQmNFhKj1oHlMNXpSTOywAF4lfepmRb8bfO+UGJS3hSHq/iNHsy
2024-10-24 23:04:16 UTC	1378	IN	Data Raw: 51 75 75 34 32 6a 56 45 69 65 71 7a 67 75 79 36 55 35 6b 34 45 78 77 72 31 64 4f 61 6a 61 35 56 42 4e 6a 36 71 72 57 53 58 64 30 4b 54 6f 44 69 4b 51 31 53 72 46 59 6b 6c 77 58 41 34 71 2b 32 76 53 6a 67 49 39 39 64 67 6b 7a 6b 57 30 2f 6c 39 6b 53 36 72 44 38 37 77 32 7a 75 42 42 42 31 62 61 42 51 6f 45 69 35 42 38 63 54 31 4a 52 33 55 63 6f 6c 53 4c 7a 67 6d 61 43 30 6e 38 51 4a 7a 46 50 43 57 61 6a 41 77 63 4d 67 6c 42 4d 33 37 43 6a 70 73 36 32 58 46 6e 34 35 65 49 35 36 47 79 47 78 59 30 59 39 43 6f 64 4f 68 79 67 73 73 47 37 62 69 53 37 56 48 72 58 72 38 51 2f 30 68 51 4e 46 66 39 51 77 54 51 72 45 69 77 4f 50 74 67 30 50 67 52 6a 6e 59 6b 44 42 6d 42 2b 69 78 4c 4d 39 66 32 59 57 49 50 70 4d 77 42 48 36 39 49 79 72 45 58 38 39 6f 52 2f 63 47 4d 66 Data Ascii: Quu42jVEieqzguy6U5k4Exwr1dOaja5VBNj6qrWSXd0KToDiKQ1SrFYklwXA4q+2vSjgI99dgkzkW0/l9kS6rD87w2zuBBB1baBQoEi5B8cT1JR3UcolSLzgmaC0n8QJzFPCWajAwcMglBM37Cjps62XFn45eI56GyGxY0Y9CodOhygssG7biS7VHrXr8Q/0hQNFf9QwTQrEiwOPtg0PgRjnYkDBmB+ixLM9f2YWIPpMwBH69IyrEX89oR/cGMf

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.8	49818	142.250.184.226	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:17 UTC	401	OUT	GET /getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env HTTP/1.1 Host: ep1.adtrafficquality.google Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:17 UTC	610	IN	HTTP/1.1 200 OK P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Access-Control-Allow-Origin: * Content-Type: application/json; charset=UTF-8 X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Date: Thu, 24 Oct 2024 23:04:17 GMT Server: cafe Cache-Control: private X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 23:04:17 UTC	768	IN	Data Raw: 34 31 65 32 0d 0a 7b 22 73 6f 64 61 72 5f 71 75 65 72 79 5f 69 64 22 3a 22 63 64 49 61 5a 37 47 55 44 36 36 5a 6a 75 77 50 79 2d 61 70 75 41 77 22 2c 22 69 6e 6a 65 63 74 6f 72 5f 62 61 73 65 6e 61 6d 65 22 3a 22 73 6f 64 61 72 32 22 2c 22 62 67 5f 68 61 73 68 5f 62 61 73 65 6e 61 6d 65 22 3a 22 31 50 57 4c 52 33 6d 33 32 41 4b 68 32 53 47 4f 32 59 4a 79 7a 56 6f 73 35 38 4d 58 35 77 65 6a 78 31 44 49 49 47 76 6c 69 65 6b 22 2c 22 62 67 5f 62 69 6e 61 72 79 22 3a 22 6d 6c 51 65 34 4a 4c 30 4f 2b 46 50 42 4c 36 2b 33 6f 65 6d 41 68 77 57 65 55 58 46 4f 76 2f 46 37 54 61 45 67 78 33 4e 43 64 4a 78 48 44 47 4a 7a 47 6b 59 44 73 4b 30 6e 31 41 39 69 45 32 6c 52 31 41 68 49 45 4b 54 51 47 53 4c 30 34 77 2f 4d 31 4e 43 77 70 4b 4d 36 52 78 6b 2b 72 6d 79 42 67 Data Ascii: 41e2{"sodar_query_id":"cdIaZ7GUD66ZjuwPy-apuAw","injector_basename":"sodar2","bg_hash_basename":"1PWLR3m32AKh2SGO2YJyzVos58MX5wejx1DIIGvliek","bg_binary":"mlQe4JL0O+FPBL6+3oemAhwWeUXFOv/F7TaEgx3NCdJxHDGJzGkYDsK0n1A9iE2lR1AhIEKTQGSL04w/M1NCwpKM6Rxk+rmyBg
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 55 64 43 39 65 68 69 57 70 33 56 49 4a 45 77 4c 45 74 47 4c 38 32 58 50 58 37 38 71 2f 49 46 51 68 6b 56 6f 74 75 4f 47 4f 50 42 34 41 42 37 76 6b 64 32 33 46 4a 70 59 36 73 43 37 57 2b 47 35 67 45 55 35 79 65 2f 65 46 32 72 48 45 57 68 43 48 31 56 33 4d 56 53 71 76 67 47 61 2b 72 47 76 4d 6c 54 6e 75 50 31 49 59 4e 42 59 69 59 65 34 38 5a 59 74 68 54 6e 67 5a 68 77 34 4e 43 66 36 64 57 61 36 75 68 76 4c 79 42 67 68 34 42 46 54 69 38 46 56 75 46 66 4d 55 6d 4c 6d 6e 57 38 75 65 55 59 61 5a 6d 65 69 4f 73 49 46 6c 4c 33 5a 78 54 56 37 47 6d 56 53 6f 4f 61 46 35 4d 59 45 35 5a 6c 54 48 4b 42 62 4c 69 6a 66 63 39 6f 53 6a 42 66 67 4f 73 64 42 4e 69 2b 72 5a 52 4b 6a 73 31 57 6a 69 67 55 2f 53 53 6f 44 41 4b 73 33 44 47 41 6b 30 6d 41 33 58 61 46 57 56 63 4d Data Ascii: UdC9ehiWp3VIJEwLEtGL82XPX78q/IFQhkVotuOGOPB4AB7vkd23FJpY6sC7W+G5gEU5ye/eF2rHEWhCH1V3MVSqvgGa+rGvMlTnuP1IYNBYiYe48ZYthTngZhw4NCf6dWa6uhvLyBgh4BFTi8FVuFfMUmLmnW8ueUYaZmeiOsIFlL3ZxTV7GmVSoOaF5MYE5ZlTHKBbLijfc9oSjBfgOsdBNi+rZRKjs1WjigU/SSoDAKs3DGAk0mA3XaFWVcM
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 6d 30 63 37 61 57 78 67 30 31 48 66 63 45 68 36 65 67 42 52 4c 4e 7a 71 7a 77 51 57 48 44 74 55 49 49 7a 33 4f 47 56 65 67 6e 39 2b 70 64 6d 63 50 71 56 6a 65 63 74 67 46 42 35 42 6d 49 69 71 75 49 62 78 35 66 65 63 6b 6d 53 6b 44 4e 2f 71 6f 77 72 39 58 36 75 34 39 54 73 69 35 4f 63 56 62 55 75 30 64 69 53 30 34 37 66 45 65 4b 6b 41 71 6d 38 57 59 6d 56 66 75 76 41 6a 47 59 62 35 47 47 63 4c 32 6d 74 72 65 34 4a 38 78 71 48 72 76 6a 52 70 59 79 6b 4e 4f 45 30 6e 62 30 2b 55 42 63 64 31 67 4d 72 62 61 37 47 70 32 76 53 6f 6c 68 68 49 36 55 6b 48 62 46 4d 39 43 4f 4f 6f 44 2b 63 68 30 50 47 71 34 6b 2f 4f 61 49 76 2b 31 67 69 4a 53 4f 39 45 48 61 6e 72 78 78 48 58 44 58 65 4c 44 51 33 48 42 37 67 2b 6c 2f 4e 6a 49 72 58 66 77 47 38 53 56 7a 37 6c 4f 54 54 Data Ascii: m0c7aWxg01HfcEh6egBRLNzqzwQWHDtUIIz3OGVegn9+pdmcPqVjectgFB5BmIiquIbx5feckmSkDN/qowr9X6u49Tsi5OcVbUu0diS047fEeKkAqm8WYmVfuvAjGYb5GGcL2mtre4J8xqHrvjRpYykNOE0nb0+UBcd1gMrba7Gp2vSolhhI6UkHbFM9COOoD+ch0PGq4k/OaIv+1giJSO9EHanrxxHXDXeLDQ3HB7g+l/NjIrXfwG8SVz7lOTT
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 43 35 41 4b 34 64 30 52 47 44 6e 6c 69 79 77 62 7a 71 32 74 70 53 55 4a 78 4c 57 39 4d 33 4f 2b 6c 4a 53 6a 4c 4a 59 71 4e 34 76 49 79 2b 33 35 37 64 49 49 53 6c 43 31 70 48 7a 47 50 79 6c 74 68 4d 72 78 39 5a 67 61 35 7a 4e 55 75 39 43 31 68 51 2f 58 50 51 66 4d 69 36 71 42 67 66 58 64 32 4b 54 62 38 2b 59 58 32 6c 66 69 6b 43 5a 52 75 74 65 43 31 37 35 79 49 62 63 4e 6a 71 7a 57 79 56 49 34 6c 4c 68 59 4e 56 6a 63 49 2b 49 7a 75 64 6e 52 44 4a 6e 53 61 51 36 62 67 4d 46 49 46 51 77 76 58 6d 33 46 6d 54 2f 35 67 45 61 70 5a 2b 6a 4e 6c 4c 68 46 44 51 49 34 4b 2b 2f 68 54 64 64 42 30 67 63 6f 6d 4f 69 38 6a 61 78 63 4a 6a 43 77 67 35 72 73 6c 50 4b 4e 50 62 78 4c 46 34 33 30 50 44 48 4c 45 34 47 55 49 49 67 44 55 32 50 72 36 43 59 6a 71 43 76 54 42 62 6c Data Ascii: C5AK4d0RGDnliywbzq2tpSUJxLW9M3O+lJSjLJYqN4vIy+357dIISlC1pHzGPylthMrx9Zga5zNUu9C1hQ/XPQfMi6qBgfXd2KTb8+YX2lfikCZRuteC175yIbcNjqzWyVI4lLhYNVjcI+IzudnRDJnSaQ6bgMFIFQwvXm3FmT/5gEapZ+jNlLhFDQI4K+/hTddB0gcomOi8jaxcJjCwg5rslPKNPbxLF430PDHLE4GUIIgDU2Pr6CYjqCvTBbl
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 6c 74 79 2b 62 50 43 6c 59 51 63 48 32 53 35 61 41 64 67 77 6a 54 4b 76 58 35 6f 66 79 79 69 6f 39 56 38 78 62 33 6e 76 67 73 68 44 4e 33 6a 5a 58 79 6e 73 61 50 68 77 41 5a 72 35 43 67 76 7a 71 33 63 58 55 61 76 52 77 6a 7a 4d 30 77 43 72 53 39 53 35 7a 53 33 75 50 2b 35 77 47 38 6c 35 68 2f 4f 44 31 73 34 73 45 73 37 46 6f 6c 74 4f 55 56 4c 57 57 30 70 72 4a 43 62 4b 47 30 32 67 45 6a 49 4b 43 68 63 75 41 79 63 57 6c 51 47 35 4e 65 75 2b 56 57 37 38 45 4d 7a 4e 61 74 66 38 4a 4e 72 67 65 77 77 30 6d 5a 74 62 58 5a 65 72 4c 53 70 2b 42 50 79 53 6b 2f 57 56 41 34 2f 49 67 52 79 30 75 51 41 56 6d 52 74 30 4e 61 6c 33 33 73 42 57 53 43 6e 33 6c 6f 76 72 6b 66 52 78 48 70 73 64 4c 66 39 58 68 52 56 6d 6d 4b 71 64 36 57 2b 57 4a 35 69 44 70 35 68 39 53 4b 32 Data Ascii: lty+bPClYQcH2S5aAdgwjTKvX5ofyyio9V8xb3nvgshDN3jZXynsaPhwAZr5Cgvzq3cXUavRwjzM0wCrS9S5zS3uP+5wG8l5h/OD1s4sEs7FoltOUVLWW0prJCbKG02gEjIKChcuAycWlQG5Neu+VW78EMzNatf8JNrgeww0mZtbXZerLSp+BPySk/WVA4/IgRy0uQAVmRt0Nal33sBWSCn3lovrkfRxHpsdLf9XhRVmmKqd6W+WJ5iDp5h9SK2
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 74 76 61 35 52 4b 31 50 4c 67 72 4b 31 56 4c 68 6a 2f 39 79 6f 49 32 68 35 55 4a 6d 50 73 71 71 7a 36 53 66 36 4d 2b 4d 61 71 66 42 70 43 48 41 5a 51 49 38 7a 38 5a 2f 75 34 38 51 6d 38 45 39 4f 2b 69 6a 41 73 6c 30 48 67 79 56 5a 70 77 4a 65 72 4a 30 70 37 6d 69 6b 78 73 76 31 57 46 30 45 33 44 68 4d 4c 6c 32 6d 63 69 72 74 51 74 4f 5a 73 35 32 62 55 68 6d 55 72 4c 33 38 72 31 65 68 7a 65 6f 61 6f 56 75 45 72 7a 58 59 70 73 43 61 4f 64 68 31 64 32 6c 4c 47 6c 48 58 51 50 30 4b 61 57 32 45 75 6b 30 34 6c 50 39 2f 2f 5a 4b 41 2f 78 2f 4b 4f 52 71 64 6b 70 6f 31 68 34 45 75 62 66 69 56 6b 6c 2f 50 6e 70 4b 59 4b 61 6a 43 42 6c 36 6c 52 32 54 54 4f 48 2f 42 6a 74 75 56 43 59 55 56 34 6c 4c 42 53 38 41 75 7a 62 2b 5a 66 51 4e 4f 49 36 76 76 65 6a 7a 6e 35 54 Data Ascii: tva5RK1PLgrK1VLhj/9yoI2h5UJmPsqqz6Sf6M+MaqfBpCHAZQI8z8Z/u48Qm8E9O+ijAsl0HgyVZpwJerJ0p7mikxsv1WF0E3DhMLl2mcirtQtOZs52bUhmUrL38r1ehzeoaoVuErzXYpsCaOdh1d2lLGlHXQP0KaW2Euk04lP9//ZKA/x/KORqdkpo1h4EubfiVkl/PnpKYKajCBl6lR2TTOH/BjtuVCYUV4lLBS8Auzb+ZfQNOI6vvejzn5T
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 41 54 34 4f 79 52 44 54 43 6e 35 31 52 46 53 70 5a 65 70 65 35 62 53 55 47 43 2b 6b 6a 4e 63 34 33 34 57 5a 55 51 74 73 59 52 38 36 34 6d 36 34 61 51 51 65 6b 4f 41 66 48 4d 64 2b 45 42 77 6e 54 73 78 74 52 34 55 61 67 49 4a 6a 41 6d 37 38 54 43 4f 57 37 6e 52 75 4d 31 6a 2f 71 70 4c 78 79 37 6b 6d 79 5a 75 64 77 4a 58 36 6b 69 56 54 6f 6b 51 2f 4f 74 2f 64 2b 2b 71 71 4d 74 30 7a 7a 57 38 65 68 49 2b 70 64 78 76 4d 72 6b 37 72 4b 73 38 4a 48 73 74 39 76 67 6d 45 47 76 45 4e 41 6c 38 68 58 6c 6c 53 32 61 51 34 43 39 72 59 2f 6c 61 59 56 71 77 4c 70 68 54 52 2f 33 41 6f 48 76 43 30 32 6a 32 64 31 72 52 38 44 69 6f 77 44 6b 30 30 36 2f 63 43 77 64 2b 75 48 51 42 52 4b 78 74 30 4a 50 36 48 6e 7a 69 4a 65 30 70 59 36 55 7a 79 76 52 6e 75 73 42 75 61 57 37 49 Data Ascii: AT4OyRDTCn51RFSpZepe5bSUGC+kjNc434WZUQtsYR864m64aQQekOAfHMd+EBwnTsxtR4UagIJjAm78TCOW7nRuM1j/qpLxy7kmyZudwJX6kiVTokQ/Ot/d++qqMt0zzW8ehI+pdxvMrk7rKs8JHst9vgmEGvENAl8hXllS2aQ4C9rY/laYVqwLphTR/3AoHvC02j2d1rR8DiowDk006/cCwd+uHQBRKxt0JP6HnziJe0pY6UzyvRnusBuaW7I
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 67 2f 4a 68 2f 6a 36 36 2b 69 34 55 5a 6b 52 57 4e 54 36 72 71 6d 2f 2b 4a 6f 7a 63 78 65 65 30 43 63 71 63 2b 35 58 43 4f 49 64 6c 49 5a 41 43 35 30 52 35 4d 5a 6b 52 56 38 4f 50 6d 30 64 52 68 49 43 32 72 69 30 48 7a 74 39 66 54 4b 42 2f 31 79 48 75 42 4d 4c 46 50 72 5a 73 74 58 6f 7a 79 54 72 47 37 5a 35 39 7a 67 55 75 51 65 5a 52 51 71 48 43 53 6a 33 37 77 33 33 70 6a 4f 41 35 6b 45 73 47 76 39 6c 50 4b 42 71 41 37 50 48 2b 50 6b 51 57 37 36 6f 34 63 49 4e 42 77 35 78 59 77 51 6d 46 2b 30 2f 69 4a 76 43 6c 42 6a 45 36 66 56 46 42 4f 39 55 69 72 30 48 52 46 49 56 61 34 4c 38 69 74 57 37 4a 53 78 49 33 56 79 7a 6f 6e 7a 73 2f 44 38 52 72 4e 53 75 4d 6e 47 65 46 59 72 77 37 69 77 31 6a 68 5a 4f 6b 51 35 77 54 6c 69 31 32 5a 4a 6e 38 50 6f 68 6d 56 66 7a Data Ascii: g/Jh/j66+i4UZkRWNT6rqm/+Jozcxee0Ccqc+5XCOIdlIZAC50R5MZkRV8OPm0dRhIC2ri0Hzt9fTKB/1yHuBMLFPrZstXozyTrG7Z59zgUuQeZRQqHCSj37w33pjOA5kEsGv9lPKBqA7PH+PkQW76o4cINBw5xYwQmF+0/iJvClBjE6fVFBO9Uir0HRFIVa4L8itW7JSxI3Vyzonzs/D8RrNSuMnGeFYrw7iw1jhZOkQ5wTli12ZJn8PohmVfz
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 69 75 6a 41 42 34 6d 2b 4c 6d 4b 7a 75 55 64 39 74 6d 66 48 37 53 4d 57 33 54 62 35 54 4f 61 50 36 47 39 50 78 6b 57 48 33 31 61 69 6f 4a 50 71 4d 43 61 69 30 50 48 45 4c 53 4c 71 77 4a 6d 47 6e 77 6b 75 32 4f 62 31 45 53 54 6c 53 77 35 51 50 63 55 67 50 32 78 49 2b 2b 32 41 53 33 51 4e 5a 56 68 54 4e 4b 46 6c 41 33 72 56 68 44 6f 46 36 78 48 59 57 31 4c 43 2b 4d 4a 68 58 34 39 46 6a 51 76 2b 58 2f 43 5a 47 69 48 51 2b 73 39 4a 69 67 78 71 49 70 4c 32 72 74 36 74 69 45 72 58 6e 72 67 58 49 69 6f 73 4a 6f 51 4f 55 2b 73 55 73 2f 78 43 34 38 39 30 70 2b 53 47 61 30 55 52 68 73 33 4d 41 64 71 51 62 31 6f 53 30 74 30 6d 7a 52 33 2b 52 59 58 61 32 75 76 44 55 31 39 69 6e 47 51 55 47 4d 4e 35 38 53 7a 72 35 42 32 7a 34 75 31 45 6f 77 69 45 64 2b 65 42 56 5a 39 Data Ascii: iujAB4m+LmKzuUd9tmfH7SMW3Tb5TOaP6G9PxkWH31aioJPqMCai0PHELSLqwJmGnwku2Ob1ESTlSw5QPcUgP2xI++2AS3QNZVhTNKFlA3rVhDoF6xHYW1LC+MJhX49FjQv+X/CZGiHQ+s9JigxqIpL2rt6tiErXnrgXIiosJoQOU+sUs/xC4890p+SGa0URhs3MAdqQb1oS0t0mzR3+RYXa2uvDU19inGQUGMN58Szr5B2z4u1EowiEd+eBVZ9
2024-10-24 23:04:17 UTC	1378	IN	Data Raw: 43 6a 6b 55 76 52 53 4c 32 62 6d 38 50 4e 70 53 4e 6a 67 4e 36 75 30 4a 69 7a 51 39 41 6b 45 34 68 38 45 53 6d 35 61 4f 4b 5a 7a 42 43 58 6c 76 55 77 61 32 4d 6a 54 71 4c 32 54 6a 45 63 53 6d 4e 43 67 42 67 47 6d 37 43 6e 67 68 45 32 64 62 54 55 33 57 47 6e 58 72 76 65 79 46 41 68 71 34 4e 79 70 41 6f 69 48 72 53 6c 4f 63 44 54 41 42 4d 68 33 6b 55 78 4a 68 6b 36 45 41 4a 4b 41 63 7a 78 75 67 6d 71 66 37 6d 48 4f 68 73 69 2b 43 44 4a 55 78 4c 34 58 2f 4a 65 78 50 51 59 44 69 57 52 55 47 42 7a 65 41 47 62 32 48 6a 33 33 6e 49 72 5a 4f 65 42 4f 6f 52 62 4b 48 30 4e 50 56 70 75 36 2b 61 75 6d 50 50 42 46 67 4a 7a 59 49 69 64 39 5a 7a 47 34 2f 34 59 65 2f 4c 37 37 35 2b 69 36 66 51 4a 38 4c 63 30 33 6c 6e 61 43 4d 55 4f 76 67 6d 63 59 58 79 53 65 50 4b 6e 62 Data Ascii: CjkUvRSL2bm8PNpSNjgN6u0JizQ9AkE4h8ESm5aOKZzBCXlvUwa2MjTqL2TjEcSmNCgBgGm7CnghE2dbTU3WGnXrveyFAhq4NypAoiHrSlOcDTABMh3kUxJhk6EAJKAczxugmqf7mHOhsi+CDJUxL4X/JexPQYDiWRUGBzeAGb2Hj33nIrZOeBOoRbKH0NPVpu6+aumPPBFgJzYIid9ZzG4/4Ye/L775+i6fQJ8Lc03lnaCMUOvgmcYXySePKnb

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.8	49820	142.250.184.225	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:18 UTC	737	OUT	GET /sodar/sodar2/232/runner.html HTTP/1.1 Host: ep2.adtrafficquality.google Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: iframe Referer: https://www.queleas.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:20 UTC	688	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs" Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} Content-Length: 13020 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 22:48:11 GMT Expires: Thu, 24 Oct 2024 23:38:11 GMT Cache-Control: public, max-age=3000 Age: 967 Last-Modified: Mon, 23 Sep 2024 18:12:21 GMT Content-Type: text/html Vary: Accept-Encoding Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 23:04:20 UTC	690	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 66 75 6e 63 74 69 6f 6e 20 6d 28 61 29 7b 76 61 72 20 62 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 62 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 76 61 72 20 70 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d Data Ascii: <!DOCTYPE html><meta charset=utf-8><script>(function(){'use strict';function m(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var p=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 69 66 28 21 63 7c 7c 61 21 3d 6e 75 6c 6c 29 7b 63 3d 77 5b 62 5d 3b 69 66 28 63 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 61 5b 62 5d 3b 63 3d 61 5b 63 5d 3b 72 65 74 75 72 6e 20 63 21 3d 3d 76 6f 69 64 20 30 3f 63 3a 61 5b 62 5d 7d 7d 0a 66 75 6e 63 74 69 6f 6e 20 79 28 61 2c 62 2c 63 29 7b 69 66 28 62 29 61 3a 7b 76 61 72 20 65 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 61 3d 65 2e 6c 65 6e 67 74 68 3d 3d 3d 31 3b 76 61 72 20 66 3d 65 5b 30 5d 2c 68 3b 21 61 26 26 66 20 69 6e 20 76 3f 68 3d 76 3a 68 3d 72 3b 66 6f 72 28 66 3d 30 3b 66 3c 65 2e 6c 65 6e 67 74 68 2d 31 3b 66 2b 2b 29 7b 76 61 72 20 64 3d 65 5b 66 5d 3b 69 66 28 21 28 64 20 69 6e 20 68 29 29 62 72 65 61 6b 20 61 3b 68 3d 68 5b 64 5d 7d 65 3d 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 3b 63 3d Data Ascii: if(!c\|\|a!=null){c=w[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}}function y(a,b,c){if(b)a:{var e=a.split(".");a=e.length===1;var f=e[0],h;!a&&f in v?h=v:h=r;for(f=0;f<e.length-1;f++){var d=e[f];if(!(d in h))break a;h=h[d]}e=e[e.length-1];c=
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 63 61 28 61 2c 62 29 7b 61 2e 72 61 77 3d 62 3b 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 26 26 28 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 61 29 2c 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 62 29 29 3b 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 41 28 61 29 7b 76 61 72 20 62 3d 74 79 70 65 6f 66 20 76 2e 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 78 28 76 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 26 26 61 5b 78 28 76 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 6d 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f Data Ascii: ca(a,b){a.raw=b;Object.freeze&&(Object.freeze(a),Object.freeze(b));return a}function A(a){var b=typeof v.Symbol!="undefined"&&x(v.Symbol,"iterator")&&a[x(v.Symbol,"iterator")];if(b)return b.call(a);if(typeof a.length=="number")return{next:m(a)};throw Erro
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 6e 20 61 2e 67 2e 6a 3d 21 31 2c 66 3b 76 61 72 20 68 3d 66 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 64 29 7b 72 65 74 75 72 6e 20 61 2e 67 2e 68 3d 6e 75 6c 6c 2c 48 28 61 2e 67 2c 64 29 2c 4b 28 61 29 7d 61 2e 67 2e 68 3d 6e 75 6c 6c 3b 65 2e 63 61 6c 6c 28 61 2e 67 2c 68 29 3b 72 65 74 75 72 6e 20 4b 28 61 29 7d 66 75 6e 63 74 69 6f 6e 20 4b 28 61 29 7b 66 6f 72 28 3b 61 2e 67 2e 67 3b 29 74 72 79 7b 76 61 72 20 62 3d 61 2e 68 28 61 2e 67 29 3b 69 66 28 62 29 72 65 74 75 72 6e 20 61 2e 67 2e 6a 3d 21 31 2c 7b 76 61 6c 75 65 3a 62 2e 76 61 6c 75 65 2c 64 6f 6e 65 3a 21 31 7d 7d 63 61 74 63 68 28 63 29 7b 61 2e 67 2e 6c 3d 76 6f 69 64 20 30 2c 48 28 61 2e 67 2c 63 29 7d 61 2e 67 2e 6a 3d 21 31 3b 69 66 28 61 2e 67 2e 69 29 7b 62 3d 61 2e 67 2e 69 3b 61 2e Data Ascii: n a.g.j=!1,f;var h=f.value}catch(d){return a.g.h=null,H(a.g,d),K(a)}a.g.h=null;e.call(a.g,h);return K(a)}function K(a){for(;a.g.g;)try{var b=a.h(a.g);if(b)return a.g.j=!1,{value:b.value,done:!1}}catch(c){a.g.l=void 0,H(a.g,c)}a.g.j=!1;if(a.g.i){b=a.g.i;a.
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 7b 66 28 64 2c 30 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 3b 74 68 69 73 2e 67 26 26 74 68 69 73 2e 67 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 64 3d 74 68 69 73 2e 67 3b 74 68 69 73 2e 67 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 67 3d 30 3b 67 3c 64 2e 6c 65 6e 67 74 68 3b 2b 2b 67 29 7b 76 61 72 20 6b 3d 0a 64 5b 67 5d 3b 64 5b 67 5d 3d 6e 75 6c 6c 3b 74 72 79 7b 6b 28 29 7d 63 61 74 63 68 28 6c 29 7b 74 68 69 73 2e 6a 28 6c 29 7d 7d 7d 74 68 69 73 2e 67 3d 6e 75 6c 6c 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 3d 66 75 6e 63 74 69 6f 6e 28 64 29 7b 74 68 69 73 2e 69 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 64 3b 7d 29 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 3d 66 75 6e 63 74 69 6f Data Ascii: {f(d,0)};c.prototype.l=function(){for(;this.g&&this.g.length;){var d=this.g;this.g=[];for(var g=0;g<d.length;++g){var k=d[g];d[g]=null;try{k()}catch(l){this.j(l)}}}this.g=null};c.prototype.j=function(d){this.i(function(){throw d;})};b.prototype.j=functio
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 6c 61 62 6c 65 3a 21 30 7d 29 3a 28 64 3d 72 2e 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 76 65 6e 74 28 22 43 75 73 74 6f 6d 45 76 65 6e 74 22 29 2c 64 2e 69 6e 69 74 43 75 73 74 6f 6d 45 76 65 6e 74 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 21 31 2c 21 30 2c 64 29 29 3b 64 2e 70 72 6f 6d 69 73 65 3d 74 68 69 73 3b 64 2e 72 65 61 73 6f 6e 3d 74 68 69 73 2e 69 3b 72 65 74 75 72 6e 20 6b 28 64 29 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 52 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 67 21 3d 6e 75 6c 6c 29 7b 66 6f 72 28 76 61 72 20 64 3d 30 3b 64 3c 74 68 69 73 2e 67 2e 6c 65 6e 67 74 68 3b 2b 2b 64 29 68 2e 68 28 74 68 69 73 2e 67 5b 64 5d 29 3b 74 68 69 73 2e 67 3d 6e 75 6c 6c 7d 7d 3b 76 61 72 20 68 3d 6e Data Ascii: lable:!0}):(d=r.document.createEvent("CustomEvent"),d.initCustomEvent("unhandledrejection",!1,!0,d));d.promise=this;d.reason=this.i;return k(d)};b.prototype.R=function(){if(this.g!=null){for(var d=0;d<this.g.length;++d)h.h(this.g[d]);this.g=null}};var h=n
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 50 3d 76 2e 67 6c 6f 62 61 6c 54 68 69 73 2e 74 72 75 73 74 65 64 54 79 70 65 73 2c 51 3b 66 75 6e 63 74 69 6f 6e 20 6c 61 28 29 7b 76 61 72 20 61 3d 6e 75 6c 6c 3b 69 66 28 21 50 29 72 65 74 75 72 6e 20 61 3b 74 72 79 7b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 63 7d 3b 61 3d 50 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 67 6f 6f 67 23 68 74 6d 6c 22 2c 7b 63 72 65 61 74 65 48 54 4d 4c 3a 62 2c 63 72 65 61 74 65 53 63 72 69 70 74 3a 62 2c 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 62 7d 29 7d 63 61 74 63 68 28 63 29 7b 7d 72 65 74 75 72 6e 20 61 7d 3b 66 75 6e 63 74 69 6f 6e 20 52 28 61 Data Ascii: SPDX-License-Identifier: Apache-2.0*/var P=v.globalThis.trustedTypes,Q;function la(){var a=null;if(!P)return a;try{var b=function(c){return c};a=P.createPolicy("goog#html",{createHTML:b,createScript:b,createScriptURL:b})}catch(c){}return a};function R(a
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 61 70 70 65 6e 64 43 68 69 6c 64 28 64 29 7d 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 70 61 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 76 2e 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 62 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 62 28 76 6f 69 64 20 30 29 7d 2c 61 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 71 61 28 61 29 7b 61 3d 61 3d 3d 3d 76 6f 69 64 20 30 3f 64 6f 63 75 6d 65 6e 74 3a 61 3b 72 65 74 75 72 6e 20 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 6d 67 22 29 7d 3b 76 61 72 20 72 61 3d 7a 28 5b 22 68 74 74 70 73 3a 2f 2f 65 70 31 2e 61 64 74 72 61 66 66 69 63 71 75 61 6c 69 74 79 2e 67 6f 6f 67 6c 65 2f 62 67 2f 22 2c 22 2e 6a 73 22 5d 29 2c 73 61 3d 7a 28 5b 22 68 74 Data Ascii: appendChild(d)})};function pa(a){return new v.Promise(function(b){setTimeout(function(){return void b(void 0)},a)})}function qa(a){a=a===void 0?document:a;return a.createElement("img")};var ra=z(["https://ep1.adtrafficquality.google/bg/",".js"]),sa=z(["ht
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 39 5d 29 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 43 61 28 61 2c 62 29 7b 62 2e 64 61 74 61 3d 3d 3d 22 47 6f 6f 67 6c 65 42 61 73 52 59 6f 43 4a 6c 56 45 42 22 3f 28 62 3d 62 2e 70 6f 72 74 73 5b 30 5d 2c 62 2e 6f 6e 6d 65 73 73 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 44 61 28 61 2c 63 29 7d 2c 62 2e 70 6f 73 74 4d 65 73 73 61 67 65 28 22 22 29 29 3a 28 62 3d 42 61 28 62 2e 64 61 74 61 29 29 26 26 45 61 28 61 2c 62 29 7d 0a 66 75 6e 63 74 69 6f 6e 20 44 61 28 61 2c 62 29 7b 76 61 72 20 63 2c 65 2c 66 2c 68 3b 72 65 74 75 72 6e 20 4c 28 66 75 6e 63 74 69 6f 6e 28 64 29 7b 73 77 69 74 63 68 28 64 2e 67 29 7b 63 61 73 65 20 31 3a 63 3d 62 2e 64 61 74 61 3b 65 3d 62 2e 70 6f 72 74 73 5b 30 5d 3b 69 66 28 63 5b 30 5d 3d 3d 3d 31 26 26 Data Ascii: 9])}};function Ca(a,b){b.data==="GoogleBasRYoCJlVEB"?(b=b.ports[0],b.onmessage=function(c){return Da(a,c)},b.postMessage("")):(b=Ba(b.data))&&Ea(a,b)}function Da(a,b){var c,e,f,h;return L(function(d){switch(d.g){case 1:c=b.data;e=b.ports[0];if(c[0]===1&&
2024-10-24 23:04:20 UTC	1306	IN	Data Raw: 69 64 20 30 3f 21 31 3a 62 2e 6f 29 2c 66 3d 62 3d 3d 3d 76 6f 69 64 20 30 7c 7c 62 2e 4e 21 3d 3d 22 30 22 3b 63 21 3d 3d 21 31 26 26 66 7c 7c 28 65 2e 75 72 6c 3d 65 2e 6f 3f 22 68 74 74 70 73 3a 2f 2f 65 70 31 2e 61 64 74 72 61 66 66 69 63 71 75 61 6c 69 74 79 2e 67 6f 6f 67 6c 65 2f 70 61 67 65 61 64 2f 73 6f 64 61 72 3f 69 64 3d 73 6f 64 61 72 32 26 76 3d 32 33 31 22 3a 22 68 74 74 70 73 3a 2f 2f 70 61 67 65 61 64 32 2e 67 6f 6f 67 6c 65 73 79 6e 64 69 63 61 74 69 6f 6e 2e 63 6f 6d 2f 70 61 67 65 61 64 2f 73 6f 64 61 72 3f 69 64 3d 73 6f 64 61 72 32 26 76 3d 32 33 31 22 29 3b 57 28 65 2c 22 74 22 2c 61 29 3b 62 26 26 28 57 28 65 2c 22 6c 69 22 2c 62 2e 50 29 2c 57 28 65 2c 62 2e 63 6f 6e 74 65 78 74 3d 3d 3d 22 63 72 22 3f 22 62 67 61 69 22 3a 22 6a Data Ascii: id 0?!1:b.o),f=b===void 0\|\|b.N!=="0";c!==!1&&f\|\|(e.url=e.o?"https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=231":"https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=231");W(e,"t",a);b&&(W(e,"li",b.P),W(e,b.context==="cr"?"bgai":"j

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.8	49819	172.217.18.4	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:18 UTC	810	OUT	GET /recaptcha/api2/aframe HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIk6HLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw== Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: iframe Referer: https://www.queleas.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:20 UTC	1117	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Expires: Thu, 24 Oct 2024 23:04:18 GMT Date: Thu, 24 Oct 2024 23:04:18 GMT Cache-Control: private, max-age=300 Content-Security-Policy: script-src 'report-sample' 'nonce-YjbfMGLeWNKGcrMC_F2G-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 23:04:20 UTC	261	IN	Data Raw: 33 33 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 59 6a 62 66 4d 47 4c 65 57 4e 4b 47 63 72 4d 43 5f 46 32 47 2d 67 22 3e 2f 2a 2a 20 41 6e 74 69 2d 66 72 61 75 64 20 61 6e 64 20 61 6e 74 69 2d 61 62 75 73 65 20 61 70 70 6c 69 63 61 74 69 6f 6e 73 20 6f 6e 6c 79 2e 20 53 65 65 20 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 20 2a 2f 20 74 72 79 7b 76 61 72 20 63 6c 69 65 6e 74 73 3d 7b 27 73 6f 64 61 72 27 3a 27 68 Data Ascii: 33d<!DOCTYPE HTML><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"></head><body><script nonce="YjbfMGLeWNKGcrMC_F2G-g">/** Anti-fraud and anti-abuse applications only. See google.com/recaptcha */ try{var clients={'sodar':'h
2024-10-24 23:04:20 UTC	575	IN	Data Raw: 2f 70 61 67 65 61 64 32 2e 67 6f 6f 67 6c 65 73 79 6e 64 69 63 61 74 69 6f 6e 2e 63 6f 6d 2f 70 61 67 65 61 64 2f 73 6f 64 61 72 3f 27 7d 3b 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6d 65 73 73 61 67 65 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 72 79 7b 69 66 28 61 2e 73 6f 75 72 63 65 3d 3d 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 76 61 72 20 62 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 61 2e 64 61 74 61 29 3b 76 61 72 20 63 3d 63 6c 69 65 6e 74 73 5b 62 5b 27 69 64 27 5d 5d 3b 69 66 28 63 29 7b 76 61 72 20 64 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 6d 67 27 29 3b 64 2e 73 72 63 3d 63 2b 62 5b 27 70 61 72 61 6d 73 27 5d 2b 27 26 72 63 3d 27 2b 28 6c 6f 63 61 6c 53 74 6f 72 61 67 Data Ascii: /pagead2.googlesyndication.com/pagead/sodar?'};window.addEventListener("message",function(a){try{if(a.source===window.parent){var b=JSON.parse(a.data);var c=clients[b['id']];if(c){var d=document.createElement('img');d.src=c+b['params']+'&rc='+(localStorag
2024-10-24 23:04:20 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.8	49821	142.250.186.129	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:20 UTC	366	OUT	GET /sodar/sodar2.js HTTP/1.1 Host: ep2.adtrafficquality.google Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:20 UTC	665	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs" Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} Content-Length: 17945 Date: Thu, 24 Oct 2024 23:04:20 GMT Expires: Thu, 24 Oct 2024 23:04:20 GMT Cache-Control: private, max-age=3000 ETag: "1727224258380615" X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 23:04:20 UTC	713	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 66 75 6e 63 74 69 6f 6e 20 61 61 28 61 29 7b 76 61 72 20 62 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 62 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 76 61 72 20 6b 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 7c 7c 61 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 Data Ascii: (function(){'use strict';function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var k=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 64 20 30 3f 63 3a 61 5b 62 5d 7d 7d 0a 66 75 6e 63 74 69 6f 6e 20 78 28 61 2c 62 2c 63 29 7b 69 66 28 62 29 61 3a 7b 76 61 72 20 64 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 61 3d 64 2e 6c 65 6e 67 74 68 3d 3d 3d 31 3b 76 61 72 20 67 3d 64 5b 30 5d 2c 66 3b 21 61 26 26 67 20 69 6e 20 72 3f 66 3d 72 3a 66 3d 6e 3b 66 6f 72 28 67 3d 30 3b 67 3c 64 2e 6c 65 6e 67 74 68 2d 31 3b 67 2b 2b 29 7b 76 61 72 20 65 3d 64 5b 67 5d 3b 69 66 28 21 28 65 20 69 6e 20 66 29 29 62 72 65 61 6b 20 61 3b 66 3d 66 5b 65 5d 7d 64 3d 64 5b 64 2e 6c 65 6e 67 74 68 2d 31 5d 3b 63 3d 70 26 26 63 3d 3d 3d 22 65 73 36 22 3f 66 5b 64 5d 3a 6e 75 6c 6c 3b 62 3d 62 28 63 29 3b 62 21 3d 6e 75 6c 6c 26 26 28 61 3f 6b 28 72 2c 64 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 Data Ascii: d 0?c:a[b]}}function x(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var g=d[0],f;!a&&g in r?f=r:f=n;for(g=0;g<d.length-1;g++){var e=d[g];if(!(e in f))break a;f=f[e]}d=d[d.length-1];c=p&&c==="es6"?f[d]:null;b=b(c);b!=null&&(a?k(r,d,{configurable:!0,wr
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 3b 72 65 74 75 72 6e 20 61 7d 66 75 6e 63 74 69 6f 6e 20 65 61 28 61 29 7b 76 61 72 20 62 3d 74 79 70 65 6f 66 20 72 2e 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 77 28 72 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 26 26 61 5b 77 28 72 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 61 61 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 61 29 2b 22 20 69 73 20 6e 6f 74 20 61 6e 20 69 74 65 72 61 62 6c 65 20 6f 72 20 41 72 72 61 79 4c 69 6b 65 22 29 3b 7d 76 61 72 20 66 61 3d 74 79 70 65 6f 66 20 4f Data Ascii: ;return a}function ea(a){var b=typeof r.Symbol!="undefined"&&w(r.Symbol,"iterator")&&a[w(r.Symbol,"iterator")];if(b)return b.call(a);if(typeof a.length=="number")return{next:aa(a)};throw Error(String(a)+" is not an iterable or ArrayLike");}var fa=typeof O
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 3a 21 30 7d 7d 2c 62 2c 61 2e 67 2e 72 65 74 75 72 6e 29 3b 61 2e 67 2e 72 65 74 75 72 6e 28 62 29 3b 72 65 74 75 72 6e 20 48 28 61 29 7d 0a 66 75 6e 63 74 69 6f 6e 20 47 28 61 2c 62 2c 63 2c 64 29 7b 74 72 79 7b 76 61 72 20 67 3d 62 2e 63 61 6c 6c 28 61 2e 67 2e 68 2c 63 29 3b 69 66 28 21 28 67 20 69 6e 73 74 61 6e 63 65 6f 66 20 4f 62 6a 65 63 74 29 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 49 74 65 72 61 74 6f 72 20 72 65 73 75 6c 74 20 22 2b 67 2b 22 20 69 73 20 6e 6f 74 20 61 6e 20 6f 62 6a 65 63 74 22 29 3b 69 66 28 21 67 2e 64 6f 6e 65 29 72 65 74 75 72 6e 20 61 2e 67 2e 6d 3d 21 31 2c 67 3b 76 61 72 20 66 3d 67 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 61 2e 67 2e 68 3d 6e 75 6c 6c 2c 45 28 61 2e Data Ascii: :!0}},b,a.g.return);a.g.return(b);return H(a)}function G(a,b,c,d){try{var g=b.call(a.g.h,c);if(!(g instanceof Object))throw new TypeError("Iterator result "+g+" is not an object");if(!g.done)return a.g.m=!1,g;var f=g.value}catch(e){return a.g.h=null,E(a.
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 65 6f 66 20 62 3f 65 3a 6e 65 77 20 62 28 66 75 6e 63 74 69 6f 6e 28 68 29 7b 68 28 65 29 7d 29 7d 69 66 28 61 29 72 65 74 75 72 6e 20 61 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 68 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 74 68 69 73 2e 67 3d 3d 6e 75 6c 6c 29 7b 74 68 69 73 2e 67 3d 5b 5d 3b 76 61 72 20 68 3d 74 68 69 73 3b 74 68 69 73 2e 69 28 66 75 6e 63 74 69 6f 6e 28 29 7b 68 2e 6d 28 29 7d 29 7d 74 68 69 73 2e 67 2e 70 75 73 68 28 65 29 7d 3b 76 61 72 20 67 3d 6e 2e 73 65 74 54 69 6d 65 6f 75 74 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 69 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 67 28 65 2c 30 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 6d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 3b 74 68 69 73 2e 67 26 26 74 68 69 73 2e 67 2e 6c 65 6e 67 Data Ascii: eof b?e:new b(function(h){h(e)})}if(a)return a;c.prototype.h=function(e){if(this.g==null){this.g=[];var h=this;this.i(function(){h.m()})}this.g.push(e)};var g=n.setTimeout;c.prototype.i=function(e){g(e,0)};c.prototype.m=function(){for(;this.g&&this.g.leng
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 74 6f 6d 45 76 65 6e 74 2c 68 3d 6e 2e 45 76 65 6e 74 2c 6c 3d 6e 2e 64 69 73 70 61 74 63 68 45 76 65 6e 74 3b 69 66 28 74 79 70 65 6f 66 20 6c 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 72 65 74 75 72 6e 21 30 3b 74 79 70 65 6f 66 20 65 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 65 3d 6e 65 77 20 65 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 7b 63 61 6e 63 65 6c 61 62 6c 65 3a 21 30 7d 29 3a 74 79 70 65 6f 66 20 68 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 65 3d 6e 65 77 20 68 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 7b 63 61 6e 63 65 6c 61 62 6c 65 3a 21 30 7d 29 3a 28 65 3d 6e 2e 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 76 65 6e 74 28 22 43 75 73 74 6f 6d 45 76 65 6e 74 22 29 2c 65 2e 69 6e 69 74 Data Ascii: tomEvent,h=n.Event,l=n.dispatchEvent;if(typeof l==="undefined")return!0;typeof e==="function"?e=new e("unhandledrejection",{cancelable:!0}):typeof h==="function"?e=new h("unhandledrejection",{cancelable:!0}):(e=n.document.createEvent("CustomEvent"),e.init
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 30 26 26 6d 28 74 29 7d 7d 76 61 72 20 74 3d 5b 5d 2c 76 3d 30 3b 64 6f 20 74 2e 70 75 73 68 28 76 6f 69 64 20 30 29 2c 76 2b 2b 2c 64 28 6c 2e 76 61 6c 75 65 29 2e 43 28 4f 28 74 2e 6c 65 6e 67 74 68 2d 31 29 2c 71 29 2c 6c 3d 68 2e 6e 65 78 74 28 29 3b 77 68 69 6c 65 28 21 6c 2e 64 6f 6e 65 29 7d 29 7d 3b 72 65 74 75 72 6e 20 62 7d 2c 22 65 73 36 22 29 3b 0a 78 28 22 67 6c 6f 62 61 6c 54 68 69 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7c 7c 6e 7d 2c 22 65 73 5f 32 30 32 30 22 29 3b 78 28 22 41 72 72 61 79 2e 66 72 6f 6d 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 2c 64 29 7b 63 3d 63 21 3d 6e 75 6c 6c 3f 63 3a 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 Data Ascii: 0&&m(t)}}var t=[],v=0;do t.push(void 0),v++,d(l.value).C(O(t.length-1),q),l=h.next();while(!l.done)})};return b},"es6");x("globalThis",function(a){return a\|\|n},"es_2020");x("Array.from",function(a){return a?a:function(b,c,d){c=c!=null?c:function(h){retur
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 3b 64 3c 62 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 63 2b 3d 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 62 5b 64 5d 29 2b 61 5b 64 2b 31 5d 3b 72 65 74 75 72 6e 20 4c 28 63 29 7d 3b 76 61 72 20 73 61 3d 79 28 5b 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 61 70 69 32 2f 61 66 72 61 6d 65 22 5d 29 2c 74 61 3d 50 28 73 61 29 3b 66 75 6e 63 74 69 6f 6e 20 51 28 61 2c 62 2c 63 29 7b 61 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 61 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 62 2c 63 2c 21 31 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 75 61 28 61 2c 62 29 7b 61 2e 73 72 63 3d 72 61 28 62 29 3b 76 61 72 20 63 2c 64 3b 28 63 3d 28 62 3d 28 64 3d 28 63 3d 28 61 2e 6f 77 6e 65 72 Data Ascii: ;d<b.length;d++)c+=encodeURIComponent(b[d])+a[d+1];return L(c)};var sa=y(["https://www.google.com/recaptcha/api2/aframe"]),ta=P(sa);function Q(a,b,c){a.addEventListener&&a.addEventListener(b,c,!1)};function ua(a,b){a.src=ra(b);var c,d;(c=(b=(d=(c=(a.owner
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 61 64 32 2e 67 6f 6f 67 6c 65 73 79 6e 64 69 63 61 74 69 6f 6e 2e 63 6f 6d 2f 62 67 2f 22 2c 22 2e 6a 73 22 5d 29 3b 66 75 6e 63 74 69 6f 6e 20 52 28 61 2c 62 2c 63 2c 64 29 7b 76 61 72 20 67 3d 77 69 6e 64 6f 77 3b 67 3d 67 3d 3d 3d 76 6f 69 64 20 30 3f 77 69 6e 64 6f 77 3a 67 3b 74 68 69 73 2e 4a 3d 62 3b 74 68 69 73 2e 68 3d 67 3b 74 68 69 73 2e 6f 3d 63 3d 3d 3d 76 6f 69 64 20 30 3f 30 3a 63 3b 74 68 69 73 2e 69 3d 28 64 3d 3d 3d 76 6f 69 64 20 30 3f 30 3a 64 29 3f 50 28 7a 61 2c 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 61 29 29 3a 50 28 41 61 2c 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 61 29 29 7d 66 75 6e 63 74 69 6f 6e 20 42 61 28 61 29 7b 72 65 74 75 72 6e 20 49 28 66 75 6e 63 74 69 6f 6e 28 62 29 7b 73 77 69 74 63 Data Ascii: ad2.googlesyndication.com/bg/",".js"]);function R(a,b,c,d){var g=window;g=g===void 0?window:g;this.J=b;this.h=g;this.o=c===void 0?0:c;this.i=(d===void 0?0:d)?P(za,encodeURIComponent(a)):P(Aa,encodeURIComponent(a))}function Ba(a){return I(function(b){switc
2024-10-24 23:04:20 UTC	1378	IN	Data Raw: 78 74 3a 46 61 28 61 2e 5f 63 74 78 5f 29 2c 41 3a 61 2e 5f 62 67 76 5f 2c 76 3a 61 2e 5f 62 67 70 5f 2c 47 3a 61 2e 5f 6c 69 5f 2c 46 3a 61 2e 5f 6a 6b 5f 2c 48 3a 47 61 28 61 2e 5f 73 74 5f 29 2c 49 3a 61 2e 5f 72 63 5f 2c 6f 3a 61 2e 5f 64 6c 5f 2c 44 3a 61 2e 5f 67 32 5f 2c 6a 3a 48 61 28 61 2e 5f 61 74 71 67 5f 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 4a 61 28 29 7b 76 61 72 20 61 3d 77 69 6e 64 6f 77 3b 69 66 28 61 2e 47 6f 6f 67 6c 65 44 58 35 59 4b 55 53 6b 29 72 65 74 75 72 6e 20 61 2e 47 6f 6f 67 6c 65 44 58 35 59 4b 55 53 6b 5b 30 5d 3b 76 61 72 20 62 3d 6e 65 77 20 72 2e 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 61 2e 47 6f 6f 67 6c 65 44 58 35 59 4b 55 53 6b 3d 5b 62 2c 63 5d 7d 29 3b 72 65 74 75 72 6e 20 62 7d 0a 66 75 6e 63 74 Data Ascii: xt:Fa(a._ctx_),A:a._bgv_,v:a._bgp_,G:a._li_,F:a._jk_,H:Ga(a._st_),I:a._rc_,o:a._dl_,D:a._g2_,j:Ha(a._atqg_)}}function Ja(){var a=window;if(a.GoogleDX5YKUSk)return a.GoogleDX5YKUSk[0];var b=new r.Promise(function(c){a.GoogleDX5YKUSk=[b,c]});return b}funct

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.8	49826	172.217.16.130	443	2700	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:24 UTC	1724	OUT	GET /pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241023&jk=1508802080077114&bg=!v7ylvPPNAAbl67hexes7ADQBe5WfOO6xBJygRfcp5EogwSSr4CGxcn6BdaTnza087609J7eMuJOFNaBkADESgag5eOJvAgAAALBSAAAABGgBB34ANgRXjvh94iQ9F2CzS8Y1rOV1ldf-wyu0SjnqE3LAk3-EyIU3ZhF62o0jTHetPA9eE16CtBqdAZkCkNpVFXf_klIbvKLtFgTIepLbLDTpF7PEeRA_ayl8jBMdwB1N0VqGkkWKRu0LOhxTaEqybftXo8n8viqArcMLleZpz6r0mF1SP1briJNVE64dzmp6Bteauxl_iAAUdDrx7FaNmw32fH7XqSFHKiedN0-9Hug_iJvMUAc7aqLOiz2bw_zhL0_nSQc-_uQrDrkwvT1p16uUFu0qUfmOqeFSj2b4vqjgAZN0WoRTSaXp4SvOkFhleGiXlf-hdovubBnvcc3hmCE4CG7E-c42EX0_tti7LMgJ4YzDeokcLSermNIbRRGHsydKn_eCbwc5tmIn0dlP0Pu4UKOyoPy8X7wXtgakhqbNGcbYg9RMU5i_OvvYtlFxy7Zj5SQPlb7oUDKZlhEwE2nC9tVoBhf5ufrlr6WAVcDD8ILatdceu8HbhZNiq5Cg1AwnY3oNd5ncoGItzsvxBkvuSbX0cKkz9jNVe-uZt3Tih9f-7JyAE2UFxJlJOUp-NL0KSak1MK2PZNnm2OQ1GB2VYDUR6zeeOkG1GKP4DLxp1CjE0dV94m4tFvhYWYjfKr8LRvBPQsAFik_iwQJ6p93Ry7eINr6-1bq4iulNli9KbeeU1uXfDkVfelMK5lZ1Qe9awA-4XN-Aty9ctkS7fqSXjQf5nQ34_sY0_Lgjk3Xio0KYrKcYKe_UKW_5_x3n-n1k5lwF2cu9cHGD5GFXvDkT_ZlTpSeDNq28TYHMnxW6z32aIkbMwPhH0kD81eLp0FEUZ [TRUNCATED] Host: ep1.adtrafficquality.google Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.queleas.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 23:04:24 UTC	451	IN	HTTP/1.1 204 No Content P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:24 GMT Server: cafe Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.8	49827	20.12.23.50	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:04:46 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8T5NVdSvpx9lzXd&MD=SA+xU976 HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-24 23:04:46 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: 6fcd7020-e491-47cd-8c35-13d4869c9364 MS-RequestId: c07b8604-710b-421c-ac72-274d7da981d9 MS-CV: FD/sKTE1/0uNFJxg.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 23:04:45 GMT Connection: close Content-Length: 30005
2024-10-24 23:04:46 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-10-24 23:04:46 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Session ID	Source IP	Source Port	Destination IP	Destination Port
16	192.168.2.8	49830	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:04 UTC	195	OUT	GET /rules/other-Win32-v19.bundle HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:04 UTC	540	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:04 GMT Content-Type: text/plain Content-Length: 218853 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public Last-Modified: Wed, 23 Oct 2024 06:30:03 GMT ETag: "0x8DCF32C20D7262E" x-ms-request-id: 39f98116-901e-0015-0fb5-25b284000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230504Z-16849878b785jrf8dn0d2rczaw00000000xg0000000040fm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:04 UTC	15844	IN	Data Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20 Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
2024-10-24 23:05:04 UTC	16384	IN	Data Raw: 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e Data Ascii: "0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" />
2024-10-24 23:05:04 UTC	16384	IN	Data Raw: 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 Data Ascii: <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-781
2024-10-24 23:05:05 UTC	16384	IN	Data Raw: 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 Data Ascii: T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32"
2024-10-24 23:05:05 UTC	16384	IN	Data Raw: 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f Data Ascii: "0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Co
2024-10-24 23:05:05 UTC	16384	IN	Data Raw: 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a Data Ascii: <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C>
2024-10-24 23:05:05 UTC	16384	IN	Data Raw: 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 Data Ascii: <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMillisec
2024-10-24 23:05:05 UTC	16384	IN	Data Raw: 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e Data Ascii: R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIn
2024-10-24 23:05:05 UTC	16384	IN	Data Raw: 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L>
2024-10-24 23:05:05 UTC	16384	IN	Data Raw: 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c Data Ascii: T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <

Session ID	Source IP	Source Port	Destination IP	Destination Port
17	192.168.2.8	49834	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:06 UTC	192	OUT	GET /rules/rule120609v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:06 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:06 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB56D3AFB" x-ms-request-id: 31a53d7e-801e-00a3-74f7-217cfb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230506Z-16849878b78j7llf5vkyvvcehs00000000r000000000kufc x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:06 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
18	192.168.2.8	49835	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:06 UTC	192	OUT	GET /rules/rule120608v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:06 UTC	584	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:06 GMT Content-Type: text/xml Content-Length: 2160 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA3B95D81" x-ms-request-id: cddcf92d-501e-008f-6a41-269054000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230506Z-17c5cb586f6f69jxsre6kx2wmc000000021g000000008q34 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:06 UTC	2160	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
19	192.168.2.8	49833	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:06 UTC	192	OUT	GET /rules/rule120600v4s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:06 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:06 GMT Content-Type: text/xml Content-Length: 2980 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: 1a9c8bfd-301e-0000-1fee-25eecc000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230506Z-16849878b785jrf8dn0d2rczaw00000000vg00000000bz2d x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:06 UTC	2980	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"

Session ID	Source IP	Source Port	Destination IP	Destination Port
20	192.168.2.8	49831	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:06 UTC	193	OUT	GET /rules/rule120402v21s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:06 UTC	584	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:06 GMT Content-Type: text/xml Content-Length: 3788 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC2126A6" x-ms-request-id: 2f084f0e-501e-0029-2021-26d0b8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230506Z-r197bdfb6b4lbgfqwkqbrm672s000000021g00000000mn3d x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:06 UTC	3788	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""

Session ID	Source IP	Source Port	Destination IP	Destination Port
21	192.168.2.8	49832	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:06 UTC	192	OUT	GET /rules/rule224902v2s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:06 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:06 GMT Content-Type: text/xml Content-Length: 450 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT ETag: "0x8DC582BD4C869AE" x-ms-request-id: 106bf0d0-c01e-0066-1446-26a1ec000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230506Z-r197bdfb6b4r9fwf6wxpr8zer000000000v0000000003nm5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:06 UTC	450	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN

Session ID	Source IP	Source Port	Destination IP	Destination Port
22	192.168.2.8	49836	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:07 UTC	192	OUT	GET /rules/rule120610v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:07 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:07 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT ETag: "0x8DC582B9964B277" x-ms-request-id: 734838af-101e-0065-4be5-214088000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230507Z-16849878b7898p5f6vryaqvp5800000000mg0000000028nv x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:07 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
23	192.168.2.8	49837	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:07 UTC	192	OUT	GET /rules/rule120611v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:07 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:07 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT ETag: "0x8DC582B9F6F3512" x-ms-request-id: e1deb6d3-201e-006e-700b-22bbe3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230507Z-16849878b78bkvbz1ry47zvsas00000008d000000000ans5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:07 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
24	192.168.2.8	49838	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:07 UTC	192	OUT	GET /rules/rule120612v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:07 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:07 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT ETag: "0x8DC582BB10C598B" x-ms-request-id: d919e2dc-e01e-001f-153d-261633000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230507Z-17c5cb586f6qkkscezt8hb00a000000001vg000000006rf3 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:07 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
25	192.168.2.8	49839	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:07 UTC	192	OUT	GET /rules/rule120613v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:07 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:07 GMT Content-Type: text/xml Content-Length: 632 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6E3779E" x-ms-request-id: 0a92035d-201e-00aa-57da-213928000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230507Z-16849878b78hz7zj8u0h2zng1400000008dg00000000ge12 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:07 UTC	632	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]\|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]

Session ID	Source IP	Source Port	Destination IP	Destination Port
26	192.168.2.8	49840	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:07 UTC	192	OUT	GET /rules/rule120614v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:07 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:07 GMT Content-Type: text/xml Content-Length: 467 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6C038BC" x-ms-request-id: 88497579-201e-0000-113a-26a537000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230507Z-17c5cb586f6tzc2wdxudxz0zw8000000017g000000009zua x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:07 UTC	467	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
27	192.168.2.8	49843	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:08 UTC	192	OUT	GET /rules/rule120616v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:08 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:08 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB344914B" x-ms-request-id: a568b4a7-501e-0035-1a18-26c923000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230508Z-r197bdfb6b4kkm84nqp5tf0pvs00000000q0000000002p1p x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:08 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
28	192.168.2.8	49842	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:08 UTC	192	OUT	GET /rules/rule120615v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:08 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:08 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT ETag: "0x8DC582BBAD04B7B" x-ms-request-id: 82d491bf-801e-0048-1e3d-26f3fb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230508Z-17c5cb586f677284pnx3kebuu400000001p0000000009w08 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:08 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
29	192.168.2.8	49844	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:08 UTC	192	OUT	GET /rules/rule120617v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:08 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:08 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT ETag: "0x8DC582BA310DA18" x-ms-request-id: f697d535-f01e-0099-085a-269171000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230508Z-17c5cb586f6hp4zfqskwhb6z3000000001u0000000000855 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:08 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
30	192.168.2.8	49845	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:08 UTC	192	OUT	GET /rules/rule120618v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:08 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:08 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT ETag: "0x8DC582B9018290B" x-ms-request-id: d7788b78-601e-0084-2f37-266b3f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230508Z-16849878b785f8wh85a0w3ennn00000008d0000000003h7y x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:08 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
31	192.168.2.8	49846	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:08 UTC	192	OUT	GET /rules/rule120619v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:08 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:08 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT ETag: "0x8DC582B9698189B" x-ms-request-id: 7c0b2bc5-f01e-00aa-35ef-248521000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230508Z-15b8d89586flzzks5bs37v2b9000000003y0000000007c46 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:08 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
32	192.168.2.8	49847	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:09 UTC	192	OUT	GET /rules/rule120620v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:09 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:09 GMT Content-Type: text/xml Content-Length: 469 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA701121" x-ms-request-id: 89a40fd7-b01e-00ab-1aad-24dafd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230509Z-15b8d89586f8l5961kfst8fpb00000000a5g000000002tgz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:09 UTC	469	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
33	192.168.2.8	49848	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:09 UTC	192	OUT	GET /rules/rule120621v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:09 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:09 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA41997E3" x-ms-request-id: 3edebaab-e01e-0033-21c8-214695000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230509Z-16849878b788tnsxzb2smucwdc00000008eg000000005gs6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:09 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
34	192.168.2.8	49849	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:09 UTC	192	OUT	GET /rules/rule120622v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:09 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:09 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8CEAC16" x-ms-request-id: 94fafadb-001e-0049-3f27-265bd5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230509Z-r197bdfb6b4k6h5jmacuw3pcw800000000u000000000d5nm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:09 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
35	192.168.2.8	49850	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:09 UTC	192	OUT	GET /rules/rule120623v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:09 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:09 GMT Content-Type: text/xml Content-Length: 464 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97FB6C3C" x-ms-request-id: 389dace0-b01e-003d-533d-26d32c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230509Z-17c5cb586f6hhlf5mrwgq3erx800000000ug0000000016cp x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:09 UTC	464	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor

Session ID	Source IP	Source Port	Destination IP	Destination Port
36	192.168.2.8	49851	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:09 UTC	192	OUT	GET /rules/rule120624v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:09 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:09 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB7010D66" x-ms-request-id: e7bd3bd0-f01e-003c-42e3-258cf0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230509Z-16849878b78k8q5pxkgux3mbgg00000008ag00000000d864 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:09 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
37	192.168.2.8	49853	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:10 UTC	192	OUT	GET /rules/rule120625v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:10 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:10 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT ETag: "0x8DC582B9748630E" x-ms-request-id: b26f0bb8-d01e-00ad-3518-26e942000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230510Z-16849878b78bkvbz1ry47zvsas00000008e0000000007wq8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:10 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
38	192.168.2.8	49854	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:10 UTC	192	OUT	GET /rules/rule120626v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:10 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:10 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DACDF62" x-ms-request-id: 630b92e5-101e-00a2-203d-269f2e000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230510Z-r197bdfb6b4tq6ldv3s2dcykm800000002c0000000000wvq x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:10 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
39	192.168.2.8	49855	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:10 UTC	192	OUT	GET /rules/rule120627v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:10 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:10 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT ETag: "0x8DC582B9E8EE0F3" x-ms-request-id: a2903e96-401e-00ac-3034-260a97000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230510Z-15b8d89586fnsf5zd126eyaetw00000000w0000000007e0m x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:10 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
40	192.168.2.8	49856	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:10 UTC	192	OUT	GET /rules/rule120628v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:10 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:10 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C8E04C8" x-ms-request-id: 0fc246dd-801e-0035-4529-26752a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230510Z-15b8d89586frzkk2umu6w8qnt80000000f2g0000000079w5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:10 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
41	192.168.2.8	49857	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:10 UTC	192	OUT	GET /rules/rule120629v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:10 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:10 GMT Content-Type: text/xml Content-Length: 428 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC4F34CA" x-ms-request-id: 6b700fd2-301e-005d-5b5a-26e448000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230510Z-17c5cb586f6f69jxsre6kx2wmc00000001xg00000000baaf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:10 UTC	428	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
42	192.168.2.8	49858	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:11 UTC	192	OUT	GET /rules/rule120630v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:11 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:11 GMT Content-Type: text/xml Content-Length: 499 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT ETag: "0x8DC582B98CEC9F6" x-ms-request-id: 6ff76e76-001e-002b-21c5-2099f2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230511Z-16849878b78k8q5pxkgux3mbgg00000008b000000000aszz x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:11 UTC	499	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
43	192.168.2.8	49859	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:11 UTC	192	OUT	GET /rules/rule120631v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:11 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:11 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B988EBD12" x-ms-request-id: ff743265-301e-000c-1ff2-24323f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230511Z-r197bdfb6b4kzncf21qcaynxz800000002pg000000006735 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:11 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
44	192.168.2.8	49860	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:11 UTC	192	OUT	GET /rules/rule120632v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:11 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:11 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB5815C4C" x-ms-request-id: c37df3a3-d01e-005a-6e58-267fd9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230511Z-17c5cb586f68ph8xe1hpx7aynw00000001wg000000007hds x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:11 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
45	192.168.2.8	49861	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:11 UTC	192	OUT	GET /rules/rule120633v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:11 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:11 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB32BB5CB" x-ms-request-id: 2760be74-301e-0096-200b-26e71d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230511Z-15b8d89586flspj6y6m5fk442w00000005c000000000e69k x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:11 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
46	192.168.2.8	49862	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:11 UTC	192	OUT	GET /rules/rule120634v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:11 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:11 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8972972" x-ms-request-id: 131e52ce-d01e-002b-553b-2225fb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230511Z-16849878b78x6gn56mgecg60qc00000001m0000000001nfz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:11 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
47	192.168.2.8	49865	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:12 UTC	192	OUT	GET /rules/rule120636v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:12 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:12 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT ETag: "0x8DC582B9D43097E" x-ms-request-id: 1f9c3bb8-d01e-0014-220b-22ed58000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230512Z-16849878b786lft2mu9uftf3y400000000u000000000va3t x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:12 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
48	192.168.2.8	49864	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:12 UTC	192	OUT	GET /rules/rule120635v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:12 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:12 GMT Content-Type: text/xml Content-Length: 420 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DAE3EC0" x-ms-request-id: 06960f57-101e-000b-0c20-265e5c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230512Z-17c5cb586f6q4vmqk5qfzgptrg00000001z0000000007xah x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:12 UTC	420	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O

Session ID	Source IP	Source Port	Destination IP	Destination Port
49	192.168.2.8	49866	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:12 UTC	192	OUT	GET /rules/rule120637v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:12 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:12 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT ETag: "0x8DC582BA909FA21" x-ms-request-id: 46af3d48-701e-0032-6627-21a540000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230512Z-16849878b785jsrm4477mv3ezn00000008ag00000000cvst x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:12 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
50	192.168.2.8	49867	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:12 UTC	192	OUT	GET /rules/rule120638v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:12 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:12 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT ETag: "0x8DC582B92FCB436" x-ms-request-id: 27632888-301e-0096-61d8-21e71d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230512Z-16849878b78ngdnlw4w0762cms00000008c000000000nwew x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:12 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
51	192.168.2.8	49868	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:12 UTC	192	OUT	GET /rules/rule120639v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:12 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:12 GMT Content-Type: text/xml Content-Length: 423 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT ETag: "0x8DC582BB7564CE8" x-ms-request-id: efc778c0-f01e-0052-4de5-219224000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230512Z-16849878b786wvrz321uz1cknn00000008a000000000nsda x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:12 UTC	423	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0

Session ID	Source IP	Source Port	Destination IP	Destination Port
52	192.168.2.8	49869	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:13 UTC	192	OUT	GET /rules/rule120640v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:13 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:13 GMT Content-Type: text/xml Content-Length: 478 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT ETag: "0x8DC582B9B233827" x-ms-request-id: 2044f02f-601e-0001-42eb-25faeb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230513Z-16849878b786lft2mu9uftf3y400000001000000000069mz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:13 UTC	478	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
53	192.168.2.8	49871	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:13 UTC	192	OUT	GET /rules/rule120641v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:13 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:13 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT ETag: "0x8DC582B95C61A3C" x-ms-request-id: 2ee95feb-501e-0029-5d17-26d0b8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230513Z-15b8d89586fvk4kmbg8pf84y8800000000fg000000006mwr x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:13 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
54	192.168.2.8	49870	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:13 UTC	192	OUT	GET /rules/rule120642v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:13 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:13 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT ETag: "0x8DC582BB046B576" x-ms-request-id: 43d69f68-001e-00ad-61b4-24554b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230513Z-15b8d89586fnsf5zd126eyaetw00000000sg00000000gevv x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:13 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
55	192.168.2.8	49872	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:13 UTC	192	OUT	GET /rules/rule120643v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:13 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:13 GMT Content-Type: text/xml Content-Length: 400 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2D62837" x-ms-request-id: a96fbf53-401e-0016-5d5d-2653e0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230513Z-16849878b78fmrkt2ukpvh9wh400000008d00000000033a6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:13 UTC	400	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="

Session ID	Source IP	Source Port	Destination IP	Destination Port
56	192.168.2.8	49873	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:13 UTC	192	OUT	GET /rules/rule120644v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:13 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:13 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7D702D0" x-ms-request-id: dcef298c-a01e-003d-47df-2598d7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230513Z-16849878b78q4pnrt955f8nkx8000000084g00000000u458 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:13 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
57	192.168.2.8	49874	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120645v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:14 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:14 GMT Content-Type: text/xml Content-Length: 425 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT ETag: "0x8DC582BBA25094F" x-ms-request-id: 168e2c35-b01e-00ab-10df-25dafd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230514Z-16849878b78lhh9t0fb3392enw000000089000000000a56s x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:14 UTC	425	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=

Session ID	Source IP	Source Port	Destination IP	Destination Port
58	192.168.2.8	49876	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120647v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:14 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:14 GMT Content-Type: text/xml Content-Length: 448 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB389F49B" x-ms-request-id: 51ccb76b-001e-0049-0a37-265bd5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230514Z-16849878b785jsrm4477mv3ezn0000000860000000010vhf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:14 UTC	448	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>

Session ID	Source IP	Source Port	Destination IP	Destination Port
59	192.168.2.8	49877	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120648v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:14 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:14 GMT Content-Type: text/xml Content-Length: 491 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B98B88612" x-ms-request-id: d4d27aa7-601e-0002-1812-22a786000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230514Z-16849878b784cpcc2dr9ch74ng00000008dg00000000ge1y x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:14 UTC	491	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
60	192.168.2.8	49875	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120646v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:14 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:14 GMT Content-Type: text/xml Content-Length: 475 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2BE84FD" x-ms-request-id: 99f07890-301e-0051-29d2-2538bb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230514Z-16849878b78hz7zj8u0h2zng1400000008c000000000pftq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:14 UTC	475	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
61	192.168.2.8	49878	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120649v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:14 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:14 GMT Content-Type: text/xml Content-Length: 416 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT ETag: "0x8DC582BAEA4B445" x-ms-request-id: 95c67357-201e-0051-60f5-247340000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230514Z-16849878b78smng4k6nq15r6s4000000016g00000000dah1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:14 UTC	416	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr

Session ID	Source IP	Source Port	Destination IP	Destination Port
62	192.168.2.8	49879	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120650v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:15 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B989EE75B" x-ms-request-id: 352988b4-001e-0065-3a25-260b73000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-17c5cb586f67cgf6fyv0p8rq5s00000001mg000000008ky8 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:15 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
63	192.168.2.8	49880	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120651v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:15 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: 24724c44-d01e-002b-6428-2625fb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-15b8d89586fwzdd8urmg0p1ebs00000009w000000000fwu2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:15 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
64	192.168.2.8	49881	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:14 UTC	192	OUT	GET /rules/rule120652v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:15 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97E6FCDD" x-ms-request-id: 6be8f11f-201e-003c-5028-2630f9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-r197bdfb6b4g24ztpxkw4umce8000000015g00000000d0qm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:15 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
65	192.168.2.8	49882	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:15 UTC	192	OUT	GET /rules/rule120653v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:15 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C710B28" x-ms-request-id: c1b2f9d4-701e-0098-1062-26395f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-16849878b786vsxz21496wc2qn00000008cg00000000n8hy x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:15 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
66	192.168.2.8	49883	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:15 UTC	192	OUT	GET /rules/rule120654v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:15 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT ETag: "0x8DC582BA54DCC28" x-ms-request-id: e692d532-001e-00a2-3ae7-20d4d5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-16849878b785jsrm4477mv3ezn00000008cg0000000064xg x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:15 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
67	192.168.2.8	49884	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:15 UTC	192	OUT	GET /rules/rule120655v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:15 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7F164C3" x-ms-request-id: 4c87ede1-d01e-0065-6b9c-21b77a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-16849878b788tnsxzb2smucwdc00000008cg00000000ccsd x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:15 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
68	192.168.2.8	49885	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:15 UTC	192	OUT	GET /rules/rule120656v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:15 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT ETag: "0x8DC582BA48B5BDD" x-ms-request-id: 989513d0-f01e-0096-5813-2610ef000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-r197bdfb6b466qclztvgs64z100000000170000000002vy7 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:15 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
69	192.168.2.8	49887	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:15 UTC	192	OUT	GET /rules/rule120658v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:16 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT ETag: "0x8DC582BB650C2EC" x-ms-request-id: 100b0a78-f01e-0003-754e-224453000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-16849878b78bkvbz1ry47zvsas00000008b000000000hk3x x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:16 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
70	192.168.2.8	49886	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:15 UTC	192	OUT	GET /rules/rule120657v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:16 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:15 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT ETag: "0x8DC582B9FF95F80" x-ms-request-id: d13b9d4f-c01e-0014-770d-26a6a3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230515Z-17c5cb586f6hp4zfqskwhb6z3000000001rg0000000066ze x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:16 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
71	192.168.2.8	49888	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:16 UTC	192	OUT	GET /rules/rule120659v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:16 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:16 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3EAF226" x-ms-request-id: 9016a745-201e-0096-70e6-25ace6000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230516Z-16849878b78ngdnlw4w0762cms00000008bg00000000tpy6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:16 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I

Session ID	Source IP	Source Port	Destination IP	Destination Port
72	192.168.2.8	49890	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:16 UTC	192	OUT	GET /rules/rule120661v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:16 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:16 GMT Content-Type: text/xml Content-Length: 411 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B989AF051" x-ms-request-id: 79657049-a01e-0032-1dac-241949000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230516Z-15b8d89586fst84k5f3z220tec0000000f5g00000000fbpk x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:16 UTC	411	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
73	192.168.2.8	49889	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:16 UTC	192	OUT	GET /rules/rule120660v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:16 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:16 GMT Content-Type: text/xml Content-Length: 485 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT ETag: "0x8DC582BB9769355" x-ms-request-id: 384d3f9c-b01e-003d-2424-26d32c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230516Z-r197bdfb6b4g24ztpxkw4umce8000000017g0000000087z9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:16 UTC	485	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
74	192.168.2.8	49892	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:16 UTC	192	OUT	GET /rules/rule120663v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:16 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:16 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT ETag: "0x8DC582BB556A907" x-ms-request-id: ee7a308c-c01e-00a1-620b-227e4a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230516Z-16849878b78smng4k6nq15r6s4000000016g00000000dans x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:16 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
75	192.168.2.8	49891	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:16 UTC	192	OUT	GET /rules/rule120662v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:16 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:16 GMT Content-Type: text/xml Content-Length: 470 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT ETag: "0x8DC582BBB181F65" x-ms-request-id: 6cbbe1db-401e-0083-6516-26075c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230516Z-15b8d89586fs9clcgrr6f2d6vg00000002c0000000005vqh x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:16 UTC	470	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
76	192.168.2.8	49893	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:16 UTC	192	OUT	GET /rules/rule120664v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:17 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:16 GMT Content-Type: text/xml Content-Length: 502 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6A0D312" x-ms-request-id: a363c0e5-301e-003f-5298-25266f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230516Z-16849878b785dznd7xpawq9gcn000000013000000000arf8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:17 UTC	502	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
77	192.168.2.8	49894	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:17 UTC	192	OUT	GET /rules/rule120665v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:17 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:17 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT ETag: "0x8DC582B9D30478D" x-ms-request-id: 7842422a-e01e-003c-05ee-25c70b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230517Z-16849878b78j5kdg3dndgqw0vg00000001cg00000000e5pw x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:17 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
78	192.168.2.8	49895	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:17 UTC	192	OUT	GET /rules/rule120666v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:17 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:17 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3F48DAE" x-ms-request-id: 1b3e59d2-d01e-0017-05f8-25b035000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230517Z-17c5cb586f6qk7x5scs1ghy2m400000001p000000000a413 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:17 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
79	192.168.2.8	49896	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:17 UTC	192	OUT	GET /rules/rule120667v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:17 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:17 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT ETag: "0x8DC582BB9B6040B" x-ms-request-id: c0884099-101e-0046-3a40-2291b0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230517Z-16849878b78c5zx4gw8tcga1b4000000085000000000r5uc x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:17 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
80	192.168.2.8	49897	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:17 UTC	192	OUT	GET /rules/rule120668v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:17 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:17 GMT Content-Type: text/xml Content-Length: 469 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3CAEBB8" x-ms-request-id: ac69ef67-e01e-001f-7714-221633000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230517Z-16849878b787sbpl0sv29sm89s00000008h0000000003zcq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:17 UTC	469	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
81	192.168.2.8	49898	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:17 UTC	192	OUT	GET /rules/rule120669v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:17 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:17 GMT Content-Type: text/xml Content-Length: 416 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT ETag: "0x8DC582BB5284CCE" x-ms-request-id: d9732123-901e-007b-1098-25ac50000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230517Z-16849878b785dznd7xpawq9gcn000000014g0000000055fa x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:17 UTC	416	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr

Session ID	Source IP	Source Port	Destination IP	Destination Port
82	192.168.2.8	49900	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:18 UTC	192	OUT	GET /rules/rule120671v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:18 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:18 GMT Content-Type: text/xml Content-Length: 432 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT ETag: "0x8DC582BAABA2A10" x-ms-request-id: 18d6d76d-f01e-0052-73f2-249224000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230518Z-15b8d89586fzhrwgk23ex2bvhw00000002g00000000037n4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:18 UTC	432	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T

Session ID	Source IP	Source Port	Destination IP	Destination Port
83	192.168.2.8	49899	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:18 UTC	192	OUT	GET /rules/rule120670v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:18 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:18 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT ETag: "0x8DC582B91EAD002" x-ms-request-id: ff288f8c-c01e-007a-5a0e-26b877000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230518Z-r197bdfb6b42rt68rzg9338g1g00000000w000000000597m x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:18 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
84	192.168.2.8	49901	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:18 UTC	192	OUT	GET /rules/rule120672v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:18 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:18 GMT Content-Type: text/xml Content-Length: 475 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA740822" x-ms-request-id: 096df01f-c01e-0066-45fd-24a1ec000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230518Z-r197bdfb6b4kkrkjudg185sarw00000002cg00000000qr0u x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:18 UTC	475	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
85	192.168.2.8	49902	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:18 UTC	192	OUT	GET /rules/rule120673v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:18 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:18 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT ETag: "0x8DC582BB464F255" x-ms-request-id: 796b115c-001e-005a-3627-26c3d0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230518Z-r197bdfb6b4t7wszkhsu1pyev000000000n000000000h2yd x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:18 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
86	192.168.2.8	49903	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:18 UTC	192	OUT	GET /rules/rule120674v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:18 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:18 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA4037B0D" x-ms-request-id: 135f94f0-d01e-002b-2a55-2225fb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230518Z-16849878b78lhh9t0fb3392enw000000085g00000000pqxh x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:18 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
87	192.168.2.8	49905	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:19 UTC	192	OUT	GET /rules/rule120676v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:19 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:19 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B984BF177" x-ms-request-id: f6a2cc2d-401e-0015-3796-250e8d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230519Z-16849878b78z5q7jpbgf6e9mcw00000008c000000000rt4a x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:19 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
88	192.168.2.8	49904	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:19 UTC	192	OUT	GET /rules/rule120675v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:19 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:19 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6CF78C8" x-ms-request-id: c82c03e6-f01e-001f-0cf2-245dc8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230519Z-15b8d89586flzzks5bs37v2b900000000400000000004bu4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:19 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
89	192.168.2.8	49906	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:19 UTC	192	OUT	GET /rules/rule120677v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:19 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:19 GMT Content-Type: text/xml Content-Length: 405 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT ETag: "0x8DC582B942B6AFF" x-ms-request-id: bd3356e8-b01e-0002-6afb-241b8f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230519Z-15b8d89586f6nn8zb8x99wuenc00000000u000000000172t x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:19 UTC	405	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <

Session ID	Source IP	Source Port	Destination IP	Destination Port
90	192.168.2.8	49907	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:19 UTC	192	OUT	GET /rules/rule120678v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:19 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:19 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA642BF4" x-ms-request-id: fd0e08e6-201e-0085-5f27-2634e3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230519Z-r197bdfb6b466qclztvgs64z100000000170000000002w4g x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:19 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
91	192.168.2.8	49908	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:19 UTC	192	OUT	GET /rules/rule120679v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:19 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:19 GMT Content-Type: text/xml Content-Length: 174 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT ETag: "0x8DC582B91D80E15" x-ms-request-id: 2034bdf9-701e-003e-3056-2679b3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230519Z-16849878b78gvgmlcfru6nuc54000000087g00000000rfvz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:19 UTC	174	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>

Session ID	Source IP	Source Port	Destination IP	Destination Port
92	192.168.2.8	49909	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:20 UTC	192	OUT	GET /rules/rule120680v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:20 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:20 GMT Content-Type: text/xml Content-Length: 1952 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT ETag: "0x8DC582B956B0F3D" x-ms-request-id: e37aa075-401e-0067-7f3f-2609c2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230520Z-r197bdfb6b4hsj5bywyqk9r2xw00000000y000000000qpkn x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:20 UTC	1952	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
93	192.168.2.8	49910	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:20 UTC	192	OUT	GET /rules/rule120681v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:20 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:20 GMT Content-Type: text/xml Content-Length: 958 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT ETag: "0x8DC582BA0A31B3B" x-ms-request-id: 3e8b3e47-701e-006f-544e-22afc4000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230520Z-16849878b78bkvbz1ry47zvsas00000008cg00000000e9s1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:20 UTC	958	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
94	192.168.2.8	49911	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:20 UTC	192	OUT	GET /rules/rule120682v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:20 UTC	491	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:20 GMT Content-Type: text/xml Content-Length: 501 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT ETag: "0x8DC582BACFDAACD" x-ms-request-id: 218b1b25-701e-005c-4b21-26bb94000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230520Z-17c5cb586f6z6tw6g7cmdv30m800000000wg00000000266g x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:20 UTC	501	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="

Session ID	Source IP	Source Port	Destination IP	Destination Port
95	192.168.2.8	49912	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:20 UTC	193	OUT	GET /rules/rule120602v10s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:20 UTC	584	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:20 GMT Content-Type: text/xml Content-Length: 2592 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB5B890DB" x-ms-request-id: 0eea03f1-d01e-0066-098a-21ea17000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230520Z-16849878b785jrf8dn0d2rczaw00000000vg00000000c0k5 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:20 UTC	2592	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=

Session ID	Source IP	Source Port	Destination IP	Destination Port
96	192.168.2.8	49913	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:20 UTC	192	OUT	GET /rules/rule120601v3s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:20 UTC	584	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:20 GMT Content-Type: text/xml Content-Length: 3342 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT ETag: "0x8DC582B927E47E9" x-ms-request-id: 80bca0f2-601e-00ab-1333-2666f4000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230520Z-15b8d89586fsx9lfqmgrbzpgmg0000000feg000000001p40 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-10-24 23:05:20 UTC	3342	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI

Session ID	Source IP	Source Port	Destination IP	Destination Port
97	192.168.2.8	49914	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:21 UTC	193	OUT	GET /rules/rule224901v11s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:21 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:21 GMT Content-Type: text/xml Content-Length: 2284 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT ETag: "0x8DC582BCD58BEEE" x-ms-request-id: 9c2fdade-c01e-002b-16f2-246e00000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230521Z-15b8d89586flspj6y6m5fk442w00000005h0000000003ns6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:21 UTC	2284	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"

Session ID	Source IP	Source Port	Destination IP	Destination Port
98	192.168.2.8	49915	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:21 UTC	192	OUT	GET /rules/rule701201v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:21 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:21 GMT Content-Type: text/xml Content-Length: 1393 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT ETag: "0x8DC582BE3E55B6E" x-ms-request-id: d0d0f8e5-601e-000d-298c-212618000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230521Z-16849878b78s2lqfdex4tmpp7800000008fg000000001n5a x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:21 UTC	1393	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"

Session ID	Source IP	Source Port	Destination IP	Destination Port
99	192.168.2.8	49917	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:21 UTC	192	OUT	GET /rules/rule700201v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:21 UTC	584	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:21 GMT Content-Type: text/xml Content-Length: 1393 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT ETag: "0x8DC582BE39DFC9B" x-ms-request-id: d6a45923-201e-006e-3dec-25bbe3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230521Z-17c5cb586f6g6g2sbe6edp75y400000001ng00000000b866 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:21 UTC	1393	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"

Session ID	Source IP	Source Port	Destination IP	Destination Port
100	192.168.2.8	49916	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:21 UTC	192	OUT	GET /rules/rule701200v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:21 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:21 GMT Content-Type: text/xml Content-Length: 1356 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT ETag: "0x8DC582BDC681E17" x-ms-request-id: 39bddb46-501e-0016-72f5-24181b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230521Z-15b8d89586flzzks5bs37v2b9000000003w000000000d6b4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:21 UTC	1356	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
101	192.168.2.8	49918	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:21 UTC	192	OUT	GET /rules/rule700200v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:21 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:21 GMT Content-Type: text/xml Content-Length: 1356 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT ETag: "0x8DC582BDF66E42D" x-ms-request-id: 33ffbe2f-201e-0085-3800-2534e3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230521Z-15b8d89586flzzks5bs37v2b9000000003u000000000m0rk x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:21 UTC	1356	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
102	192.168.2.8	49919	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:21 UTC	192	OUT	GET /rules/rule702351v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:22 UTC	584	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:22 GMT Content-Type: text/xml Content-Length: 1395 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT ETag: "0x8DC582BE017CAD3" x-ms-request-id: cd04a713-f01e-003f-7315-26d19d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230522Z-15b8d89586frzkk2umu6w8qnt80000000f0000000000bu6h x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:22 UTC	1395	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic

Session ID	Source IP	Source Port	Destination IP	Destination Port
103	192.168.2.8	49920	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:21 UTC	192	OUT	GET /rules/rule702350v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 23:05:22 UTC	584	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 23:05:22 GMT Content-Type: text/xml Content-Length: 1358 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT ETag: "0x8DC582BE6431446" x-ms-request-id: 20049dc1-d01e-0014-1b33-22ed58000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T230522Z-16849878b78hz7zj8u0h2zng1400000008g0000000007vdv x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 23:05:22 UTC	1358	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
104	192.168.2.8	49921	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:22 UTC	192	OUT	GET /rules/rule701251v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net

Session ID	Source IP	Source Port	Destination IP	Destination Port
105	192.168.2.8	49922	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:22 UTC	192	OUT	GET /rules/rule701250v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net

Session ID	Source IP	Source Port	Destination IP	Destination Port
106	192.168.2.8	49923	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 23:05:22 UTC	192	OUT	GET /rules/rule700051v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 6256, Parent PID: 4028

General

Target ID:	0
Start time:	19:03:47
Start date:	24/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2700, Parent PID: 6256

General

Target ID:	2
Start time:	19:03:52
Start date:	24/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1780,i,7870229911543219832,10178106981525847804,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2292, Parent PID: 4028

General

Target ID:	3
Start time:	19:03:56
Start date:	24/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.queleas.com/"
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Application Log: Application Log Content, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Process: Process Creation
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://www.queleas.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 134

Chrome Cache Entry: 135

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 139

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Windows Analysis Report
http://www.queleas.com/