Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://metamesklogni.webflow.io/

Overview

General Information

Sample URL:	https://metamesklogni.webflow.io/
Analysis ID:	1466520
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 7120 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 616 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=2024,i,16064088588081814683,6508725119278042078,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4372 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metamesklogni.webflow.io/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://metamesklogni.webflow.io/

Avira URL Cloud: detection malicious, Label: malware

Source: https://metamesklogni.webflow.io/

HTTP Parser: Number of links: 0

Source: https://metamesklogni.webflow.io/

HTTP Parser: Title: Metamask Login - Browser Extension | Digital Crypto Wallet does not match URL

Source: https://metamesklogni.webflow.io/

HTTP Parser: No <meta name="author".. found

Source: https://metamesklogni.webflow.io/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49721 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: metamesklogni.webflow.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d5424 HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://metamesklogni.webflow.iosec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://metamesklogni.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6513ac57e0b8553d4c9d5424/css/metamesklogni.webflow.e746191ae.css HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://metamesklogni.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6513ac57e0b8553d4c9d5424/js/webflow.24a563ff7.js HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://metamesklogni.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6513ac57e0b8553d4c9d5424/6513acd265f9155c51324fbf_metamask_favicon-.png HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://metamesklogni.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6513ac57e0b8553d4c9d5424/6513ac79d32960c9b8ab8bf7_MetamaskLogin.png HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://metamesklogni.webflow.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6513ac57e0b8553d4c9d5424/6513acd265f9155c51324fbf_metamask_favicon-.png HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /6513ac57e0b8553d4c9d5424/6513ac79d32960c9b8ab8bf7_MetamaskLogin.png HTTP/1.1Host: uploads-ssl.webflow.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: metamesklogni.webflow.io
Source: global traffic	DNS traffic detected: DNS query: uploads-ssl.webflow.com
Source: global traffic	DNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: screnceagrity.com
Source: global traffic	DNS traffic detected: DNS query: google.com

Source: chromecache_69.2.dr	String found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d542
Source: chromecache_69.2.dr	String found in binary or memory: https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/js/webflow.24a563ff7.js

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49721 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@21/20@25/8

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=2024,i,16064088588081814683,6508725119278042078,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metamesklogni.webflow.io/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=2024,i,16064088588081814683,6508725119278042078,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://metamesklogni.webflow.io/	100%	Avira URL Cloud	malware

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/css/metamesklogni.webflow.e746191ae.css	0%	Avira URL Cloud	safe
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/6513acd265f9155c51324fbf_metamask_favicon-.png	0%	Avira URL Cloud	safe
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/6513ac79d32960c9b8ab8bf7_MetamaskLogin.png	0%	Avira URL Cloud	safe
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d542	0%	Avira URL Cloud	safe
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d5424	0%	Avira URL Cloud	safe
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/js/webflow.24a563ff7.js	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
d3e54v103j8qbb.cloudfront.net	108.156.61.211	true	false		unknown
webflow-io.map.fastly.net	151.101.2.188	true	false		unknown
google.com	142.250.181.238	true	false		unknown
www.google.com	142.250.185.196	true	false		unknown
uploads-ssl.webflow.com	108.156.2.28	true	false		unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false		unknown
windowsupdatebg.s.llnwi.net	95.140.236.128	true	false		unknown
screnceagrity.com	unknown	unknown	false		unknown
metamesklogni.webflow.io	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/css/metamesklogni.webflow.e746191ae.css	false	Avira URL Cloud: safe	unknown
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d5424	false	Avira URL Cloud: safe	unknown
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/6513acd265f9155c51324fbf_metamask_favicon-.png	false	Avira URL Cloud: safe	unknown
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/6513ac79d32960c9b8ab8bf7_MetamaskLogin.png	false	Avira URL Cloud: safe	unknown
https://metamesklogni.webflow.io/	true		unknown
https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/js/webflow.24a563ff7.js	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d542	chromecache_69.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
108.156.2.22	unknown	United States		16509	AMAZON-02US	false
108.156.61.211	d3e54v103j8qbb.cloudfront.net	United States		16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
151.101.2.188	webflow-io.map.fastly.net	United States		54113	FASTLYUS	false
142.250.185.196	www.google.com	United States		15169	GOOGLEUS	false
108.156.2.28	uploads-ssl.webflow.com	United States		16509	AMAZON-02US	false

Private

IP
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1466520
Start date and time:	2024-07-03 00:58:42 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 5s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://metamesklogni.webflow.io/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@21/20@25/8
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://screnceagrity.com/0dc4b9ec-de2b-4691-8370-6327cfd86449

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.186.174, 142.251.173.84, 34.104.35.123, 13.85.23.86, 95.140.236.128, 192.229.221.95, 20.3.187.198, 20.242.39.171, 52.165.164.15, 142.250.184.227
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://metamesklogni.webflow.io/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input

Output

URL: https://metamesklogni.webflow.io/ Model: Perplexity: mixtral-8x7b-instruct

{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The title and text of the webpage do not contain any elements indicating a login form.","The text does not create a sense of urgency.","There is no mention of a CAPTCHA or any other anti-robot detection mechanism in the provided text."]}

Title: Metamask Login - Browser Extension | Digital Crypto Wallet OCR: Metamask Login - Browser Extension I Digital Crypto Wallet MetaMask is a bridge between traditional web browsers and the decentralized web. It is a cryptocurrency wallet and an Ethereum gateway that allows users to interact seamlessly witn the Ethereum blockchain. Initially, MetaMask was developed as a browser extension tor Google Chrome, but it has since expanded to other browsers, including Firefox and Brave. Moreover, there is a mobile version available for iOS and Android users Key Features of MetaMask: 1. Digital Wallet: MetaMask acts as a digital wallet where you can store your Ether (ETH) and various Ethereum-based tokens. You can easily check your wallet balance, view transaction history, and manage your assets. 2. DApp Browser: One ot MetaMask's standout features is its built-in DApp browser. This enables you to access a wide range ot decentralized applications directly trom your browser, without the need

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:59:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.975564119485044
Encrypted:	false
SSDEEP:	48:8Bc2dutOTOtKZREHNidAKZdA19ehwiZUklqehAy+3:8BcNtOSt0RG/y
MD5:	0F4E9B0C4841E2FE908969D08F25E4D7
SHA1:	E0D35CBAAB8C3E5D49D44555CB5653D962A5A348
SHA-256:	82DC84AE478A1F495368EB8D187485454084EAD9FEB43742A97008F728B4AEFD
SHA-512:	D30BE23C97F5B02F8E613566DEBE374129CC1854F8FA75ABE7C484CCE1017528BDA32D3B821F07E2A88DDC382DAA7E5D9174D0338D4068E67F29202053D77566
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....9......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xo.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xo.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xo.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xo............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xp............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:59:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9942121936228103
Encrypted:	false
SSDEEP:	48:8HK2dutOTOtKZREHNidAKZdA1weh/iZUkAQkqehvy+2:8HKNtOSt0RE9Q+y
MD5:	A312F1781DD22D82DD865E6803FAFB6F
SHA1:	4BBF0D2641042195C4452A2A22D445D637C46547
SHA-256:	52C0CE48A65D1DF4022079F5DA82B71B3D6363066AFA5CC27EB2CBCA65AB1A39
SHA-512:	82570D3E624F0962E9363343FBEC052604EC597F4D8B54FEBCD9441ADA776DAFA30C2F5B2B0A417342E9D068F5FDB918F60CBF32251E7340B73A1F3EB13BDD90
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....'......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xo.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xo.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xo.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xo............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xp............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.00235460759776
Encrypted:	false
SSDEEP:	48:8x92dutOTOtKZRsHNidAKZdA14tseh7sFiZUkmgqeh7sVy+BX:8x9NtOSt0REnLy
MD5:	EB73BF174999CF92771E1486DEA94F4D
SHA1:	66B7D1A33F24214ABBBA8120595EBBB6A1BACCF1
SHA-256:	17703E9523C55290B27574A560132425ED610CDEAB8AAAA24103FB0FADF51E01
SHA-512:	4DB1503520170307F4AE1D83DFD178838C64AB5E58AFB28AA07653E4F46E5493895DFFB2D10F20DD80BCAC6BFADD35F6ADE2897EF2F1764FBEC849910601D878
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xo.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xo.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xo.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xo............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:59:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.989706158036379
Encrypted:	false
SSDEEP:	48:8n2dutOTOtKZREHNidAKZdA1vehDiZUkwqehjy+R:8nNtOSt0RPty
MD5:	5E2EFA180D804817F492496E834B7F25
SHA1:	DC02EAA830D822926E2E8A55B94907BAD1FAEC5F
SHA-256:	5DB6E5AB704E65BBF2832BFDEA374C75044B12158D2D65FA961548ACE1E9C85C
SHA-512:	E3E6335F0CDF368605EEE6F80D3B6FE0A06FC57054E690BE7477E4B896AD4B4CAA5E371A51EDEE5C7EF90B3FA9E74A3EDD332BFDF6D8A08FF657250137E4D24A
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.... N......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xo.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xo.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xo.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xo............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xp............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:59:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9803101313811466
Encrypted:	false
SSDEEP:	48:8R2dutOTOtKZREHNidAKZdA1hehBiZUk1W1qehBy+C:8RNtOSt0Rv9hy
MD5:	A61CBB08F0AD903B24E6D3A94B3804C7
SHA1:	B8BCB937D99BF723365A97C20202A397BB7FE6E0
SHA-256:	0A3EDA0B75F26BB3602FFF622826ED2E21B81E3B1878567DA31B0993E7021D4D
SHA-512:	6DB348579C1DFEEB4FEE041E27E4C2157CFE790E21B8024C45E651D362B675BEBA0CDCF69F577AE48DA99EF42CFDA1AED870674ABB5DA760F1CCD1B47F72BD39
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....$.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xo.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xo.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xo.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xo............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xp............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:59:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.991351558563272
Encrypted:	false
SSDEEP:	48:8j2dutOTOtKZREHNidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbLy+yT+:8jNtOSt0RnT/TbxWOvTbLy7T
MD5:	6BD9F87629AA70B45AD789F67C54A8A5
SHA1:	5555E1D5178033047E2710694A9CCA63131B07C5
SHA-256:	EAC6C8A68F3DC332DBB6010B4E312C4AFF0AF0470A05E7E4616B588B92B2E5B3
SHA-512:	EE8814216FDB8B7B3FB40357BA1001F1D06A83400E5576647AD29DC0B866AE866A7ABF0EF9A4C345ADDAC8EA254E2B39E85081115C177FB185A62302D8886B02
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....L.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xo.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xo.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xo.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xo............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xp............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 67

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 37214
Category:	downloaded
Size (bytes):	8312
Entropy (8bit):	7.977768116067281
Encrypted:	false
SSDEEP:	192:a2wuezuNT0sQPlW+/6qkgzBVAccynjfRm8OQUeqU:a2wuIsKW+iTQVjfRm8LUe9
MD5:	133A356C8409F3DFCF579C8AA810F7B6
SHA1:	2BBABA5128401FD2169FD0D06A5C51B744DAB3D6
SHA-256:	389A5A0DCCDCA1F7A2AEB1729BF40C090E59DA2022B375CC2B707FA39FF15DE8
SHA-512:	274C42AE2607C662423C537DF5D2881F868DE9725EE4AF1851ED933A24BAF1D9B1AE5DAB783A9194A87D068E35B7DF0A82598A35F9EB7BFBFA8126C6D0947E95
Malicious:	false
Reputation:	low
URL:	https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/css/metamesklogni.webflow.e746191ae.css
Preview:	...........}.r.8...~..;&.j...+.c..\..*....H...C#R.'....}.}.}.}.M.$...(Wu\|.n.E .H$2..D....S..o.R.......f.5.e........3.]..W;...^X.j..lOK.....\.....o.M\|c.;q..e{.%..k..........3.l'8,MmK...{..r..S....aifj..k-....P......i..R`.e.t.?.a.sG..&.........t.[i..\|.[.3.O+ ..V&.Ps.c[@.D.L....,F.CEe...........?>b\|3.f!.>....Fh.}f....8,...u.....j.\|....Q.}._....D...........Y!6..\|..n./CDv<....{h............C.I.oJ.\|6.2..\..gaX<.k:.....c.%.A.u./;.F.zV...yb../....i.j....^18...A..@.tJ.....0]cL-$..r.h_.wN/.......27.s?.....M.-.1....i.\|....)k.O.G..v-....+.K...D.......OKDT0......`f].o.............K...e.y...9E.t.-C.W.>......>..;OX.i..{~0.t...:...8..j{.exX..!.e`?(/..M.-L..s..=.#.\.oV.za.+;.'...O.#s..Z...5....j....IL..p;7.8 ..?..R. fx@t(...\|nj.Z...V.f}.....s.`:...........p.67..tB...i....S__.e........Hk..%.....P..{.#.I .......H....A<......l......;1..?`.....r0..2'M......8...8.$.Y.g9.....U.5)).#%7..a..BC6f7.S.t..>nR...\|.6J...1.R..y....".-..?'.yrL....i..xDz..h.H........L

Chrome Cache Entry: 68

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1409 x 721, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	173308
Entropy (8bit):	7.929126979702104
Encrypted:	false
SSDEEP:	3072:1DPXf5DXRetsFvbuC8VMevhzdtTQLSypAjELqskvG//HfK6IfjYZyYzqKzXZu3SV:1VD2sJj8qevhJt8myXLqskYI7FGySV
MD5:	815F66583754C458BD1D800D1EF6D17B
SHA1:	B4481B9D40F4EAFD1219B9E651324EE1C1414D5F
SHA-256:	AA911DD80DCD973FF9DB1B607C280FCE212D06CC384AE73A599DB7FA41AC1509
SHA-512:	F8D7BDE151805B82E6E371F1652B75404AD0266C8FCF17684E83257D2887C069F5F521B27CA227BB32687C85AC608EE9F8C176CFDC1A3A73C61DFE68EA9F12FA
Malicious:	false
Reputation:	low
URL:	https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/6513ac79d32960c9b8ab8bf7_MetamaskLogin.png
Preview:	.PNG........IHDR.....................sRGB.........gAMA......a.....pHYs..........o.d....IDATx^...xU........=...t.....I.@HBB.JB ...z....ME...9z....z..X. b?..(J..A.HO..9.Xk.v...M....NW.k..\....c............................`...........................4............h............. ............A......... .@..........@0............`...........................4............h............. ............A......... .@..........@0............`...........................4............h............. ............A. Q..m...J.S..mU.2..........4..$.jU..P{ijH.....<. ....5.....[K6..........@..A.M..q.fv..\|v.u....4..5.U.[.r\|.j...:..].Bf....Q.b!...............o..z~\-.!V...'/...d.....Q...h.Z.E..3........^..6K....Z.jC.....@..u.K...9.......3....`..X.-...`7.....!.$...,..F.....u.W..&K.ls.j.46.p~...G...=$.A5.&..@.:Ur..\|b@..S"..n....3Bgvv}.YJ.jR.........Z.....5.}.G..j.V........T`.A.`..1.6.s.g...qF...H2Zx)7lzB.V.Z....T....^.[.........w..8?...........RH....N...+..v..v..TH.A.r.J......

Chrome Cache Entry: 69

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (10829), with no line terminators
Category:	downloaded
Size (bytes):	10831
Entropy (8bit):	5.061088108533209
Encrypted:	false
SSDEEP:	192:HrV8ol1Y4zksig9Li/0mLfndBVspg2KXXodw3h3RITib9qCyS4wl/Eq:HrVT1Y4zksi2L+ffndBVl2KX4w3h3iTG
MD5:	5B436D84C121781CA6E82C3D410F5E74
SHA1:	86B6C5ABE2F7E2F6DB433669CC6D51CEF1979AAE
SHA-256:	02D0BEE52A5FC39B1F5CC000953175E1D43FAE8033F42741A873C224321B44C8
SHA-512:	5D6B0B2F220FE31FD4CB6E68AAE6806453C6E68DA7031F4718DE4FA75BFAF449B6C4C1FE7016817A420F06D611C8F6CF9912F633CF104BE6D8000FFD7AE1C708
Malicious:	false
Reputation:	low
URL:	https://metamesklogni.webflow.io/
Preview:	<!DOCTYPE html> This site was created in Webflow. https://webflow.com --> Last Published: Wed Sep 27 2023 04:20:48 GMT+0000 (Coordinated Universal Time) --><html data-wf-domain="metamesklogni.webflow.io" data-wf-page="6513ac57e0b8553d4c9d542e" data-wf-site="6513ac57e0b8553d4c9d5424"><head><meta charset="utf-8"/><title>Metamask Login - Browser Extension \| Digital Crypto Wallet</title><meta content="MetaMask Login is the gateway to decentralized finance and Ethereum-based applications. As a browser extension and digital crypto wallet, it offers a secure interface for managing Ethereum assets. Setting up MetaMask involves creating a wallet with a 12-word seed phrase for recovery. Once logged in, you can view your Ethereum balance, send/receive Ether and tokens, and explore decentralized applications seamlessly. Its robust security measures, including local private key storage, ensure your assets' safety. Whether you're a seasoned crypto enthusiast or a beginner, MetaMask

Chrome Cache Entry: 70

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 37393
Category:	downloaded
Size (bytes):	13706
Entropy (8bit):	7.982145474204226
Encrypted:	false
SSDEEP:	192:OlQbvtxf7ZgOKrcUeHu8tYEhT+hi3gmZ+sMvrCK0D5HrVR0JTWKcKSIBq2Klnfza:vllVgzzeR6hcnZ+Zr8lrV+5WvIAKA0
MD5:	A505BECC886CDCC871C41D1DB25B1402
SHA1:	CB750336F2D51057B37E6900E4B007B9814D8E79
SHA-256:	B5774AFAA96768ECE8768A0B8453D0B64BFBDE5E001C1A8C3E5FCBF9D7F56115
SHA-512:	6CD539E1D6A65B1DD149CAE033F824E59C9C69E064FA89D5C10A08EE6EBB72D67F7A37B700807987D75395A88C8F372D9FA79B76E35ECFC5AB61B181CECDBD50
Malicious:	false
Reputation:	low
URL:	https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/js/webflow.24a563ff7.js
Preview:	...........}.[.J........4.!..^.S....j.vk.nw..R!.d.Q8....\....y.y...2.Y.f..%..6...m..X......~....v..9...f.E.,._}.....N1~......V..y..x...j.8....yC?7......O.V....>..X9...".k.&..4.........1.=...-..%J..a..}..-.9...@....t.l{B...0.x\}...WE....S.._9.s......).....l.<.pnbs.8.W..l...."V...EA.w....,.....p7b..bv..S.yY..@...V!pyx..Y....vfF{;..B..... ....g.8...!........m.a.........m.'../.w.p.'`...7o6.O..7.....WS.....f...~.f.....%.....d.rc/..j5.w7d-...\.*..u...r..ra'.`. .h.J...}.D.v..B...[=.P.k.,.?.Q.DW.;v.F.m.s.\|..d9.S......Q_O...kg:];.:R..i ..SM...V..(...=LuH.m$...L..Q=..)..p..w.9...(.....8.3.1...j.Z'.lI......s....U...,.B!x..$..7..Z..Gr...L.6...........K.Z....V....j.P....\|.d....}G>...l../..N..../....2.z.a.b."^...X....J.=.N>..}......c..CZb).S1...'...........#-..........Q...mA+....R..J..61.[.-.fP#..l. .}.0#0:..O..-..:.N~...s..... .H..w.=.<...}'.u.. ..o.B....I.....M.:H..(.sB...m....8..y..=/>.._#(.q`...q.YU...X$K:$.4g.....NB.op.KP.7...r{#....F.?..

Chrome Cache Entry: 71

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1409 x 721, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	173308
Entropy (8bit):	7.929126979702104
Encrypted:	false
SSDEEP:	3072:1DPXf5DXRetsFvbuC8VMevhzdtTQLSypAjELqskvG//HfK6IfjYZyYzqKzXZu3SV:1VD2sJj8qevhJt8myXLqskYI7FGySV
MD5:	815F66583754C458BD1D800D1EF6D17B
SHA1:	B4481B9D40F4EAFD1219B9E651324EE1C1414D5F
SHA-256:	AA911DD80DCD973FF9DB1B607C280FCE212D06CC384AE73A599DB7FA41AC1509
SHA-512:	F8D7BDE151805B82E6E371F1652B75404AD0266C8FCF17684E83257D2887C069F5F521B27CA227BB32687C85AC608EE9F8C176CFDC1A3A73C61DFE68EA9F12FA
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................sRGB.........gAMA......a.....pHYs..........o.d....IDATx^...xU........=...t.....I.@HBB.JB ...z....ME...9z....z..X. b?..(J..A.HO..9.Xk.v...M....NW.k..\....c............................`...........................4............h............. ............A......... .@..........@0............`...........................4............h............. ............A......... .@..........@0............`...........................4............h............. ............A. Q..m...J.S..mU.2..........4..$.jU..P{ijH.....<. ....5.....[K6..........@..A.M..q.fv..\|v.u....4..5.U.[.r\|.j...:..].Bf....Q.b!...............o..z~\-.!V...'/...d.....Q...h.Z.E..3........^..6K....Z.jC.....@..u.K...9.......3....`..X.-...`7.....!.$...,..F.....u.W..&K.ls.j.46.p~...G...=$.A5.&..@.:Ur..\|b@..S"..n....3Bgvv}.YJ.jR.........Z.....5.}.G..j.V........T`.A.`..1.6.s.g...qF...H2Zx)7lzB.V.Z....T....^.[.........w..8?...........RH....N...+..v..v..TH.A.r.J......

Chrome Cache Entry: 72

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2410
Entropy (8bit):	7.830307272635411
Encrypted:	false
SSDEEP:	48:0+TPDEZTEbAWtWgfQhNdRnQ9qJ5RV1jPvcMqP6ZupFnjQtF8HU2EA:XTrEZIkaWnndROqxcH3rUtfW
MD5:	F9A6101A118B399A490852F753D2BB95
SHA1:	EDFA1F57769C971B1DBD3EBE1CFE252EFCA88EC8
SHA-256:	4700D87815FC89E9164D4D3E6AA6D81554AA165FF154CC963BBF7B3391E3A1C6
SHA-512:	B58C323D069519EB65CEF6314741F71A365FE01F71A955E52876E5E5AEFB72F983637DC136A0466BDA09B8547B6B48128D4CAF1165D38069CA545350C3CA3A0E
Malicious:	false
Reputation:	low
URL:	https://uploads-ssl.webflow.com/6513ac57e0b8553d4c9d5424/6513acd265f9155c51324fbf_metamask_favicon-.png
Preview:	.PNG........IHDR... ... .....szz.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........+......tIME.....7........5IDATX..{.U....{.s.3w..g.fd. 0J.Z..8-Qc4>.4..&mj.ii.6......jI...}..X.E.B..R...88......s.....w^.hR..&..Mn..k..\|......K}.ED....)...<.~-....G+.x..6r....w.{\|.;!...^............_>r..9.].K.. ..`w`QW .T3.."D.....E.<..0..b2.U.;...pdi0.\..6U{A...[.v}U..--Q.^....V....v..{g.am..Rw.Ob.>)+...x.a...O..$..Q........x.]...2..M.v..g.#w?.,.s.K.6.s#...6Z;.......4...sU...9../..{..z.....A.@.`..,......t{4..be..@n.....<a.XV. _?..+.L.yk.<.r/..)..:v..y5_p\.A)..^..wi.t/..v.m.[...:..r.6.M...7.6...+BhG+..^..s}{{..e....O.....F.......k~.....[.}.....)z....o."...........N+V.;Uu!V.\f..`...1....0.^Z...i.\|l...P.\...-...;7G.......v.{.oM!.9..7. J..1a.Q..`....].........c........\D.+.......+f.........@.lWk..9..g.;`H...+ ......}.xn.[..S.R.#k/....]?..._..."...........A.+.x.I..l....A.g._....4....o.....J.....FC....U....s.u.T..;.:.5...L.$...5.

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2410
Entropy (8bit):	7.830307272635411
Encrypted:	false
SSDEEP:	48:0+TPDEZTEbAWtWgfQhNdRnQ9qJ5RV1jPvcMqP6ZupFnjQtF8HU2EA:XTrEZIkaWnndROqxcH3rUtfW
MD5:	F9A6101A118B399A490852F753D2BB95
SHA1:	EDFA1F57769C971B1DBD3EBE1CFE252EFCA88EC8
SHA-256:	4700D87815FC89E9164D4D3E6AA6D81554AA165FF154CC963BBF7B3391E3A1C6
SHA-512:	B58C323D069519EB65CEF6314741F71A365FE01F71A955E52876E5E5AEFB72F983637DC136A0466BDA09B8547B6B48128D4CAF1165D38069CA545350C3CA3A0E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........+......tIME.....7........5IDATX..{.U....{.s.3w..g.fd. 0J.Z..8-Qc4>.4..&mj.ii.6......jI...}..X.E.B..R...88......s.....w^.hR..&..Mn..k..\|......K}.ED....)...<.~-....G+.x..6r....w.{\|.;!...^............_>r..9.].K.. ..`w`QW .T3.."D.....E.<..0..b2.U.;...pdi0.\..6U{A...[.v}U..--Q.^....V....v..{g.am..Rw.Ob.>)+...x.a...O..$..Q........x.]...2..M.v..g.#w?.,.s.K.6.s#...6Z;.......4...sU...9../..{..z.....A.@.`..,......t{4..be..@n.....<a.XV. _?..+.L.yk.<.r/..)..:v..y5_p\.A)..^..wi.t/..v.m.[...:..r.6.M...7.6...+BhG+..^..s}{{..e....O.....F.......k~.....[.}.....)z....o."...........N+V.;Uu!V.\f..`...1....0.^Z...i.\|l...P.\...-...;7G.......v.{.oM!.9..7. J..1a.Q..`....].........c........\D.+.......+f.........@.lWk..9..g.;`H...+ ......}.xn.[..S.R.#k/....]?..._..."...........A.+.x.I..l....A.g._....4....o.....J.....FC....U....s.u.T..;.:.5...L.$...5.

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	downloaded
Size (bytes):	89476
Entropy (8bit):	5.2896589255084425
Encrypted:	false
SSDEEP:	1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
MD5:	DC5E7F18C8D36AC1D3D4753A87C98D0A
SHA1:	C8E1C8B386DC5B7A9184C763C88D19A346EB3342
SHA-256:	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
SHA-512:	6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
Malicious:	false
Reputation:	low
URL:	https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d5424
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 00:59:26.735908031 CEST	49675	443	192.168.2.5	23.1.237.91
Jul 3, 2024 00:59:26.735920906 CEST	49674	443	192.168.2.5	23.1.237.91
Jul 3, 2024 00:59:26.829642057 CEST	49673	443	192.168.2.5	23.1.237.91
Jul 3, 2024 00:59:32.927372932 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:32.927470922 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:32.927558899 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:32.927674055 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:32.927694082 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:32.927772045 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:32.927897930 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:32.927932978 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:32.928117990 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:32.928132057 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.388376951 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.393456936 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.393491983 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.394579887 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.394649982 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.396681070 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.396769047 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.396918058 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.396933079 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.398925066 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.400063992 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.400084019 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.401134968 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.401194096 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.401715994 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.401778936 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.442698002 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.442698002 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.442728043 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.497462034 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.690164089 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690254927 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690280914 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690305948 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.690311909 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690335035 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690359116 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.690383911 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690438986 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.690448046 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690897942 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.690946102 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.690954924 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.691337109 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.691382885 CEST	443	49710	151.101.2.188	192.168.2.5
Jul 3, 2024 00:59:33.691431999 CEST	49710	443	192.168.2.5	151.101.2.188
Jul 3, 2024 00:59:33.725459099 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:33.725502014 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:33.725596905 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:33.725625992 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:33.725634098 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:33.725682020 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:33.726102114 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:33.726146936 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:33.726200104 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:33.726466894 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:33.726481915 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:33.726780891 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:33.726792097 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:33.727046013 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:33.727067947 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.450855970 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.461409092 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.461443901 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.462496996 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.462557077 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.470194101 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.470280886 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.471065998 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.471085072 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.472140074 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.472433090 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.472450972 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.473428965 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.473489046 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.475337029 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.475403070 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.475768089 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.475775003 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.486275911 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.486521959 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.486530066 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.487533092 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.487591028 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.488404989 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.488461971 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.488919973 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.488924980 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:34.513546944 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.527280092 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.528213024 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:34.709284067 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.709306955 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.709316015 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.709332943 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.709364891 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.709387064 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.709404945 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.709423065 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.709450960 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.794197083 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.794219017 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.794291019 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.794321060 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.794388056 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.799663067 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.799679995 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.799734116 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.799760103 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.799784899 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.799807072 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.883930922 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.883949995 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.883990049 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.884018898 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.884037018 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.884319067 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.885126114 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.885148048 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.885179043 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.885200024 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.885220051 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.885234118 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.885874987 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.885932922 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.885942936 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:34.886013031 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.888290882 CEST	49715	443	192.168.2.5	108.156.61.211
Jul 3, 2024 00:59:34.888314009 CEST	443	49715	108.156.61.211	192.168.2.5
Jul 3, 2024 00:59:35.207967997 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.207983971 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.207990885 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.208050966 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.208060980 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.208236933 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.209558964 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.209624052 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.209628105 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.209876060 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.213305950 CEST	49714	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.213323116 CEST	443	49714	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.230370045 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.239015102 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.239023924 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.239042997 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.239074945 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.239095926 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.239108086 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.239118099 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.239151955 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.352633953 CEST	49713	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.352663994 CEST	443	49713	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.355237961 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.355262041 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.355510950 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.373460054 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.373490095 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.400016069 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:35.400044918 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:35.400288105 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:35.401680946 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:35.401691914 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:35.488826990 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.488871098 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:35.488940954 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.489363909 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:35.489379883 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.036058903 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:36.036581993 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:36.036597013 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:36.037684917 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:36.037776947 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:36.039707899 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:36.039772987 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:36.082699060 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:36.082757950 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:36.082880020 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:36.086214066 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:36.086247921 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:36.090432882 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:36.090442896 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:36.109580040 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.109997988 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.110014915 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.110394955 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.110842943 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.110905886 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.111121893 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.137499094 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:36.152501106 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.242837906 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.243256092 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.243285894 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.243639946 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.244304895 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.244369030 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.244599104 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.292495012 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.340241909 CEST	49674	443	192.168.2.5	23.1.237.91
Jul 3, 2024 00:59:36.340243101 CEST	49675	443	192.168.2.5	23.1.237.91
Jul 3, 2024 00:59:36.412785053 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.412823915 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.413034916 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.413049936 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.413084984 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.413178921 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.415029049 CEST	49716	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:36.415046930 CEST	443	49716	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:36.433996916 CEST	49673	443	192.168.2.5	23.1.237.91
Jul 3, 2024 00:59:36.730957031 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:36.731079102 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:36.734563112 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:36.734595060 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:36.734847069 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:36.777743101 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:36.838009119 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:36.884515047 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:36.906205893 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:36.906234026 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:36.906673908 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:36.906673908 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:36.906702995 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.027223110 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.027287006 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.027348995 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.032352924 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.032380104 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.032393932 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.032439947 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.032468081 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.032478094 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.032505989 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.073787928 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.073832989 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.073862076 CEST	49719	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.073879957 CEST	443	49719	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.107166052 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.107224941 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.122551918 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.122570992 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.122622013 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.122637033 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.122757912 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.133554935 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.133610964 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.133616924 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.133662939 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.193941116 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.194027901 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.194056034 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.212937117 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.212954998 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.212997913 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.213007927 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.213042974 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.229577065 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.229610920 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.229661942 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.229674101 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.229681969 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.238435984 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.238461971 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.238482952 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.238491058 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.238634109 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.240618944 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.240685940 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.243530035 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.243556976 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.243664026 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.244478941 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.244494915 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.248996973 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.249073982 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.257262945 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.257322073 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.257328987 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.294416904 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.294445038 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.294507027 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.294540882 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.294552088 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.302392006 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.302424908 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.302455902 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.302467108 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.302548885 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.319504023 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.319519997 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.319578886 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.319591045 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.319627047 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.319647074 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.331114054 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.331130028 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.331167936 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.331176996 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.331192970 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.331202984 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.331239939 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.331247091 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.331259966 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.331294060 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.332321882 CEST	49718	443	192.168.2.5	108.156.2.28
Jul 3, 2024 00:59:37.332336903 CEST	443	49718	108.156.2.28	192.168.2.5
Jul 3, 2024 00:59:37.370747089 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.370798111 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.371036053 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.371376991 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.371412992 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.646919966 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.664731979 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.664741039 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.665977955 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.666054010 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.667207003 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.667366028 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.667484999 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.667490005 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.719053984 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.879523039 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.879620075 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.880738974 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.880744934 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.880990028 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.881999969 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:37.924491882 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:37.955543041 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.955586910 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.955650091 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:37.955682039 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.955781937 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.956379890 CEST	49720	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:37.956396103 CEST	443	49720	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.091605902 CEST	443	49703	23.1.237.91	192.168.2.5
Jul 3, 2024 00:59:38.091721058 CEST	49703	443	192.168.2.5	23.1.237.91
Jul 3, 2024 00:59:38.107089043 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.107364893 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.107388973 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.108438969 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.108515024 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.109055996 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.109127998 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.109216928 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.109234095 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.152751923 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.159302950 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:38.159369946 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:38.159431934 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:38.160139084 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:38.160139084 CEST	49721	443	192.168.2.5	184.28.90.27
Jul 3, 2024 00:59:38.160156965 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:38.160166025 CEST	443	49721	184.28.90.27	192.168.2.5
Jul 3, 2024 00:59:38.411103964 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.422086000 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.422095060 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.422111034 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.422168970 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.422207117 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.422355890 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.422355890 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.500376940 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.500401974 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.500464916 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.500543118 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.500571012 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.500608921 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.514770031 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.514786959 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.514842987 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.514867067 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.514929056 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.584989071 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.585005999 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.585078955 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.585103035 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.585185051 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.586241961 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.586262941 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.586311102 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.586325884 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.586345911 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.586596012 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.590631008 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.590646982 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.590713978 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.590732098 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.590802908 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.617650986 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.617672920 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.617827892 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.617827892 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.617851973 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.621850014 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.671665907 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.671689034 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.671798944 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.671822071 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.672405958 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.672427893 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.672472000 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.672511101 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.672530890 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.672574043 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.673006058 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.673021078 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.673093081 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.673093081 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.673109055 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.673844099 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.674212933 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.674285889 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:38.674288988 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.677644968 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.681063890 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.681788921 CEST	49722	443	192.168.2.5	108.156.2.22
Jul 3, 2024 00:59:38.681809902 CEST	443	49722	108.156.2.22	192.168.2.5
Jul 3, 2024 00:59:45.992361069 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:45.992427111 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 00:59:45.992640972 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:46.450819016 CEST	49717	443	192.168.2.5	142.250.185.196
Jul 3, 2024 00:59:46.450853109 CEST	443	49717	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:18.450026989 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 01:00:18.450057030 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 01:00:35.285100937 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 01:00:35.285250902 CEST	443	49709	151.101.2.188	192.168.2.5
Jul 3, 2024 01:00:35.285362959 CEST	49709	443	192.168.2.5	151.101.2.188
Jul 3, 2024 01:00:35.425240040 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:35.425292015 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:35.425467014 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:35.425714970 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:35.425726891 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:36.051373005 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:36.051680088 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:36.051703930 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:36.052032948 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:36.052366018 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:36.052412033 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:36.095649958 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:46.044188976 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:46.044264078 CEST	443	49732	142.250.185.196	192.168.2.5
Jul 3, 2024 01:00:46.044308901 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:47.281080008 CEST	49732	443	192.168.2.5	142.250.185.196
Jul 3, 2024 01:00:47.281125069 CEST	443	49732	142.250.185.196	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 00:59:30.745893955 CEST	53	54068	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:30.805687904 CEST	53	54655	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:31.890305042 CEST	53	62019	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:32.915189981 CEST	64097	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:32.915324926 CEST	53251	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:32.925714016 CEST	53	64097	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:32.926419973 CEST	53	53251	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:33.716947079 CEST	58683	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:33.717262983 CEST	49954	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:33.717684031 CEST	60696	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:33.717880011 CEST	54622	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:33.724750996 CEST	53	58683	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:33.724762917 CEST	53	60696	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:33.724788904 CEST	53	54622	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:33.724798918 CEST	53	49954	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:35.374437094 CEST	50022	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:35.375574112 CEST	51724	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:35.381023884 CEST	53	50022	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:35.382196903 CEST	53	51724	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:36.895315886 CEST	65533	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:36.896121025 CEST	55651	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:36.903103113 CEST	53	65533	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:36.904587030 CEST	53	55651	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:45.302515984 CEST	50844	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:45.302515984 CEST	59356	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:45.333003044 CEST	53	50844	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:45.351593018 CEST	61478	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:45.373364925 CEST	53	59356	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:45.389739037 CEST	53	61478	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:45.414887905 CEST	49758	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:45.414891958 CEST	55922	53	192.168.2.5	8.8.8.8
Jul 3, 2024 00:59:45.426508904 CEST	53	49758	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:45.427980900 CEST	53	55922	8.8.8.8	192.168.2.5
Jul 3, 2024 00:59:46.420665026 CEST	62126	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:46.421293974 CEST	60286	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:46.451009989 CEST	53	62126	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:46.607002974 CEST	53	60286	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:49.117005110 CEST	53	54441	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:51.501138926 CEST	50627	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:51.501394033 CEST	52652	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:51.530498981 CEST	53	52652	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:51.553100109 CEST	53	50627	1.1.1.1	192.168.2.5
Jul 3, 2024 00:59:51.557286024 CEST	54334	53	192.168.2.5	1.1.1.1
Jul 3, 2024 00:59:51.564785004 CEST	53	54334	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:04.185762882 CEST	56206	53	192.168.2.5	1.1.1.1
Jul 3, 2024 01:00:04.521996975 CEST	53	56206	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:08.020962954 CEST	53	62150	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:21.580538988 CEST	49905	53	192.168.2.5	1.1.1.1
Jul 3, 2024 01:00:21.580974102 CEST	59486	53	192.168.2.5	1.1.1.1
Jul 3, 2024 01:00:21.587929010 CEST	53	49905	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:21.646478891 CEST	53	59486	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:21.652513981 CEST	54533	53	192.168.2.5	1.1.1.1
Jul 3, 2024 01:00:21.685256958 CEST	53	54533	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:31.695626974 CEST	53	56583	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:31.695794106 CEST	53	50426	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:31.704710007 CEST	53	62849	1.1.1.1	192.168.2.5
Jul 3, 2024 01:00:45.174470901 CEST	53560	53	192.168.2.5	1.1.1.1
Jul 3, 2024 01:00:45.242362022 CEST	53	53560	1.1.1.1	192.168.2.5

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jul 3, 2024 00:59:45.373450041 CEST	192.168.2.5	1.1.1.1	c23a	(Port unreachable)	Destination Unreachable
Jul 3, 2024 00:59:46.607139111 CEST	192.168.2.5	1.1.1.1	c23a	(Port unreachable)	Destination Unreachable
Jul 3, 2024 01:00:31.703457117 CEST	192.168.2.5	1.1.1.1	c1fc	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jul 3, 2024 00:59:32.915189981 CEST	192.168.2.5	1.1.1.1	0x5c5a	Standard query (0)	metamesklogni.webflow.io	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:32.915324926 CEST	192.168.2.5	1.1.1.1	0xf5d4	Standard query (0)	metamesklogni.webflow.io	65	IN (0x0001)	false
Jul 3, 2024 00:59:33.716947079 CEST	192.168.2.5	1.1.1.1	0xed15	Standard query (0)	uploads-ssl.webflow.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.717262983 CEST	192.168.2.5	1.1.1.1	0xf872	Standard query (0)	uploads-ssl.webflow.com	65	IN (0x0001)	false
Jul 3, 2024 00:59:33.717684031 CEST	192.168.2.5	1.1.1.1	0x536e	Standard query (0)	d3e54v103j8qbb.cloudfront.net	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.717880011 CEST	192.168.2.5	1.1.1.1	0x1c36	Standard query (0)	d3e54v103j8qbb.cloudfront.net	65	IN (0x0001)	false
Jul 3, 2024 00:59:35.374437094 CEST	192.168.2.5	1.1.1.1	0xfad2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:35.375574112 CEST	192.168.2.5	1.1.1.1	0xaec2	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jul 3, 2024 00:59:36.895315886 CEST	192.168.2.5	1.1.1.1	0x5b1d	Standard query (0)	uploads-ssl.webflow.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:36.896121025 CEST	192.168.2.5	1.1.1.1	0x1e80	Standard query (0)	uploads-ssl.webflow.com	65	IN (0x0001)	false
Jul 3, 2024 00:59:45.302515984 CEST	192.168.2.5	1.1.1.1	0xaac5	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:45.302515984 CEST	192.168.2.5	1.1.1.1	0xba7b	Standard query (0)	screnceagrity.com	65	IN (0x0001)	false
Jul 3, 2024 00:59:45.351593018 CEST	192.168.2.5	1.1.1.1	0xbe18	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:45.414887905 CEST	192.168.2.5	1.1.1.1	0x265c	Standard query (0)	google.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:45.414891958 CEST	192.168.2.5	8.8.8.8	0xa6ce	Standard query (0)	google.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:46.420665026 CEST	192.168.2.5	1.1.1.1	0x6e0b	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:46.421293974 CEST	192.168.2.5	1.1.1.1	0xebe1	Standard query (0)	screnceagrity.com	65	IN (0x0001)	false
Jul 3, 2024 00:59:51.501138926 CEST	192.168.2.5	1.1.1.1	0x723f	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:51.501394033 CEST	192.168.2.5	1.1.1.1	0x4dd2	Standard query (0)	screnceagrity.com	65	IN (0x0001)	false
Jul 3, 2024 00:59:51.557286024 CEST	192.168.2.5	1.1.1.1	0x47de	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 01:00:04.185762882 CEST	192.168.2.5	1.1.1.1	0xba57	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 01:00:21.580538988 CEST	192.168.2.5	1.1.1.1	0xef42	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 01:00:21.580974102 CEST	192.168.2.5	1.1.1.1	0x7fbd	Standard query (0)	screnceagrity.com	65	IN (0x0001)	false
Jul 3, 2024 01:00:21.652513981 CEST	192.168.2.5	1.1.1.1	0x3ec1	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 01:00:45.174470901 CEST	192.168.2.5	1.1.1.1	0xb641	Standard query (0)	screnceagrity.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jul 3, 2024 00:59:32.925714016 CEST	1.1.1.1	192.168.2.5	0x5c5a	No error (0)	metamesklogni.webflow.io	webflow-io.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:59:32.925714016 CEST	1.1.1.1	192.168.2.5	0x5c5a	No error (0)	webflow-io.map.fastly.net		151.101.2.188	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:32.925714016 CEST	1.1.1.1	192.168.2.5	0x5c5a	No error (0)	webflow-io.map.fastly.net		151.101.66.188	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:32.925714016 CEST	1.1.1.1	192.168.2.5	0x5c5a	No error (0)	webflow-io.map.fastly.net		151.101.130.188	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:32.925714016 CEST	1.1.1.1	192.168.2.5	0x5c5a	No error (0)	webflow-io.map.fastly.net		151.101.194.188	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:32.926419973 CEST	1.1.1.1	192.168.2.5	0xf5d4	No error (0)	metamesklogni.webflow.io	webflow-io.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724750996 CEST	1.1.1.1	192.168.2.5	0xed15	No error (0)	uploads-ssl.webflow.com		108.156.2.28	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724750996 CEST	1.1.1.1	192.168.2.5	0xed15	No error (0)	uploads-ssl.webflow.com		108.156.2.67	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724750996 CEST	1.1.1.1	192.168.2.5	0xed15	No error (0)	uploads-ssl.webflow.com		108.156.2.22	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724750996 CEST	1.1.1.1	192.168.2.5	0xed15	No error (0)	uploads-ssl.webflow.com		108.156.2.32	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724762917 CEST	1.1.1.1	192.168.2.5	0x536e	No error (0)	d3e54v103j8qbb.cloudfront.net		108.156.61.211	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724762917 CEST	1.1.1.1	192.168.2.5	0x536e	No error (0)	d3e54v103j8qbb.cloudfront.net		108.156.61.222	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724762917 CEST	1.1.1.1	192.168.2.5	0x536e	No error (0)	d3e54v103j8qbb.cloudfront.net		108.156.61.158	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:33.724762917 CEST	1.1.1.1	192.168.2.5	0x536e	No error (0)	d3e54v103j8qbb.cloudfront.net		108.156.61.73	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:35.381023884 CEST	1.1.1.1	192.168.2.5	0xfad2	No error (0)	www.google.com		142.250.185.196	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:35.382196903 CEST	1.1.1.1	192.168.2.5	0xaec2	No error (0)	www.google.com			65	IN (0x0001)	false
Jul 3, 2024 00:59:36.903103113 CEST	1.1.1.1	192.168.2.5	0x5b1d	No error (0)	uploads-ssl.webflow.com		108.156.2.22	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:36.903103113 CEST	1.1.1.1	192.168.2.5	0x5b1d	No error (0)	uploads-ssl.webflow.com		108.156.2.32	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:36.903103113 CEST	1.1.1.1	192.168.2.5	0x5b1d	No error (0)	uploads-ssl.webflow.com		108.156.2.67	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:36.903103113 CEST	1.1.1.1	192.168.2.5	0x5b1d	No error (0)	uploads-ssl.webflow.com		108.156.2.28	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:45.426508904 CEST	1.1.1.1	192.168.2.5	0x265c	No error (0)	google.com		142.250.181.238	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:45.427980900 CEST	8.8.8.8	192.168.2.5	0xa6ce	No error (0)	google.com		172.217.168.78	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:48.125215054 CEST	1.1.1.1	192.168.2.5	0xdaf6	No error (0)	windowsupdatebg.s.llnwi.net		95.140.236.128	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:59:49.031322956 CEST	1.1.1.1	192.168.2.5	0xc4a6	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:59:49.031322956 CEST	1.1.1.1	192.168.2.5	0xc4a6	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

metamesklogni.webflow.io

https:

d3e54v103j8qbb.cloudfront.net

uploads-ssl.webflow.com

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49710	151.101.2.188	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:33 UTC	667	OUT	GET / HTTP/1.1 Host: metamesklogni.webflow.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:33 UTC	504	IN	HTTP/1.1 200 OK Connection: close Content-Length: 10831 Content-Type: text/html Content-Security-Policy: frame-ancestors 'self' https://.webflow.com http://.webflow.com http://*.webflow.io http://webflow.com https://webflow.com x-lambda-id: 2e0c0361-41d3-43dc-b2c2-f62aaa2347f7 Accept-Ranges: bytes Age: 0 Date: Tue, 02 Jul 2024 22:59:33 GMT X-Served-By: cache-ewr18177-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1719961173.446739,VS0,VE199 Vary: x-wf-forwarded-proto, Accept-Encoding
2024-07-02 22:59:33 UTC	1378	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 77 61 73 20 63 72 65 61 74 65 64 20 69 6e 20 57 65 62 66 6c 6f 77 2e 20 68 74 74 70 73 3a 2f 2f 77 65 62 66 6c 6f 77 2e 63 6f 6d 20 2d 2d 3e 3c 21 2d 2d 20 4c 61 73 74 20 50 75 62 6c 69 73 68 65 64 3a 20 57 65 64 20 53 65 70 20 32 37 20 32 30 32 33 20 30 34 3a 32 30 3a 34 38 20 47 4d 54 2b 30 30 30 30 20 28 43 6f 6f 72 64 69 6e 61 74 65 64 20 55 6e 69 76 65 72 73 61 6c 20 54 69 6d 65 29 20 2d 2d 3e 3c 68 74 6d 6c 20 64 61 74 61 2d 77 66 2d 64 6f 6d 61 69 6e 3d 22 6d 65 74 61 6d 65 73 6b 6c 6f 67 6e 69 2e 77 65 62 66 6c 6f 77 2e 69 6f 22 20 64 61 74 61 2d 77 66 2d 70 61 67 65 3d 22 36 35 31 33 61 63 35 37 65 30 62 38 35 35 33 64 34 63 39 64 35 34 32 65 22 20 64 61 74 Data Ascii: <!DOCTYPE html>... This site was created in Webflow. https://webflow.com -->... Last Published: Wed Sep 27 2023 04:20:48 GMT+0000 (Coordinated Universal Time) --><html data-wf-domain="metamesklogni.webflow.io" data-wf-page="6513ac57e0b8553d4c9d542e" dat
2024-07-02 22:59:33 UTC	1378	IN	Data Raw: 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 2f 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 21 66 75 6e 63 74 69 6f 6e 28 6f 2c 63 29 7b 76 61 72 20 6e 3d 63 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 74 3d 22 20 77 2d 6d 6f 64 2d 22 3b 6e 2e 63 6c 61 73 73 4e 61 6d 65 2b 3d 74 2b 22 6a 73 22 2c 28 22 6f 6e 74 6f 75 63 68 73 74 61 72 74 22 69 6e 20 6f 7c 7c 6f 2e 44 6f 63 75 6d 65 6e 74 54 6f 75 63 68 26 26 63 20 69 6e 73 74 61 6e 63 65 6f 66 20 44 6f 63 75 6d 65 6e 74 54 6f 75 63 68 29 26 26 28 6e 2e 63 6c 61 73 73 4e 61 6d 65 2b 3d 74 2b 22 74 6f 75 63 68 22 29 7d 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 Data Ascii: " type="text/css"/><script type="text/javascript">!function(o,c){var n=c.documentElement,t=" w-mod-";n.className+=t+"js",("ontouchstart"in o\|\|o.DocumentTouch&&c instanceof DocumentTouch)&&(n.className+=t+"touch")}(window,document);</script><link href="htt
2024-07-02 22:59:33 UTC	1378	IN	Data Raw: 20 62 72 6f 77 73 65 72 73 20 61 6e 64 20 74 68 65 20 64 65 63 65 6e 74 72 61 6c 69 7a 65 64 20 77 65 62 2e 20 49 74 20 69 73 20 61 20 63 72 79 70 74 6f 63 75 72 72 65 6e 63 79 20 77 61 6c 6c 65 74 20 61 6e 64 20 61 6e 20 45 74 68 65 72 65 75 6d 20 67 61 74 65 77 61 79 20 74 68 61 74 20 61 6c 6c 6f 77 73 20 75 73 65 72 73 20 74 6f 20 69 6e 74 65 72 61 63 74 20 73 65 61 6d 6c 65 73 73 6c 79 20 77 69 74 68 20 74 68 65 20 45 74 68 65 72 65 75 6d 20 62 6c 6f 63 6b 63 68 61 69 6e 2e 20 49 6e 69 74 69 61 6c 6c 79 2c 20 4d 65 74 61 4d 61 73 6b 20 77 61 73 20 64 65 76 65 6c 6f 70 65 64 20 61 73 20 61 20 62 72 6f 77 73 65 72 20 65 78 74 65 6e 73 69 6f 6e 20 66 6f 72 20 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 2c 20 62 75 74 20 69 74 20 68 61 73 20 73 69 6e 63 65 20 Data Ascii: browsers and the decentralized web. It is a cryptocurrency wallet and an Ethereum gateway that allows users to interact seamlessly with the Ethereum blockchain. Initially, MetaMask was developed as a browser extension for Google Chrome, but it has since
2024-07-02 22:59:33 UTC	1378	IN	Data Raw: 53 65 63 75 72 65 20 61 6e 64 20 50 72 69 76 61 74 65 3a 3c 2f 73 74 72 6f 6e 67 3e 20 4d 65 74 61 4d 61 73 6b 20 69 73 20 63 6f 6d 6d 69 74 74 65 64 20 74 6f 20 75 73 65 72 20 73 65 63 75 72 69 74 79 20 61 6e 64 20 70 72 69 76 61 63 79 2e 20 49 74 20 73 74 6f 72 65 73 20 79 6f 75 72 20 70 72 69 76 61 74 65 20 6b 65 79 73 20 6c 6f 63 61 6c 6c 79 20 6f 6e 20 79 6f 75 72 20 64 65 76 69 63 65 2c 20 61 6e 64 20 79 6f 75 20 68 61 76 65 20 66 75 6c 6c 20 63 6f 6e 74 72 6f 6c 20 6f 76 65 72 20 79 6f 75 72 20 77 61 6c 6c 65 74 26 23 78 32 37 3b 73 20 70 72 69 76 61 74 65 20 6b 65 79 73 2e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 73 74 72 6f 6e 67 3e 4d 75 6c 74 69 70 6c 65 20 4e 65 74 77 6f 72 6b 73 3a 3c 2f 73 74 72 6f 6e 67 3e 20 59 6f 75 20 63 61 6e 20 73 77 69 74 63 68 Data Ascii: Secure and Private:</strong> MetaMask is committed to user security and privacy. It stores your private keys locally on your device, and you have full control over your wallet's private keys.</li><li><strong>Multiple Networks:</strong> You can switch
2024-07-02 22:59:33 UTC	1378	IN	Data Raw: 73 65 2e 20 57 72 69 74 65 20 74 68 69 73 20 70 68 72 61 73 65 20 64 6f 77 6e 20 6f 6e 20 61 20 70 69 65 63 65 20 6f 66 20 70 61 70 65 72 20 61 6e 64 20 73 74 6f 72 65 20 69 74 20 73 65 63 75 72 65 6c 79 2e 20 49 74 26 23 78 32 37 3b 73 20 79 6f 75 72 20 6b 65 79 20 74 6f 20 72 65 63 6f 76 65 72 69 6e 67 20 79 6f 75 72 20 77 61 6c 6c 65 74 20 69 66 20 79 6f 75 20 65 76 65 72 20 66 6f 72 67 65 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 20 6f 72 20 6c 6f 73 65 20 61 63 63 65 73 73 20 74 6f 20 79 6f 75 72 20 64 65 76 69 63 65 2e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 73 74 72 6f 6e 67 3e 43 6f 6e 66 69 72 6d 20 59 6f 75 72 20 53 65 65 64 20 50 68 72 61 73 65 3a 3c 2f 73 74 72 6f 6e 67 3e 20 54 6f 20 65 6e 73 75 72 65 20 79 6f 75 26 23 78 32 37 3b 76 65 20 72 65 63 Data Ascii: se. Write this phrase down on a piece of paper and store it securely. It's your key to recovering your wallet if you ever forget your password or lose access to your device.</li><li><strong>Confirm Your Seed Phrase:</strong> To ensure you've rec
2024-07-02 22:59:33 UTC	1378	IN	Data Raw: 69 73 20 6e 6f 77 20 72 65 61 64 79 20 74 6f 20 75 73 65 2e 20 59 6f 75 20 63 61 6e 20 73 65 63 75 72 65 6c 79 20 6d 61 6e 61 67 65 20 79 6f 75 72 20 63 72 79 70 74 6f 20 61 73 73 65 74 73 20 61 6e 64 20 61 63 63 65 73 73 20 44 41 70 70 73 20 6f 6e 20 74 68 65 20 67 6f 2e 3c 2f 6c 69 3e 3c 2f 6f 6c 3e 3c 68 32 3e 4c 6f 67 67 69 6e 67 20 49 6e 20 74 6f 20 4d 65 74 61 4d 61 73 6b 3c 2f 68 32 3e 3c 70 3e 4c 6f 67 67 69 6e 67 20 69 6e 20 74 6f 20 4d 65 74 61 4d 61 73 6b 20 69 73 20 61 20 73 74 72 61 69 67 68 74 66 6f 72 77 61 72 64 20 70 72 6f 63 65 73 73 2e 20 48 65 72 65 26 23 78 32 37 3b 73 20 68 6f 77 20 79 6f 75 20 63 61 6e 20 61 63 63 65 73 73 20 79 6f 75 72 20 77 61 6c 6c 65 74 20 6f 6e 63 65 20 69 74 26 23 78 32 37 3b 73 20 73 65 74 20 75 70 3a 3c 2f Data Ascii: is now ready to use. You can securely manage your crypto assets and access DApps on the go.</li></ol><h2>Logging In to MetaMask</h2><p>Logging in to MetaMask is a straightforward process. Here's how you can access your wallet once it's set up:</
2024-07-02 22:59:33 UTC	1378	IN	Data Raw: 65 2e 3c 2f 6c 69 3e 3c 6c 69 3e 52 65 76 69 65 77 20 74 68 65 20 74 72 61 6e 73 61 63 74 69 6f 6e 20 64 65 74 61 69 6c 73 20 61 6e 64 20 63 6c 69 63 6b 20 26 71 75 6f 74 3b 4e 65 78 74 2e 26 71 75 6f 74 3b 3c 2f 6c 69 3e 3c 6c 69 3e 43 6f 6e 66 69 72 6d 20 74 68 65 20 74 72 61 6e 73 61 63 74 69 6f 6e 20 62 79 20 65 6e 74 65 72 69 6e 67 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 2e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 68 33 3e 33 2e 20 52 65 63 65 69 76 69 6e 67 20 45 74 68 65 72 20 61 6e 64 20 54 6f 6b 65 6e 73 3a 3c 2f 68 33 3e 3c 75 6c 20 72 6f 6c 65 3d 22 6c 69 73 74 22 3e 3c 6c 69 3e 54 6f 20 72 65 63 65 69 76 65 20 45 74 68 65 72 20 6f 72 20 74 6f 6b 65 6e 73 2c 20 63 6c 69 63 6b 20 74 68 65 20 26 71 75 6f 74 3b 52 65 63 65 69 76 65 26 71 75 6f 74 3b 20 Data Ascii: e.</li><li>Review the transaction details and click "Next."</li><li>Confirm the transaction by entering your password.</li></ul><h3>3. Receiving Ether and Tokens:</h3><ul role="list"><li>To receive Ether or tokens, click the "Receive"
2024-07-02 22:59:33 UTC	1185	IN	Data Raw: 74 6f 20 65 6e 68 61 6e 63 65 20 79 6f 75 72 20 77 61 6c 6c 65 74 26 23 78 32 37 3b 73 20 73 61 66 65 74 79 2e 3c 2f 6c 69 3e 3c 6c 69 3e 45 78 70 6c 6f 72 65 20 74 72 61 6e 73 61 63 74 69 6f 6e 20 68 69 73 74 6f 72 79 20 74 6f 20 6b 65 65 70 20 74 72 61 63 6b 20 6f 66 20 79 6f 75 72 20 66 69 6e 61 6e 63 69 61 6c 20 61 63 74 69 76 69 74 79 2e 3c 2f 6c 69 3e 3c 6c 69 3e 42 61 63 6b 20 75 70 20 79 6f 75 72 20 77 61 6c 6c 65 74 20 74 6f 20 65 6e 73 75 72 65 20 74 68 61 74 20 79 6f 75 20 63 61 6e 20 72 65 63 6f 76 65 72 20 69 74 20 69 6e 20 63 61 73 65 20 6f 66 20 65 6d 65 72 67 65 6e 63 69 65 73 2e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 68 32 3e 53 65 63 75 72 69 74 79 20 54 69 70 73 20 66 6f 72 20 4d 65 74 61 4d 61 73 6b 3c 2f 68 32 3e 3c 70 3e 4d 65 74 61 4d 61 Data Ascii: to enhance your wallet's safety.</li><li>Explore transaction history to keep track of your financial activity.</li><li>Back up your wallet to ensure that you can recover it in case of emergencies.</li></ul><h2>Security Tips for MetaMask</h2><p>MetaMa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49715	108.156.61.211	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:34 UTC	639	OUT	GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6513ac57e0b8553d4c9d5424 HTTP/1.1 Host: d3e54v103j8qbb.cloudfront.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://metamesklogni.webflow.io sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://metamesklogni.webflow.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:34 UTC	572	IN	HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 89476 Connection: close Last-Modified: Mon, 20 Jul 2020 17:53:02 GMT Accept-Ranges: bytes Server: AmazonS3 Date: Tue, 02 Jul 2024 20:29:00 GMT Cache-Control: max-age=84600, must-revalidate Etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a" Vary: Accept-Encoding Via: 1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront) Age: 9035 Access-Control-Allow-Origin: * X-Cache: Hit from cloudfront X-Amz-Cf-Pop: AMS1-P2 X-Amz-Cf-Id: c6KkHg_1mKsbfZBrfEflJx8GPCZLmSljI6eKVOrmugFFFeWlHmcZYQ==
2024-07-02 22:59:34 UTC	15812	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 31 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 Data Ascii: /! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery
2024-07-02 22:59:34 UTC	16384	IN	Data Raw: 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 21 21 65 2e 70 61 72 65 6e 74 4e 6f 64 65 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 2c 61 2c 73 2c 75 2c 6c 3d 79 21 3d 3d 6d 3f 22 6e 65 78 74 53 69 62 6c 69 6e 67 22 3a 22 70 72 65 76 69 6f 75 73 53 69 62 6c 69 6e 67 22 2c 63 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 66 3d 78 26 26 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 70 3d 21 6e 26 26 21 78 2c 64 3d 21 31 3b 69 66 28 63 29 7b 69 66 28 79 29 7b 77 68 69 6c 65 28 6c 29 7b 61 3d 65 3b 77 68 69 6c 65 28 61 3d 61 5b 6c 5d 29 69 66 28 78 3f 61 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 66 3a 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 29 72 65 74 75 72 6e 21 31 Data Ascii: ion(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.toLowerCase(),p=!n&&!x,d=!1;if(c){if(y){while(l){a=e;while(a=a[l])if(x?a.nodeName.toLowerCase()===f:1===a.nodeType)return!1
2024-07-02 22:59:34 UTC	16384	IN	Data Raw: 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 64 6f 53 63 72 6f 6c 6c 3f 43 2e 73 65 74 54 69 6d 65 6f 75 74 28 53 2e 72 65 61 64 79 29 3a 28 45 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 42 29 2c 43 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 42 29 29 3b 76 61 72 20 24 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 2c 69 2c 6f 2c 61 29 7b 76 61 72 20 73 3d 30 2c 75 3d 65 2e 6c 65 6e 67 74 68 2c 6c 3d 6e 75 6c 6c 3d 3d 6e 3b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 3d 77 28 6e 29 29 66 6f 72 28 73 20 69 6e 20 69 3d 21 30 2c 6e 29 24 28 65 2c 74 2c 73 2c 6e 5b 73 5d 2c 21 30 2c 6f 2c 61 29 3b 65 6c 73 65 20 69 66 28 76 6f 69 64 20 30 21 3d 3d 72 26 26 28 69 3d Data Ascii: cumentElement.doScroll?C.setTimeout(S.ready):(E.addEventListener("DOMContentLoaded",B),C.addEventListener("load",B));var $=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===w(n))for(s in i=!0,n)$(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=
2024-07-02 22:59:34 UTC	16384	IN	Data Raw: 63 65 3a 75 2e 6e 6f 6e 63 65 7c 7c 75 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7d 2c 6c 29 3a 62 28 75 2e 74 65 78 74 43 6f 6e 74 65 6e 74 2e 72 65 70 6c 61 63 65 28 6a 65 2c 22 22 29 2c 75 2c 6c 29 29 7d 72 65 74 75 72 6e 20 6e 7d 66 75 6e 63 74 69 6f 6e 20 52 65 28 65 2c 74 2c 6e 29 7b 66 6f 72 28 76 61 72 20 72 2c 69 3d 74 3f 53 2e 66 69 6c 74 65 72 28 74 2c 65 29 3a 65 2c 6f 3d 30 3b 6e 75 6c 6c 21 3d 28 72 3d 69 5b 6f 5d 29 3b 6f 2b 2b 29 6e 7c 7c 31 21 3d 3d 72 2e 6e 6f 64 65 54 79 70 65 7c 7c 53 2e 63 6c 65 61 6e 44 61 74 61 28 76 65 28 72 29 29 2c 72 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 28 6e 26 26 69 65 28 72 29 26 26 79 65 28 76 65 28 72 2c 22 73 63 72 69 70 74 22 29 29 2c 72 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 Data Ascii: ce:u.nonce\|\|u.getAttribute("nonce")},l):b(u.textContent.replace(je,""),u,l))}return n}function Re(e,t,n){for(var r,i=t?S.filter(t,e):e,o=0;null!=(r=i[o]);o++)n\|\|1!==r.nodeType\|\|S.cleanData(ve(r)),r.parentNode&&(n&&ie(r)&&ye(ve(r,"script")),r.parentNode.re
2024-07-02 22:59:34 UTC	16384	IN	Data Raw: 72 65 74 75 72 6e 20 72 3d 53 2e 66 78 26 26 53 2e 66 78 2e 73 70 65 65 64 73 5b 72 5d 7c 7c 72 2c 65 3d 65 7c 7c 22 66 78 22 2c 74 68 69 73 2e 71 75 65 75 65 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 43 2e 73 65 74 54 69 6d 65 6f 75 74 28 65 2c 72 29 3b 74 2e 73 74 6f 70 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 43 2e 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 6e 29 7d 7d 29 7d 2c 72 74 3d 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 6e 70 75 74 22 29 2c 69 74 3d 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 65 6c 65 63 74 22 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 6f 70 74 69 6f 6e 22 29 29 2c 72 74 2e 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 2c 79 2e 63 68 65 63 Data Ascii: return r=S.fx&&S.fx.speeds[r]\|\|r,e=e\|\|"fx",this.queue(e,function(e,t){var n=C.setTimeout(e,r);t.stop=function(){C.clearTimeout(n)}})},rt=E.createElement("input"),it=E.createElement("select").appendChild(E.createElement("option")),rt.type="checkbox",y.chec
2024-07-02 22:59:34 UTC	8128	IN	Data Raw: 28 74 68 69 73 29 2e 72 65 70 6c 61 63 65 57 69 74 68 28 74 68 69 73 2e 63 68 69 6c 64 4e 6f 64 65 73 29 7d 29 2c 74 68 69 73 7d 7d 29 2c 53 2e 65 78 70 72 2e 70 73 65 75 64 6f 73 2e 68 69 64 64 65 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 21 53 2e 65 78 70 72 2e 70 73 65 75 64 6f 73 2e 76 69 73 69 62 6c 65 28 65 29 7d 2c 53 2e 65 78 70 72 2e 70 73 65 75 64 6f 73 2e 76 69 73 69 62 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 21 21 28 65 2e 6f 66 66 73 65 74 57 69 64 74 68 7c 7c 65 2e 6f 66 66 73 65 74 48 65 69 67 68 74 7c 7c 65 2e 67 65 74 43 6c 69 65 6e 74 52 65 63 74 73 28 29 2e 6c 65 6e 67 74 68 29 7d 2c 53 2e 61 6a 61 78 53 65 74 74 69 6e 67 73 2e 78 68 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 Data Ascii: (this).replaceWith(this.childNodes)}),this}}),S.expr.pseudos.hidden=function(e){return!S.expr.pseudos.visible(e)},S.expr.pseudos.visible=function(e){return!!(e.offsetWidth\|\|e.offsetHeight\|\|e.getClientRects().length)},S.ajaxSettings.xhr=function(){try{retu

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49714	108.156.2.28	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:34 UTC	609	OUT	GET /6513ac57e0b8553d4c9d5424/css/metamesklogni.webflow.e746191ae.css HTTP/1.1 Host: uploads-ssl.webflow.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://metamesklogni.webflow.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:35 UTC	639	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 8312 Connection: close Date: Tue, 02 Jul 2024 22:59:35 GMT Last-Modified: Wed, 27 Sep 2023 04:20:49 GMT Etag: "133a356c8409f3dfcf579c8aa810f7b6" X-Amz-Server-Side-Encryption: AES256 Cache-Control: max-age=84600, must-revalidate Content-Encoding: gzip X-Amz-Version-Id: m_KjLhon.SrFLCs4fqqJWJkon6H.nRBE Accept-Ranges: bytes Server: AmazonS3 Via: 1.1 cd4dfe3c4e4ae7c889b30370e31a809e.cloudfront.net (CloudFront) Access-Control-Allow-Origin: * X-Cache: Miss from cloudfront X-Amz-Cf-Pop: MXP63-P4 X-Amz-Cf-Id: gbFLXi1p9C6_5ZBM_KN-t--ql-PrfLaHTe-uktfI0SiAztbNlT6jVg==
2024-07-02 22:59:35 UTC	6396	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 7d e9 72 e3 38 d2 e0 ff 7e 0a ad 3b 26 a2 6a ca b2 a9 d3 92 2b ba 63 a8 c3 b6 5c 96 ca 2a df ae a8 8d a0 48 8a a2 cd 43 23 52 97 27 be 88 ef db 7d 89 7d 80 7d be 7d 86 4d 1c 24 01 10 a4 28 57 75 7c e3 6e 97 45 20 91 48 24 32 13 89 44 12 9a 85 ae 53 fa d7 6f a5 52 d9 0d ca a1 b9 09 cb 81 fd 66 96 35 e3 65 19 84 a7 a5 8a a2 fc ed 33 aa 5d 9b 93 57 3b cc 81 98 fa 5e 58 9e 6a ae ed 6c 4f 4b 81 e6 05 e5 c0 5c d8 d3 cf bf fd c7 6f bf 4d 7c 63 8b 3b 71 b5 85 65 7b a7 25 05 17 6b 8b d0 d6 1d f3 b0 a4 05 b6 01 7f 0c 33 d4 6c 27 38 2c 4d 6d 4b d7 e6 a1 ed 7b f8 f3 72 01 95 53 df 0f cd c5 61 69 66 6a 06 fe 6b 2d fc e5 fc 10 50 da 00 e5 9a de f2 b0 e4 69 ab c3 52 60 ea a4 65 b0 74 a1 3f d2 b1 61 07 73 47 03 ca 26 8e af bf 92 de 97 86 Data Ascii: }r8~;&j+c\*HC#R'}}}}M$(Wu\|nE H$2DSoRf5e3]W;^XjlOK\oM\|c;qe{%k3l'8,MmK{rSaifjk-PiR`et?asG&
2024-07-02 22:59:35 UTC	1916	IN	Data Raw: 9f df 4c 4b cc 4f 14 e9 8f 8e c5 8a 44 92 12 42 a4 37 49 2c cc b9 49 04 89 7e 14 ea f9 7b 73 d8 f0 12 ca b2 3c aa 05 bb 07 2b 0c 24 de f0 32 bd 60 21 63 bf ef 00 17 1c 07 2b eb d3 c6 75 a2 2f 36 b8 be 18 55 9f b7 9d fa e4 61 b3 d4 df 14 5b bb f8 a6 e8 3d 7f 75 55 33 6a c6 b6 51 1b 6e 1b 2b dd d5 57 c3 17 75 3d ec b6 df 0c 57 b7 07 17 cf f3 e7 47 a3 3b a9 59 ed 81 ad 6c 87 5d 75 3d e8 0d 94 41 6f bc 1e d8 9d 9a f6 f0 4d d1 7a 8a 3d 7c 19 db 83 f3 99 a3 3d 18 be 01 cf a3 9e 6a 5f bf 6c bc c1 c5 b7 ed d3 43 e3 ed d9 6d 6f 27 b7 8a ad bb 6d e5 e9 f1 9b f3 a5 37 ae 7c b9 19 7c ba be e8 cc 8c 73 cb 7a 86 36 93 5b d5 1a 9e 5b 15 e3 65 f0 a6 f5 06 6f c6 cb bd 7f 75 3b a8 9b f6 c0 9a d4 3a b3 a7 aa a3 98 80 e3 0a fa ba 7a ab b7 f4 f3 33 45 eb 76 5e af 6f 2e c3 e1 Data Ascii: LKODB7I,I~{s<+$2`!c+u/6Ua[=uU3jQn+Wu=WG;Yl]u=AoMz=\|=j_lCmo'm7\|\|sz6[[eou;:z3Ev^o.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49713	108.156.2.28	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:34 UTC	579	OUT	GET /6513ac57e0b8553d4c9d5424/js/webflow.24a563ff7.js HTTP/1.1 Host: uploads-ssl.webflow.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://metamesklogni.webflow.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:35 UTC	647	IN	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 13706 Connection: close Date: Tue, 02 Jul 2024 22:59:36 GMT Last-Modified: Wed, 27 Sep 2023 04:20:49 GMT Etag: "a505becc886cdcc871c41d1db25b1402" X-Amz-Server-Side-Encryption: AES256 Cache-Control: max-age=84600, must-revalidate Content-Encoding: gzip X-Amz-Version-Id: 06qomiGwBPud8hD61jZtzoT3A3Npij12 Accept-Ranges: bytes Server: AmazonS3 Via: 1.1 2abd42a5440238034539228ee64b9adc.cloudfront.net (CloudFront) Access-Control-Allow-Origin: * X-Cache: Miss from cloudfront X-Amz-Cf-Pop: MXP63-P4 X-Amz-Cf-Id: e_KXBV8J5bei4Q5bOMZMtUr2_mT51_xmtHNugNb0-EtBusd4M8DlrQ==
2024-07-02 22:59:35 UTC	1412	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 7d fb 5b da 4a b7 f0 ef fb af c0 bc be 34 91 21 80 d6 5e a0 53 8e b5 da da 6a ed b6 76 6b 8b 6e 77 80 01 52 21 c1 64 10 51 38 7f fb b7 d6 5c 92 09 17 eb 79 cf 79 9e ef d9 bb 32 f7 59 b3 66 cd ba cd 25 7f 94 36 d6 fe c8 6d e4 ce 58 b3 d3 0f c7 d5 dc 7e 14 06 bc c8 82 76 2e f6 39 cb f5 fd 66 e4 45 13 2c f2 5f 7d bf c5 82 98 e5 8e 0e 4e 31 7e 10 f4 fd 80 e5 e2 56 e4 0f 79 9c 1b 78 93 9c d7 6a b1 38 ce f1 1e cb 79 43 3f 37 8a fd a0 9b f3 82 9c 17 4f 82 56 ae e7 05 ed 3e 8b aa 58 39 97 bb f5 22 dd 6b 8e 26 a1 e9 34 d7 b8 ac c9 12 2a cd 1d 8e e2 9e 1d 31 af 3d d9 1f 05 2d ee 87 81 83 25 4a 7f fc 61 db 0e 7d fb 80 2d f5 39 b5 19 99 40 14 93 ec c9 74 ca 6c 7b 42 1f d8 dd 30 8c 78 5c 7d 98 cd 1c 57 45 a0 18 99 e8 88 53 c3 ea 5f 39 Data Ascii: }[J4!^SjvknwR!dQ8\yy2Yf%6mX~v.9fE,_}N1~Vyxj8yC?7OV>X9"k&4*1=-%Ja}-9@tl{B0x\}WES_9
2024-07-02 22:59:35 UTC	12294	IN	Data Raw: 97 95 c7 b8 0f 90 d1 91 c7 7b a0 85 c4 00 4f b4 61 8b d8 d7 03 80 cb 29 f8 73 18 5e d1 e5 d6 6b c9 ed 24 b7 d9 7e f1 7b 6e 20 3a 81 d6 16 bb 5c 40 f4 aa 61 3e 37 e9 47 b1 bd d7 db 8f f3 74 c4 6a 32 5a d5 2b 4a aa 45 fe 8a 16 de 92 5e 5f 6b f6 2a 11 ac 59 c3 63 08 ce a1 69 50 ae c3 9c ca 51 0f c3 b1 bd 09 7a 3e d2 32 52 99 33 87 e3 15 3d 57 5e 6b 22 de fc 2d 11 73 61 13 80 28 af a2 96 62 f4 5a 84 6e 71 b8 4b 29 7a 69 c7 15 49 4b 4f e8 10 87 98 76 3c 47 db f3 23 97 e3 96 64 3e 0f 20 08 3d 67 81 d8 5b 7e b4 54 34 94 e5 7c 48 9e f9 5a 6a 0f 5b 8f ce 07 f2 4d 49 7e 37 11 b7 2b 45 cd 52 e6 68 40 08 a4 e5 9d 96 25 9d bf da 94 dc f3 c9 e4 ae fb 4b d8 cb 32 19 b8 bc cb 97 52 ec 54 b6 e4 8f 62 9a 8f 72 4b 63 06 0c c2 57 40 70 3d de ea 42 96 e6 3a 8b 44 d2 f4 5a d7 Data Ascii: {Oa)s^k$~{n :\@a>7Gtj2Z+JE^_k*YciPQz>2R3=W^k"-sa(bZnqK)ziIKOv<G#d> =g[~T4\|HZj[MI~7+ERh@%K2RTbrKcW@p=B:DZ

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.5	49716	108.156.2.28	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:36 UTC	662	OUT	GET /6513ac57e0b8553d4c9d5424/6513acd265f9155c51324fbf_metamask_favicon-.png HTTP/1.1 Host: uploads-ssl.webflow.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://metamesklogni.webflow.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:36 UTC	630	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2410 Connection: close Date: Tue, 02 Jul 2024 14:11:18 GMT Last-Modified: Wed, 27 Sep 2023 04:17:24 GMT Etag: "f9a6101a118b399a490852f753d2bb95" X-Amz-Server-Side-Encryption: AES256 Cache-Control: max-age=31536000, must-revalidate X-Amz-Version-Id: V5qJCWoz.mgrkmxTtOQ0Au9HnrDdAQ28 Accept-Ranges: bytes Server: AmazonS3 Via: 1.1 2abd42a5440238034539228ee64b9adc.cloudfront.net (CloudFront) Age: 31699 Access-Control-Allow-Origin: * X-Cache: Hit from cloudfront X-Amz-Cf-Pop: MXP63-P4 X-Amz-Cf-Id: ysFgSAjlIuxp4_TpJJ9E8ZQqJdqRBNYeNjCX7vpoCNiXIF8-eQLJuQ==
2024-07-02 22:59:36 UTC	2410	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 07 74 49 4d 45 07 e7 06 1c 04 37 08 cb cf 1c c7 00 00 08 35 49 44 41 54 58 c3 dd 97 7b 8c 55 d5 15 c6 7f 7b 9f 73 df 33 77 de 0f 67 18 66 64 86 20 30 4a c1 5a 11 89 38 2a 2d 51 63 34 3e d2 34 b1 ad 26 6d 6a ad 69 69 a2 36 96 a4 da 9a 86 16 ff 6a 49 ab 18 8d 7d 84 c6 58 ac 45 ad 42 ac f2 b4 80 52 a1 8a c8 38 38 8e cc 0c 0c cc 9d b9 73 df 8f b3 f7 ea 1f 77 5e 17 68 52 db c4 26 dd c9 4d 6e ee d9 6b ad ef 7c Data Ascii: PNGIHDR szz cHRMz&u0`:pQ<bKGDpHYs+tIME75IDATX{U{s3wgfd 0JZ8*-Qc4>4&mjii6jI}XEBR88sw^hR&Mnk\|

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.5	49718	108.156.2.28	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:36 UTC	658	OUT	GET /6513ac57e0b8553d4c9d5424/6513ac79d32960c9b8ab8bf7_MetamaskLogin.png HTTP/1.1 Host: uploads-ssl.webflow.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://metamesklogni.webflow.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:37 UTC	663	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 173308 Connection: close Date: Tue, 02 Jul 2024 22:59:37 GMT Last-Modified: Wed, 27 Sep 2023 04:15:55 GMT Etag: "815f66583754c458bd1d800d1ef6d17b" X-Amz-Storage-Class: INTELLIGENT_TIERING X-Amz-Server-Side-Encryption: AES256 Cache-Control: max-age=31536000, must-revalidate X-Amz-Version-Id: AjcOsch7LI5n9dAHy3nD7mNbc5Mxnoby Accept-Ranges: bytes Server: AmazonS3 Via: 1.1 636189476c3cc1fef2a81208622a3b7a.cloudfront.net (CloudFront) Access-Control-Allow-Origin: * X-Cache: Miss from cloudfront X-Amz-Cf-Pop: MXP63-P4 X-Amz-Cf-Id: KGeg1T2SjMOVPcZ-PXcPTgzUzKjo1oQUcfuajfQAuLVbOa2oSuPuzw==
2024-07-02 22:59:37 UTC	15345	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 05 81 00 00 02 d1 08 02 00 00 00 82 84 fb 9b 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 ff a5 49 44 41 54 78 5e ec fd 07 78 55 d5 f6 ef 8d ff 9f e7 be bf e7 b9 ef 3d f7 fd dd 8b 74 08 81 90 84 de 49 80 40 48 42 42 12 4a 42 20 84 96 10 7a af a1 85 2e 4d 45 8f 80 15 39 7a d0 e3 c1 02 7a 8e 8a 58 b1 20 62 3f 2a 0a 88 28 4a 15 15 41 a4 48 4f fb 8f 39 c7 58 6b cf bd 76 c9 0e 90 4d 80 ef e7 19 4e 57 99 6b ed b5 e6 5c 8b ec f1 dd 63 8e f9 ff bb 0d 00 00 00 00 00 00 00 00 00 a0 fc 81 06 01 00 00 00 00 00 00 00 00 80 60 00 0d 02 00 00 00 00 00 00 00 00 00 c1 00 1a 04 00 00 00 00 00 00 00 00 00 82 01 Data Ascii: PNGIHDRsRGBgAMAapHYsodIDATx^xU=tI@HBBJB z.ME9zzX b?*(JAHO9XkvMNWk\c`
2024-07-02 22:59:37 UTC	1522	IN	Data Raw: 9b 11 68 10 20 18 40 83 b8 f9 88 8e 8e de bf 7f bf f4 a8 86 ba 78 e5 ca 95 b2 3b 60 a0 41 04 0e 7d 95 dc ba 75 ab a9 fb 30 e5 aa 41 c4 c4 c4 d0 87 16 14 14 c8 01 ee d0 f6 b7 df 7e db 97 1c 40 17 fc fc f3 cf fb 0a ca a5 1b f9 e2 8b 2f 52 52 52 a4 b6 07 0b 16 2c 38 7e fc b8 d4 f6 e0 b7 df 7e 9b 39 73 a6 54 05 00 94 27 22 3f 78 08 10 e2 86 6a c4 37 b5 e2 1d d4 92 a0 3c 58 f1 65 fd 66 7c b0 b0 fc 64 43 80 28 3d de c1 52 1f 5c 1a 84 ed b7 1b fe bc 36 c3 db b7 fd ff b2 ea 0e fe cd d7 51 54 ba 9b fd b9 2e b3 af 4d 99 eb ca f9 46 02 54 22 94 19 cd c5 0d c8 2d e9 3b 32 42 c1 9d c2 dd c3 9d c5 dd a6 3b d1 52 22 2c 74 58 84 62 f8 f0 e1 5f 7d f5 95 fc d3 7c 8d 38 76 ec d8 dc b9 73 e5 f9 03 00 dc 74 40 83 00 c1 00 1a c4 cd 47 52 52 d2 a1 43 87 a4 47 35 d0 20 ca 9b 0d Data Ascii: h @x;`A}u0A~@/RRR,8~~9sT'"?xj7<Xef\|dC(=R\6QT.MFT"-;2B;R",tXb_}\|8vst@GRRCG5
2024-07-02 22:59:37 UTC	16384	IN	Data Raw: 07 c0 2d 4c bf 7e fd d6 ac 59 53 6a 0e 17 e6 c8 91 23 1b 36 6c 18 3d 7a 74 48 48 88 1c 5f 5a f8 83 1e 6a a1 10 bd c1 80 85 07 82 dd 54 0d eb 0e e4 c0 b2 ee 40 f8 d5 1d ec 8c 0f f5 54 69 29 0e da 4c c5 41 ff e0 cf 8e b7 f8 e1 a2 35 28 b3 3d 76 65 ca 99 17 c7 de 8e 38 90 a0 03 b5 97 1d 7e 97 99 75 22 22 1b 5a 65 43 57 79 f5 66 9e 4d 7d 50 43 fb 73 9d a6 af 90 2f 86 17 ac 5d fa a6 ec 7b 34 55 09 4b 9b f0 ab 4a 48 93 6a 55 c2 d6 23 b4 24 61 e9 11 84 74 90 46 eb 11 22 1e 71 7f 72 40 c4 a0 41 83 e8 df 6d 79 98 0c ce dc ff 80 43 59 28 93 fd 31 7b b6 57 19 62 ce 9c 39 f2 8c 02 00 6e 0a a0 41 80 60 e0 47 83 a0 05 5a 95 1d 25 25 e4 b5 ce 9f 3f 7f fb f6 ed e4 f3 f0 cf a4 e4 e4 ec d9 b3 67 e1 c2 85 5c 9f 71 78 53 5e f1 ea f4 d2 96 cf 3e fb cc 31 c5 e0 d6 ad 5b bd ba Data Ascii: -L~YSj#6l=ztHH_ZjT@Ti)LA5(=ve8~u""ZeCWyfM}PCs/]{4UKJHjU#$atF"qr@AmyCY(1{Wb9nA`GZ%%?g\qxS^>1[
2024-07-02 22:59:37 UTC	9863	IN	Data Raw: 66 72 b7 3e ae b0 08 a5 47 a8 98 88 2e 3a 32 42 c7 44 74 37 63 22 62 62 bb ea b9 3c 65 ee 0c 95 b1 52 8b 11 3a 49 84 04 44 a8 59 33 5a 39 67 cd 30 f4 08 ad 44 d8 fd eb 12 23 cc 68 08 33 57 a5 4b 8c 60 25 42 99 12 23 1a e9 f9 3b d5 63 a6 a3 21 58 8c 10 25 42 47 43 28 19 a2 be ad 47 58 a1 10 75 eb f1 4c 19 fa 91 f6 13 0d 21 4a 84 0b 7e 7d f8 55 d2 42 44 30 06 65 54 ad 11 7e 5b 95 1a b2 02 00 70 07 1a 04 28 77 1c e1 0c 66 b0 c3 e6 cd 9b 65 ab c5 8b 2f be c8 bb c8 63 24 bf 51 b6 ba fb 54 e4 e7 97 ea c7 32 fb f6 ed b3 c7 56 04 ae 41 10 47 8e 1c 31 7f 36 77 e0 55 83 f0 74 83 7d 11 b8 17 4a ec da b5 2b 3a 3a 9a 0f 74 f8 d5 0e ec 26 0a 44 20 60 c8 b7 e7 f6 29 93 06 31 63 c6 8c 53 a7 4e c9 56 bf 38 34 94 d5 ab 57 5f be 7c 59 f6 f9 85 ae ff 9e 7b ee a1 43 a8 3d a9 Data Ascii: fr>G.:2BDt7c"bb<eR:IDY3Z9g0D#h3WK`%B#;c!X%BGC(GXuL!J~}UBD0eT~[p(wfe/c$QT2VAG16wUt}J+::t&D `)1cSNV84W_\|Y{C=
2024-07-02 22:59:37 UTC	8459	IN	Data Raw: 23 9a 24 b0 0c 67 2b 11 f4 8e 28 19 c2 48 0c 41 ef 90 92 21 74 62 08 c2 9b 0c a1 e0 17 b3 ac 32 c4 fa f5 eb e5 01 f2 e0 40 d1 53 2f 16 d4 b2 ed e5 82 08 d9 e1 c1 a9 e2 6f cd 9a 64 a7 8b f7 c8 3e 77 b6 6f df de a2 45 0b f9 6c 00 6e 4c a0 41 00 10 6c a0 41 00 00 c0 2d 88 a5 41 58 21 10 5e 32 41 b0 5b a4 44 08 ad 43 58 73 61 70 26 08 37 19 42 07 41 b8 b2 51 72 f8 83 4e d4 a7 4d ff 50 6c 69 10 56 10 84 56 22 5c 32 04 27 02 e4 9f a0 6d 19 42 2b 11 96 0c d1 ac b5 67 0e 08 89 80 88 49 e8 d0 b1 8b 1d 01 11 67 45 40 70 02 88 ae 29 e9 5d 53 7b e9 f9 2f fa f0 fc 17 3c f5 66 7a c6 c0 f4 de 32 f5 66 66 56 6e 9f 7e b9 9c 78 b2 df a0 11 fd 2d e3 91 17 d9 b9 2a c3 a2 12 20 86 8c 1d 3c 94 05 08 95 85 71 c8 b0 09 b9 c3 26 3c b3 fe df e7 cf fb 9c 62 f9 8a 79 6f eb 47 b3 e6 Data Ascii: #$g+(HA!tb2@S/od>woElnLAlA-AX!^2A[DCXsap&7BAQrNMPliVV"\2'mB+gIgE@p)]S{/<fz2ffVn~x-* <q&<byoG
2024-07-02 22:59:37 UTC	16384	IN	Data Raw: 11 66 0c 46 39 88 7f 7d ff ce 87 df 5f 51 8f af a7 3f f9 7a fa d3 67 be cd 55 6f 3c bb 17 23 31 31 51 72 10 12 bf 5c 48 0e 42 42 c2 08 24 07 21 21 21 21 21 f1 c3 40 1c 04 4d 5a 04 07 c1 a1 61 21 74 24 84 8a 83 d0 4f 82 00 23 86 7e 12 04 2d b9 0e 02 24 e8 8a 08 02 8d 18 f3 20 06 02 44 10 a8 83 80 bf 1e d3 fc 8d fe a4 2c 68 08 36 e5 5b bc d4 6c c9 32 70 61 b0 69 21 46 51 da 59 58 39 5a 5a eb 5c 18 0e 4e 9e 4e 2e de 6c b8 b8 fb b9 7a f8 7b 78 06 7a 7a 05 79 f9 86 7a fb 85 f9 f9 47 b0 01 39 94 c1 c8 41 84 c5 81 02 82 5c 18 54 c3 19 9b 8e 19 10 50 81 81 1c 44 9e 11 05 44 36 04 40 90 02 22 a7 a0 2a af a8 26 bf b8 a6 00 fc 17 75 3c 78 12 ba 36 c1 7c 51 86 59 0f c2 73 01 86 0b 45 f8 50 53 df 55 d3 80 e5 9a 0d bd 75 d0 ac 49 aa 87 fe 86 56 62 1f 90 80 10 aa 07 48 Data Ascii: fF9}_Q?zgUo<#11Qr\HBB$!!!!!@MZa!t$O#~-$ D,h6[l2pai!FQYX9ZZ\NN.lz{xzzyzG9A\TPDD6@"*&u<x6\|QYsEPSUuIVbH
2024-07-02 22:59:37 UTC	1024	IN	Data Raw: 36 15 22 38 2e 20 28 c6 37 00 a5 10 be e1 5e 3e a1 ee 5e c1 20 85 40 3b 06 b4 63 38 79 db d9 7b d8 d8 b9 5b da 80 14 c2 cc 02 38 08 93 e5 c4 41 50 2c a5 36 15 02 07 6f e8 54 79 31 8c b5 63 cc 5b f8 e4 b2 50 c5 8b c1 db 31 e0 76 c3 25 10 10 3f d0 8b 41 43 ad 83 e0 1c 04 ff a6 f8 bf ff f7 d7 f7 3d fd 90 69 19 fb ce e0 cf 25 24 24 10 92 83 90 90 90 90 90 90 90 90 98 2b f0 6f 9c c6 c3 20 08 0a 03 a1 f0 0f 3a 15 84 e2 c2 50 c2 20 b8 0b 03 08 08 68 c4 a0 49 91 c2 3e a8 1a 31 e6 3d 35 8f 13 10 c2 85 c1 c3 20 48 07 01 22 88 45 26 8b 96 2c 87 34 4a 53 4b d3 e5 56 28 82 b0 b7 b0 72 b4 b2 71 b2 b1 73 b5 73 70 73 74 f2 74 74 f5 b7 f2 69 71 41 11 84 87 57 10 10 10 90 04 01 51 94 3c 09 22 4c 24 41 a0 08 42 95 04 81 7d 9c 20 82 c0 3e 4e 12 41 40 12 44 5e 61 55 be ca 85 Data Ascii: 6"8. (7^>^ @;c8y{[8AP,6oTy1c[P1v%?AC=i%$$+o :P hI>1=5 H"E&,4JSKV(rqsspstttiqAWQ<"L$AB} >NA@D^aU
2024-07-02 22:59:37 UTC	16384	IN	Data Raw: 41 46 62 4e 70 6c 4d 54 6c 66 44 4c 1a 26 53 a6 84 44 a8 92 29 03 a3 bc fd c2 79 32 a5 37 70 10 58 d2 09 c9 94 f6 4e 5e 76 0e 1e 36 c0 41 b8 58 58 39 a2 14 c2 ce c4 cc 76 a9 09 24 53 22 01 81 1c 84 e2 c5 10 1c 04 fc fe 73 2f 06 72 10 78 83 60 24 84 4e 0a 81 05 19 7a 5e 0c ba d7 50 0a a1 e2 20 66 69 c7 50 a4 10 5a 2f 86 c2 41 d0 17 02 7d 39 08 0e 42 42 42 c2 28 24 07 21 21 21 21 21 21 21 21 31 57 a8 39 88 ff 79 d8 fc 71 c7 31 63 22 08 9d 0a c2 c0 85 81 46 0c 9d 0b 03 d2 28 71 22 a4 88 20 74 2e 0c 20 20 e6 2d 76 7b f2 29 33 fa 73 2e 89 20 78 23 06 b0 0f d0 c7 c9 06 e8 20 16 9b 2e 59 6a b6 d4 c4 c2 64 b9 f5 72 73 9e 46 89 22 08 17 48 a3 74 f2 70 72 41 17 86 bb 9f 9b 87 bf 87 77 90 97 4f 30 88 20 02 c2 41 04 11 14 1d 14 1a 13 12 16 1f 1a 91 18 1e 99 a4 4e 82 Data Ascii: AFbNplMTlfDL&SD)y27pXN^v6AXX9v$S"s/rx`$Nz^P fiPZ/A}9BBB($!!!!!!!!1W9yq1c"F(q" t. -v{)3s. x# .YjdrsF"HtprAwO0 AN
2024-07-02 22:59:37 UTC	8949	IN	Data Raw: 18 06 d1 b3 8a 7b 31 86 a6 c0 8b 81 61 10 2b 57 6d a6 30 88 b1 d5 db 26 a6 76 4e 4c ed 9a d4 71 10 14 48 89 1c 04 85 41 ec 86 46 8c 5d 4a 23 c6 fe c3 17 44 23 06 72 10 d7 04 07 01 5e 0c e4 20 2e 5c 79 61 ff 89 97 97 45 6b a7 f1 77 3b 7c 0a fe 98 39 f0 a5 9a 53 60 63 c7 f9 d9 38 08 f6 aa 66 fb ac c1 2f fd 8a ff a4 39 f2 0f 18 db 0f bd 72 ee d2 8b 67 04 07 71 ee 59 e0 20 4e dd d0 71 10 ba 76 0c 6c e8 dc 77 06 38 88 5d 27 81 83 d8 a1 e8 20 20 96 f2 80 1e 07 31 b9 6b 74 62 c7 c8 f8 b6 e1 31 88 84 00 2f c6 ca 8d bd 18 4b d9 85 3a 88 f6 ee 89 b6 ae f1 96 4e 88 84 68 6c 5d d9 d0 4a 5e 0c ac c6 40 1d 04 55 63 28 1c 44 63 41 71 7d 7e 71 7d 4e 61 4d 76 7e 75 26 79 31 a8 1a 23 bd 38 29 b5 88 7b 31 20 93 32 33 32 26 3d 22 26 2d 2c 12 aa 31 c8 8b e1 87 d5 18 de be e1 Data Ascii: {1a+Wm0&vNLqHAF]J#D#r^ .\yaEkw;\|9S`c8f/9rgqY Nqvlw8]' 1ktb1/K:Nhl]J^@Uc(DcAq}~q}NaMv~u&y1#8){1 232&="&-,1
2024-07-02 22:59:37 UTC	1514	IN	Data Raw: f7 e2 97 9a 7d ef 38 2e 5e 7f 53 d7 8b a1 ef c5 30 e8 c5 b8 a8 eb c5 d8 ab ee c5 d0 f3 62 40 26 25 ea 20 80 83 e0 79 10 5b a1 17 63 74 f3 00 72 10 77 d0 41 28 79 10 e0 c5 d0 e9 20 9a 0b 95 3c 88 dc a2 da 1c f2 62 a0 0e 02 bd 18 a0 83 48 e0 79 10 d9 7a 79 10 e1 49 e0 c5 50 7a 31 54 79 10 41 6a 1d 04 cf 83 b0 71 31 c3 3c 88 37 df e4 96 0a 0d 04 07 d1 b3 e1 c8 f3 2f be 4a 2b bf fa fa 6b 9f 90 d4 0b 97 9f a1 a7 0c f1 69 65 69 fb de 9d bf ee e3 80 ad ef 9a 38 47 5b 6e f9 27 71 10 16 5b 3e b6 f6 4e ba 23 07 e1 e8 e8 c4 ee 70 a0 21 14 1d 84 cc 83 90 90 b8 5b 48 0e 42 e2 9e 83 26 33 62 d2 42 53 20 9a ae d0 1c 8c a6 5b 6c 29 26 ba ec 55 f1 98 81 4d 9f c4 11 68 ca 24 a6 43 ea c9 8f fa 68 6a 18 1e 4d 7d 04 7a 2a 66 68 ec 81 e6 e0 e2 25 3a 3e db d8 f0 14 ec 25 b6 25 Data Ascii: }8.^S0b@&% y[ctrwA(y <bHyzyIPz1TyAjq1<7/J+kiei8G[n'q[>N#p![HB&3bBS [l)&UMh$ChjM}z*fh%:>%%

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.5	49719	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:36 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-02 22:59:37 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=148168 Date: Tue, 02 Jul 2024 22:59:36 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.5	49720	108.156.2.22	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:37 UTC	418	OUT	GET /6513ac57e0b8553d4c9d5424/6513acd265f9155c51324fbf_metamask_favicon-.png HTTP/1.1 Host: uploads-ssl.webflow.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:37 UTC	630	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 2410 Connection: close Date: Tue, 02 Jul 2024 14:11:18 GMT Last-Modified: Wed, 27 Sep 2023 04:17:24 GMT Etag: "f9a6101a118b399a490852f753d2bb95" X-Amz-Server-Side-Encryption: AES256 Cache-Control: max-age=31536000, must-revalidate X-Amz-Version-Id: V5qJCWoz.mgrkmxTtOQ0Au9HnrDdAQ28 Accept-Ranges: bytes Server: AmazonS3 Via: 1.1 c205f74aa99b4a794fa57396e24414b6.cloudfront.net (CloudFront) Age: 31700 Access-Control-Allow-Origin: * X-Cache: Hit from cloudfront X-Amz-Cf-Pop: MXP63-P4 X-Amz-Cf-Id: ALw6nuTQQVxLFER-xuDx_3CxST4yhSfFPaml_Iy0iNIq0zSAG7SOQw==
2024-07-02 22:59:37 UTC	2410	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 07 74 49 4d 45 07 e7 06 1c 04 37 08 cb cf 1c c7 00 00 08 35 49 44 41 54 58 c3 dd 97 7b 8c 55 d5 15 c6 7f 7b 9f 73 df 33 77 de 0f 67 18 66 64 86 20 30 4a c1 5a 11 89 38 2a 2d 51 63 34 3e d2 34 b1 ad 26 6d 6a ad 69 69 a2 36 96 a4 da 9a 86 16 ff 6a 49 ab 18 8d 7d 84 c6 58 ac 45 ad 42 ac f2 b4 80 52 a1 8a c8 38 38 8e cc 0c 0c cc 9d b9 73 df 8f b3 f7 ea 1f 77 5e 17 68 52 db c4 26 dd c9 4d 6e ee d9 6b ad ef 7c Data Ascii: PNGIHDR szz cHRMz&u0`:pQ<bKGDpHYs+tIME75IDATX{U{s3wgfd 0JZ8*-Qc4>4&mjii6jI}XEBR88sw^hR&Mnk\|

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.5	49721	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:37 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-02 22:59:38 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=148176 Date: Tue, 02 Jul 2024 22:59:38 GMT Content-Length: 55 Connection: close X-CID: 2
2024-07-02 22:59:38 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.5	49722	108.156.2.22	443	616	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:59:38 UTC	414	OUT	GET /6513ac57e0b8553d4c9d5424/6513ac79d32960c9b8ab8bf7_MetamaskLogin.png HTTP/1.1 Host: uploads-ssl.webflow.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:59:38 UTC	670	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 173308 Connection: close Date: Tue, 02 Jul 2024 22:59:37 GMT Last-Modified: Wed, 27 Sep 2023 04:15:55 GMT Etag: "815f66583754c458bd1d800d1ef6d17b" X-Amz-Storage-Class: INTELLIGENT_TIERING X-Amz-Server-Side-Encryption: AES256 Cache-Control: max-age=31536000, must-revalidate X-Amz-Version-Id: AjcOsch7LI5n9dAHy3nD7mNbc5Mxnoby Accept-Ranges: bytes Server: AmazonS3 Via: 1.1 60bea04c75a4b2bbfcdc758c2757084a.cloudfront.net (CloudFront) Age: 2 Access-Control-Allow-Origin: * X-Cache: Hit from cloudfront X-Amz-Cf-Pop: MXP63-P4 X-Amz-Cf-Id: rwg9EtvEqle-juSuLE84y4r5A1NmWcVNSxnOsgxnoKVk6aGFMDtWnQ==
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 05 81 00 00 02 d1 08 02 00 00 00 82 84 fb 9b 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 ff a5 49 44 41 54 78 5e ec fd 07 78 55 d5 f6 ef 8d ff 9f e7 be bf e7 b9 ef 3d f7 fd dd 8b 74 08 81 90 84 de 49 80 40 48 42 42 12 4a 42 20 84 96 10 7a af a1 85 2e 4d 45 8f 80 15 39 7a d0 e3 c1 02 7a 8e 8a 58 b1 20 62 3f 2a 0a 88 28 4a 15 15 41 a4 48 4f fb 8f 39 c7 58 6b cf bd 76 c9 0e 90 4d 80 ef e7 19 4e 57 99 6b ed b5 e6 5c 8b ec f1 dd 63 8e f9 ff bb 0d 00 00 00 00 00 00 00 00 00 a0 fc 81 06 01 00 00 00 00 00 00 00 00 80 60 00 0d 02 00 00 00 00 00 00 00 00 00 c1 00 1a 04 00 00 00 00 00 00 00 00 00 82 01 Data Ascii: PNGIHDRsRGBgAMAapHYsodIDATx^xU=tI@HBBJB z.ME9zzX b?*(JAHO9XkvMNWk\c`
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 35 e5 22 4b 53 28 dc e3 23 c2 c2 45 95 60 b3 db 4a eb 35 b6 2a e1 7d a4 86 25 49 04 ac 47 28 5a b6 6a 45 7f 53 e4 1f 62 77 2e bc fb ee b1 be 59 0e b9 c1 8f fd d6 a3 e7 d9 67 d7 cb c1 ee ec d9 b3 27 2d 2d 4d 9e 4b 00 c0 cd 02 34 08 10 0c a0 41 5c 5b 6e 88 bb 86 06 51 ae 5c 81 06 91 97 97 77 ea d4 29 39 46 e3 ff c9 21 df 5e ea 69 b6 6d db 46 fe 81 ec f3 96 1d 73 f3 e6 cd b2 cf 23 46 86 be 44 9a 83 35 e8 3c 8e c4 16 3b 76 ec b0 4f 3e 6b d6 ac b3 c6 6f 62 a7 4f 9f 76 e4 7d 70 84 84 9c 3c 79 72 cc 98 31 b2 0f 80 5b 9e c8 c8 c8 81 03 07 2e 5f be fc e5 97 5f fe fa eb af e9 05 29 28 28 a0 d7 8d 5e 2b fa 77 e3 ad b7 de 7a e0 81 07 46 8d 1a d5 a6 4d 1b 39 c0 03 53 7d 60 dc 04 88 ea d5 b5 d5 a8 15 d6 9e 55 07 73 1c 06 7b a7 fc b3 b9 a0 3d 58 8d 84 fa 8b a3 6b 66 7c Data Ascii: 5"KS(#E`J5*}%IG(ZjESbw.Yg'--MK4A\[nQ\w)9F!^imFs#FD5<;vO>kobOv}p<yr1[.__)((^+wzFM9S}`Us{=Xkf\|
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 3f 66 e1 e1 2a 51 a5 7e f0 cc 71 19 2a 1a 42 34 08 2b 57 65 78 db d1 e1 6d 86 f9 8c 86 60 0d c2 3d 14 82 df 17 82 5f 1f 7e 95 f8 e5 e2 17 4d de ba f2 a1 76 d3 a1 a1 ad a7 ca 0a 00 c0 1d 68 10 a0 dc 31 23 1d 08 d3 1f 23 37 c9 14 02 c8 1f 33 dd 3f 5f 07 92 27 b6 65 cb 16 d3 f3 f7 ca a9 53 a7 66 cc 98 c1 87 10 0e 0d c2 0f 8e 03 3d 79 ea a9 a7 a4 aa 3b 85 85 85 4f 3f fd b4 54 f2 4d 20 0e 3f e3 98 ec d3 e1 57 93 07 6b 36 82 e9 76 6e d8 b0 81 7f 57 f7 83 79 f2 b2 6a 10 ab 56 ad f2 23 00 31 9e cd 48 1d b7 69 d3 a6 52 2f 8c 6e 64 dd ba 75 72 8c 16 20 be f9 e6 1b d9 e7 03 6a 87 ad 5b b7 9a 32 84 1f 0d 62 e9 d2 a5 be 3c 7f 86 5a 26 33 33 93 2b fb 82 be d7 fa 3f 89 89 2f 0d c2 3f 5f 7d f5 95 79 47 01 3e f6 0c 34 08 00 6e 44 d8 2f 62 1f 89 75 07 2e 09 76 a5 b4 fa e0 Data Ascii: ?fQ~qB4+Wexm`=_~Mvh1##73?_'eSf=y;O?TM ?Wk6vnWyjV#1HiR/ndur j[2b<Z&33+?/?_}yG>4nD/bu.v
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: d2 0e 96 dd f5 d0 1d cb 1f 56 76 f7 ea 3b ee 7e 84 ec ce 7b c4 ee 62 fb eb 1a b2 3b 6d bb 87 4d ea dc 41 a6 8f 52 52 85 a5 56 2c 15 79 e2 a1 25 4a 9b 10 55 42 4b 12 ee c1 11 8b 57 71 da 88 79 3a 67 c4 5c 11 23 54 58 44 be 16 23 78 80 c6 c0 49 1b 26 cc b8 7f 7a 3e cf 9d b1 c4 16 23 a6 a8 80 08 3d 3a 63 ca fc 09 ee 19 22 74 40 c4 74 b2 11 3c 34 c3 9c 2f 63 08 a7 87 18 33 20 67 f4 80 1c 1d 0d 31 70 44 96 44 43 0c 51 d1 10 6a 5c 86 47 6e 88 6e 7d 92 53 33 12 93 d3 55 34 44 92 8a 86 50 32 44 7c 4a 27 95 18 22 a9 bd 8a 86 90 69 32 da 44 c7 b6 6a 2b d3 64 d8 83 32 3c a2 21 74 56 08 fd 70 f2 83 2a 4a 84 7e 80 3d a3 21 b4 12 e1 0a 85 e0 37 42 de 0b 2f f9 29 dd 43 21 f4 8b 66 cb 10 f4 06 6a 29 d0 95 15 82 05 08 46 cb 10 0a 53 86 20 e7 9f f8 e6 9b 6f e4 ab 95 0f 0e Data Ascii: Vv;~{b;mMARRV,y%JUBKWqy:g\#TXD#xI&z>#=:c"t@t<4/c3 g1pDDCQj\Gnn}S3U4DP2D\|J'"i2Dj+d2<!tVp*J~=!7B/)C!fj)FS o
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 8b d5 b1 05 00 00 ff f4 49 44 41 54 a1 24 53 a2 14 02 80 34 04 80 dd e3 c0 38 22 e8 f6 9f 9d 83 f8 d5 7d 8b fe fb 41 33 fe 44 42 42 42 72 10 12 12 12 12 12 12 12 12 77 0b 35 07 41 34 04 4c 47 70 66 a2 a2 21 80 85 30 f0 62 c0 f4 66 76 2f 06 0e a4 21 44 23 c6 93 50 34 88 13 2a a4 21 f4 93 20 e8 4f c1 6c 32 c6 26 66 8a 08 c2 c2 c4 14 92 20 cc 2c 20 09 c2 d2 da 91 d2 28 a1 92 d3 09 45 10 ae aa 24 08 9f 10 8f c0 1c aa e4 0c 24 23 46 98 8e 83 88 8a 83 24 88 98 04 2e 82 48 4a cd 57 38 88 a2 f4 ac d2 cc ec b2 ac bc f2 ec fc 8a 3c e8 e3 ac 86 18 88 92 ba a2 32 1e 45 59 56 d9 5a 51 dd 56 01 2e 0c e2 20 c0 88 a1 2b c2 68 1b 22 17 46 5b f7 58 7b 0f cf a1 ec ee 9f 44 0e 02 5b 30 54 0a 88 11 54 40 60 08 25 2a 20 26 d1 82 b1 76 17 a6 3f ec 41 02 62 9f ce 7f b1 f9 20 98 Data Ascii: IDAT$S48"}A3DBBBrw5A4LGpf!0bfv/!D#P4! Ol2&f , (E$$#F$.HJW8<2EYVZQV. +h"F[X{D[0TT@`% &v?Ab
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 6b 30 8d 72 1d a6 51 82 08 62 eb a1 cd db 8f 6c dd 71 14 44 10 bb 41 04 b1 6b 1f ba 30 a8 0e 43 17 45 a9 12 41 9c 05 02 e2 f4 85 5b 67 2f 3e 67 1a f3 96 66 02 ff 93 0c ef c2 77 0f 5d d3 92 0e 9a 11 5c fe 9e 66 af 9f 6a 1c 3b f3 3c 70 10 e7 9e 55 52 21 50 0a 21 7a 3a 0f 5d dc 73 10 ed 18 90 0a 71 06 a5 10 27 b7 60 41 c6 46 94 42 60 49 27 4a 21 d6 a3 14 42 53 d2 29 da 31 d0 8e 41 91 10 1d 3d d0 8e d1 8a ed 18 4d 6d 23 8d 9a 48 88 da ee 8a 9a ce 15 55 1d a5 d0 8e d1 52 04 91 10 40 43 e4 15 d5 e6 14 d4 64 e7 55 65 e6 72 3b 46 72 7a 31 46 42 14 42 43 27 54 63 64 47 c7 65 44 44 a7 85 47 a7 86 45 26 87 44 24 41 2c 25 35 74 52 2c a5 2f 54 63 b8 79 06 41 2c a5 12 09 61 eb e0 61 6d e7 66 65 ed 6c 61 e5 b8 dc dc de d4 3a 64 91 ef 9e c5 56 91 a0 83 80 48 08 4d 32 25 Data Ascii: k0rQblqDAk0CEA[g/>gfw]\fj;<pUR!P!z:]sq'`AFB`I'J!BS)1A=Mm#HUR@CdUer;Frz1FBBC'TcdGeDDGE&D$A,%5tR,/TcyA,aamfela:dVHM2%
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 83 90 b8 e7 50 cf 58 d8 14 85 4d 54 d8 f7 38 cd 7c d8 4a 31 cf 61 4b b6 19 3d 66 af b2 6d c4 44 8e 9e d2 2e 6c 25 db 8c 26 51 e2 25 da 92 4e 24 f6 12 60 db a8 67 53 ec a4 6c 17 31 5f 62 4f 19 e8 25 06 f5 65 68 e6 5a 6c 25 3b 8e fa c2 04 c4 5e b4 8b 38 38 3b b5 e1 c4 4c b3 0d 3d 65 60 0f 8c be 24 2e 40 f3 de d9 36 6c 4b fa 58 d4 8f 09 ea 8d d5 9f 92 78 4a 1b d3 9b d2 bc 47 71 01 9a 33 1a bd 3c b1 01 3b 88 78 4c d7 c3 ce a2 fe 6c 05 d8 a9 c5 41 18 8c 5e 83 fa bd 08 b0 95 ec 25 b6 01 3d 65 bb cc f4 a3 54 3f 66 d0 9c 71 f6 0f 47 9c 82 1d 41 3c 66 4b b6 0b 3d a6 77 67 f4 0a 19 d4 7b d1 53 f5 f1 8d 7e 32 77 fc 60 d5 1b 13 68 1b f5 91 35 10 27 12 d7 c9 0e a2 39 af e1 7b 17 db b3 95 ec b1 b8 06 3a 9a b8 42 cd 8e b4 f1 4c 57 22 21 f1 4b 07 11 10 c4 41 d0 d4 82 d8 Data Ascii: PXMT8\|J1aK=fmD.l%&Q%N$`gSl1_bO%ehZl%;^88;L=e`$.@6lKXxJGq3<;xLlA^%=eT?fqGA<fK=wg{S~2w`h5'9{:BLW"!KA
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 7d 83 a9 1d 23 3c 20 28 22 38 34 1a 18 22 92 da 31 62 64 3b 46 7c 02 c6 31 92 52 72 68 1c 23 3f 3d b3 48 b6 63 20 12 a2 2a af a8 4a b5 63 94 56 36 e5 95 0f 55 d6 60 22 a3 a6 ae a3 b6 a1 8b ac 10 3d 5c d2 d9 d6 31 d8 66 c1 10 23 dd bd a3 5c d2 09 0c 31 bc 6c 60 de f2 a1 91 55 34 91 b1 76 64 d1 7a 4c 64 c0 0a c1 e1 94 46 2a 84 69 22 c3 26 15 62 eb ae 23 db 68 22 63 e7 de db 69 22 e3 8e 3d 07 4f ee 3b 78 e7 fe 5b 4e 59 e5 53 1e 3b 73 e4 f8 fd 47 08 43 80 44 dc 69 e3 86 e0 6c 88 c7 ef a1 6c 08 cb 5c c6 b9 a7 19 46 3c 60 90 08 8b 27 c2 02 23 10 15 c1 ce 08 20 89 27 79 01 2e 30 65 50 ac 41 5e 4f d8 c2 c2 1d 30 76 f1 22 8f 5d b0 f7 e1 41 e9 7d 00 7d 38 fb 10 d0 83 a9 02 83 e7 2f 9e b8 fb cc 13 77 39 74 40 a0 89 13 f4 01 23 18 9c 43 89 18 88 7b 39 87 d2 00 10 b2 Data Ascii: }#< ("84"1bd;F\|1Rrh#?=Hc JcV6U`"=\1f#\1l`U4vdzLdFi"&b#h"ci"=O;x[NYS;sGCDill\F<`'# 'y.0ePA^O0v"]A}}8/w9t@#C{9
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: 86 bb 3a 59 00 00 a4 e0 49 44 41 54 e2 00 3b 23 d6 6f 39 08 1e b1 f5 10 9c 11 80 11 9c 16 71 78 f3 8e 5b c5 da b2 93 7a 34 a4 3f 82 97 74 49 6c 63 36 61 b3 08 2e 18 0b a1 92 62 f1 84 05 3f 90 fd 0e fc 84 34 6d 81 a4 49 b8 1e 78 e0 82 67 2e a8 f3 02 dc 81 8c 0f 6b c9 fb 40 93 17 fb 30 79 01 ef 03 a5 3f ac 41 fa 03 67 4f 1a fd 17 4c 1f b6 20 7e 72 29 d1 07 72 40 10 7d 58 33 34 b2 66 60 fe aa 81 79 2b 65 0b c6 c0 52 ae e1 94 19 10 86 03 a2 ad 73 5e 1b 42 28 07 41 1f da fa 1b 5b fb 1b 9a 7b eb 9b 7a 50 84 d1 30 a7 ba ae b3 aa 76 76 79 75 5b 05 c5 40 94 62 04 a3 a9 48 c6 40 d4 1a 23 18 46 17 46 76 49 70 e6 f6 88 cc 45 49 04 20 c8 04 91 15 13 9f 19 1d 97 4e 53 18 c9 61 11 49 a1 e1 54 87 11 1a 1b 10 1c e5 1f 14 e9 eb 8f 29 0c 4f 9f 60 b1 64 12 84 ab 93 24 88 19 Data Ascii: :YIDAT;#o9qx[z4?tIlc6a.b?4mIxg.k@0y?AgOL ~r)r@}X34f`y+eRs^B(A[{zP0vvyu[@bH@#FFvIpEI NSaIT)O`d$
2024-07-02 22:59:38 UTC	16384	IN	Data Raw: c3 d3 df 93 dc 10 c4 20 42 d8 0d 11 10 14 19 14 12 4d 85 9d 71 28 cb 40 44 65 52 64 54 12 e2 21 d0 d9 89 78 88 b8 84 8c f8 24 2b 43 04 25 44 14 18 86 88 a2 8c 9c 92 4c cc 65 94 63 2e c3 2a 24 02 73 19 d2 13 51 c6 9e 08 e4 44 94 a2 3b 03 9e 08 90 88 1a b2 45 90 27 42 4e 67 70 6e 25 02 1d ad 48 44 1d a5 57 4a 7f 84 d9 22 d1 c2 3c 02 a7 4c 1c 8c f3 3d b8 43 6b ef ca 35 5b e4 8f 82 b5 cc 0c e2 ba 69 be 87 6e bb 43 de 40 fa f2 cb af 16 2e 5f f7 bf 7f 39 d5 3b 34 e9 f9 17 5f 96 d7 92 6c 46 33 c6 60 10 b7 1d 3d 81 99 0b 18 1f 1a 8a ca 1a 8a 4a 1b 0a 4b a9 f3 a2 b8 d6 88 7e a8 ce 15 5f 2b c4 4f 22 7b 52 ac 4c ab f4 87 a2 d4 0c c4 4f 52 ff 45 2e f7 5f a8 00 88 98 b8 f4 18 04 40 a4 44 46 13 80 88 4c 64 06 11 1c 16 17 14 1a 1b 08 07 04 8d 60 04 00 40 78 fb 86 78 f9 Data Ascii: BMq(@DeRdT!x$+C%DLec.*$sQD;E'BNgpn%HDWJ"<L=Ck5[inC@._9;4_lF3`=JK~_+O"{RLORE._@DFLd`@xx

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 7120, Parent PID: 5488

General

Target ID:	0
Start time:	18:59:25
Start date:	02/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 616, Parent PID: 7120

General

Target ID:	2
Start time:	18:59:28
Start date:	02/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=2024,i,16064088588081814683,6508725119278042078,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4372, Parent PID: 5488

General

Target ID:	3
Start time:	18:59:31
Start date:	02/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metamesklogni.webflow.io/"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly