Edit tour

Windows Analysis Report
http://daana-paylaterld.xsits.xyz/

Overview

General Information

Sample URL:	http://daana-paylaterld.xsits.xyz/
Analysis ID:	1520102
Infos:

Detection

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Multi AV Scanner detection for submitted file

Performs DNS queries to domains with low reputation

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3660 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1772 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=1980,i,2925171781084121020,4736060299062158034,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4180 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://daana-paylaterld.xsits.xyz/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

• AV Detection
• Compliance
• Networking
• System Summary
• Boot Survival

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://daana-paylaterld.xsits.xyz/	Avira URL Cloud: detection malicious, Label: phishing
Source: http://daana-paylaterld.xsits.xyz/	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://daana-paylaterld.xsits.xyz/index.html

Avira URL Cloud: Label: phishing

Multi AV Scanner detection for submitted file

Source: http://daana-paylaterld.xsits.xyz/

Virustotal: Detection: 15%

Perma Link

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49749 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: daana-paylaterld.xsits.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: daana-paylaterld.xsits.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: daana-paylaterld.xsits.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: daana-paylaterld.xsits.xyz

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: daana-paylaterld.xsits.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ionicons/2.0.1/css/ionicons.min.css HTTP/1.1Host: code.ionicframework.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://daana-paylaterld.xsits.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://daana-paylaterld.xsits.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://daana-paylaterld.xsits.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://daana-paylaterld.xsits.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/3/39/BI_Logo.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://daana-paylaterld.xsits.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg/773px-Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://daana-paylaterld.xsits.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/3/39/BI_Logo.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg/773px-Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: daana-paylaterld.xsits.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: daana-paylaterld.xsits.xyz
Source: global traffic	DNS traffic detected: DNS query: a.m.dana.id
Source: global traffic	DNS traffic detected: DNS query: app.link
Source: global traffic	DNS traffic detected: DNS query: api2.branch.io
Source: global traffic	DNS traffic detected: DNS query: cdn.lr-ingest.io
Source: global traffic	DNS traffic detected: DNS query: sentry.io
Source: global traffic	DNS traffic detected: DNS query: code.ionicframework.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: youtube.com
Source: global traffic	DNS traffic detected: DNS query: upload.wikimedia.org
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.dana.id

Source: chromecache_98.2.dr	String found in binary or memory: http://creativecommons.org/licenses/by/4.0/
Source: chromecache_90.2.dr	String found in binary or memory: http://getbootstrap.com)
Source: chromecache_98.2.dr	String found in binary or memory: http://ionicons.com/
Source: chromecache_77.2.dr	String found in binary or memory: https://a.m.dana.id
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://a.m.dana.id/danaweb/promo/1658288864-Thumbnail---DANA-Deals-July.png
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://a.m.dana.id/danaweb/promo/1687427004-1683620617-Thumbnail---DANA-Deals__2_.png
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://a.m.dana.id/danaweb/promo/1714979082-031023-EIS049-PGN_Disc_50_-Web_Banner-Thumbnails.png
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://a.m.dana.id/danaweb/promo/1715063476-060524-EIS246-eMAS_EXISTING_USER_B_MAY-Web_Promo-Thumbn
Source: chromecache_77.2.dr	String found in binary or memory: https://api2.branch.io
Source: chromecache_77.2.dr	String found in binary or memory: https://app.link
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_77.2.dr	String found in binary or memory: https://cdn.jsdelivr.net/npm/slick-carousel
Source: chromecache_77.2.dr	String found in binary or memory: https://cdn.lr-ingest.io
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Source: chromecache_77.2.dr	String found in binary or memory: https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT6hXWLtGnL5xhdiXUaDP8Yo1iVOJv_FI99WEmgNJWqj7Vp
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Open
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4iaVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4jaVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4kaVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4saVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4taVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4vaVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B5OaVI
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B5caVI
Source: chromecache_99.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_98.2.dr	String found in binary or memory: https://github.com/driftyco/ionicons
Source: chromecache_98.2.dr	String found in binary or memory: https://github.com/google/material-design-icons
Source: chromecache_99.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_90.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Source: chromecache_77.2.dr	String found in binary or memory: https://sentry.io
Source: chromecache_98.2.dr	String found in binary or memory: https://twitter.com/benjsperry
Source: chromecache_98.2.dr	String found in binary or memory: https://twitter.com/ionicframework
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://upload.wikimedia.org/wikipedia/commons/3/39/BI_Logo.png
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://upload.wikimedia.org/wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.s
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Info
Source: chromecache_81.2.dr, chromecache_77.2.dr	String found in binary or memory: https://www.dana.id/favicon.ico
Source: chromecache_77.2.dr	String found in binary or memory: https://youtube.com

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49749 version: TLS 1.2

Source: classification engine

Classification label: mal68.troj.win@18/53@38/13

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=1980,i,2925171781084121020,4736060299062158034,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://daana-paylaterld.xsits.xyz/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=1980,i,2925171781084121020,4736060299062158034,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://daana-paylaterld.xsits.xyz/	100%	Avira URL Cloud	phishing
http://daana-paylaterld.xsits.xyz/	16%	Virustotal		Browse
http://daana-paylaterld.xsits.xyz/	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://getbootstrap.com/)	0%	URL Reputation	safe
https://github.com/google/material-design-icons	0%	Avira URL Cloud	safe
https://cdn.jsdelivr.net/npm/bootstrap	0%	Avira URL Cloud	safe
https://github.com/twbs/bootstrap/blob/main/LICENSE)	0%	Avira URL Cloud	safe
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css	0%	Avira URL Cloud	safe
https://twitter.com/benjsperry	0%	Avira URL Cloud	safe
https://daana-paylaterld.xsits.xyz/index.html	100%	Avira URL Cloud	phishing
https://upload.wikimedia.org/wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.s	0%	Avira URL Cloud	safe
https://api2.branch.io	0%	Avira URL Cloud	safe
https://a.m.dana.id/danaweb/promo/1658288864-Thumbnail---DANA-Deals-July.png	0%	Avira URL Cloud	safe
http://ionicons.com/	0%	Avira URL Cloud	safe
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	0%	Avira URL Cloud	safe
https://a.m.dana.id/danaweb/promo/1714979082-031023-EIS049-PGN_Disc_50_-Web_Banner-Thumbnails.png	0%	Avira URL Cloud	safe
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg/773px-Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png	0%	Avira URL Cloud	safe
https://github.com/driftyco/ionicons	0%	Avira URL Cloud	safe
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css	0%	Avira URL Cloud	safe
https://www.dana.id/favicon.ico	0%	Avira URL Cloud	safe
https://twitter.com/ionicframework	0%	Avira URL Cloud	safe
https://a.m.dana.id/danaweb/promo/1715063476-060524-EIS246-eMAS_EXISTING_USER_B_MAY-Web_Promo-Thumbn	0%	Avira URL Cloud	safe
https://app.link	0%	Avira URL Cloud	safe
https://a.m.dana.id	0%	Avira URL Cloud	safe
https://upload.wikimedia.org/wikipedia/commons/3/39/BI_Logo.png	0%	Avira URL Cloud	safe
https://cdn.jsdelivr.net/npm/slick-carousel	0%	Avira URL Cloud	safe
http://getbootstrap.com)	0%	Avira URL Cloud	safe
https://github.com/twbs/bootstrap/blob/master/LICENSE)	0%	Avira URL Cloud	safe
https://sentry.io	0%	Avira URL Cloud	safe
https://youtube.com	0%	Avira URL Cloud	safe
https://cdn.lr-ingest.io	0%	Avira URL Cloud	safe
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Info	0%	Avira URL Cloud	safe
https://upload.wikimedia.org/wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.svg.png	0%	Avira URL Cloud	safe
http://creativecommons.org/licenses/by/4.0/	0%	Avira URL Cloud	safe
https://a.m.dana.id/danaweb/promo/1687427004-1683620617-Thumbnail---DANA-Deals__2_.png	0%	Avira URL Cloud	safe

Domains and IPs

Download Network PCAP: filtered – full

Contacted Domains

Name	IP	Active	Malicious	Reputation
daana-paylaterld.xsits.xyz	188.114.97.3	true	true	unknown
app.link	65.9.66.129	true	false	unknown
cdnjs.cloudflare.com	104.17.24.14	true	false	unknown
sentry.io	35.186.247.156	true	false	unknown
maxcdn.bootstrapcdn.com	104.18.10.207	true	false	unknown
www.google.com	142.250.186.164	true	false	unknown
cdn.lr-ingest.io	188.114.97.3	true	false	unknown
upload.wikimedia.org	185.15.59.240	true	false	unknown
code.ionicframework.com	104.26.7.173	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
api2.branch.io	108.138.26.27	true	false	unknown
youtube.com	142.250.185.78	true	false	unknown
cdn.jsdelivr.net	unknown	unknown	false	unknown
a.m.dana.id	unknown	unknown	false	unknown
www.dana.id	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://daana-paylaterld.xsits.xyz/	false		unknown
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css	false	Avira URL Cloud: safe	unknown
https://daana-paylaterld.xsits.xyz/index.html	false	Avira URL Cloud: phishing	unknown
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	false	Avira URL Cloud: safe	unknown
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg/773px-Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png	false	Avira URL Cloud: safe	unknown
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css	false	Avira URL Cloud: safe	unknown
https://upload.wikimedia.org/wikipedia/commons/3/39/BI_Logo.png	false	Avira URL Cloud: safe	unknown
https://daana-paylaterld.xsits.xyz/index.html#	false		unknown
https://upload.wikimedia.org/wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.svg.png	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://github.com/google/material-design-icons	chromecache_98.2.dr	false	Avira URL Cloud: safe	unknown
https://cdn.jsdelivr.net/npm/bootstrap	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/blob/main/LICENSE)	chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://twitter.com/benjsperry	chromecache_98.2.dr	false	Avira URL Cloud: safe	unknown
https://api2.branch.io	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://upload.wikimedia.org/wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.s	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://a.m.dana.id/danaweb/promo/1658288864-Thumbnail---DANA-Deals-July.png	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
http://ionicons.com/	chromecache_98.2.dr	false	Avira URL Cloud: safe	unknown
https://getbootstrap.com/)	chromecache_99.2.dr	false	URL Reputation: safe	unknown
https://a.m.dana.id/danaweb/promo/1714979082-031023-EIS049-PGN_Disc_50_-Web_Banner-Thumbnails.png	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/driftyco/ionicons	chromecache_98.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dana.id/favicon.ico	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://twitter.com/ionicframework	chromecache_98.2.dr	false	Avira URL Cloud: safe	unknown
https://a.m.dana.id/danaweb/promo/1715063476-060524-EIS246-eMAS_EXISTING_USER_B_MAY-Web_Promo-Thumbn	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://app.link	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://a.m.dana.id	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://cdn.jsdelivr.net/npm/slick-carousel	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
http://getbootstrap.com)	chromecache_90.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_90.2.dr	false	Avira URL Cloud: safe	unknown
https://sentry.io	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://youtube.com	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://cdn.lr-ingest.io	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Info	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
http://creativecommons.org/licenses/by/4.0/	chromecache_98.2.dr	false	Avira URL Cloud: safe	unknown
https://a.m.dana.id/danaweb/promo/1687427004-1683620617-Thumbnail---DANA-Deals__2_.png	chromecache_81.2.dr, chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.78	youtube.com	United States	15169	GOOGLEUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.18.10.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
108.138.26.27	api2.branch.io	United States	16509	AMAZON-02US	false
35.186.247.156	sentry.io	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	daana-paylaterld.xsits.xyz	European Union	13335	CLOUDFLARENETUS	true
185.15.59.240	upload.wikimedia.org	Netherlands	14907	WIKIMEDIAUS	false
142.250.186.164	www.google.com	United States	15169	GOOGLEUS	false
65.9.66.129	app.link	United States	16509	AMAZON-02US	false
104.26.7.173	code.ionicframework.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1520102
Start date and time:	2024-09-27 05:00:03 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 9s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://daana-paylaterld.xsits.xyz/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal68.troj.win@18/53@38/13
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://daana-paylaterld.xsits.xyz/index.html#

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.35, 142.250.74.206, 74.125.133.84, 34.104.35.123, 2.20.245.133, 2.20.245.135, 104.18.186.31, 104.18.187.31, 172.217.23.106, 2.20.245.138, 20.114.59.183, 93.184.221.240, 192.229.221.95, 13.85.23.206, 20.3.187.198, 142.250.185.131
Excluded domains from analysis (whitelisted): cdn.jsdelivr.net.cdn.cloudflare.net, slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, a383.r.akamai.net, clients2.google.com, a.m.dana.id.edgesuite.net, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fonts.googleapis.com, www.dana.id.edgesuite.net, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, a1502.r.akamai.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 02:00:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.976074335150054
Encrypted:	false
SSDEEP:	48:87dDTrn9HJidAKZdA19ehwiZUklqehN5y+3:8Fnx05y
MD5:	ED1B3A4B7B3BAD53CD4DF35F717EDD30
SHA1:	32F9E28E964C27F3D7D6CC73D3412DE2F3CDAA9C
SHA-256:	2612D569FB179B39F3AFF3B24D73805A8BFA76B3AB0BCCB3452ADC9C66555904
SHA-512:	2A2182693242D21BD4A9957548FEBFD8AF5E158D1BD6AA9B871CE339679695E6DCB279018E33335C892BC488D9F67E4D86DDC81C715BA4E157375823F5599B38
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......z....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I;Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............n.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 02:00:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.987720955936287
Encrypted:	false
SSDEEP:	48:8HSdDTrn9HJidAKZdA1weh/iZUkAQkqehk5y+2:8HKnD9Q35y
MD5:	7EFAE4C64548190D6202B1D4CD012CDE
SHA1:	39E0A7CBF2864739B0E91751FDA0248B58E1B934
SHA-256:	B5A94C735430320F84D3243B7F2A4CDC3D0E3FDE68FB233A5E8AAC933256E1BD
SHA-512:	BE8A82F90E6485E7F0A6DE46D7BD73BFB4F608B113CB68C7089CE2436F9588B0CF01A8837FFD106EEFAB97003C94D9AA6E4C1156FF138388A2182BE2CE57F1DC
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....o..z....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I;Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............n.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.002518233663149
Encrypted:	false
SSDEEP:	48:8xQdDTrnsHJidAKZdA14tseh7sFiZUkmgqeh7sW5y+BX:8xEnQn45y
MD5:	A44211FF2F31B3F7A25CCE0AADC79D7E
SHA1:	683012F528CC9491CE4DE4C315C0EE6AE6F4D923
SHA-256:	D44E673457C6CEA45DCD267D5BCB549D98AE6B7F98A1CE29E937559B17D2D15F
SHA-512:	B0BDAE9335F1525ABDC49BA6057F615B94E4F1C32C4A309A545C9939F72623B5C80A49DED2E08D172A91CAD2FAC9857D8EEBFBB0FCD36EDE497A3474CB7DB686
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I;Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............n.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 02:00:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.989773906588641
Encrypted:	false
SSDEEP:	48:8LdDTrn9HJidAKZdA1vehDiZUkwqehA5y+R:8Vnge5y
MD5:	623BD649D23D0845269BE8B72F81236B
SHA1:	DCDF2DAE8C58313276746BEADA8553E4713D2C93
SHA-256:	35DD681A435FAB7A0EB7BA2A0A0AD5F8D5B016DF936E01BB3858834804A90C86
SHA-512:	9A2A0B8E095579E2291E30BE7AC93105AF1734ACC0969E6641ED7BA6C6166A8680300D0ECEE2A7685AB6CCD6E5D5645996E4B82FF3B78E8E21F82CDEBDC97AC5
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....U.z....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I;Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............n.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 02:00:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9790693184492936
Encrypted:	false
SSDEEP:	48:8XdDTrn9HJidAKZdA1hehBiZUk1W1qeh65y+C:8ZnA9a5y
MD5:	6132DA79630B69777C1F8A9E27D38227
SHA1:	24EE12C5138A0C5A2DB4325610D748BCDB75A195
SHA-256:	41274204AFADF0BC63DD27B096D95D62D3E649F5BAA91CDDB28736DCCDF63871
SHA-512:	3512EADCA56CA07FC8A650E1A9FF02E6FD06CB6E510143BCF6A31CD76F63DC25E17AF74BDD0A9116AD8F20F0E8EDDBCD6A2EF15CF72AB5A1319A0A5B87EEEDD2
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......z....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I;Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............n.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 02:00:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.989144091728693
Encrypted:	false
SSDEEP:	48:85dDTrn9HJidAKZdA1duT+ehOuTbbiZUk5OjqehOuTb45y+yT+:8nnOT/TbxWOvTb45y7T
MD5:	A2DB5DBD9FCFEC018F8C904E10EDF366
SHA1:	6EFFC4E8E97A8C98D6DA3D3720D113C27669EBE4
SHA-256:	ABE25094C2EC0A29E610FBF0E0178018A36FE1BA4E4ED9DEBB83669D0B14B3B8
SHA-512:	3C2F9A9E32B4AFA5D28FDC6DD0008408BAB74AB32B78FA74F78BDD5334D379A124E03FA257503FDEF616411A5EBB9A47C859FADC5D4E2B6BFB50451E7734727C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....7..z....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I;Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............n.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2201 x 697, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	53230
Entropy (8bit):	7.749440619518884
Encrypted:	false
SSDEEP:	1536:bsHH854n8JHzXP+d3THIWtRgC5T0RjTQ91mIdO1L:bM86kHzWNTH9tRgW09+i
MD5:	99AD31B4CC19D72C78096D9EDE3FBA8F
SHA1:	B45ED58AFD81571754F632C7AB8B382B14FDAD51
SHA-256:	1F0E55AE8FBC02B46CBF613636EF65DDB5745E8CECD0BD5A50329B8E8E2EE6F8
SHA-512:	BB5BDDBADC8D71F9724BFFB85C112613EB74F9078DE913815537CFE328FF005E74C54852065BFDB03DC28EBC11AFB9E478599BAC3B78BAEE5A6544570CFE6FB0
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...............m.....tEXtSoftware.Adobe ImageReadyq.e<...&iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Windows)" xmpMM:InstanceID="xmp.iid:767E8FD00F4511EAAC06E36B5382AC60" xmpMM:DocumentID="xmp.did:767E8FD10F4511EAAC06E36B5382AC60"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:767E8FCE0F4511EAAC06E36B5382AC60" stRef:documentID="xmp.did:767E8FCF0F4511EAAC06E36B5382AC60"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.70a...^IDATx....l%.} .....N6.E..h..9.s....x.\b).<...q...H....<.....o...K`.uA..>@."......"...ajc.a.8.GNNN<..X.G+r.

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 500 x 300, 8-bit/color RGB, interlaced
Category:	downloaded
Size (bytes):	133249
Entropy (8bit):	7.996912639602818
Encrypted:	true
SSDEEP:	3072:61Gs1Hw6E0Sxf4YfEQiexKRaDx8JUrG4RPepYGm+TWLrG:61HE9xffE+wRaDxrGeea6WLa
MD5:	991FC9B7AA1E89D3D6D938FE77D325B7
SHA1:	0AF0DEAD154C39141F1EE8A10F77D4FDB7980F28
SHA-256:	D6E95E4DDE48849F51012B25DBC5A86FDA05AE73DBA9EB6E26EAA8E8CD61D6FD
SHA-512:	34A403FCF6DC292008C96AAFD06E12C8313B5B78C1D35526CF0F55C19CCEF6266AB7DBF88E22C53E767E35475A1BEE1D23A504484DB20449F98B92725790BCC8
Malicious:	false
Reputation:	low
URL:	https://a.m.dana.id/danaweb/promo/1715063476-060524-EIS246-eMAS_EXISTING_USER_B_MAY-Web_Promo-Thumbnails.png
Preview:	.PNG........IHDR.......,.............tEXtSoftware.Adobe ImageReadyq.e<...#IDATx..X.t.E...>..$C...B ...@0.Y......."7h.,(.......................!.@@.Dr.!.I.L...{z.s..m.J.............LA J...(.^..H.IO.L.?%.%.1I...\|.c..Y...@i.S&.\|a....Oe...Y.ye.P...E%Et.. .../A....q}~...gC.f.J.@D...Z.K ...r.^........=......p7..f..]... ...B.B......:d.....Z......f.;.C'.....=,..4/.,.y/a...PT!r..X....G.-.Y......3...81.+..K..J...W.R1VLX$(;.........^.:.:...m?.6..s.].9..I....e...&....I..U.j.X%O.b....\ew..M.(.B.]of..@........S.k..@..B-.~..._~t...>.._.{T..^3L....x/.z...^uM...2....GC...x7...%.-.@..}.=$..{...D...Z."...T...r-32...........Z..../..]....La...........Pt..}.5..<!:N....e.iQ.........H7..5+.<S......O.+.b.!.E?......%...>i.S.]...3...A.9.....qR~G..@....d.Px.LZB".....fp...$(....jS......:. ..t...,.V'.1\|...../.[...^..;.&.p....6...2.n...b.C.`F...^.}.....FX-^.g.s?b.....J....@..s^..cn<:.4.a.Qv7>... .o.......A..U.A?..<T.Fo....{.....AE..._...C.#7...gO3'......MgjjrR.^.4Pe..:

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2201 x 697, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	53230
Entropy (8bit):	7.749440619518884
Encrypted:	false
SSDEEP:	1536:bsHH854n8JHzXP+d3THIWtRgC5T0RjTQ91mIdO1L:bM86kHzWNTH9tRgW09+i
MD5:	99AD31B4CC19D72C78096D9EDE3FBA8F
SHA1:	B45ED58AFD81571754F632C7AB8B382B14FDAD51
SHA-256:	1F0E55AE8FBC02B46CBF613636EF65DDB5745E8CECD0BD5A50329B8E8E2EE6F8
SHA-512:	BB5BDDBADC8D71F9724BFFB85C112613EB74F9078DE913815537CFE328FF005E74C54852065BFDB03DC28EBC11AFB9E478599BAC3B78BAEE5A6544570CFE6FB0
Malicious:	false
Reputation:	low
URL:	https://upload.wikimedia.org/wikipedia/commons/3/39/BI_Logo.png
Preview:	.PNG........IHDR...............m.....tEXtSoftware.Adobe ImageReadyq.e<...&iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Windows)" xmpMM:InstanceID="xmp.iid:767E8FD00F4511EAAC06E36B5382AC60" xmpMM:DocumentID="xmp.did:767E8FD10F4511EAAC06E36B5382AC60"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:767E8FCE0F4511EAAC06E36B5382AC60" stRef:documentID="xmp.did:767E8FCF0F4511EAAC06E36B5382AC60"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.70a...^IDATx....l%.} .....N6.E..h..9.s....x.\b).<...q...H....<.....o...K`.uA..>@."......"...ajc.a.8.GNNN<..X.G+r.

Chrome Cache Entry: 75

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	3145
Entropy (8bit):	4.842322330045504
Encrypted:	false
SSDEEP:	48:rnbVUBxX7wSLr2dc40BM3jyFjvsmNrCzqu/eBMThmn:DbVel7wSLs3jUvsmN+Tcn
MD5:	F9FABA678C4D6DCFDDE69E5B11B37A2E
SHA1:	81A434F94F2B1124F3232BB86F2944F82FB23AC0
SHA-256:	7ADAF08052C6A6A0F8A0D0055B4F191FD07389FE41C972B69573472B2ECB406A
SHA-512:	EA52D475E439BA178C15B5A6DC23F6EF5975E11B17D71B71F89E71DB27880E49220697954CD853AA28CC13B1A044A2A2EA10AAA2FC02A014E5441102DB433C32
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Preview:	@charset 'UTF-8';./* Slider /..slick-loading .slick-list.{. background: #fff url('./ajax-loader.gif') center center no-repeat;.}../ Icons /.@font-face.{. font-family: 'slick';. font-weight: normal;. font-style: normal;.. src: url('./fonts/slick.eot');. src: url('./fonts/slick.eot?#iefix') format('embedded-opentype'), url('./fonts/slick.woff') format('woff'), url('./fonts/slick.ttf') format('truetype'), url('./fonts/slick.svg#slick') format('svg');.}./ Arrows */..slick-prev,..slick-next.{. font-size: 0;. line-height: 0;.. position: absolute;. top: 50%;.. display: block;.. width: 20px;. height: 20px;. padding: 0;. -webkit-transform: translate(0, -50%);. -ms-transform: translate(0, -50%);. transform: translate(0, -50%);.. cursor: pointer;.. color: transparent;. border: none;. outline: none;. background: transparent;.}..slick-prev:hover,..slick-prev:focus,..slick-next:hover,..slick-next:focus.{. color: transparent;.

Chrome Cache Entry: 76

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2560 x 730, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	57856
Entropy (8bit):	7.818140045081305
Encrypted:	false
SSDEEP:	1536:niYBj4Uh5eBdJN+SxHad1turEfsfDGLaDTwys3Lsbw/:iYNx2L+EHad1toEfgDGLaDTwys3Ybw/
MD5:	CE2796EEDFD05A7381FE2F03C410C796
SHA1:	49689C207015462551115220D0812D294FEC6158
SHA-256:	D25D8D1457DCEAAAA1222DFCC6C56397564F7E553ED333A44D3B86C2AB89A44D
SHA-512:	2F9D6C0A7B89C5D2F4DC84B66DFE0E9046B30719E1E4598E440F635639BED2807C3911752078A2417A10C2E9BC174093DA1B8029EA78067DBD3A6F40776525BD
Malicious:	false
Reputation:	low
URL:	https://upload.wikimedia.org/wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.svg.png
Preview:	.PNG........IHDR.....................gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...w.\u......$[...:RC..7.^E)"MD.i .......$..`.5.^.].(.....VDQ.b..l.HB.fg..?....d...Ny..'...ly.3{.....$I.s.........d..0....M ..D... ......c!6...&..@........E.o....._.x.......Y....3.8.<C.C.jr.3$. ...W.S+.....~.3.Z..$I.$I.$I.$I-.......Z./.Bm.J.......B.N..D..h.:.........XJ.%.....XB.ibXJ.n.5q....q$I.$I.$I.$I....@I.+.....j....-.aK..!.-!.%.......{ze..O.O..... .4!>MH=....n_i&I.$I.$I.$I........w..j.v.0...'&.C....h4.X.<..1B.1bX..&..3&=f.I.$I.$I.$I...s.PRe...X...JL#.v#.]...l.....,....aH.&.?@.a.&....y$I.$I.$I.$I..s.PRyY.kY50...........V..n5......a...Bx..m.7.$I.$I.$I.$I.F..J]=...e;..~.~..#./0.8.'+...........N.#=!g.I.$I.$I.$I.T....T..<Z......H.k......q..V..!.....s?g...E.$I.$I.$I.$U...%..9.$.G...p(...1.Q.=..........g..ef.$I.$I.$I.$I...@I...khZ.jr.......t.F.,....)..3../WO\|.,.$I.$I.$I.$.\8.().zb......hB<.8..`...........AB.f.$I.$I.$I.$I...@I.oa...$.h"G.8.o.

Chrome Cache Entry: 77

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (456)
Category:	downloaded
Size (bytes):	13316
Entropy (8bit):	5.007572355050284
Encrypted:	false
SSDEEP:	192:Ywo2BLOeLt5FjFGFmF/49PaFg9qjkCl9ltpNgdjll4xFvw15y+czAdVPS:Ywo2xOeLt5FjFGFmF3FJSjLcaxS
MD5:	39F3E277226B239AEC406B74B59904C8
SHA1:	455A5D668F0AE4059E8B57C0CBA9AA9B3F95CF47
SHA-256:	E46AAFA099D63CF358CA14C721F52CD5BBE9E73273C04CDAF8AA88D6CB940B95
SHA-512:	56EEDE067C5CE794838421DD6A958A1A0AF86BBAC62A16404A3F80A9ACC99636ED6A68F02627ECFB5755B0452B84A7C7C152DA613BF7C3629300723F000289F7
Malicious:	false
Reputation:	low
URL:	https://daana-paylaterld.xsits.xyz/index.html
Preview:	.<!DOCTYPE html>.<html lang="en">.<head>.<meta data-n-head="ssr" charset="utf-8">.<meta data-n-head="ssr" name="viewport" content="width=device-width, initial-scale=1">.<meta data-n-head="ssr" data-hid="theme-color" name="theme-color" content="#118ee9">.<meta data-n-head="ssr" data-hid="apple-mobile-web-app-status-bar-style" name="apple-mobile-web-app-status-bar-style" content="black-translucent">.<meta data-n-head="ssr" data-hid="twitter:image" name="twitter:image" content="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT6hXWLtGnL5xhdiXUaDP8Yo1iVOJv_FI99WEmgNJWqj7VpUd16EMjnMkKb&s=10">.<meta data-n-head="ssr" data-hid="og:image" property="og:image" content="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT6hXWLtGnL5xhdiXUaDP8Yo1iVOJv_FI99WEmgNJWqj7VpUd16EMjnMkKb&s=10">.<meta data-n-head="ssr" data-hid="og:site_name" name="og:site_name" content="DANA.id">.<meta data-n-head="ssr" data-hid="description" name="description" content="DANA adalah bentuk baru uang tunai yang lebih

Chrome Cache Entry: 78

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 500 x 300, 8-bit/color RGB, interlaced
Category:	dropped
Size (bytes):	133249
Entropy (8bit):	7.996912639602818
Encrypted:	true
SSDEEP:	3072:61Gs1Hw6E0Sxf4YfEQiexKRaDx8JUrG4RPepYGm+TWLrG:61HE9xffE+wRaDxrGeea6WLa
MD5:	991FC9B7AA1E89D3D6D938FE77D325B7
SHA1:	0AF0DEAD154C39141F1EE8A10F77D4FDB7980F28
SHA-256:	D6E95E4DDE48849F51012B25DBC5A86FDA05AE73DBA9EB6E26EAA8E8CD61D6FD
SHA-512:	34A403FCF6DC292008C96AAFD06E12C8313B5B78C1D35526CF0F55C19CCEF6266AB7DBF88E22C53E767E35475A1BEE1D23A504484DB20449F98B92725790BCC8
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......,.............tEXtSoftware.Adobe ImageReadyq.e<...#IDATx..X.t.E...>..$C...B ...@0.Y......."7h.,(.......................!.@@.Dr.!.I.L...{z.s..m.J.............LA J...(.^..H.IO.L.?%.%.1I...\|.c..Y...@i.S&.\|a....Oe...Y.ye.P...E%Et.. .../A....q}~...gC.f.J.@D...Z.K ...r.^........=......p7..f..]... ...B.B......:d.....Z......f.;.C'.....=,..4/.,.y/a...PT!r..X....G.-.Y......3...81.+..K..J...W.R1VLX$(;.........^.:.:...m?.6..s.].9..I....e...&....I..U.j.X%O.b....\ew..M.(.B.]of..@........S.k..@..B-.~..._~t...>.._.{T..^3L....x/.z...^uM...2....GC...x7...%.-.@..}.=$..{...D...Z."...T...r-32...........Z..../..]....La...........Pt..}.5..<!:N....e.iQ.........H7..5+.<S......O.+.b.!.E?......%...>i.S.]...3...A.9.....qR~G..@....d.Px.LZB".....fp...$(....jS......:. ..t...,.V'.1\|...../.[...^..;.&.p....6...2.n...b.C.`F...^.}.....FX-^.g.s?b.....J....@..s^..cn<:.4.a.Qv7>... .o.......A..U.A?..<T.Fo....{.....AE..._...C.#7...gO3'......MgjjrR.^.4Pe..:

Chrome Cache Entry: 79

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	1776
Entropy (8bit):	4.594956707081927
Encrypted:	false
SSDEEP:	24:ve0hjm0M3ZGwgbb6qSiRDI2QWTF3IZcVkTFxchwQUm8B5Td:vel5wXbbsi5hBTmpTXbS8Td
MD5:	F38B2DB10E01B1572732A3191D538707
SHA1:	A94A059B3178B4ADEC09E3281ACE2819A30095A4
SHA-256:	DE1E399B07289F3B0A8D35142E363E128124A1185770E214E25E58030DAD48E5
SHA-512:	C11E283612C11DFEEC9A3CB42B8A2ACDD5AE99DFABE7FFBA40EFEF0DD6BBE8C5B98AE8383D3EEFF3A168124C922097EDDD703401EE9AC6122F1EBAB09BBF7737
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Preview:	/* Slider */..slick-slider.{. position: relative;.. display: block;. box-sizing: border-box;.. -webkit-user-select: none;. -moz-user-select: none;. -ms-user-select: none;. user-select: none;.. -webkit-touch-callout: none;. -khtml-user-select: none;. -ms-touch-action: pan-y;. touch-action: pan-y;. -webkit-tap-highlight-color: transparent;.}...slick-list.{. position: relative;.. display: block;. overflow: hidden;.. margin: 0;. padding: 0;.}..slick-list:focus.{. outline: none;.}..slick-list.dragging.{. cursor: pointer;. cursor: hand;.}...slick-slider .slick-track,..slick-slider .slick-list.{. -webkit-transform: translate3d(0, 0, 0);. -moz-transform: translate3d(0, 0, 0);. -ms-transform: translate3d(0, 0, 0);. -o-transform: translate3d(0, 0, 0);. transform: translate3d(0, 0, 0);.}...slick-track.{. position: relative;. top: 0;. left: 0;.. display: block;. margin-l

Chrome Cache Entry: 80

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 773 x 769, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	51669
Entropy (8bit):	7.964091155193965
Encrypted:	false
SSDEEP:	768:amBRXS1NVgfO6lqzJMZqeTDL+tEZI6X64cmsMo0qB4neoh4FjnQQCAgM0FH:HRXS1LgfOT2YeTutcxq4TnqB2GF7I5V
MD5:	81DFE426089387192E5ED8DB1E1AC310
SHA1:	8376EAC7715DB65FB73BDD2D242B6F63C10A0849
SHA-256:	BF246FBAA8C25D667E279A6C2F5EFE3AAC83947C697B3EEBE3032D0F60880C41
SHA-512:	0B3D9AB2FCA954BFC149978FFB3A47CEFFD06D5FBA331086321DFAA79D080415FA5496D29208423BFFBE91A0DC9EC1E0940CD6128DE2FE49CF5EFDC9F51F29F7
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................o....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............tIME......#@~$)....IDATx...w\|U...........C.."a$...8:...: ..Uk.m......A.Qw.u.... ....8P.a).Nr...GR.ed.y...x.h...s..s.=.{........................................................................................................................H.."...f..A<...X....-.[......b.7?..z..z..^..mP.""."".2.m!..x!..\|;.S.o............$.T...X.....+........R`..b.....2(Z...W.......RyW.v.........#u..1b.......-3.O.>..S.O!.W..%+.n......D..V.a..w..=.=.`..=.m..&}.\|..3.4.>.>.p.....W+"................u.v..e.P.....9`s x...F....................l.l.....m0+.gA^%...,T<""*."".P..j..........r......U..l..!>..U)..........j...}....Pwg.....4...S..B.2."".R "9........96..[..E@....T@.kP..b........-...`.8.Z_...M..o.65$......S,".R ".u.`j_..ap$.`t:.4...u._....L....EDT.DD2..v....p8..L$IV.Mvx.l".............E....uG.8.h.L$....q\|...(~.........$.^.;.`.uw...K2.R.WBl..a..DDT.DD......ep4p..,.

Chrome Cache Entry: 81

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (456)
Category:	downloaded
Size (bytes):	13316
Entropy (8bit):	5.007572355050284
Encrypted:	false
SSDEEP:	192:Ywo2BLOeLt5FjFGFmF/49PaFg9qjkCl9ltpNgdjll4xFvw15y+czAdVPS:Ywo2xOeLt5FjFGFmF3FJSjLcaxS
MD5:	39F3E277226B239AEC406B74B59904C8
SHA1:	455A5D668F0AE4059E8B57C0CBA9AA9B3F95CF47
SHA-256:	E46AAFA099D63CF358CA14C721F52CD5BBE9E73273C04CDAF8AA88D6CB940B95
SHA-512:	56EEDE067C5CE794838421DD6A958A1A0AF86BBAC62A16404A3F80A9ACC99636ED6A68F02627ECFB5755B0452B84A7C7C152DA613BF7C3629300723F000289F7
Malicious:	false
Reputation:	low
URL:	https://daana-paylaterld.xsits.xyz/
Preview:	.<!DOCTYPE html>.<html lang="en">.<head>.<meta data-n-head="ssr" charset="utf-8">.<meta data-n-head="ssr" name="viewport" content="width=device-width, initial-scale=1">.<meta data-n-head="ssr" data-hid="theme-color" name="theme-color" content="#118ee9">.<meta data-n-head="ssr" data-hid="apple-mobile-web-app-status-bar-style" name="apple-mobile-web-app-status-bar-style" content="black-translucent">.<meta data-n-head="ssr" data-hid="twitter:image" name="twitter:image" content="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT6hXWLtGnL5xhdiXUaDP8Yo1iVOJv_FI99WEmgNJWqj7VpUd16EMjnMkKb&s=10">.<meta data-n-head="ssr" data-hid="og:image" property="og:image" content="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT6hXWLtGnL5xhdiXUaDP8Yo1iVOJv_FI99WEmgNJWqj7VpUd16EMjnMkKb&s=10">.<meta data-n-head="ssr" data-hid="og:site_name" name="og:site_name" content="DANA.id">.<meta data-n-head="ssr" data-hid="description" name="description" content="DANA adalah bentuk baru uang tunai yang lebih

Chrome Cache Entry: 82

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2560 x 730, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	57856
Entropy (8bit):	7.818140045081305
Encrypted:	false
SSDEEP:	1536:niYBj4Uh5eBdJN+SxHad1turEfsfDGLaDTwys3Lsbw/:iYNx2L+EHad1toEfgDGLaDTwys3Ybw/
MD5:	CE2796EEDFD05A7381FE2F03C410C796
SHA1:	49689C207015462551115220D0812D294FEC6158
SHA-256:	D25D8D1457DCEAAAA1222DFCC6C56397564F7E553ED333A44D3B86C2AB89A44D
SHA-512:	2F9D6C0A7B89C5D2F4DC84B66DFE0E9046B30719E1E4598E440F635639BED2807C3911752078A2417A10C2E9BC174093DA1B8029EA78067DBD3A6F40776525BD
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...w.\u......$[...:RC..7.^E)"MD.i .......$..`.5.^.].(.....VDQ.b..l.HB.fg..?....d...Ny..'...ly.3{.....$I.s.........d..0....M ..D... ......c!6...&..@........E.o....._.x.......Y....3.8.<C.C.jr.3$. ...W.S+.....~.3.Z..$I.$I.$I.$I-.......Z./.Bm.J.......B.N..D..h.:.........XJ.%.....XB.ibXJ.n.5q....q$I.$I.$I.$I....@I.+.....j....-.aK..!.-!.%.......{ze..O.O..... .4!>MH=....n_i&I.$I.$I.$I........w..j.v.0...'&.C....h4.X.<..1B.1bX..&..3&=f.I.$I.$I.$I...s.PRe...X...JL#.v#.]...l.....,....aH.&.?@.a.&....y$I.$I.$I.$I..s.PRyY.kY50...........V..n5......a...Bx..m.7.$I.$I.$I.$I.F..J]=...e;..~.~..#./0.8.'+...........N.#=!g.I.$I.$I.$I.T....T..<Z......H.k......q..V..!.....s?g...E.$I.$I.$I.$U...%..9.$.G...p(...1.Q.=..........g..ef.$I.$I.$I.$I...@I...khZ.jr.......t.F.,....)..3../WO\|.,.$I.$I.$I.$.\8.().zb......hB<.8..`...........AB.f.$I.$I.$I.$I...@I.oa...$.h"G.8.o.

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1572)
Category:	downloaded
Size (bytes):	5996
Entropy (8bit):	5.419775834780032
Encrypted:	false
SSDEEP:	96:ZOXbaAJOXba4FZ8OXbaPkOXbaZYOXba3OXbaMyhZcyJzV+zmnWOXbaHubqGIFuYa:xAhX8Z4XMuyzObqGIwY0mP3W
MD5:	36D9E88C21981CAA4AD05669A090FC5B
SHA1:	5993B11F8169BF6DEFEAC7AD5C2029F0316CE549
SHA-256:	BFE6E4D01A3D97686E49BDA1FCD4DA4FA9746DCD72B122480E2C950216DEC085
SHA-512:	602FA976F73EA4829E0DE57C48C432B01F7A2B825D0A9C52E3ED760533074F32D541DA95630343C50240A5456E6EED1B986D85B3390787684CAC5AFB97D0A96D
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css2?family=Open+Sans:wght@500&display=swap
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 500;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4taVIGxA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 500;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4kaVIGxA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 500;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4saVIGxA.woff2) for

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 1380, version 1.0
Category:	downloaded
Size (bytes):	1380
Entropy (8bit):	7.3037706743203845
Encrypted:	false
SSDEEP:	24:IgOu0UjAzqx3dB4ukwkGLTZ2hCJglrujOXZRrzt8Z8DcxLlMRSWIUhP/6f:IgOpUMzaBrkZG8CJgNsK1z6ZAGlEFV6f
MD5:	B7C9E1E479DE3B53F1E4E30EBAC2403A
SHA1:	AF91C12F0F406A4F801AEB3B398768FE41D8F864
SHA-256:	26726BAC4060ABB1226E6CEEBC1336E84930FE7A7AF1B3895A109D067F5B5DCC
SHA-512:	976F6E9D65859B1A5E3BBD426441E6885D1912F5694F40E2897B10F46B3BD0C7D940F7917A6050D6BB8CDEAAA5E5F0332391D3D398F6C21CE27299DFC7036911
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/fonts/slick.woff
Preview:	wOFFOTTO...d.......\........................CFF ..............V.FFTM...8........m..GDEF...T....... .2..OS/2...p...R...`P...cmap.......P...b".D.head...........6..1.hhea...D.......$....hmtx...`.........J.Jmaxp...p..........P.name...x.......n.'..post...T....... ....x.=..o.A..g)['..V 6A..k{7z.w..u.,....B..?x.;[X,...X..HP...H.'x.Mz.YJ.$o...y...7.....0......1..g........0......!t.j./.....Zy.'..T..@.^...'P8.x...>f.E..J....).z...Q'o...mC...QQ.=G._.@../...F...TU.d..PM.q..F.........}..8.:.9k.4I...v.7q.(..#4EQ.~.q(.....[..7q7.dK'..Z.&..,.6.D.dE.G.W..#o....\|Op...{...j5H.l.[-..4....b/k...A.V..\|.(I.r..Lm..K8.g.y.8.../...<..\|;...........................+..T.j...HP$.N.[.U..._.6F.2...2...p....=;c......T..1.j..f.4,.......t<4..#....Y8D....F/a]_I.i)NRN..m.8..i)%."..:.....i65.....5..t&......x........x.c```d..s.o....+.a4.Zy....x.c`d``..b...`b`.B.0.....v.7x.c`fb`...............2H2.0001.r2.A...#.R`...4.....D.I...?`.c...6.D...m.J..F.7.....x.c```f.`..F.......\|... ......d30$*(

Chrome Cache Entry: 85

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 32 x 32
Category:	dropped
Size (bytes):	4178
Entropy (8bit):	7.490050296203736
Encrypted:	false
SSDEEP:	48:32e4MxZKDtivGOFkoajWKOwD2s4UYX034Hk4zHdwt4zeoAF5oM4JTp3uVj4gBFyj:32e4ZtyiqsdWAXWwXPF5oMcdUjVsmuS
MD5:	C5CD7F5300576AB4C88202B42F6DED62
SHA1:	7A1AA43614396382BB15E5FDE574D9CDCD21698F
SHA-256:	E7B44C86B050FCA766A96DDAC2D0932AF0126DA6F2305280342D909168DCCE6B
SHA-512:	F0D7ADA22A3EB3B2758198A71472FB240C74CE4CA09028076E23690C70B2339C6B2A40F9158DD71C52D953EF27BBCC0105B061BDC74FBB0AD0B304C7C6A04A38
Malicious:	false
Reputation:	low
Preview:	GIF89a . .........................~~~................................>>>VVV```\|\|\|......JJJlll...............,,,^^^...LLL.................................................................................!..Created with ajaxload.info.!.......!..NETSCAPE2.0.....,.... . ....@.pH$.8.Gq.$N..A.3(..L....V....K\|P(...:.(..r.B.._@X!/...BxBnb}E.g....o.r..E.g..^..oWD.c.....JC.g......oqm.o..........E.....{p~....r...D....}.M....d......K......r.........o....\|........].q...` 9C.f).$'.=..}.C.^.u..-.H..!.............O.K"1......5.&{j.T. .BBo..e...6..<...@.B?..1..)..G.b.K... .!.......,.... . ....@.pH$&4.Bq.$..D..b(.......V....[4.._..:.t:"r.qh@..a..)..g.Bk_.o..E.g~.....#r.JD.g.xl.oWF.C....~mg......o.D.....B.....w...K.!.......C........wE... ..d....X.............r................s'...xM.&T$$..\|M...C.... .A...Bl..d....K.d.V..?oFl-X. .L[.J*....6..!."...5\@....p..oI..m...N!Q.Xm..@..%2u:uH2.\.R.#.a..!.......,.... . ....@.pH$...Bq.$&.D...(..L....V....[$.....:4P(.r.s..._...I..g.BxB.o..E g.w^

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 500 x 300, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	92738
Entropy (8bit):	7.99422232812937
Encrypted:	true
SSDEEP:	1536:VpjDHHg2WZYCmL2OFd701OGN1rgfnfGZyb0w6bOZ6NYDEx5dYe/H1M5uvbmTbxTQ:VZDHHgJYCvOjwQGN1rKG0f6bOgNYIjyo
MD5:	5C92920FBBF8DD80BDFE113932DB4824
SHA1:	F946FBF2C78D4CBE1D66245E4297A13483F33DCD
SHA-256:	E7CAF044B88B47A1C05531D15317F7764EBE91BBFBCEE89257483526757B3CB3
SHA-512:	437596E0775E16F6C1537CFE26ECDF18EBFE25FE01045E02E133C1FFF7E8A59ED12E05F7F7511D333D770D272FA79F6B1062E879667B99904BD0297A57674D96
Malicious:	false
Reputation:	low
URL:	https://a.m.dana.id/danaweb/promo/1687427004-1683620617-Thumbnail---DANA-Deals__2_.png
Preview:	.PNG........IHDR.......,............tEXtSoftware.Adobe ImageReadyq.e<..i.IDATx....$W}.zN...===yf'.l......@0X...1F.w.\|..m....>s...re?.c.{.....l@.VHB.]P.jW+....N.3=.+.wvu.....VwU......w...;. ..~..!...s9..}m..j.Y....."[3..c.r.z.4V.g.....{...7..%.?..7.....V ......m.u....6......+..)x_.....]. ...{...<.G.".$(.....A..zH..4s}.%.f.K.....-..G..........4.%..}~:.WJ...Zh.m....w......d....+".wY.f...v\|.!...n.tllu.n.w...V....N.../.....<t.........D..3.S.]T.F...#;....A......(.^h...v..`..p...}.y..d.#...Zh.m...%ng @..g..vA#.,J..`..}y..7.........o.]5<O...C.q.?...B.mc,.......E......kR..C.~..=....xr...i.qs.F79..[ho..{h...1..H.8x........5.]..@...4@p.fb.D...!.w.5......h8..7..w.....{h..v...0.....+"..$a\|.0}....;.T.{..7......_O...rP.^d..ocm..{h..v..=.6..5?L....2R...i.... ..Y.=..\|.....X.z..G...(......f >d...F ;{..]uc..vEE,.....?..!.v/..e?...$.....i..~=..wi....aJ......1Q.".F....XHV.].].8E..a...k5O'.?....<.sv.....( ...a8..!...Zh....e.9....!;....{y..n...p..~

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 773 x 769, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	51669
Entropy (8bit):	7.964091155193965
Encrypted:	false
SSDEEP:	768:amBRXS1NVgfO6lqzJMZqeTDL+tEZI6X64cmsMo0qB4neoh4FjnQQCAgM0FH:HRXS1LgfOT2YeTutcxq4TnqB2GF7I5V
MD5:	81DFE426089387192E5ED8DB1E1AC310
SHA1:	8376EAC7715DB65FB73BDD2D242B6F63C10A0849
SHA-256:	BF246FBAA8C25D667E279A6C2F5EFE3AAC83947C697B3EEBE3032D0F60880C41
SHA-512:	0B3D9AB2FCA954BFC149978FFB3A47CEFFD06D5FBA331086321DFAA79D080415FA5496D29208423BFFBE91A0DC9EC1E0940CD6128DE2FE49CF5EFDC9F51F29F7
Malicious:	false
Reputation:	low
URL:	https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg/773px-Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png
Preview:	.PNG........IHDR................o....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............tIME......#@~$)....IDATx...w\|U...........C.."a$...8:...: ..Uk.m......A.Qw.u.... ....8P.a).Nr...GR.ed.y...x.h...s..s.=.{........................................................................................................................H.."...f..A<...X....-.[......b.7?..z..z..^..mP.""."".2.m!..x!..\|;.S.o............$.T...X.....+........R`..b.....2(Z...W.......RyW.v.........#u..1b.......-3.O.>..S.O!.W..%+.n......D..V.a..w..=.=.`..=.m..&}.\|..3.4.>.>.p.....W+"................u.v..e.P.....9`s x...F....................l.l.....m0+.gA^%...,T<""*."".P..j..........r......U..l..!>..U)..........j...}....Pwg.....4...S..B.2."".R "9........96..[..E@....T@.kP..b........-...`.8.Z_...M..o.65$......S,".R ".u.`j_..ap$.`t:.4...u._....L....EDT.DD2..v....p8..L$IV.Mvx.l".............E....uG.8.h.L$....q\|...(~.........$.^.;.`.uw...K2.R.WBl..a..DDT.DD......ep4p..,.

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 500 x 300, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	98849
Entropy (8bit):	7.995045639923759
Encrypted:	true
SSDEEP:	3072:d6dgyS9jc64Sml97iHO9/8N6O1imfhb+LEx:pySZcTtr/8N6O31+LEx
MD5:	7E4BDB9AC86E8D1DFFD77A16F57BF141
SHA1:	7B50D13E5F56FB543A5115EB52463539225FEC6B
SHA-256:	C2AE149ED8A84CDC6181B0CAE50078B0A41C381B01D788F61C6686D921128393
SHA-512:	0F80EA771FC80AC56FB09B66F28E31C2FC5FFFB7C7FADF516A73BDDB4440644B24C252733A14B515105CE59A2F2E8571295F86CC38880F32079B91485E42DBE3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......,............tEXtSoftware.Adobe ImageReadyq.e<....IDATx......y'ZU.'..]D".....H....H...`.g...-...>..;..,.}..Y..}..l..-S..(Q..f"0 ....6...N..U..{....g......q8..........W_A.'.....9c...?"....:......c../.l......}H...>..A.-.m...YU.S....{D;1 ..N...J....@.vb...(...~....h..........3?K..b1..;.v.u/9...,.q.H.[./..E._..L....g..3...u........w..7.A...r..L7`....B.x.C..e.lV..!.qs.}.S..\|-q.....[.w.Z.{v`....uZ..p.g=..+.].....?....{....p%......5.S..]X....-.o. ...r...p..B.z.C..Q.p......*.g.\E..ohW..vK...g=...B.v..?...]{...Dh.a...Ed..6..Ag..K@..a.O.F.py...@...+i.n....j..h.......:...B.n..[{z.......-7.x.{.z..{..s...u...U4..y......!.......sy.K...6l......e..f....D..G..0.<K..a...y.G..{.z.s.xL....p.i.j.u..E......=P&~..I.0..!-.x...r...@.>.......k>m....n.jr.`.H..I...dz..C@..`......g=;....'?..._.`.h..s\.....;.pU.....&.v.a.4?r.4b.s...RB.@.E...0....<...y...f...I..{...=a..]{..........n1...V.BM...j...{.\..]..P.n..+.K....}u:.n,...b.4.....Y.w......7..6=p

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18720, version 1.0
Category:	downloaded
Size (bytes):	18720
Entropy (8bit):	7.9898266266717926
Encrypted:	false
SSDEEP:	384:/e1h2vOnJLuxUNneyZmiU72RGsdLqK2+gFxVVZV2XCT:kEvOnYxU/miU72RHLK5iw
MD5:	D26A2372AA87EA24DF867BE03821FC5F
SHA1:	5DEA98349DCF3E2DA8A4C4C209BBCF412D572805
SHA-256:	1F6E5AE697330D08ACADF0299418B94A102DCC63F483B3F3EC821CC7E36EF8DC
SHA-512:	A612279A2530C901A1AB8D6E3346172ABA48855E8348493F09F5A4DEAA2E90DD15E014C8FF82F712DF2C512B16D379E709DAB6C4E7242BD84BAC189801C67EAB
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2
Preview:	wOF2......I .......8..H..........................\|.."..h.`?STATZ..0..\|...........=..2..6.$..`. ...........z%.Q....P}.\Q.M..Q......m.....c.."./.B!,PV..I.a......t....M8....H..q.(#@4..\|.....:.=+..w...'.....2..h..i....o.Xh.u......t,..a(..m~....Sy..O..NG....8Bc....]...!.Q..X4.R%-;.;..l.........X.%...N..C.4.C4T=..":..,..:gN11.1....V.A.EAA.#..cb.6...........G..Pz=)(....[...w...........`...ZBrF&...X.K.V.[\|.}U..)m\..0l.l..9j.RM...FX.{...u..Z6.Y7...J......}~ P..,.t..'m.Ei....{a..3 ;!. .].....5K.C.. ........0`...P....S...s.<.{..s.....MI.m.\|@...@....4.)c...~..wF`x.k..7}RU"...I..N.....3...J....>o...W..b...../.Q3 ...o.....?'..VuUIU8@....v..)mR`RD.$..J1.z.uu....Z..I....c/....z......UN......}..../{V`.....i%....H..c.'.d/.....H.T..hRbS.-.K.T.M...W..8u..R.1.........z.'V...D.:..PL(.X...cJ..c.E!..gi.VT@.+.......BO...$;.}.S.Vm.u. ]0v...L.&...$n..V..k..u.=q=.z.\.:M0.Z ....p..1..q....K....12.n.Y.Ep.L[..7.`.J `.7.v......[p.y8..-.b.I..t......a.vf.f....Fk/.%t..

Chrome Cache Entry: 90

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65371)
Category:	downloaded
Size (bytes):	122540
Entropy (8bit):	5.095991350869987
Encrypted:	false
SSDEEP:	768:ayPGxw/jc/QWlJxtQZIuiHlncmzI4I8OAduFKbv2ctm2Bm8JP+eckOvS1Fs:Uw/o1wIuiHlncm28lDbzzPux
MD5:	5D5357CB3704E1F43A1F5BFED2AEBF42
SHA1:	08DF9A96752852F2CBD310C30FACD934E348C2C5
SHA-256:	31FBD99641C212A6AD3681A2397BDE13C148C0CCD98385BCE6A7EB7C81417D87
SHA-512:	7537E07BFCE0A0C6293FB41B1F2E2058C106B1BB1D65E097CFB8AB22D8DC0B7B0F505B5FD24B856C3CFF8B11BB02B4F19838CB5C399ECC7B9B78D8A4C8A195C9
Malicious:	false
Reputation:	low
URL:	https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Preview:	/!. Bootstrap v3.3.5 (http://getbootstrap.com). * Copyright 2011-2015 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). //! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css */html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr

Chrome Cache Entry: 91

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 500 x 300, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	98849
Entropy (8bit):	7.995045639923759
Encrypted:	true
SSDEEP:	3072:d6dgyS9jc64Sml97iHO9/8N6O1imfhb+LEx:pySZcTtr/8N6O31+LEx
MD5:	7E4BDB9AC86E8D1DFFD77A16F57BF141
SHA1:	7B50D13E5F56FB543A5115EB52463539225FEC6B
SHA-256:	C2AE149ED8A84CDC6181B0CAE50078B0A41C381B01D788F61C6686D921128393
SHA-512:	0F80EA771FC80AC56FB09B66F28E31C2FC5FFFB7C7FADF516A73BDDB4440644B24C252733A14B515105CE59A2F2E8571295F86CC38880F32079B91485E42DBE3
Malicious:	false
Reputation:	low
URL:	https://a.m.dana.id/danaweb/promo/1658288864-Thumbnail---DANA-Deals-July.png
Preview:	.PNG........IHDR.......,............tEXtSoftware.Adobe ImageReadyq.e<....IDATx......y'ZU.'..]D".....H....H...`.g...-...>..;..,.}..Y..}..l..-S..(Q..f"0 ....6...N..U..{....g......q8..........W_A.'.....9c...?"....:......c../.l......}H...>..A.-.m...YU.S....{D;1 ..N...J....@.vb...(...~....h..........3?K..b1..;.v.u/9...,.q.H.[./..E._..L....g..3...u........w..7.A...r..L7`....B.x.C..e.lV..!.qs.}.S..\|-q.....[.w.Z.{v`....uZ..p.g=..+.].....?....{....p%......5.S..]X....-.o. ...r...p..B.z.C..Q.p......*.g.\E..ohW..vK...g=...B.v..?...]{...Dh.a...Ed..6..Ag..K@..a.O.F.py...@...+i.n....j..h.......:...B.n..[{z.......-7.x.{.z..{..s...u...U4..y......!.......sy.K...6l......e..f....D..G..0.<K..a...y.G..{.z.s.xL....p.i.j.u..E......=P&~..I.0..!-.x...r...@.>.......k>m....n.jr.`.H..I...dz..C@..`......g=;....'?..._.`.h..s\.....;.pU.....&.v.a.4?r.4b.s...RB.@.E...0....<...y...f...I..{...=a..]{..........n1...V.BM...j...{.\..]..P.n..+.K....}u:.n,...b.4.....Y.w......7..6=p

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (42862)
Category:	downloaded
Size (bytes):	42863
Entropy (8bit):	5.085616303270228
Encrypted:	false
SSDEEP:	768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYH:EPrYdlNixEePiYH
MD5:	D5A61C749E44E47159AF8A6579DDA121
SHA1:	3B41B3BC956685015A347A2238E71DB29DFA0DBB
SHA-256:	0C7178CC6CA34FB18E30F070A5E7A1C287B2D7CCFCBA2CFDF06E0F46EDA55740
SHA-512:	5ED98CB4311C373DA3EDE92BB47BCE551E22C30683EA8FC55097BAF99ABE1E0702B24DE48F8B9241047CC1E4364158F5A343E4E8FC182E8866DB4E99CCD7EE6E
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Preview:	!function(i){"use strict";"function"==typeof define&&define.amd?define(["jquery"],i):"undefined"!=typeof exports?module.exports=i(require("jquery")):i(jQuery)}(function(i){"use strict";var e=window.Slick\|\|{};(e=function(){var e=0;return function(t,o){var s,n=this;n.defaults={accessibility:!0,adaptiveHeight:!1,appendArrows:i(t),appendDots:i(t),arrows:!0,asNavFor:null,prevArrow:'<button class="slick-prev" aria-label="Previous" type="button">Previous</button>',nextArrow:'<button class="slick-next" aria-label="Next" type="button">Next</button>',autoplay:!1,autoplaySpeed:3e3,centerMode:!1,centerPadding:"50px",cssEase:"ease",customPaging:function(e,t){return i('<button type="button" />').text(t+1)},dots:!1,dotsClass:"slick-dots",draggable:!0,easing:"linear",edgeFriction:.35,fade:!1,focusOnSelect:!1,focusOnChange:!1,infinite:!0,initialSlide:0,lazyLoad:"ondemand",mobileFirst:!1,pauseOnHover:!0,pauseOnFocus:!0,pauseOnDotsHover:!1,respondTo:"window",responsive:null,rows:1,rtl:!1,slide:"",slidesP

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (42862)
Category:	dropped
Size (bytes):	42863
Entropy (8bit):	5.085616303270228
Encrypted:	false
SSDEEP:	768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYH:EPrYdlNixEePiYH
MD5:	D5A61C749E44E47159AF8A6579DDA121
SHA1:	3B41B3BC956685015A347A2238E71DB29DFA0DBB
SHA-256:	0C7178CC6CA34FB18E30F070A5E7A1C287B2D7CCFCBA2CFDF06E0F46EDA55740
SHA-512:	5ED98CB4311C373DA3EDE92BB47BCE551E22C30683EA8FC55097BAF99ABE1E0702B24DE48F8B9241047CC1E4364158F5A343E4E8FC182E8866DB4E99CCD7EE6E
Malicious:	false
Reputation:	low
Preview:	!function(i){"use strict";"function"==typeof define&&define.amd?define(["jquery"],i):"undefined"!=typeof exports?module.exports=i(require("jquery")):i(jQuery)}(function(i){"use strict";var e=window.Slick\|\|{};(e=function(){var e=0;return function(t,o){var s,n=this;n.defaults={accessibility:!0,adaptiveHeight:!1,appendArrows:i(t),appendDots:i(t),arrows:!0,asNavFor:null,prevArrow:'<button class="slick-prev" aria-label="Previous" type="button">Previous</button>',nextArrow:'<button class="slick-next" aria-label="Next" type="button">Next</button>',autoplay:!1,autoplaySpeed:3e3,centerMode:!1,centerPadding:"50px",cssEase:"ease",customPaging:function(e,t){return i('<button type="button" />').text(t+1)},dots:!1,dotsClass:"slick-dots",draggable:!0,easing:"linear",edgeFriction:.35,fade:!1,focusOnSelect:!1,focusOnChange:!1,infinite:!0,initialSlide:0,lazyLoad:"ondemand",mobileFirst:!1,pauseOnHover:!0,pauseOnFocus:!0,pauseOnDotsHover:!1,respondTo:"window",responsive:null,rows:1,rtl:!1,slide:"",slidesP

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	downloaded
Size (bytes):	89476
Entropy (8bit):	5.2896589255084425
Encrypted:	false
SSDEEP:	1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
MD5:	DC5E7F18C8D36AC1D3D4753A87C98D0A
SHA1:	C8E1C8B386DC5B7A9184C763C88D19A346EB3342
SHA-256:	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
SHA-512:	6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
Malicious:	false
Reputation:	low
URL:	https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 32 x 32
Category:	downloaded
Size (bytes):	4178
Entropy (8bit):	7.490050296203736
Encrypted:	false
SSDEEP:	48:32e4MxZKDtivGOFkoajWKOwD2s4UYX034Hk4zHdwt4zeoAF5oM4JTp3uVj4gBFyj:32e4ZtyiqsdWAXWwXPF5oMcdUjVsmuS
MD5:	C5CD7F5300576AB4C88202B42F6DED62
SHA1:	7A1AA43614396382BB15E5FDE574D9CDCD21698F
SHA-256:	E7B44C86B050FCA766A96DDAC2D0932AF0126DA6F2305280342D909168DCCE6B
SHA-512:	F0D7ADA22A3EB3B2758198A71472FB240C74CE4CA09028076E23690C70B2339C6B2A40F9158DD71C52D953EF27BBCC0105B061BDC74FBB0AD0B304C7C6A04A38
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif
Preview:	GIF89a . .........................~~~................................>>>VVV```\|\|\|......JJJlll...............,,,^^^...LLL.................................................................................!..Created with ajaxload.info.!.......!..NETSCAPE2.0.....,.... . ....@.pH$.8.Gq.$N..A.3(..L....V....K\|P(...:.(..r.B.._@X!/...BxBnb}E.g....o.r..E.g..^..oWD.c.....JC.g......oqm.o..........E.....{p~....r...D....}.M....d......K......r.........o....\|........].q...` 9C.f).$'.=..}.C.^.u..-.H..!.............O.K"1......5.&{j.T. .BBo..e...6..<...@.B?..1..)..G.b.K... .!.......,.... . ....@.pH$&4.Bq.$..D..b(.......V....[4.._..:.t:"r.qh@..a..)..g.Bk_.o..E.g~.....#r.JD.g.xl.oWF.C....~mg......o.D.....B.....w...K.!.......C........wE... ..d....X.............r................s'...xM.&T$$..\|M...C.... .A...Bl..d....K.d.V..?oFl-X. .L[.J*....6..!."...5\@....p..oI..m...N!Q.Xm..@..%2u:uH2.\.R.#.a..!.......,.... . ....@.pH$...Bq.$&.D...(..L....V....[$.....:4P(.r.s..._...I..g.BxB.o..E g.w^

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	dropped
Size (bytes):	89476
Entropy (8bit):	5.2896589255084425
Encrypted:	false
SSDEEP:	1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
MD5:	DC5E7F18C8D36AC1D3D4753A87C98D0A
SHA1:	C8E1C8B386DC5B7A9184C763C88D19A346EB3342
SHA-256:	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
SHA-512:	6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
Malicious:	false
Reputation:	low
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 500 x 300, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	92738
Entropy (8bit):	7.99422232812937
Encrypted:	true
SSDEEP:	1536:VpjDHHg2WZYCmL2OFd701OGN1rgfnfGZyb0w6bOZ6NYDEx5dYe/H1M5uvbmTbxTQ:VZDHHgJYCvOjwQGN1rKG0f6bOgNYIjyo
MD5:	5C92920FBBF8DD80BDFE113932DB4824
SHA1:	F946FBF2C78D4CBE1D66245E4297A13483F33DCD
SHA-256:	E7CAF044B88B47A1C05531D15317F7764EBE91BBFBCEE89257483526757B3CB3
SHA-512:	437596E0775E16F6C1537CFE26ECDF18EBFE25FE01045E02E133C1FFF7E8A59ED12E05F7F7511D333D770D272FA79F6B1062E879667B99904BD0297A57674D96
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......,............tEXtSoftware.Adobe ImageReadyq.e<..i.IDATx....$W}.zN...===yf'.l......@0X...1F.w.\|..m....>s...re?.c.{.....l@.VHB.]P.jW+....N.3=.+.wvu.....VwU......w...;. ..~..!...s9..}m..j.Y....."[3..c.r.z.4V.g.....{...7..%.?..7.....V ......m.u....6......+..)x_.....]. ...{...<.G.".$(.....A..zH..4s}.%.f.K.....-..G..........4.%..}~:.WJ...Zh.m....w......d....+".wY.f...v\|.!...n.tllu.n.w...V....N.../.....<t.........D..3.S.]T.F...#;....A......(.^h...v..`..p...}.y..d.#...Zh.m...%ng @..g..vA#.,J..`..}y..7.........o.]5<O...C.q.?...B.mc,.......E......kR..C.~..=....xr...i.qs.F79..[ho..{h...1..H.8x........5.]..@...4@p.fb.D...!.w.5......h8..7..w.....{h..v...0.....+"..$a\|.0}....;.T.{..7......_O...rP.^d..ocm..{h..v..=.6..5?L....2R...i.... ..Y.=..\|.....X.z..G...(......f >d...F ;{..]uc..vEE,.....?..!.v/..e?...$.....i..~=..wi....aJ......1Q.".F....XHV.].].8E..a...k5O'.?....<.sv.....( ...a8..!...Zh....e.9....!;....{y..n...p..~

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (50806)
Category:	downloaded
Size (bytes):	51284
Entropy (8bit):	4.573895834393703
Encrypted:	false
SSDEEP:	384:R48w+hhJhjRqFdtYRjJIjsjaHnNfc2C4741mf5HRzL:R4YhhjQFduRjJ7uHFcu7Smf5xzL
MD5:	1690997909AAE14B023A6580D4A2F33F
SHA1:	A4FD9551382A3B5C9C43E14ADB8C4C4149CD2352
SHA-256:	92AC508220F5BB60EC94E07650528EB66625F82A4740ADA068CDE05365781286
SHA-512:	617658DBE762B0F4C1A6433C90EA2FE21A0D27D431F00B2B216DE28636066FC4653A23D0B6CCCC53B9ABBD5A234E3416DCB8296B7F0DEE0CEBA1B45CE99A2BCF
Malicious:	false
Reputation:	low
URL:	https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Preview:	@charset "UTF-8";/!. Ionicons, v2.0.1. Created by Ben Sperry for the Ionic Framework, http://ionicons.com/. https://twitter.com/benjsperry https://twitter.com/ionicframework. MIT License: https://github.com/driftyco/ionicons.. Android-style icons originally built by Google.s. Material Design Icons: https://github.com/google/material-design-icons. used under CC BY http://creativecommons.org/licenses/by/4.0/. Modified icons to fit ionicon.s grid from original../@font-face{font-family:"Ionicons";src:url("../fonts/ionicons.eot?v=2.0.1");src:url("../fonts/ionicons.eot?v=2.0.1#iefix") format("embedded-opentype"),url("../fonts/ionicons.ttf?v=2.0.1") format("truetype"),url("../fonts/ionicons.woff?v=2.0.1") format("woff"),url("../fonts/ionicons.svg?v=2.0.1#Ionicons") format("svg");font-weight:normal;font-style:normal}.ion,.ionicons,.ion-alert:before,.ion-alert-circled:before,.ion-android-add:before,.ion-android-add-circle:before,.ion-android-alarm-clock:before,.ion-android-alert:

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65300)
Category:	downloaded
Size (bytes):	193529
Entropy (8bit):	5.014363132838949
Encrypted:	false
SSDEEP:	1536:xtGMGH2K5wlP7WIgHf73Z6LsKkVkpz600I4lp:xtGMZvkVkpz600I4lp
MD5:	6D9C6FDA1E7087224431CC8068BB998F
SHA1:	6273AC1A23D79A122F022F6A87C5B75C2CFAFC3A
SHA-256:	FB1763B59F9F5764294B5AF9FA5250835AE608282FE6F2F2213A5952AACF1FBF
SHA-512:	A3F321A113D52C4C71663085541B26D7B3E4CED9339A1EC3A7C93BFF726BB4D087874010E3CF64C297C0DDD3D21F32837BC602B848715EADD8EF579BFE8E9A9A
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css
Preview:	@charset "UTF-8";/!. Bootstrap v5.2.0-beta1 (https://getbootstrap.com/). * Copyright 2011-2022 The Bootstrap Authors. * Copyright 2011-2022 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:13,110,253;--bs-secondary-rgb:108,117,125;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-rgb:255,193,7;

Static File Info

⊘No static file info

Network Behavior

Download Network PCAP: filtered – full

Network Port Distribution

Total Packets: 512
• 443 (HTTPS)
• 53 (DNS)

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2024 05:00:50.436573982 CEST	49674	443	192.168.2.5	23.1.237.91
Sep 27, 2024 05:00:50.530304909 CEST	49675	443	192.168.2.5	23.1.237.91
Sep 27, 2024 05:00:50.733448029 CEST	49673	443	192.168.2.5	23.1.237.91
Sep 27, 2024 05:01:00.104682922 CEST	49674	443	192.168.2.5	23.1.237.91
Sep 27, 2024 05:01:00.135900974 CEST	49675	443	192.168.2.5	23.1.237.91
Sep 27, 2024 05:01:00.339075089 CEST	49673	443	192.168.2.5	23.1.237.91
Sep 27, 2024 05:01:00.686861992 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:00.686919928 CEST	443	49709	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:00.686994076 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:00.687727928 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:00.687742949 CEST	443	49709	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.152749062 CEST	443	49709	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.153204918 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.153229952 CEST	443	49709	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.154145956 CEST	443	49709	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.154201984 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.155230999 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.155320883 CEST	443	49709	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.155333042 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.155452967 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.155466080 CEST	443	49709	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.155477047 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.155515909 CEST	49709	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.156044006 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.156075954 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.156220913 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.156481981 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.156488895 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.617868900 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.625855923 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.625869989 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.626847029 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.626971960 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.630592108 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.630659103 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.631572008 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.631577015 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:01.679764986 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:01.814527035 CEST	443	49703	23.1.237.91	192.168.2.5
Sep 27, 2024 05:01:01.814618111 CEST	49703	443	192.168.2.5	23.1.237.91
Sep 27, 2024 05:01:02.029614925 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.030338049 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.030361891 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.030379057 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.030410051 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.030426979 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.030426979 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.030433893 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.030494928 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.031007051 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.031043053 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.031063080 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.031084061 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.031088114 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.031138897 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.031658888 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.031749010 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.031790018 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.179887056 CEST	49712	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.179913998 CEST	443	49712	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.265166998 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:02.265230894 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:02.265393019 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:02.266916037 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:02.266962051 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:02.267225981 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:02.267975092 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:02.267996073 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:02.269046068 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:02.269058943 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:02.281761885 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.281795979 CEST	443	49716	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.281887054 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.284992933 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:02.285033941 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:02.285034895 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:02.285054922 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:02.285125017 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:02.285154104 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:02.285541058 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.285553932 CEST	443	49716	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.286691904 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:02.286694050 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:02.286712885 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:02.286729097 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:02.286828041 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:02.287234068 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:02.287250042 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:02.289084911 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:02.289100885 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:02.303200006 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:02.303201914 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.303210974 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:02.303246975 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:02.303304911 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.303308010 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:02.309919119 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.309937954 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:02.310062885 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.310494900 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.310548067 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:02.310616016 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.311952114 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:02.311964989 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:02.312138081 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.312169075 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:02.313677073 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.313694000 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:02.315757036 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:02.315788984 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:02.317955971 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:02.317971945 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:02.321630955 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:02.325644970 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:02.325654984 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:02.748413086 CEST	443	49716	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.750053883 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.750078917 CEST	443	49716	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.751234055 CEST	443	49716	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.751360893 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.753545046 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.753545046 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.753611088 CEST	443	49716	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.753736973 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.753784895 CEST	443	49716	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.753812075 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.754241943 CEST	49716	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.754447937 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.754487038 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.754570961 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.755006075 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:02.755021095 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:02.755348921 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:02.755758047 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:02.756107092 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:02.756123066 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:02.756165981 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:02.756227970 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:02.757596016 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:02.757704020 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:02.757895947 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:02.758219957 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:02.779664993 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:02.815659046 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:02.825375080 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:02.826210022 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:02.826210976 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:02.826225996 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:02.826232910 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:02.828171968 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:02.828304052 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:02.830050945 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:02.830202103 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:02.948929071 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:02.952423096 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:02.952451944 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:02.952881098 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:02.952955008 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:02.953568935 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:02.953691959 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:02.984282970 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:02.990257025 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:03.005393028 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.006669044 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.009376049 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.010229111 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:03.010250092 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:03.011821985 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:03.011871099 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:03.011923075 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:03.011954069 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:03.012496948 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.012736082 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.012928963 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:03.013052940 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:03.015428066 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.015429020 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.015465975 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.015513897 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.016424894 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.016457081 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.016505957 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.016525030 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.016566992 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.016578913 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.016598940 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.016608000 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.016782045 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.016932964 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.023725033 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.023745060 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.023758888 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.023961067 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.024727106 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.025018930 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.025032997 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.025280952 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.025280952 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:03.025423050 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:03.028189898 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:03.028309107 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:03.030761957 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:03.030925035 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:03.032138109 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:03.032270908 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:03.033556938 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.033556938 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.033685923 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.033701897 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.034159899 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.034204960 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.034205914 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.034295082 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.034692049 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.034724951 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.035161018 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.035190105 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.035804033 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.035842896 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.035893917 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.035908937 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.036237001 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.036243916 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.041312933 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:03.041352987 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:03.041548014 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:03.041605949 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:03.041613102 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:03.074690104 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:03.074695110 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:03.074704885 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:03.074708939 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:03.074727058 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:03.074728012 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:01:03.074738026 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.074738026 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:03.074750900 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.074753046 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:03.074774981 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.085493088 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.085493088 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.085551977 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.116580009 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:03.116589069 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:03.116616964 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:03.116624117 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:03.141236067 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141294003 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141329050 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141354084 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.141355038 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141371965 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141400099 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.141412973 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141439915 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141459942 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.141469955 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.141515970 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.141524076 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.145977020 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.146020889 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.146049023 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.146079063 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.146092892 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.146122932 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.146279097 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.146410942 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.146481991 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.146514893 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.146532059 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.146646023 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.146681070 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.146688938 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.146805048 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.146838903 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.146846056 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.149646044 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.149653912 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.150870085 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.150940895 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.150970936 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.150978088 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.151110888 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.153196096 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.153280973 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.153337955 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.153372049 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.153371096 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.153408051 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.153440952 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.153460026 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.153511047 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.153525114 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.153969049 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.154006958 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.154037952 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.154041052 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.154056072 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.154150009 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.158004999 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.158217907 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.158233881 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.195293903 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.210458994 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.223949909 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:03.228157997 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228224993 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228252888 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228266954 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.228282928 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228324890 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.228440046 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228512049 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228548050 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.228548050 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228558064 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228590012 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228604078 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.228611946 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.228660107 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.229006052 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229046106 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229089975 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229119062 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.229129076 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229151964 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229170084 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.229178905 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229218006 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.229224920 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229855061 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229902029 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.229917049 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.229974985 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.230009079 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.230020046 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.230029106 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.230062008 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.230073929 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.230082035 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.230124950 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.238214016 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238385916 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238437891 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.238456964 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238611937 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238660097 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238658905 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.238671064 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238718987 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.238729000 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238761902 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238810062 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238816977 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.238821983 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.238858938 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.239217997 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239269018 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239295959 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239309072 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.239314079 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239355087 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.239360094 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239795923 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239810944 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.239818096 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239859104 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.239865065 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239906073 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.239923954 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239953041 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.239969015 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.239993095 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.240001917 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240020037 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.240021944 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240025043 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.240073919 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.240176916 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240334988 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240381956 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.240403891 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240705967 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240745068 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240748882 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.240766048 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240828037 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.240842104 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.240859032 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.240901947 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.240907907 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.241293907 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.241341114 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.241347075 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.241386890 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.241419077 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.241430044 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.241445065 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.241492987 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.241501093 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.241517067 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.241559982 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.241574049 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.241621017 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.241664886 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.241677046 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.242424011 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.242464066 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.242471933 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.242494106 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.242546082 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.242575884 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.242589951 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.242635012 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.263900042 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.263926029 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.263933897 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.263966084 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.263978958 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.263998985 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.264003992 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.264101028 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.264144897 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.264144897 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.265010118 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.265031099 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.265038013 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.265050888 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.265059948 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.265080929 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.265115976 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.265125990 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.265165091 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.268186092 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:03.268194914 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:03.272767067 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:03.272839069 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:03.273439884 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.273461103 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.273468018 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.273498058 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.273509979 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.273518085 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.273526907 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.273577929 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.273616076 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.273616076 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.291656971 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.306874037 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.306884050 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.314791918 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.314868927 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.314915895 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.314929962 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.314985991 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.315036058 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.322019100 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.326850891 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.326942921 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.326987028 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.327008963 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.327047110 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.327088118 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.327807903 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.327954054 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328010082 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.328028917 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328049898 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328073025 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.328079939 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328113079 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.328224897 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328269958 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.328275919 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328320980 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328361988 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.328367949 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.328413010 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.329005003 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.329063892 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.329087019 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.329133987 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.329174042 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.329221964 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.329838037 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.329893112 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.329912901 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.329958916 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.330002069 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.330048084 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.330492973 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.330629110 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.330678940 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.330741882 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.330796003 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.330811977 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.330868959 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.330950022 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.330982924 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331001043 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.331007957 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331044912 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.331049919 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331059933 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331099033 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331104994 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.331109047 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331157923 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.331496954 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331542015 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.331582069 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.331628084 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.332015038 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.332056999 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.332067966 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.332072020 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.332098961 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.332173109 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.332266092 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.332271099 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.332376957 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.332932949 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.332993984 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.333046913 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.333103895 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.333107948 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.333148956 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.333190918 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.338217020 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.338237047 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.338252068 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.338294029 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.338299990 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.338335991 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.338385105 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.338385105 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.339365959 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.339374065 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.339406967 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.339413881 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.339440107 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.339452028 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.339472055 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.339499950 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.348067045 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.348077059 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.348119974 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.348148108 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.348156929 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.348181009 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.348211050 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.348229885 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.364492893 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.364500999 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.364595890 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.364624023 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.364667892 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.366029024 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.366044998 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.366192102 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.366205931 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.366250038 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.376733065 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.376801968 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.376823902 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.376895905 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.378144979 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:03.378505945 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:03.379590034 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.379605055 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.379674911 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.379709959 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.379726887 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.379749060 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.413815975 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.414123058 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.414207935 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.414439917 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.414479971 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.414510965 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.414549112 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.414592981 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.414669991 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.414721012 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.415508986 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.421073914 CEST	49719	443	192.168.2.5	104.26.7.173
Sep 27, 2024 05:01:03.421088934 CEST	443	49719	104.26.7.173	192.168.2.5
Sep 27, 2024 05:01:03.421500921 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.421571016 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.421591997 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.421629906 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.426781893 CEST	49732	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:03.426793098 CEST	443	49732	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:03.430783033 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:03.430790901 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:03.432805061 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.432878017 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.432883978 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.432898045 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.432923079 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.432945013 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.434761047 CEST	49718	443	192.168.2.5	104.18.10.207
Sep 27, 2024 05:01:03.434794903 CEST	443	49718	104.18.10.207	192.168.2.5
Sep 27, 2024 05:01:03.435753107 CEST	49728	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.435784101 CEST	443	49728	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.436157942 CEST	49730	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.436172962 CEST	443	49730	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.441355944 CEST	49731	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:03.441384077 CEST	443	49731	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:03.484133005 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:03.677670956 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:03.713329077 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:03.713352919 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:03.714310884 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:03.714368105 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:03.825258970 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:03.825392008 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:03.865179062 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:03.865199089 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:03.914302111 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:04.590914965 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:04.590970993 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:04.591137886 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:04.592731953 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:04.592753887 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:05.253295898 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:05.253371954 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:05.787270069 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:05.787300110 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:05.788347006 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:05.895241022 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.168370008 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.215418100 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:06.275018930 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.275089025 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.275197029 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.278476954 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.278491020 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.306813002 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.306910992 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:06.306998014 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.307219982 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.307265043 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:06.307326078 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.307960033 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.308001995 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:06.308197975 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.308875084 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.308891058 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:06.308928967 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.308947086 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:06.309082031 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:06.309115887 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:06.355259895 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:06.355356932 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:06.355421066 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.407789946 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.407818079 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:06.407835007 CEST	49737	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.407843113 CEST	443	49737	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:06.491333008 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.491408110 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:06.491648912 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.492345095 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:06.492363930 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:06.737181902 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.738821983 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.738859892 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.740551949 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.740618944 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.740992069 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.741123915 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.741292000 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.804042101 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.804069042 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.867896080 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.867943048 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.867974997 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.867997885 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.868041992 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.868062019 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.868247032 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.868288994 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.868299961 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.868308067 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.868397951 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.868695021 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.872752905 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.872808933 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.872809887 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.872824907 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.873013973 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.955118895 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955223083 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955271959 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955312014 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955313921 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.955332041 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955404997 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.955418110 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955456018 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955495119 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955497980 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.955506086 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.955552101 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.956038952 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.956096888 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.956105947 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.956146955 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.956186056 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.956192970 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.956201077 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.956398010 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.956403971 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.956993103 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.957039118 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.957077026 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.957082987 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.957088947 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.957123995 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.957129955 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.957191944 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.957199097 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.957988977 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.958029032 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.958048105 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.958055019 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:06.958137989 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:06.958143950 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.007164001 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.015090942 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.015430927 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.015455961 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.015861034 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.016061068 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.016088963 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.016433001 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.016526937 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.016546965 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.016587019 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.016971111 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.017029047 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.017234087 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.017242908 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.017541885 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.017601967 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.017615080 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.017935038 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.018021107 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.018166065 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.018172979 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.018213987 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.042486906 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.042556047 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.042587996 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.042609930 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.042634010 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.042675972 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.042681932 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.042723894 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.042767048 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.042772055 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.042814970 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.043243885 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.043288946 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.043304920 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.043345928 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.043613911 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.043905020 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.043952942 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.044002056 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.044045925 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.044083118 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.044122934 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.044128895 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.044164896 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.044872046 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.044919014 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.044919968 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.044933081 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.044959068 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.045077085 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.045080900 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.049577951 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.053566933 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.053595066 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.054660082 CEST	49739	443	192.168.2.5	104.17.24.14
Sep 27, 2024 05:01:07.054678917 CEST	443	49739	104.17.24.14	192.168.2.5
Sep 27, 2024 05:01:07.055123091 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.055200100 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.055211067 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.055490017 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.055675983 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.055762053 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.055998087 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.056004047 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.137547970 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.137626886 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:07.138931990 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:07.138946056 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.139175892 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.140377998 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:07.179125071 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.179173946 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.179210901 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.183413029 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.194750071 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.280168056 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280193090 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280199051 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280200958 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280214071 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280246019 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280266047 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280268908 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280281067 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280293941 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.280308008 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280311108 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280329943 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280348063 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.280375004 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.280395031 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.280407906 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.280467987 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.310216904 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.310292006 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.310316086 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.310357094 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.310358047 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.310375929 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.310394049 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.310421944 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.310431004 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.310458899 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.353569984 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.353580952 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.353640079 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.353667974 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.353686094 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.353701115 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.353729963 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.353730917 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.353743076 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.353825092 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.353866100 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.354119062 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.354129076 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.354166031 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.354180098 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.354198933 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.354201078 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.354206085 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.354235888 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.354276896 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.366578102 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.380816936 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.380825043 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.380861998 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.380892038 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.380897999 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.380909920 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.380968094 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.384917974 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.384927988 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.384972095 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.385010958 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.385027885 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.385049105 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.385096073 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.385123014 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.387548923 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.387583017 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.387600899 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.387624979 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.387649059 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.387670040 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.387672901 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.387687922 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.387700081 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.387716055 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.387721062 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.387765884 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.394989967 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.395066977 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.395087004 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.395145893 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.415178061 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.415208101 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.415276051 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.415328026 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.415343046 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.415363073 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.415421009 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.415726900 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.415909052 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.415980101 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:07.421487093 CEST	49742	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.421526909 CEST	443	49742	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.426019907 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:07.426019907 CEST	49749	443	192.168.2.5	184.28.90.27
Sep 27, 2024 05:01:07.426038980 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.426050901 CEST	443	49749	184.28.90.27	192.168.2.5
Sep 27, 2024 05:01:07.440522909 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.440594912 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.440603018 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.440622091 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.440712929 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.441178083 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.441184044 CEST	443	49743	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.441196918 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.441231012 CEST	49743	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.478867054 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.478926897 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.478946924 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.478952885 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:07.479029894 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.480397940 CEST	49744	443	192.168.2.5	185.15.59.240
Sep 27, 2024 05:01:07.480418921 CEST	443	49744	185.15.59.240	192.168.2.5
Sep 27, 2024 05:01:13.092140913 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.092183113 CEST	443	49757	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.092255116 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.092797995 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.092816114 CEST	443	49758	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.093035936 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.093534946 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.093548059 CEST	443	49758	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.093799114 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.093810081 CEST	443	49757	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.560390949 CEST	443	49758	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.560709953 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.560724020 CEST	443	49758	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.561750889 CEST	443	49758	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.561824083 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.562370062 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.562370062 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.562437057 CEST	443	49758	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.562478065 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.562603951 CEST	443	49758	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.562654972 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.562714100 CEST	49758	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.562808990 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.562855005 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.562935114 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.563141108 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.563155890 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.586359024 CEST	443	49757	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.589107037 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.589127064 CEST	443	49757	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.590154886 CEST	443	49757	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.590217113 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.590573072 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.590645075 CEST	443	49757	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.590677977 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.590734005 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.590734005 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.590744019 CEST	443	49757	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.590784073 CEST	49757	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.591090918 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.591114998 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.591269970 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.591609001 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:13.591620922 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:13.604186058 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:13.604264021 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:13.604355097 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:14.021584988 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.021877050 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.021899939 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.022914886 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.022989988 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.023571968 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.023628950 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.023822069 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.023828030 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.051069975 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.051403046 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.051420927 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.052464962 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.052522898 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.052966118 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.053035021 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.071070910 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.102267027 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.102289915 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.151158094 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.487432957 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488221884 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488261938 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488290071 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488291979 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.488368988 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488404036 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.488420010 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488440990 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488468885 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.488481045 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.488529921 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.488543034 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.489039898 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.489085913 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.489097118 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.489131927 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.489181042 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.489581108 CEST	49760	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:14.489614964 CEST	443	49760	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:14.511651039 CEST	49734	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:01:14.511684895 CEST	443	49734	142.250.186.164	192.168.2.5
Sep 27, 2024 05:01:18.117541075 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:18.117643118 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:18.119745016 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:18.903017998 CEST	49733	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:18.903063059 CEST	443	49733	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:28.959547997 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:28.959620953 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:28.959836006 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:31.201725960 CEST	49761	443	192.168.2.5	188.114.97.3
Sep 27, 2024 05:01:31.201750994 CEST	443	49761	188.114.97.3	192.168.2.5
Sep 27, 2024 05:01:32.805480003 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:32.805598974 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:32.805689096 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:32.805986881 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:32.806145906 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:32.806232929 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:32.905688047 CEST	49713	443	192.168.2.5	108.138.26.27
Sep 27, 2024 05:01:32.905725956 CEST	443	49713	108.138.26.27	192.168.2.5
Sep 27, 2024 05:01:32.905981064 CEST	49714	443	192.168.2.5	65.9.66.129
Sep 27, 2024 05:01:32.906033993 CEST	443	49714	65.9.66.129	192.168.2.5
Sep 27, 2024 05:01:48.076647997 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:01:48.076666117 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:01:48.076682091 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:01:48.076690912 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:02:03.058998108 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:02:03.059098959 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:02:03.059187889 CEST	443	49717	35.186.247.156	192.168.2.5
Sep 27, 2024 05:02:03.059235096 CEST	443	49727	142.250.185.78	192.168.2.5
Sep 27, 2024 05:02:03.059259892 CEST	49717	443	192.168.2.5	35.186.247.156
Sep 27, 2024 05:02:03.059303999 CEST	49727	443	192.168.2.5	142.250.185.78
Sep 27, 2024 05:02:03.059509039 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:03.059639931 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:03.059721947 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:03.060018063 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:03.060053110 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:03.686391115 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:03.687236071 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:03.687315941 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:03.687688112 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:03.688479900 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:03.688555956 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:03.741914988 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:13.591572046 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:13.591643095 CEST	443	49767	142.250.186.164	192.168.2.5
Sep 27, 2024 05:02:13.591789961 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:14.900433064 CEST	49767	443	192.168.2.5	142.250.186.164
Sep 27, 2024 05:02:14.900480032 CEST	443	49767	142.250.186.164	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2024 05:00:58.704160929 CEST	53	63670	1.1.1.1	192.168.2.5
Sep 27, 2024 05:00:58.710047960 CEST	53	64573	1.1.1.1	192.168.2.5
Sep 27, 2024 05:00:59.695091963 CEST	53	50142	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:00.628679991 CEST	61353	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:00.628876925 CEST	57031	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:00.642214060 CEST	53	61353	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:00.643982887 CEST	53	57031	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:00.657947063 CEST	58376	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:00.658077002 CEST	54280	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:00.680644035 CEST	53	58376	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:00.680665016 CEST	53	54280	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.216223001 CEST	53782	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.216223001 CEST	50008	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.216793060 CEST	56199	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.217402935 CEST	61743	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.218070984 CEST	65455	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.218070984 CEST	57000	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.223534107 CEST	53	56199	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.224162102 CEST	53	61743	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.224633932 CEST	53	57000	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.224967957 CEST	53	65455	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.269048929 CEST	58263	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.269423008 CEST	56554	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.271264076 CEST	63726	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.271264076 CEST	56662	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.274410009 CEST	59185	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.274410009 CEST	52629	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.275228977 CEST	51364	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.275228977 CEST	53689	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.275867939 CEST	65268	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.277741909 CEST	53	63726	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.277858019 CEST	53	58263	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.277872086 CEST	53	56554	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.278213024 CEST	53	56662	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.280246973 CEST	52184	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.281471014 CEST	53	52629	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.281935930 CEST	53	51364	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.282257080 CEST	53	53689	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.282833099 CEST	53	59185	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.283191919 CEST	56950	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.283603907 CEST	58330	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.287296057 CEST	53	63147	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.287574053 CEST	53	52184	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.288041115 CEST	57991	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.288041115 CEST	53292	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.290236950 CEST	53	56950	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.290807962 CEST	53	58330	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.294621944 CEST	53	53292	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.295077085 CEST	53	57991	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.305159092 CEST	56498	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.308058023 CEST	64787	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:02.311916113 CEST	53	56498	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:02.315566063 CEST	53	64787	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:03.029022932 CEST	55373	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:03.030766010 CEST	52437	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:03.035758972 CEST	53	55373	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:03.037933111 CEST	53	52437	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:06.234529972 CEST	58635	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.235250950 CEST	64667	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.242326021 CEST	53	64667	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:06.253952980 CEST	50886	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.254431963 CEST	53905	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.254848957 CEST	62631	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.255601883 CEST	51484	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.260853052 CEST	53	50886	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:06.260946035 CEST	53	53905	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:06.296885967 CEST	57228	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.297343016 CEST	63574	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.304058075 CEST	53	57228	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:06.304378033 CEST	53	63574	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:06.309914112 CEST	54505	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:06.310098886 CEST	52411	53	192.168.2.5	1.1.1.1
Sep 27, 2024 05:01:16.800982952 CEST	53	50225	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:35.737476110 CEST	53	64104	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:58.188916922 CEST	53	56586	1.1.1.1	192.168.2.5
Sep 27, 2024 05:01:58.868289948 CEST	53	55242	1.1.1.1	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 27, 2024 05:01:00.628679991 CEST	192.168.2.5	1.1.1.1	0x39d2	Standard query (0)	daana-paylaterld.xsits.xyz	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:00.628876925 CEST	192.168.2.5	1.1.1.1	0x8cdf	Standard query (0)	daana-paylaterld.xsits.xyz	65	IN (0x0001)	false
Sep 27, 2024 05:01:00.657947063 CEST	192.168.2.5	1.1.1.1	0x1e3e	Standard query (0)	daana-paylaterld.xsits.xyz	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:00.658077002 CEST	192.168.2.5	1.1.1.1	0xca01	Standard query (0)	daana-paylaterld.xsits.xyz	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.216223001 CEST	192.168.2.5	1.1.1.1	0x206d	Standard query (0)	a.m.dana.id	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.216223001 CEST	192.168.2.5	1.1.1.1	0x1c68	Standard query (0)	a.m.dana.id	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.216793060 CEST	192.168.2.5	1.1.1.1	0xf914	Standard query (0)	app.link	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.217402935 CEST	192.168.2.5	1.1.1.1	0x865f	Standard query (0)	app.link	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.218070984 CEST	192.168.2.5	1.1.1.1	0x92ac	Standard query (0)	api2.branch.io	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.218070984 CEST	192.168.2.5	1.1.1.1	0x39c1	Standard query (0)	api2.branch.io	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.269048929 CEST	192.168.2.5	1.1.1.1	0x35b2	Standard query (0)	cdn.lr-ingest.io	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.269423008 CEST	192.168.2.5	1.1.1.1	0x90c0	Standard query (0)	cdn.lr-ingest.io	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.271264076 CEST	192.168.2.5	1.1.1.1	0x2ecf	Standard query (0)	sentry.io	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.271264076 CEST	192.168.2.5	1.1.1.1	0x7b1c	Standard query (0)	sentry.io	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.274410009 CEST	192.168.2.5	1.1.1.1	0xa69d	Standard query (0)	code.ionicframework.com	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.274410009 CEST	192.168.2.5	1.1.1.1	0x4ce4	Standard query (0)	code.ionicframework.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.275228977 CEST	192.168.2.5	1.1.1.1	0x6ea9	Standard query (0)	maxcdn.bootstrapcdn.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.275228977 CEST	192.168.2.5	1.1.1.1	0x687a	Standard query (0)	maxcdn.bootstrapcdn.com	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.275867939 CEST	192.168.2.5	1.1.1.1	0xbcac	Standard query (0)	cdn.jsdelivr.net	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.280246973 CEST	192.168.2.5	1.1.1.1	0xceb6	Standard query (0)	cdn.jsdelivr.net	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.283191919 CEST	192.168.2.5	1.1.1.1	0x8101	Standard query (0)	youtube.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.283603907 CEST	192.168.2.5	1.1.1.1	0x38cb	Standard query (0)	youtube.com	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.288041115 CEST	192.168.2.5	1.1.1.1	0xc2ca	Standard query (0)	upload.wikimedia.org	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.288041115 CEST	192.168.2.5	1.1.1.1	0xf868	Standard query (0)	upload.wikimedia.org	65	IN (0x0001)	false
Sep 27, 2024 05:01:02.305159092 CEST	192.168.2.5	1.1.1.1	0x2f52	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.308058023 CEST	192.168.2.5	1.1.1.1	0x5e1d	Standard query (0)	cdnjs.cloudflare.com	65	IN (0x0001)	false
Sep 27, 2024 05:01:03.029022932 CEST	192.168.2.5	1.1.1.1	0xc208	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:03.030766010 CEST	192.168.2.5	1.1.1.1	0xf73f	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 27, 2024 05:01:06.234529972 CEST	192.168.2.5	1.1.1.1	0x6a52	Standard query (0)	cdn.jsdelivr.net	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.235250950 CEST	192.168.2.5	1.1.1.1	0x1ce0	Standard query (0)	cdn.jsdelivr.net	65	IN (0x0001)	false
Sep 27, 2024 05:01:06.253952980 CEST	192.168.2.5	1.1.1.1	0x692b	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.254431963 CEST	192.168.2.5	1.1.1.1	0x5f18	Standard query (0)	cdnjs.cloudflare.com	65	IN (0x0001)	false
Sep 27, 2024 05:01:06.254848957 CEST	192.168.2.5	1.1.1.1	0xf8e1	Standard query (0)	www.dana.id	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.255601883 CEST	192.168.2.5	1.1.1.1	0x9aab	Standard query (0)	www.dana.id	65	IN (0x0001)	false
Sep 27, 2024 05:01:06.296885967 CEST	192.168.2.5	1.1.1.1	0x1e66	Standard query (0)	upload.wikimedia.org	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.297343016 CEST	192.168.2.5	1.1.1.1	0x605	Standard query (0)	upload.wikimedia.org	65	IN (0x0001)	false
Sep 27, 2024 05:01:06.309914112 CEST	192.168.2.5	1.1.1.1	0x5fdd	Standard query (0)	a.m.dana.id	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.310098886 CEST	192.168.2.5	1.1.1.1	0xb628	Standard query (0)	a.m.dana.id	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 27, 2024 05:01:00.642214060 CEST	1.1.1.1	192.168.2.5	0x39d2	No error (0)	daana-paylaterld.xsits.xyz		188.114.97.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:00.642214060 CEST	1.1.1.1	192.168.2.5	0x39d2	No error (0)	daana-paylaterld.xsits.xyz		188.114.96.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:00.643982887 CEST	1.1.1.1	192.168.2.5	0x8cdf	No error (0)	daana-paylaterld.xsits.xyz			65	IN (0x0001)	false
Sep 27, 2024 05:01:00.680644035 CEST	1.1.1.1	192.168.2.5	0x1e3e	No error (0)	daana-paylaterld.xsits.xyz		188.114.97.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:00.680644035 CEST	1.1.1.1	192.168.2.5	0x1e3e	No error (0)	daana-paylaterld.xsits.xyz		188.114.96.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:00.680665016 CEST	1.1.1.1	192.168.2.5	0xca01	No error (0)	daana-paylaterld.xsits.xyz			65	IN (0x0001)	false
Sep 27, 2024 05:01:02.223510981 CEST	1.1.1.1	192.168.2.5	0x206d	No error (0)	a.m.dana.id	a.m.dana.id.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:02.223534107 CEST	1.1.1.1	192.168.2.5	0xf914	No error (0)	app.link		65.9.66.129	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.223534107 CEST	1.1.1.1	192.168.2.5	0xf914	No error (0)	app.link		65.9.66.103	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.223534107 CEST	1.1.1.1	192.168.2.5	0xf914	No error (0)	app.link		65.9.66.56	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.223534107 CEST	1.1.1.1	192.168.2.5	0xf914	No error (0)	app.link		65.9.66.31	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.224633932 CEST	1.1.1.1	192.168.2.5	0x39c1	No error (0)	api2.branch.io		108.138.26.27	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.224633932 CEST	1.1.1.1	192.168.2.5	0x39c1	No error (0)	api2.branch.io		108.138.26.116	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.224633932 CEST	1.1.1.1	192.168.2.5	0x39c1	No error (0)	api2.branch.io		108.138.26.129	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.224633932 CEST	1.1.1.1	192.168.2.5	0x39c1	No error (0)	api2.branch.io		108.138.26.118	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.228701115 CEST	1.1.1.1	192.168.2.5	0x1c68	No error (0)	a.m.dana.id	a.m.dana.id.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:02.277741909 CEST	1.1.1.1	192.168.2.5	0x2ecf	No error (0)	sentry.io		35.186.247.156	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.277858019 CEST	1.1.1.1	192.168.2.5	0x35b2	No error (0)	cdn.lr-ingest.io		188.114.97.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.277858019 CEST	1.1.1.1	192.168.2.5	0x35b2	No error (0)	cdn.lr-ingest.io		188.114.96.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.277872086 CEST	1.1.1.1	192.168.2.5	0x90c0	No error (0)	cdn.lr-ingest.io			65	IN (0x0001)	false
Sep 27, 2024 05:01:02.281471014 CEST	1.1.1.1	192.168.2.5	0x4ce4	No error (0)	code.ionicframework.com		104.26.7.173	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.281471014 CEST	1.1.1.1	192.168.2.5	0x4ce4	No error (0)	code.ionicframework.com		104.26.6.173	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.281471014 CEST	1.1.1.1	192.168.2.5	0x4ce4	No error (0)	code.ionicframework.com		172.67.69.29	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.281935930 CEST	1.1.1.1	192.168.2.5	0x6ea9	No error (0)	maxcdn.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.281935930 CEST	1.1.1.1	192.168.2.5	0x6ea9	No error (0)	maxcdn.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.282257080 CEST	1.1.1.1	192.168.2.5	0x687a	No error (0)	maxcdn.bootstrapcdn.com			65	IN (0x0001)	false
Sep 27, 2024 05:01:02.282538891 CEST	1.1.1.1	192.168.2.5	0xbcac	No error (0)	cdn.jsdelivr.net	cdn.jsdelivr.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:02.282833099 CEST	1.1.1.1	192.168.2.5	0xa69d	No error (0)	code.ionicframework.com			65	IN (0x0001)	false
Sep 27, 2024 05:01:02.287574053 CEST	1.1.1.1	192.168.2.5	0xceb6	No error (0)	cdn.jsdelivr.net	cdn.jsdelivr.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:02.290236950 CEST	1.1.1.1	192.168.2.5	0x8101	No error (0)	youtube.com		142.250.185.78	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.290807962 CEST	1.1.1.1	192.168.2.5	0x38cb	No error (0)	youtube.com			65	IN (0x0001)	false
Sep 27, 2024 05:01:02.295077085 CEST	1.1.1.1	192.168.2.5	0xc2ca	No error (0)	upload.wikimedia.org		185.15.59.240	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.311916113 CEST	1.1.1.1	192.168.2.5	0x2f52	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.311916113 CEST	1.1.1.1	192.168.2.5	0x2f52	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:02.315566063 CEST	1.1.1.1	192.168.2.5	0x5e1d	No error (0)	cdnjs.cloudflare.com			65	IN (0x0001)	false
Sep 27, 2024 05:01:03.035758972 CEST	1.1.1.1	192.168.2.5	0xc208	No error (0)	www.google.com		142.250.186.164	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:03.037933111 CEST	1.1.1.1	192.168.2.5	0xf73f	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 27, 2024 05:01:06.241945028 CEST	1.1.1.1	192.168.2.5	0x6a52	No error (0)	cdn.jsdelivr.net	cdn.jsdelivr.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:06.242326021 CEST	1.1.1.1	192.168.2.5	0x1ce0	No error (0)	cdn.jsdelivr.net	cdn.jsdelivr.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:06.260853052 CEST	1.1.1.1	192.168.2.5	0x692b	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.260853052 CEST	1.1.1.1	192.168.2.5	0x692b	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.260946035 CEST	1.1.1.1	192.168.2.5	0x5f18	No error (0)	cdnjs.cloudflare.com			65	IN (0x0001)	false
Sep 27, 2024 05:01:06.275984049 CEST	1.1.1.1	192.168.2.5	0xf8e1	No error (0)	www.dana.id	www.dana.id.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:06.276145935 CEST	1.1.1.1	192.168.2.5	0x9aab	No error (0)	www.dana.id	www.dana.id.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:06.304058075 CEST	1.1.1.1	192.168.2.5	0x1e66	No error (0)	upload.wikimedia.org		185.15.59.240	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:06.321405888 CEST	1.1.1.1	192.168.2.5	0x5fdd	No error (0)	a.m.dana.id	a.m.dana.id.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:06.327697992 CEST	1.1.1.1	192.168.2.5	0xb628	No error (0)	a.m.dana.id	a.m.dana.id.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:11.802088976 CEST	1.1.1.1	192.168.2.5	0xf589	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:11.802088976 CEST	1.1.1.1	192.168.2.5	0xf589	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:25.776148081 CEST	1.1.1.1	192.168.2.5	0x59b5	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:25.776148081 CEST	1.1.1.1	192.168.2.5	0x59b5	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:01:50.973454952 CEST	1.1.1.1	192.168.2.5	0x152e	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:01:50.973454952 CEST	1.1.1.1	192.168.2.5	0x152e	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 05:02:11.322108984 CEST	1.1.1.1	192.168.2.5	0x4e8c	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 05:02:11.322108984 CEST	1.1.1.1	192.168.2.5	0x4e8c	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

daana-paylaterld.xsits.xyz

https:

code.ionicframework.com

maxcdn.bootstrapcdn.com

cdnjs.cloudflare.com

upload.wikimedia.org

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49712	188.114.97.3	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:01 UTC	669	OUT	GET / HTTP/1.1 Host: daana-paylaterld.xsits.xyz Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:02 UTC	666	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 03:01:01 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Last-Modified: Thu, 01 Aug 2024 01:21:06 GMT Accept-Ranges: bytes CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=av4AQYLhzCJSAKf%2FQocB51%2BQCAfJsIaJv%2FnP0q592%2BDOyxAkTpp0vBBc3zEST1lcG9A1xH8y%2FSiOeWE4sKYLYxbZnw3%2BWRcPqN0k7TGZefLSqvoAk5t9NDbOadLgs6ZjKytyPELpL0j%2FkfQnkg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Speculation-Rules: "/cdn-cgi/speculation" Server: cloudflare CF-RAY: 8c983f2daa664210-EWR
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 33 33 66 63 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 64 61 74 61 2d 68 69 64 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 31 38 65 Data Ascii: 33fc<!DOCTYPE html><html lang="en"><head><meta data-n-head="ssr" charset="utf-8"><meta data-n-head="ssr" name="viewport" content="width=device-width, initial-scale=1"><meta data-n-head="ssr" data-hid="theme-color" name="theme-color" content="#118e
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 22 44 41 4e 41 20 61 64 61 6c 61 68 20 62 65 6e 74 75 6b 20 62 61 72 75 20 75 61 6e 67 20 74 75 6e 61 69 20 79 61 6e 67 20 6c 65 62 69 68 20 62 61 69 6b 2e 20 54 72 61 6e 73 61 6b 73 69 20 61 70 61 70 75 6e 2c 20 62 65 72 61 70 61 70 75 6e 20 64 61 6e 20 64 69 6d 61 6e 61 70 75 6e 20 6a 61 64 69 20 6d 75 64 61 68 20 62 65 72 73 61 6d 61 20 44 41 4e 41 2e 20 41 6d 62 69 6c 20 62 61 67 69 61 6e 20 64 61 6c 61 6d 20 74 72 61 6e 73 66 6f 72 6d 61 73 69 20 6b 65 75 61 6e 67 61 6e 20 64 69 67 69 74 61 6c 20 64 69 20 49 6e 64 6f 6e 65 73 69 61 20 73 65 6b 61 72 61 6e 67 21 22 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 64 61 74 61 2d 68 69 64 3d 22 6f 67 3a 74 69 74 6c 65 22 20 6e 61 6d 65 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 Data Ascii: "DANA adalah bentuk baru uang tunai yang lebih baik. Transaksi apapun, berapapun dan dimanapun jadi mudah bersama DANA. Ambil bagian dalam transformasi keuangan digital di Indonesia sekarang!"><meta data-n-head="ssr" data-hid="og:title" name="og:title" c
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 22 64 6e 73 2d 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 70 70 2e 6c 69 6e 6b 22 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 70 69 32 2e 62 72 61 6e 63 68 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 72 65 6c 3d 22 64 6e 73 2d 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 70 69 32 2e 62 72 61 6e 63 68 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 74 75 62 65 2e 63 6f 6d 22 3e 0a Data Ascii: "dns-prefetch" href="https://app.link"><link data-n-head="ssr" rel="preconnect" href="https://api2.branch.io"><link data-n-head="ssr" rel="dns-prefetch" href="https://api2.branch.io"><link data-n-head="ssr" rel="preconnect" href="https://youtube.com">
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 77 67 68 74 40 35 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4f 70 65 6e 20 53 61 6e 73 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 68 32 20 7b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4f 70 65 6e 20 53 61 6e 73 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 35 70 78 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 38 36 65 Data Ascii: googleapis.com/css2?family=Open+Sans:wght@500&display=swap'); body { font-family: 'Open Sans', sans-serif; } h2 { font-family: 'Open Sans', sans-serif; font-size: 15px; font-weight: bold; color: #0086e
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 3b 0a 20 20 20 20 20 20 20 20 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20 31 70 78 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 62 74 6e 2d 70 75 6e 79 61 20 7b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 70 78 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 70 78 3b 0a Data Ascii: font-weight: bold; color: #000; letter-spacing: 1px; text-align: center; line-height: 1; border-radius: 5px; } .btn-punya { display: block; margin: 0px auto 0 auto; padding: 0px;
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 78 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 33 36 70 78 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 72 67 62 28 30 2c 20 31 33 34 2c 20 32 32 34 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 20 69 6e 69 74 69 61 6c 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 72 67 62 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 72 67 62 28 32 33 37 2c 20 32 33 37 2c 20 32 33 37 29 20 32 70 78 20 32 70 78 20 32 70 78 20 30 70 78 3b 0a Data Ascii: x; width: 536px; max-width: 100%; border: 2px solid rgb(0, 134, 224); border-image: initial; background-color: rgb(255, 255, 255); border-radius: 8px; box-shadow: rgb(237, 237, 237) 2px 2px 2px 0px;
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 73 6c 69 64 65 72 20 2e 73 6c 69 63 6b 2d 73 6c 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 31 35 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 73 6c 69 64 65 72 20 2e 73 6c 69 63 6b 2d 73 6c 69 64 65 20 69 6d 67 20 7b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 31 35 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2f 2a 20 6d 61 6b 65 20 62 75 74 74 6f 6e 20 6c 61 72 67 65 72 20 61 6e 64 20 63 68 61 6e 67 65 20 74 68 Data Ascii: : auto; border-radius: ; } .slider .slick-slide { border-radius: 15px; } .slider .slick-slide img { width: 100%; margin-top: 0px; border-radius: 15px; } /* make button larger and change th
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 20 20 20 20 72 69 67 68 74 3a 20 30 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 73 6c 69 63 6b 2d 70 72 65 76 3a 62 65 66 6f 72 65 2c 0a 20 20 20 20 2e 73 6c 69 63 6b 2d 6e 65 78 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 30 70 78 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 35 29 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2f 2a 20 6d 6f 76 65 20 64 6f 74 74 65 64 20 6e 61 76 20 70 6f 73 69 74 69 6f 6e 20 2a 2f 0a 20 20 20 20 2e 73 6c 69 63 6b 2d 64 6f 74 73 20 7b 0a 20 20 20 20 20 20 20 20 62 6f 74 74 6f 6d 3a 20 30 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2f 2a 20 65 6e 6c 61 72 67 65 20 64 6f 74 73 20 61 6e Data Ascii: right: 0px; } .slick-prev:before, .slick-next:before { font-size: 0px; text-shadow: 0 0 0px rgba(0, 0, 0, 0.5); } /* move dotted nav position / .slick-dots { bottom: 0px; } / enlarge dots an
2024-09-27 03:01:02 UTC	1369	IN	Data Raw: 36 30 35 32 34 2d 45 49 53 32 34 36 2d 65 4d 41 53 5f 45 58 49 53 54 49 4e 47 5f 55 53 45 52 5f 42 5f 4d 41 59 2d 57 65 62 5f 50 72 6f 6d 6f 2d 54 68 75 6d 62 6e 61 69 6c 73 2e 70 6e 67 22 20 61 6c 74 3d 22 49 6d 61 67 65 20 33 22 3e 20 3c 2f 61 3e 20 3c 62 72 3e 20 3c 2f 64 69 76 3e 0a 3c 64 69 76 3e 20 3c 61 20 68 72 65 66 3d 22 69 6e 64 65 78 2e 68 74 6d 6c 23 22 3e 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 2e 6d 2e 64 61 6e 61 2e 69 64 2f 64 61 6e 61 77 65 62 2f 70 72 6f 6d 6f 2f 31 37 31 34 39 37 39 30 38 32 2d 30 33 31 30 32 33 2d 45 49 53 30 34 39 2d 50 47 4e 5f 44 69 73 63 5f 35 30 5f 2d 57 65 62 5f 42 61 6e 6e 65 72 2d 54 68 75 6d 62 6e 61 69 6c 73 2e 70 6e 67 22 20 61 6c 74 3d 22 49 6d 61 67 65 20 34 22 3e 20 3c 2f 61 3e 20 3c Data Ascii: 60524-EIS246-eMAS_EXISTING_USER_B_MAY-Web_Promo-Thumbnails.png" alt="Image 3"> </a> <br> </div><div> <a href="index.html#"> <img src="https://a.m.dana.id/danaweb/promo/1714979082-031023-EIS049-PGN_Disc_50_-Web_Banner-Thumbnails.png" alt="Image 4"> </a> <
2024-09-27 03:01:02 UTC	995	IN	Data Raw: 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0a 3c 68 36 3e 44 61 6e 61 20 54 65 72 64 61 66 74 61 72 20 64 61 6e 20 64 69 61 77 61 73 69 20 6f 6c 65 68 3a 3c 2f 68 36 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 73 73 2d 64 6e 7a 61 6d 6e 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 75 70 6c 6f 61 64 2e 77 69 6b 69 6d 65 64 69 61 2e 6f 72 67 2f 77 69 6b 69 70 65 64 69 61 2f 63 6f 6d 6d 6f 6e 73 2f 33 2f 33 39 2f 42 49 5f 4c 6f 67 6f 2e 70 6e 67 22 20 77 69 64 74 68 3d 22 37 30 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 75 70 6c 6f 61 64 2e 77 69 6b 69 6d 65 64 69 61 2e 6f 72 67 2f 77 69 6b 69 70 65 64 69 61 2f 63 6f 6d 6d 6f 6e 73 2f 74 68 75 6d 62 2f 61 2f 61 32 2f 4c 6f 67 6f 5f 6f Data Ascii: ><div class="row"><h6>Dana Terdaftar dan diawasi oleh:</h6><center><div class="css-dnzamn"><img src="https://upload.wikimedia.org/wikipedia/commons/3/39/BI_Logo.png" width="70"><img src="https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_o

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49719	104.26.7.173	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:03 UTC	582	OUT	GET /ionicons/2.0.1/css/ionicons.min.css HTTP/1.1 Host: code.ionicframework.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://daana-paylaterld.xsits.xyz/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:03 UTC	1026	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 03:01:03 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Last-Modified: Thu, 13 Apr 2023 16:20:19 GMT Access-Control-Allow-Origin: * ETag: W/"64382bc3-c854" expires: Tue, 10 Sep 2024 08:56:28 GMT Cache-Control: max-age=31536000 x-proxy-cache: MISS X-GitHub-Request-Id: F402:112681:58DFD12:61D9659:66E00763 Via: 1.1 varnish Age: 46565 X-Served-By: cache-lga21982-LGA X-Cache: HIT X-Cache-Hits: 4 X-Timer: S1727359499.679757,VS0,VE0 Vary: Accept-Encoding X-Fastly-Request-ID: 7f6f6edaf725b6266eef86fa211cf8854188725b CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uADNO%2Bo4tFR%2FeSuLz%2Fg1QdD%2BT3Wdsgwp9N%2BlDTziBxWgtkELxj2jO633YE3ggr1iHdgxLtIM6wAJGoZQQ8kHCdRn7%2BUjOAS%2FRdO07QB2A0l3hPGEhd3SpNHrZ38NspzFzphFTxirPng"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c983f3649305e79-EWR
2024-09-27 03:01:03 UTC	343	IN	Data Raw: 37 62 61 30 0d 0a 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2f 2a 21 0a 20 20 49 6f 6e 69 63 6f 6e 73 2c 20 76 32 2e 30 2e 31 0a 20 20 43 72 65 61 74 65 64 20 62 79 20 42 65 6e 20 53 70 65 72 72 79 20 66 6f 72 20 74 68 65 20 49 6f 6e 69 63 20 46 72 61 6d 65 77 6f 72 6b 2c 20 68 74 74 70 3a 2f 2f 69 6f 6e 69 63 6f 6e 73 2e 63 6f 6d 2f 0a 20 20 68 74 74 70 73 3a 2f 2f 74 77 69 74 74 65 72 2e 63 6f 6d 2f 62 65 6e 6a 73 70 65 72 72 79 20 20 68 74 74 70 73 3a 2f 2f 74 77 69 74 74 65 72 2e 63 6f 6d 2f 69 6f 6e 69 63 66 72 61 6d 65 77 6f 72 6b 0a 20 20 4d 49 54 20 4c 69 63 65 6e 73 65 3a 20 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 64 72 69 66 74 79 63 6f 2f 69 6f 6e 69 63 6f 6e 73 0a 0a 20 20 41 6e 64 72 6f 69 64 2d 73 74 79 6c 65 20 69 Data Ascii: 7ba0@charset "UTF-8";/*! Ionicons, v2.0.1 Created by Ben Sperry for the Ionic Framework, http://ionicons.com/ https://twitter.com/benjsperry https://twitter.com/ionicframework MIT License: https://github.com/driftyco/ionicons Android-style i
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 61 74 65 72 69 61 6c 2d 64 65 73 69 67 6e 2d 69 63 6f 6e 73 0a 20 20 75 73 65 64 20 75 6e 64 65 72 20 43 43 20 42 59 20 68 74 74 70 3a 2f 2f 63 72 65 61 74 69 76 65 63 6f 6d 6d 6f 6e 73 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 73 2f 62 79 2f 34 2e 30 2f 0a 20 20 4d 6f 64 69 66 69 65 64 20 69 63 6f 6e 73 20 74 6f 20 66 69 74 20 69 6f 6e 69 63 6f 6e e2 80 99 73 20 67 72 69 64 20 66 72 6f 6d 20 6f 72 69 67 69 6e 61 6c 2e 0a 2a 2f 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 49 6f 6e 69 63 6f 6e 73 22 3b 73 72 63 3a 75 72 6c 28 22 2e 2e 2f 66 6f 6e 74 73 2f 69 6f 6e 69 63 6f 6e 73 2e 65 6f 74 3f 76 3d 32 2e 30 2e 31 22 29 3b 73 72 63 3a 75 72 6c 28 22 2e 2e 2f 66 6f 6e 74 73 2f 69 6f 6e 69 63 6f 6e 73 2e 65 6f 74 3f 76 3d 32 2e 30 2e 31 Data Ascii: aterial-design-icons used under CC BY http://creativecommons.org/licenses/by/4.0/ Modified icons to fit ionicons grid from original.*/@font-face{font-family:"Ionicons";src:url("../fonts/ionicons.eot?v=2.0.1");src:url("../fonts/ionicons.eot?v=2.0.1
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 2d 61 6e 64 72 6f 69 64 2d 63 61 6c 6c 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 61 6d 65 72 61 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 61 6e 63 65 6c 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 61 72 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 61 72 74 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 68 61 74 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 68 65 63 6b 62 6f 78 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 68 65 63 6b 62 6f 78 2d 62 6c 61 6e 6b 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 63 68 65 63 6b 62 6f 78 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d Data Ascii: -android-call:before,.ion-android-camera:before,.ion-android-cancel:before,.ion-android-car:before,.ion-android-cart:before,.ion-android-chat:before,.ion-android-checkbox:before,.ion-android-checkbox-blank:before,.ion-android-checkbox-outline:before,.ion-
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6d 61 69 6c 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6d 61 70 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6d 65 6e 75 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6d 69 63 72 6f 70 68 6f 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6d 69 63 72 6f 70 68 6f 6e 65 2d 6f 66 66 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6d 6f 72 65 2d 68 6f 72 69 7a 6f 6e 74 61 6c 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6d 6f 72 65 2d 76 65 72 74 69 63 61 6c 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6e 61 76 69 67 61 74 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 6e 6f 74 69 Data Ascii: ion-android-mail:before,.ion-android-map:before,.ion-android-menu:before,.ion-android-microphone:before,.ion-android-microphone-off:before,.ion-android-more-horizontal:before,.ion-android-more-vertical:before,.ion-android-navigate:before,.ion-android-noti
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 77 6e 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 76 6f 6c 75 6d 65 2d 6d 75 74 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 76 6f 6c 75 6d 65 2d 6f 66 66 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 76 6f 6c 75 6d 65 2d 75 70 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 77 61 6c 6b 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 77 61 72 6e 69 6e 67 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 77 61 74 63 68 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 6e 64 72 6f 69 64 2d 77 69 66 69 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 70 65 72 74 75 72 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 72 63 68 69 76 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 61 72 Data Ascii: wn:before,.ion-android-volume-mute:before,.ion-android-volume-off:before,.ion-android-volume-up:before,.ion-android-walk:before,.ion-android-warning:before,.ion-android-watch:before,.ion-android-wifi:before,.ion-aperture:before,.ion-archive:before,.ion-ar
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6f 6e 2d 63 68 61 74 62 6f 78 2d 77 6f 72 6b 69 6e 67 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 61 74 62 6f 78 65 73 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 61 74 62 75 62 62 6c 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 61 74 62 75 62 62 6c 65 2d 77 6f 72 6b 69 6e 67 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 61 74 62 75 62 62 6c 65 73 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 65 63 6b 6d 61 72 6b 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 65 63 6b 6d 61 72 6b 2d 63 69 72 63 6c 65 64 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 65 63 6b 6d 61 72 6b 2d 72 6f 75 6e 64 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 65 76 72 6f 6e 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 63 68 65 76 72 6f 6e 2d 6c 65 66 74 3a 62 65 66 6f 72 65 Data Ascii: on-chatbox-working:before,.ion-chatboxes:before,.ion-chatbubble:before,.ion-chatbubble-working:before,.ion-chatbubbles:before,.ion-checkmark:before,.ion-checkmark-circled:before,.ion-checkmark-round:before,.ion-chevron-down:before,.ion-chevron-left:before
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 61 64 70 68 6f 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 68 65 61 72 74 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 68 65 61 72 74 2d 62 72 6f 6b 65 6e 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 68 65 6c 70 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 68 65 6c 70 2d 62 75 6f 79 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 68 65 6c 70 2d 63 69 72 63 6c 65 64 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 68 6f 6d 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 63 65 63 72 65 61 6d 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6d 61 67 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6d 61 67 65 73 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6e 66 6f 72 6d 61 74 69 6f 6e 2d 63 69 72 63 6c 65 64 3a 62 65 66 6f 72 65 2c 2e 69 Data Ascii: adphone:before,.ion-heart:before,.ion-heart-broken:before,.ion-help:before,.ion-help-buoy:before,.ion-help-circled:before,.ion-home:before,.ion-icecream:before,.ion-image:before,.ion-images:before,.ion-information:before,.ion-information-circled:before,.i
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 69 65 66 63 61 73 65 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 62 72 6f 77 73 65 72 73 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 62 72 6f 77 73 65 72 73 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 63 61 6c 63 75 6c 61 74 6f 72 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 63 61 6c 63 75 6c 61 74 6f 72 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 63 61 6c 65 6e 64 61 72 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 63 61 6c 65 6e 64 61 72 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 63 61 6d 65 72 61 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 63 61 6d 65 72 61 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c Data Ascii: iefcase-outline:before,.ion-ios-browsers:before,.ion-ios-browsers-outline:before,.ion-ios-calculator:before,.ion-ios-calculator-outline:before,.ion-ios-calendar:before,.ion-ios-calendar-outline:before,.ion-ios-camera:before,.ion-ios-camera-outline:before,
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6f 70 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 63 72 6f 70 2d 73 74 72 6f 6e 67 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 64 6f 77 6e 6c 6f 61 64 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 64 6f 77 6e 6c 6f 61 64 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 64 72 61 67 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 65 6d 61 69 6c 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 65 6d 61 69 6c 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 65 79 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 65 79 65 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 66 61 73 74 66 6f 72 77 61 72 64 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 66 Data Ascii: op:before,.ion-ios-crop-strong:before,.ion-ios-download:before,.ion-ios-download-outline:before,.ion-ios-drag:before,.ion-ios-email:before,.ion-ios-email-outline:before,.ion-ios-eye:before,.ion-ios-eye-outline:before,.ion-ios-fastforward:before,.ion-ios-f
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6e 69 63 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6b 65 79 70 61 64 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6b 65 79 70 61 64 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6c 69 67 68 74 62 75 6c 62 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6c 69 67 68 74 62 75 6c 62 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6c 69 73 74 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6c 69 73 74 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6c 6f 63 61 74 69 6f 6e 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6c 6f 63 61 74 69 6f 6e 2d 6f 75 74 6c 69 6e 65 3a 62 65 66 6f 72 65 2c 2e 69 6f 6e 2d 69 6f 73 2d 6c 6f 63 6b 65 Data Ascii: nic-outline:before,.ion-ios-keypad:before,.ion-ios-keypad-outline:before,.ion-ios-lightbulb:before,.ion-ios-lightbulb-outline:before,.ion-ios-list:before,.ion-ios-list-outline:before,.ion-ios-location:before,.ion-ios-location-outline:before,.ion-ios-locke

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49718	104.18.10.207	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:03 UTC	584	OUT	GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://daana-paylaterld.xsits.xyz/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:03 UTC	903	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 03:01:03 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: US Access-Control-Allow-Origin: * Cache-Control: public, max-age=31919000 ETag: W/"5d5357cb3704e1f43a1f5bfed2aebf42" Last-Modified: Mon, 25 Jan 2021 22:03:59 GMT CDN-ProxyVer: 1.03 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 CDN-CachedAt: 01/30/2023 12:48:48 CDN-EdgeStorageId: 718 timing-allow-origin: * cross-origin-resource-policy: cross-origin X-Content-Type-Options: nosniff CDN-Status: 200 CDN-RequestId: fde036789c7315304415843c399085ea CDN-Cache: HIT CF-Cache-Status: HIT Age: 17048394 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 8c983f364ca042fb-EWR
2024-09-27 03:01:03 UTC	466	IN	Data Raw: 37 63 31 39 0d 0a 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 35 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 2a 2f 68 74 6d 6c 7b Data Ascii: 7c19/! Bootstrap v3.3.5 (http://getbootstrap.com) * Copyright 2011-2015 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) //! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css */html{
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 70 72 6f 67 72 65 73 73 2c 76 69 64 65 6f 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 62 61 73 65 6c 69 6e 65 7d 61 75 64 69 6f 3a 6e 6f 74 28 5b 63 6f 6e 74 72 6f 6c 73 5d 29 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 68 65 69 67 68 74 3a 30 7d 5b 68 69 64 64 65 6e 5d 2c 74 65 6d 70 6c 61 74 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 61 3a 61 63 74 69 76 65 2c 61 3a 68 6f 76 65 72 7b 6f 75 74 6c 69 6e 65 3a 30 7d 61 62 62 72 5b 74 69 74 6c 65 5d 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 64 6f 74 74 65 64 7d 62 2c 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d Data Ascii: progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 63 61 6e 63 65 6c 2d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 64 65 63 6f 72 61 74 69 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 36 32 35 65 6d 20 2e 37 35 65 6d 3b 6d 61 72 67 69 6e Data Ascii: g:content-box;-moz-box-sizing:content-box;box-sizing:content-box;-webkit-appearance:textfield}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}fieldset{padding:.35em .625em .75em;margin
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 3a 27 47 6c 79 70 68 69 63 6f 6e 73 20 48 61 6c 66 6c 69 6e 67 73 27 3b 73 72 63 3a 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 65 6f 74 29 3b 73 72 63 3a 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 65 6f 74 3f 23 69 65 66 69 78 29 20 66 6f 72 6d 61 74 28 27 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c 69 6e 67 73 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 2c 75 72 6c 28 2e 2e 2f 66 6f 6e 74 73 2f 67 6c 79 70 68 69 63 6f 6e 73 2d 68 61 6c 66 6c Data Ascii: :'Glyphicons Halflings';src:url(../fonts/glyphicons-halflings-regular.eot);src:url(../fonts/glyphicons-halflings-regular.eot?#iefix) format('embedded-opentype'),url(../fonts/glyphicons-halflings-regular.woff2) format('woff2'),url(../fonts/glyphicons-halfl
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6e 2d 74 68 2d 6c 69 73 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 6d 6f 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 7a 6f 6f 6d 2d 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 7a 6f 6f 6d 2d 6f 75 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 66 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 31 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 69 67 6e 61 6c 3a 62 65 66 Data Ascii: n-th-list:before{content:"\e012"}.glyphicon-ok:before{content:"\e013"}.glyphicon-remove:before{content:"\e014"}.glyphicon-zoom-in:before{content:"\e015"}.glyphicon-zoom-out:before{content:"\e016"}.glyphicon-off:before{content:"\e017"}.glyphicon-signal:bef
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 61 6d 65 72 61 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6e 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 62 6f 6c 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 69 74 61 6c 69 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 34 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 68 65 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 35 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 65 78 74 2d 77 69 64 74 68 3a 62 65 66 6f Data Ascii: before{content:"\e045"}.glyphicon-camera:before{content:"\e046"}.glyphicon-font:before{content:"\e047"}.glyphicon-bold:before{content:"\e048"}.glyphicon-italic:before{content:"\e049"}.glyphicon-text-height:before{content:"\e050"}.glyphicon-text-width:befo
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 2d 65 6a 65 63 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 37 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 37 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 6c 75 73 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6d 69 6e 75 73 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 38 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 6d 6f 76 65 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 Data Ascii: -eject:before{content:"\e078"}.glyphicon-chevron-left:before{content:"\e079"}.glyphicon-chevron-right:before{content:"\e080"}.glyphicon-plus-sign:before{content:"\e081"}.glyphicon-minus-sign:before{content:"\e082"}.glyphicon-remove-sign:before{content:"\e
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6e 2d 6d 61 67 6e 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 68 65 76 72 6f 6e 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 74 77 65 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 63 61 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 31 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6f 6c 64 65 72 2d 63 6c 6f 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c Data Ascii: n-magnet:before{content:"\e112"}.glyphicon-chevron-up:before{content:"\e113"}.glyphicon-chevron-down:before{content:"\e114"}.glyphicon-retweet:before{content:"\e115"}.glyphicon-shopping-cart:before{content:"\e116"}.glyphicon-folder-close:before{content:"\
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 68 65 61 72 74 2d 65 6d 70 74 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6c 69 6e 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 68 6f 6e 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 75 73 68 70 69 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 75 73 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 34 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 67 62 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 Data Ascii: {content:"\e142"}.glyphicon-heart-empty:before{content:"\e143"}.glyphicon-link:before{content:"\e144"}.glyphicon-phone:before{content:"\e145"}.glyphicon-pushpin:before{content:"\e146"}.glyphicon-usd:before{content:"\e148"}.glyphicon-gbp:before{content:"\e
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6e 74 65 6e 74 3a 22 5c 65 31 37 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6c 6f 70 70 79 2d 73 61 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 66 6c 6f 70 70 79 2d 6f 70 65 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 72 65 64 69 74 2d 63 61 72 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 37 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 74 72 61 6e 73 66 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 75 74 6c 65 72 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 37 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 68 65 61 64 65 72 3a Data Ascii: ntent:"\e174"}.glyphicon-floppy-save:before{content:"\e175"}.glyphicon-floppy-open:before{content:"\e176"}.glyphicon-credit-card:before{content:"\e177"}.glyphicon-transfer:before{content:"\e178"}.glyphicon-cutlery:before{content:"\e179"}.glyphicon-header:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49732	104.17.24.14	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:03 UTC	566	OUT	GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://daana-paylaterld.xsits.xyz/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:03 UTC	929	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 03:01:03 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb09ed3-15d84" Last-Modified: Mon, 04 May 2020 23:01:39 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 591160 Expires: Wed, 17 Sep 2025 03:01:03 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tsjTkce1BsFs1enhBFDUehfCvAnO%2BcFwCee8YshJ0kOHWeT0O5AJvKyl8IGiYCEB6blH%2FkNYTDEsy6CvLeLWyBU2S9y%2FN6ReIa65shKfHPYln6o63qedVvpeOZpFljwNKuJoKcQp"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8c983f364f6015c7-EWR
2024-09-27 03:01:03 UTC	440	IN	Data Raw: 37 62 66 64 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 31 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a Data Ascii: 7bfd/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("j
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 66 6c 61 74 2e 63 61 6c 6c 28 65 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 63 6f 6e 63 61 74 2e 61 70 70 6c 79 28 5b 5d 2c 65 29 7d 2c 75 3d 74 2e 70 75 73 68 2c 69 3d 74 2e 69 6e 64 65 78 4f 66 2c 6e 3d 7b 7d 2c 6f 3d 6e 2e 74 6f 53 74 72 69 6e 67 2c 76 3d 6e 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 61 3d 76 2e 74 6f 53 74 72 69 6e 67 2c 6c 3d 61 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 29 2c 79 3d 7b 7d 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 65 2e 6e 6f 64 65 54 79 70 65 7d 2c 78 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 Data Ascii: on(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 74 2b 31 29 25 32 7d 29 29 7d 2c 6f 64 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 25 32 7d 29 29 7d 2c 65 71 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 6c 65 6e 67 74 68 2c 6e 3d 2b 65 2b 28 65 3c 30 3f 74 3a 30 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 30 3c 3d 6e 26 26 6e 3c 74 3f 5b 74 68 69 73 5b 6e 5d 5d 3a 5b 5d 29 7d 2c 65 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 Data Ascii: s.pushStack(S.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(S.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 6e 3d 74 7c 7c 5b 5d 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 28 70 28 4f 62 6a 65 63 74 28 65 29 29 3f 53 2e 6d 65 72 67 65 28 6e 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 3f 5b 65 5d 3a 65 29 3a 75 2e 63 61 6c 6c 28 6e 2c 65 29 29 2c 6e 7d 2c 69 6e 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 74 3f 2d 31 3a 69 2e 63 61 6c 6c 28 74 2c 65 2c 6e 29 7d 2c 6d 65 72 67 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 2b 74 2e 6c 65 6e 67 74 68 2c 72 3d 30 2c 69 3d 65 2e 6c 65 6e 67 74 68 3b 72 3c 6e 3b 72 2b 2b 29 65 5b 69 2b 2b 5d 3d 74 5b 72 5d 3b 72 65 74 75 72 6e 20 65 2e 6c 65 6e 67 74 68 3d 69 2c 65 7d 2c 67 72 65 70 3a 66 75 6e 63 74 69 6f Data Ascii: n=t\|\|[];return null!=e&&(p(Object(e))?S.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:functio
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 7c 28 22 2b 49 2b 22 29 29 7c 29 22 2b 4d 2b 22 2a 5c 5c 5d 22 2c 46 3d 22 3a 28 22 2b 49 2b 22 29 28 3f 3a 5c 5c 28 28 28 27 28 28 3f 3a 5c 5c 5c 5c 2e 7c 5b 5e 5c 5c 5c 5c 27 5d 29 2a 29 27 7c 5c 22 28 28 3f 3a 5c 5c 5c 5c 2e 7c 5b 5e 5c 5c 5c 5c 5c 22 5d 29 2a 29 5c 22 29 7c 28 28 3f 3a 5c 5c 5c 5c 2e 7c 5b 5e 5c 5c 5c 5c 28 29 5b 5c 5c 5d 5d 7c 22 2b 57 2b 22 29 2a 29 7c 2e 2a 29 5c 5c 29 7c 29 22 2c 42 3d 6e 65 77 20 52 65 67 45 78 70 28 4d 2b 22 2b 22 2c 22 67 22 29 2c 24 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4d 2b 22 2b 7c 28 28 3f 3a 5e 7c 5b 5e 5c 5c 5c 5c 5d 29 28 3f 3a 5c 5c 5c 5c 2e 29 2a 29 22 2b 4d 2b 22 2b 24 22 2c 22 67 22 29 2c 5f 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4d 2b 22 2a 2c 22 2b 4d 2b 22 2a 22 29 2c 7a 3d 6e Data Ascii: \|("+I+"))\|)"+M+"\\]",F=":("+I+")(?:\$(('((?:\\\\.\|[^\\\\']))'\|\"((?:\\\\.\|[^\\\\\"]))\")\|((?:\\\\.\|[^\\\\()[\\]]\|"+W+"))\|.)\$\|)",B=new RegExp(M+"+","g"),$=new RegExp("^"+M+"+\|((?:^\|[^\\\\])(?:\\\\.))"+M+"+$","g"),_=new RegExp("^"+M+","+M+""),z=n
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 30 3d 3d 3d 65 2e 64 69 73 61 62 6c 65 64 26 26 22 66 69 65 6c 64 73 65 74 22 3d 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 2c 7b 64 69 72 3a 22 70 61 72 65 6e 74 4e 6f 64 65 22 2c 6e 65 78 74 3a 22 6c 65 67 65 6e 64 22 7d 29 3b 74 72 79 7b 48 2e 61 70 70 6c 79 28 74 3d 4f 2e 63 61 6c 6c 28 70 2e 63 68 69 6c 64 4e 6f 64 65 73 29 2c 70 2e 63 68 69 6c 64 4e 6f 64 65 73 29 2c 74 5b 70 2e 63 68 69 6c 64 4e 6f 64 65 73 2e 6c 65 6e 67 74 68 5d 2e 6e 6f 64 65 54 79 70 65 7d 63 61 74 63 68 28 65 29 7b 48 3d 7b 61 70 70 6c 79 3a 74 2e 6c 65 6e 67 74 68 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 4c 2e 61 70 70 6c 79 28 65 2c 4f 2e 63 61 6c 6c 28 74 29 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 65 2e Data Ascii: 0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 68 26 26 64 65 6c 65 74 65 20 65 5b 72 2e 73 68 69 66 74 28 29 5d 2c 65 5b 74 2b 22 20 22 5d 3d 6e 7d 7d 66 75 6e 63 74 69 6f 6e 20 6c 65 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 53 5d 3d 21 30 2c 65 7d 66 75 6e 63 74 69 6f 6e 20 63 65 28 65 29 7b 76 61 72 20 74 3d 43 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 66 69 65 6c 64 73 65 74 22 29 3b 74 72 79 7b 72 65 74 75 72 6e 21 21 65 28 74 29 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 21 31 7d 66 69 6e 61 6c 6c 79 7b 74 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 2c 74 3d 6e 75 6c 6c 7d 7d 66 75 6e 63 74 69 6f 6e 20 66 65 28 65 2c 74 29 7b 76 61 72 20 6e 3d 65 2e 73 70 6c 69 74 28 22 7c 22 29 2c 72 3d 6e 2e 6c 65 6e 67 74 68 Data Ascii: h&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("\|"),r=n.length
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 45 6c 65 6d 65 6e 74 26 26 28 61 3d 28 43 3d 72 29 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 45 3d 21 69 28 43 29 2c 70 21 3d 43 26 26 28 6e 3d 43 2e 64 65 66 61 75 6c 74 56 69 65 77 29 26 26 6e 2e 74 6f 70 21 3d 3d 6e 26 26 28 6e 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 6e 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 75 6e 6c 6f 61 64 22 2c 6f 65 2c 21 31 29 3a 6e 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 6e 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 75 6e 6c 6f 61 64 22 2c 6f 65 29 29 2c 64 2e 73 63 6f 70 65 3d 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 61 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 43 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 Data Ascii: Element&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("d
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 75 72 6e 5b 5d 7d 7d 29 2c 62 2e 66 69 6e 64 2e 54 41 47 3d 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 65 29 3a 64 2e 71 73 61 3f 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 65 29 3a 76 6f 69 64 20 30 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 5b 5d 2c 69 3d 30 2c 6f 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 65 29 3b 69 66 28 22 2a 22 3d 3d 3d 65 29 7b 77 68 69 6c 65 28 6e 3d 6f 5b 69 2b 2b 5d 29 31 3d 3d Data Ascii: urn[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1==
2024-09-27 03:01:03 UTC	1369	IN	Data Raw: 74 41 74 74 72 69 62 75 74 65 28 22 6e 61 6d 65 22 2c 22 44 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 6e 61 6d 65 3d 64 5d 22 29 2e 6c 65 6e 67 74 68 26 26 76 2e 70 75 73 68 28 22 6e 61 6d 65 22 2b 4d 2b 22 2a 5b 2a 5e 24 7c 21 7e 5d 3f 3d 22 29 2c 32 21 3d 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 65 6e 61 62 6c 65 64 22 29 2e 6c 65 6e 67 74 68 26 26 76 2e 70 75 73 68 28 22 3a 65 6e 61 62 6c 65 64 22 2c 22 3a 64 69 73 61 62 6c 65 64 22 29 2c 61 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 64 69 73 61 62 6c 65 64 3d 21 30 2c 32 21 3d 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 64 69 73 61 62 6c 65 64 22 29 2e 6c 65 6e 67 74 68 26 26 76 2e 70 75 73 68 28 22 3a 65 6e 61 62 6c 65 Data Ascii: tAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"[^$\|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enable

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.5	49731	185.15.59.240	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:03 UTC	667	OUT	GET /wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.svg.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://daana-paylaterld.xsits.xyz/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:03 UTC	1056	IN	HTTP/1.1 200 OK content-type: image/png content-disposition: inline;filename=UTF-8''Logo_dana_blue.svg.png last-modified: Fri, 17 Jun 2022 03:44:43 GMT content-length: 57856 date: Thu, 26 Sep 2024 08:18:11 GMT server: envoy etag: ce2796eedfd05a7381fe2f03c410c796 age: 67372 x-cache: cp3079 hit, cp3079 hit/2 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3079" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.33 x-content-type-options: nosniff access-control-allow-origin: access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2024-09-27 03:01:03 UTC	13839	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 0a 00 00 00 02 da 08 06 00 00 00 fd 1e 0a f6 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 80 00 49 44 41 54 78 da ec dd 77 98 5c 75 bd f8 f1 f7 f7 cc 96 24 5b 92 cd 96 14 3a 52 43 07 a5 37 91 5e 45 29 22 4d 44 a5 69 20 d9 dd 04 bd 2a ab f7 0a 24 bb 9b 60 14 35 a0 5e ec 82 5d b8 28 0a ea 15 b0 03 56 44 51 90 62 ca ce 6c 12 48 42 c8 66 67 be bf 3f c2 fd a9 08 64 93 cc cc 4e 79 bf 9e 27 0f e5 d9 6c 79 9f 33 7b ce 99 f9 cc f7 04 24 49 f9 73 fd b2 f1 d4 84 09 84 a1 09 84 64 02 d9 30 81 c0 04 c8 4d 20 84 09 44 c6 01 Data Ascii: PNGIHDRgAMAa cHRMz&u0`:pQ<bKGDIDATxw\u$[:RC7^E)"MDi *$`5^](VDQblHBfg?dNy'ly3{$Isd0M D
2024-09-27 03:01:03 UTC	16320	IN	Data Raw: 20 55 a0 fe a5 7b 11 93 bb 81 36 63 48 c5 16 de 4d 57 db f5 76 90 4a d0 0d 4b 27 31 9c fa 3e c4 3d 8c 21 15 f3 d0 18 bf c7 ca d5 a7 39 04 28 95 a0 f5 b7 fd bd 91 c0 65 c6 90 8a 6a 35 c4 13 e9 ea f8 71 45 1c ea 47 ed 2b f7 0d fc 14 c2 81 ee 4f 92 a4 d1 d4 54 17 38 60 4a 0d af db aa 96 a3 b7 a9 65 9f 8e 9a 8a 5b dd 2f 5f 1e 7b 26 cb dd 4f ac e3 9e 27 87 f9 fe 13 43 ac 58 eb 0a 81 2a e7 0b 6a de 41 77 fb cd 86 50 49 72 00 50 aa 46 f7 b1 ae f6 54 de 3d 61 b9 29 a4 0a e1 f0 9f 54 02 c2 6c ba da e6 da 41 2a 21 7d 8b da a0 f6 47 c0 6e c6 90 46 e3 d0 e8 10 a0 54 72 1c fe 93 46 db b3 c4 70 2c dd 6d 3f 2f fb c3 fc a8 7c d5 f5 4f 80 fd da fd 48 92 54 6c ad 63 c3 fa 15 fe b6 a8 e1 b5 5b d7 b2 7b 5b 0d ce fb 6d bc e1 1c fc 74 d1 3a be f5 d7 75 7c e3 2f 43 3c fe 4c d6 Data Ascii: U{6cHMWvJK'1>=!9(ej5qEG+OT8`Je[/_{&O'CXjAwPIrPFT=a)TlA!}GnFTrFp,m?/\|OHTlc[{[mt:u\|/C<L
2024-09-27 03:01:03 UTC	16320	IN	Data Raw: 31 00 4c 80 73 d6 df 90 e4 bd 82 68 ed 1b f2 d2 2b d6 89 81 65 6b 62 13 a7 5d 55 ba 2f 7b 4f 74 ed 1c 2b a4 63 c3 b0 1d 0d cf 2c 53 d5 00 d8 7f 76 77 ca 80 15 a4 e1 b4 8d 13 f6 fa 41 1e 3d 96 a2 c5 da b1 f5 eb b1 51 cf b3 52 0f 9b 67 ad 5d 7e 3d 9d 00 68 52 04 00 80 c1 b0 79 03 30 29 4a 7d 8d 10 5a 5b 9b c5 e3 be 56 0c 2c 5b 47 4d d5 4a 93 4b bf 74 9d 39 0c 5f d7 09 80 2d 39 01 90 e5 16 a9 6b 65 d0 77 76 ae 4f c6 f3 36 2e 6e 7f 6c 15 02 3d b2 76 6c e7 40 1e 35 77 95 18 b0 76 1c 87 d2 22 3d 34 00 3a 62 1e 00 00 06 a3 33 a3 b6 06 98 14 6b 66 de 90 c4 a6 4d 5b 4d 5c 03 4c 3f 45 d5 46 19 b4 50 e2 4b 75 56 ce fe 0d 5f 4c 72 50 10 7d 9b 4b ad 45 0c 2c 63 92 77 02 60 bf ba dd 03 42 60 05 eb 59 6b c9 36 4e b8 d2 bb 91 5e 39 ec aa 9d cb 72 7a 71 e2 26 2b e3 ec 8d Data Ascii: 1Lsh+ekb]U/{Ot+c,SvwA=QRg]~=hRy0)J}Z[V,[GMJKt9_-9kewvO6.nl=vl@5wv"=4:b3kfM[M\L?EFPKuV_LrP}KE,cw`B`Yk6N^9rzq&+
2024-09-27 03:01:03 UTC	11377	IN	Data Raw: 49 9e 72 e2 6c be ed 61 6b f2 d4 93 67 f2 ad a7 ac c9 c3 8e b2 76 7c 30 07 bb 35 9f dd d9 cd 27 6f 5d cc bf ef e8 e6 df 77 2c e6 d3 3b ba d9 bb e0 7b 0a 00 46 e2 65 22 00 60 95 7a 6f 16 3b 3f 98 e7 9e 70 97 28 80 56 34 4f 32 2a a5 36 5a 93 80 d5 3b 47 79 3f 32 e2 27 10 75 2d 00 5f d2 34 0e 67 1e 9c d9 91 fd 9d 4b e7 cf 53 ab 06 40 c6 5a b7 26 1f bd 65 31 1f bd 65 f1 cb 7f ec d4 a3 3b 79 ea c9 6b f2 e4 8d 33 79 f2 c6 99 7c c3 c6 d9 9c 78 c4 f4 4c 5a 77 1c a8 b9 fc 8e 6e 2e bb a3 9b cb ef 68 72 f9 1d dd 7c e1 f6 c5 5c 76 7b d7 c9 7e 00 ac 16 77 a5 76 5f 2b 06 00 56 a1 7f cc 9e 3d 3f 9e 6d 8f 3e 20 0a a0 3d 27 a5 30 aa 47 af 36 a9 1e 3f 18 32 6d b6 fd 6a 34 12 31 d2 91 ab 05 b5 af da 42 6a f4 b4 fc f1 9c c0 b8 e9 1e 56 93 45 39 0c c8 e8 1a 00 d7 dc f1 ba 1c Data Ascii: Irlakgv\|05'o]w,;{Fe"`zo;?p(V4O2*6Z;Gy?2'u-_4gKS@Z&e1e;yk3y\|xLZwn.hr\|\v{~wv_+V=?m> ='0G6?2mj41BjVE9

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.5	49728	185.15.59.240	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:03 UTC	624	OUT	GET /wikipedia/commons/3/39/BI_Logo.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://daana-paylaterld.xsits.xyz/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:03 UTC	1046	IN	HTTP/1.1 200 OK content-type: image/png x-object-meta-sha1base36: l2hsbyv5arb61j4twhw3ufa8f23ook1 etag: 99ad31b4cc19d72c78096d9ede3fba8f last-modified: Fri, 23 Sep 2022 02:47:41 GMT content-length: 53230 date: Thu, 26 Sep 2024 08:18:11 GMT server: envoy age: 67371 x-cache: cp3079 hit, cp3079 hit/2 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3079" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.33 x-content-type-options: nosniff access-control-allow-origin: * access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2024-09-27 03:01:03 UTC	13849	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 08 99 00 00 02 b9 08 06 00 00 00 16 ac 6d e0 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 26 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 Data Ascii: PNGIHDRmtEXtSoftwareAdobe ImageReadyqe<&iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22
2024-09-27 03:01:03 UTC	16320	IN	Data Raw: fe 90 68 b8 c6 1f d9 53 93 fb 4a a2 c9 de 98 f0 1d e0 44 9b fc 81 41 d9 cb da df 2f c1 04 6a 35 6d 95 2e ed 62 db db b3 1a c6 60 2b f9 96 24 f7 d4 f4 23 c7 b2 63 aa 41 21 2a 7b cb bd 9d c4 04 af 98 c4 6a 25 89 e2 fa 1a c7 9b 77 d5 38 b6 9a 6f d9 d8 4a bb 8b 76 77 ff f7 a7 85 84 4e a7 53 e2 77 c5 55 4c 96 1a 56 1c 0b 2d af 8b 4b ae c8 5d e9 d5 f8 b3 46 da b6 cd f9 75 35 dd a0 80 d4 1d 3a 14 3e f1 be 3b 92 3a a5 0f cc 7e 51 b9 34 bb 73 0a d7 52 c5 de c7 6d 7e 48 d2 ab f9 e7 9d 94 e0 d0 77 63 15 5d 47 d0 18 f9 c3 f1 d9 92 bf f6 ac c9 1f a8 9d e4 49 a8 49 d6 c6 c5 fe 63 7c f8 53 c7 8a 36 a7 9a f0 a0 3d 3b c7 18 93 e3 15 ff 98 18 ef 8e 24 d6 3d d5 d5 d9 1a eb ea 48 68 d7 d6 0b da 5d 68 fe 58 38 5e bf 63 25 7e 65 13 ef 81 5e 28 a2 e8 3a 19 cd 3e 4e d4 fc 63 7b Data Ascii: hSJDA/j5m.b`+$#cA!*{j%w8oJvwNSwULV-K]Fu5:>;:~Q4sRm~Hwc]GIIc\|S6=;$=Hh]hX8^c%~e^(:>Nc{
2024-09-27 03:01:03 UTC	16320	IN	Data Raw: 46 3b df 62 e3 3e d0 90 cb 7e 7a d4 18 27 75 34 7c e6 4e f7 07 32 99 00 00 00 7b bc bf 86 4a 51 df 4d 94 99 27 8d de 0d 25 27 59 4c 14 14 e6 98 99 bd a5 e1 ad 71 08 9c b5 51 ed 62 3e 57 98 11 a9 e6 8f ec 97 2b f4 c6 96 94 dd 39 18 19 dd 40 a4 39 7b 38 02 e1 ea 25 ae d7 c8 40 01 ba c5 85 1e 3a c4 ec 4a 25 d7 44 87 25 4b 17 74 bc 7f d9 e0 92 46 f2 99 ce 78 ff 29 5c 80 49 db 3a cc 3a 5b 9e 94 6c 5b b2 63 59 a6 f9 2b 99 77 c4 1f f5 70 86 32 63 ca d3 4b 56 2e 02 54 87 0d a4 59 ef 35 e4 ae ea bc 2c 3a be ee db b5 90 2e 9b 58 7b ac ae b0 8f ad 14 55 57 f1 41 86 1b b7 25 67 39 9f ca ae 5f 86 5c fa b0 3a 0a 32 51 74 fe 03 40 49 f8 f1 ab ff 8b 4e f0 97 3a 5d 00 59 29 a0 72 4b 2b f9 e3 8c f2 57 4d b9 b8 31 60 6f a7 bb 74 76 a1 30 67 db 37 13 01 de 08 ac 30 15 ba c7 Data Ascii: F;b>~z'u4\|N2{JQM'%'YLqQb>W+9@9{8%@:J%D%KtFx)\I::[l[cY+wp2cKV.TY5,:.X{UWA%g9_\:2Qt@IN:]Y)rK+WM1`otv0g70
2024-09-27 03:01:03 UTC	6741	IN	Data Raw: ba 4c 63 df 3f 0a de 7e d8 5a 9a 6e bc 98 e9 51 16 7d 3c f0 5a 2d f0 7e 39 4f 9f fb a8 e6 7b c4 41 d3 57 1a 0f 55 29 46 b9 d0 97 cb 8f e4 47 c5 6d af 44 69 81 6e c4 04 75 9f a9 8d 61 3c 7c 5e f8 59 b5 27 06 9d 6f a8 6e 17 a4 5d a4 ef fd d5 00 7d c5 54 e2 cf ba 86 dc 88 62 5d 3d 61 2e c8 71 39 e3 6e 9c b1 a2 22 06 b7 d8 76 e8 93 2b c2 8c c5 96 95 31 41 bb 51 60 02 8d 6d 06 08 e0 d6 13 bc 4e 53 fb 9b 17 bf 75 6b 5a fd db a4 48 e4 8d 2d 6d 5b ff 4e 62 02 e0 78 ff fa 28 81 9c e4 f7 b7 f8 e3 b8 16 f6 7d 5f 17 f6 a1 47 3d 6e 5f 2c 9e 60 0a 6d 29 56 59 96 1c e3 77 e6 f8 3e 0a b8 67 c6 11 03 85 13 c7 a5 cc 26 1e 6a 12 d7 7c 5d a4 e3 4a ea 1b e4 47 b5 95 b6 9b ab 1e df 77 32 64 ac 96 0a ee 4b 0a e0 ae b5 27 c6 f2 9d c7 8e 71 d5 ed f3 ec d2 23 7b 9f cd f1 c8 9c f4 Data Ascii: Lc?~ZnQ}<Z-~9O{AWU)FGmDinua<\|^Y'on]}Tb]=a.q9n"v+1AQ`mNSukZH-m[Nbx(}_G=n_,`m)VYw>g&j\|]JGw2dK'q#{

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.5	49730	185.15.59.240	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:03 UTC	816	OUT	GET /wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg/773px-Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://daana-paylaterld.xsits.xyz/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:03 UTC	1131	IN	HTTP/1.1 200 OK content-type: image/png content-disposition: inline;filename=UTF-8''Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png etag: 81dfe426089387192e5ed8db1e1ac310 last-modified: Sun, 07 Jul 2024 01:10:37 GMT content-length: 51669 date: Thu, 26 Sep 2024 08:18:11 GMT server: envoy age: 67372 x-cache: cp3079 hit, cp3079 hit/2 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3079" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.33 x-content-type-options: nosniff access-control-allow-origin: access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2024-09-27 03:01:03 UTC	13764	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 05 00 00 03 01 08 06 00 00 00 be f4 18 6f 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 07 74 49 4d 45 07 e8 07 07 01 0a 23 40 7e 24 29 00 00 80 00 49 44 41 54 78 da ec dd 77 7c 55 f5 fd c7 f1 d7 e7 dc 84 8d 08 0a 09 43 05 b7 22 61 24 80 03 b5 38 3a dc da 82 db 3a 20 a8 ad 55 6b 87 6d b5 a5 cb f9 b3 ee 41 c0 51 77 b1 75 af 2a 8a ad 8a 20 09 10 10 07 38 50 19 61 29 c8 4e 72 cf e7 f7 47 52 15 65 64 dc 79 ee fb f9 78 f0 68 85 e4 dc 73 de df 73 cf 3d ef 7b 16 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 Data Ascii: PNGIHDRogAMAa cHRMz&u0`:pQ<bKGDtIME#@~$)IDATxw\|UC"a$8:: UkmAQwu* 8Pa)NrGRedyxhss={
2024-09-27 03:01:03 UTC	16320	IN	Data Raw: 8d e1 b7 87 79 c1 ef b8 cd 56 2b 8e ad eb 32 cb 0b 62 ce 61 ee 1c 0e 1c 0e ba df b9 64 bd 0f 80 c7 82 90 c7 17 f6 e3 0d cc a2 7b b7 ce ba cf da 57 80 5e 1e da de 8c b3 77 34 fc 2a 05 11 52 b1 af e1 6f 28 87 a4 4a fa 05 c6 41 69 7c ac 63 23 14 b5 a4 d0 1b 6e 36 82 31 f6 b6 a2 d8 b2 c2 19 de 9b 80 a3 dc 39 ba fe 02 e1 40 a9 48 44 cd c7 79 20 06 77 2d e8 67 73 22 5a 0c 76 31 fc 55 0f ec 14 ee b0 57 34 e4 2a 05 11 32 ed 20 23 fc 8f 72 48 e6 ca 6c d7 87 14 ff 3c 69 2f 70 8e ef 64 31 9f 4b 43 1e cd 2e d2 7c ab dd ec b7 74 e5 56 46 9b 9e df b3 09 05 95 de 16 38 04 e7 28 33 8e 42 47 03 24 37 55 38 dc 17 ab e1 81 85 25 11 7b 58 61 a9 f7 c1 28 64 8c bd a8 61 56 29 88 90 a9 87 19 5a a9 93 c9 09 f7 81 41 b3 93 35 fd a0 34 7e a3 63 3f 53 d2 92 02 cf 7b dc ce e5 ce 1c Data Ascii: yV+2bad{W^w4Ro(JAi\|c#n619@HDy w-gs"Zv1UW42 #rHl<i/pd1KC.\|tVF8(3BG$7U8%{Xa(daV)ZA54~c?S{
2024-09-27 03:01:03 UTC	16320	IN	Data Raw: 42 16 3e 54 2f 80 01 88 88 a8 14 88 6c ca 80 97 9c e0 10 60 69 32 df 3f 06 63 a0 e2 ac 44 4c 2c 1c 13 fb 83 99 5f 19 c1 c1 d8 c7 f0 87 19 ed 79 0d 2d 06 8b 3e e3 c7 c0 3f 22 b0 ec 3d cc 79 a9 f3 6c df 35 73 66 69 df 2f a0 e4 91 90 92 33 9d e2 42 c7 7e 02 fe 83 26 3f bd db 3d 70 68 f0 33 43 e2 d0 66 e3 96 c0 fa 14 2d f8 4e 0d 28 4f 35 c0 e7 d9 b6 92 39 be 8f b6 f9 22 a2 52 20 b2 f9 62 50 ee f8 81 c0 c7 c9 2d 06 3e 0e a6 9e 91 a0 62 f0 5b c3 af 8d e0 60 7c 3f 58 18 36 fc ce 4d 43 ad b6 ea 3d 4e c5 b9 27 02 cb de 33 56 cb eb 85 d3 7d 60 e6 cd 9a 85 50 3c 19 06 5e 0f 25 4d ba c8 b6 6b 25 23 81 41 0d 7e c3 84 df 28 01 46 bb 14 2d 6c 9b 06 fe dc d2 2c 5c c7 76 46 44 44 a5 40 64 4b 06 be e7 b0 1f 30 33 b9 c5 c0 ee 82 a9 a7 27 a4 18 94 c5 7e 65 f8 f5 51 1b 09 c7 Data Ascii: B>T/l`i2?cDL,_y->?"=yl5sfi/3B~&?=ph3Cf-N(O59"R bP->b[`\|?X6MC=N'3V}`P<^%Mk%#A~(F-l,\vFDD@dK03'~eQ
2024-09-27 03:01:03 UTC	5265	IN	Data Raw: 54 17 a2 b2 60 61 88 1d 03 3c 9a 45 60 f0 7d 68 f8 9e f2 b2 94 79 ac 55 af 03 2c a1 bc eb ac 79 dd 1d 0e 8c 19 b4 dd 53 09 39 a4 a0 20 c7 37 f6 10 4e 00 e2 3e b5 dd ce e0 4f 30 b7 a6 e8 aa 2b fc be 18 c9 06 c1 2c 55 58 9d cb e1 c0 21 d6 a0 f3 30 8b a7 8c 6d 94 e3 6d da ff 7d d5 3b 5d 93 27 3d 6e 27 fa cc 57 81 51 f5 b3 ce 06 a3 46 78 75 5b f5 a0 61 7f 80 c4 8b 5d 58 08 22 76 21 d2 02 66 e5 23 d9 ec b4 1c 06 cc 8a 7d d5 e2 57 42 c3 37 95 97 25 5b 06 5e 02 22 d7 37 8e ef a1 bc eb ac a5 7b 01 03 62 24 5c 08 cb 9e 54 50 20 31 2b f7 a6 c3 80 97 63 6e 60 b7 80 d5 45 d8 47 b4 e5 5e 62 8d 99 f0 fd 54 26 3a 23 b5 0b 10 67 15 e8 95 60 7f cb 6d a5 d0 d1 1a 05 61 17 05 05 c3 9b 1c ae 88 51 e6 c6 c1 cc af 77 fc b9 86 bd 81 b6 6e a8 e9 90 f0 d2 2e 2e 04 51 07 1b 2b 28 Data Ascii: T`a<E`}hyU,yS9 7N>O0+,UX!0mm};]'=n'WQFxu[a]X"v!f#}WB7%[^"7{b$\TP 1+cn`EG^bT&:#g`maQwn..Q+(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.5	49737	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:06 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 03:01:06 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF70) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=49490 Date: Fri, 27 Sep 2024 03:01:06 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.5	49739	104.17.24.14	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:06 UTC	380	OUT	GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:06 UTC	943	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 03:01:06 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb09ed3-15d84" Last-Modified: Mon, 04 May 2020 23:01:39 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 591163 Expires: Wed, 17 Sep 2025 03:01:06 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opwFzNUYRyyDJu1ny05I3mOgrKQS2Unxev490nyMVN1JQpnRDlEpTsZZPZ1lxzi60E%2FujEx5YOw%2BuZw%2B%2FLA7RGIxw%2Fa6iA%2FHqN681Bpp%2Fcp6EbaxAZ%2BtBe%2FG8%2F0Pn3UHcc58EB7v"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8c983f4d9cf2de9b-EWR
2024-09-27 03:01:06 UTC	426	IN	Data Raw: 33 39 37 37 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 31 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a Data Ascii: 3977/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("j
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 3d 74 2e 66 6c 61 74 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 66 6c 61 74 2e 63 61 6c 6c 28 65 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 63 6f 6e 63 61 74 2e 61 70 70 6c 79 28 5b 5d 2c 65 29 7d 2c 75 3d 74 2e 70 75 73 68 2c 69 3d 74 2e 69 6e 64 65 78 4f 66 2c 6e 3d 7b 7d 2c 6f 3d 6e 2e 74 6f 53 74 72 69 6e 67 2c 76 3d 6e 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 61 3d 76 2e 74 6f 53 74 72 69 6e 67 2c 6c 3d 61 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 29 2c 79 3d 7b 7d 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 65 2e 6e 6f 64 65 54 79 70 65 7d 2c 78 3d 66 75 6e 63 74 Data Ascii: =t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=funct
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 74 2b 31 29 25 32 7d 29 29 7d 2c 6f 64 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 67 72 65 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 25 32 7d 29 29 7d 2c 65 71 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 6c 65 6e 67 74 68 2c 6e 3d 2b 65 2b 28 65 3c 30 3f 74 3a 30 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 30 3c 3d 6e 26 26 6e 3c 74 3f 5b 74 68 69 73 5b 6e 5d 5d 3a 5b 5d 29 7d 2c 65 6e 64 3a 66 75 6e 63 74 69 6f 6e Data Ascii: n(){return this.pushStack(S.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(S.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 74 7c 7c 5b 5d 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 65 26 26 28 70 28 4f 62 6a 65 63 74 28 65 29 29 3f 53 2e 6d 65 72 67 65 28 6e 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 3f 5b 65 5d 3a 65 29 3a 75 2e 63 61 6c 6c 28 6e 2c 65 29 29 2c 6e 7d 2c 69 6e 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 74 3f 2d 31 3a 69 2e 63 61 6c 6c 28 74 2c 65 2c 6e 29 7d 2c 6d 65 72 67 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 2b 74 2e 6c 65 6e 67 74 68 2c 72 3d 30 2c 69 3d 65 2e 6c 65 6e 67 74 68 3b 72 3c 6e 3b 72 2b 2b 29 65 5b 69 2b 2b 5d 3d 74 5b 72 5d 3b 72 65 74 75 72 6e 20 65 2e 6c 65 6e 67 74 68 3d 69 2c 65 Data Ascii: tion(e,t){var n=t\|\|[];return null!=e&&(p(Object(e))?S.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 5b 5e 5c 5c 5c 5c 5c 22 5d 29 2a 29 5c 22 7c 28 22 2b 49 2b 22 29 29 7c 29 22 2b 4d 2b 22 2a 5c 5c 5d 22 2c 46 3d 22 3a 28 22 2b 49 2b 22 29 28 3f 3a 5c 5c 28 28 28 27 28 28 3f 3a 5c 5c 5c 5c 2e 7c 5b 5e 5c 5c 5c 5c 27 5d 29 2a 29 27 7c 5c 22 28 28 3f 3a 5c 5c 5c 5c 2e 7c 5b 5e 5c 5c 5c 5c 5c 22 5d 29 2a 29 5c 22 29 7c 28 28 3f 3a 5c 5c 5c 5c 2e 7c 5b 5e 5c 5c 5c 5c 28 29 5b 5c 5c 5d 5d 7c 22 2b 57 2b 22 29 2a 29 7c 2e 2a 29 5c 5c 29 7c 29 22 2c 42 3d 6e 65 77 20 52 65 67 45 78 70 28 4d 2b 22 2b 22 2c 22 67 22 29 2c 24 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4d 2b 22 2b 7c 28 28 3f 3a 5e 7c 5b 5e 5c 5c 5c 5c 5d 29 28 3f 3a 5c 5c 5c 5c 2e 29 2a 29 22 2b 4d 2b 22 2b 24 22 2c 22 67 22 29 2c 5f 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4d 2b 22 Data Ascii: [^\\\\\"]))\"\|("+I+"))\|)"+M+"\\]",F=":("+I+")(?:\$(('((?:\\\\.\|[^\\\\']))'\|\"((?:\\\\.\|[^\\\\\"]))\")\|((?:\\\\.\|[^\\\\()[\\]]\|"+W+"))\|.)\$\|)",B=new RegExp(M+"+","g"),$=new RegExp("^"+M+"+\|((?:^\|[^\\\\])(?:\\\\.)*)"+M+"+$","g"),_=new RegExp("^"+M+"
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 21 30 3d 3d 3d 65 2e 64 69 73 61 62 6c 65 64 26 26 22 66 69 65 6c 64 73 65 74 22 3d 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 2c 7b 64 69 72 3a 22 70 61 72 65 6e 74 4e 6f 64 65 22 2c 6e 65 78 74 3a 22 6c 65 67 65 6e 64 22 7d 29 3b 74 72 79 7b 48 2e 61 70 70 6c 79 28 74 3d 4f 2e 63 61 6c 6c 28 70 2e 63 68 69 6c 64 4e 6f 64 65 73 29 2c 70 2e 63 68 69 6c 64 4e 6f 64 65 73 29 2c 74 5b 70 2e 63 68 69 6c 64 4e 6f 64 65 73 2e 6c 65 6e 67 74 68 5d 2e 6e 6f 64 65 54 79 70 65 7d 63 61 74 63 68 28 65 29 7b 48 3d 7b 61 70 70 6c 79 3a 74 2e 6c 65 6e 67 74 68 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 4c 2e 61 70 70 6c 79 28 65 2c 4f 2e 63 61 6c 6c 28 74 29 29 7d 3a 66 75 6e 63 74 69 6f 6e Data Ascii: ion(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 29 3e 62 2e 63 61 63 68 65 4c 65 6e 67 74 68 26 26 64 65 6c 65 74 65 20 65 5b 72 2e 73 68 69 66 74 28 29 5d 2c 65 5b 74 2b 22 20 22 5d 3d 6e 7d 7d 66 75 6e 63 74 69 6f 6e 20 6c 65 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 53 5d 3d 21 30 2c 65 7d 66 75 6e 63 74 69 6f 6e 20 63 65 28 65 29 7b 76 61 72 20 74 3d 43 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 66 69 65 6c 64 73 65 74 22 29 3b 74 72 79 7b 72 65 74 75 72 6e 21 21 65 28 74 29 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 21 31 7d 66 69 6e 61 6c 6c 79 7b 74 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 2c 74 3d 6e 75 6c 6c 7d 7d 66 75 6e 63 74 69 6f 6e 20 66 65 28 65 2c 74 29 7b 76 61 72 20 6e 3d 65 2e 73 70 6c 69 74 28 22 Data Ascii: )>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 70 65 26 26 72 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 26 26 28 61 3d 28 43 3d 72 29 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 45 3d 21 69 28 43 29 2c 70 21 3d 43 26 26 28 6e 3d 43 2e 64 65 66 61 75 6c 74 56 69 65 77 29 26 26 6e 2e 74 6f 70 21 3d 3d 6e 26 26 28 6e 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 6e 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 75 6e 6c 6f 61 64 22 2c 6f 65 2c 21 31 29 3a 6e 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 6e 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 75 6e 6c 6f 61 64 22 2c 6f 65 29 29 2c 64 2e 73 63 6f 70 65 3d 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 61 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 43 2e 63 72 Data Ascii: pe&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.cr
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 29 72 65 74 75 72 6e 5b 6f 5d 7d 72 65 74 75 72 6e 5b 5d 7d 7d 29 2c 62 2e 66 69 6e 64 2e 54 41 47 3d 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 65 29 3a 64 2e 71 73 61 3f 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 65 29 3a 76 6f 69 64 20 30 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 5b 5d 2c 69 3d 30 2c 6f 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 65 29 3b 69 66 28 22 2a 22 3d 3d 3d 65 29 7b 77 68 69 6c Data Ascii: )return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){whil
2024-09-27 03:01:06 UTC	1369	IN	Data Raw: 65 6e 64 43 68 69 6c 64 28 74 29 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 61 6d 65 22 2c 22 44 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 6e 61 6d 65 3d 64 5d 22 29 2e 6c 65 6e 67 74 68 26 26 76 2e 70 75 73 68 28 22 6e 61 6d 65 22 2b 4d 2b 22 2a 5b 2a 5e 24 7c 21 7e 5d 3f 3d 22 29 2c 32 21 3d 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 65 6e 61 62 6c 65 64 22 29 2e 6c 65 6e 67 74 68 26 26 76 2e 70 75 73 68 28 22 3a 65 6e 61 62 6c 65 64 22 2c 22 3a 64 69 73 61 62 6c 65 64 22 29 2c 61 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 64 69 73 61 62 6c 65 64 3d 21 30 2c 32 21 3d 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 64 69 73 61 62 6c 65 64 22 29 2e 6c 65 6e 67 74 68 26 26 76 Data Ascii: endChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"[^$\|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.5	49743	185.15.59.240	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:07 UTC	378	OUT	GET /wikipedia/commons/3/39/BI_Logo.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:07 UTC	1046	IN	HTTP/1.1 200 OK content-type: image/png x-object-meta-sha1base36: l2hsbyv5arb61j4twhw3ufa8f23ook1 etag: 99ad31b4cc19d72c78096d9ede3fba8f last-modified: Fri, 23 Sep 2022 02:47:41 GMT content-length: 53230 date: Thu, 26 Sep 2024 08:18:11 GMT server: envoy age: 67376 x-cache: cp3079 hit, cp3079 hit/3 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3079" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.33 x-content-type-options: nosniff access-control-allow-origin: * access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2024-09-27 03:01:07 UTC	13849	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 08 99 00 00 02 b9 08 06 00 00 00 16 ac 6d e0 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 26 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 34 35 20 37 39 2e 31 36 33 34 39 39 2c 20 32 30 31 38 2f 30 38 2f 31 33 2d 31 36 3a 34 30 3a 32 32 20 20 Data Ascii: PNGIHDRmtEXtSoftwareAdobe ImageReadyqe<&iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22
2024-09-27 03:01:07 UTC	16320	IN	Data Raw: fe 90 68 b8 c6 1f d9 53 93 fb 4a a2 c9 de 98 f0 1d e0 44 9b fc 81 41 d9 cb da df 2f c1 04 6a 35 6d 95 2e ed 62 db db b3 1a c6 60 2b f9 96 24 f7 d4 f4 23 c7 b2 63 aa 41 21 2a 7b cb bd 9d c4 04 af 98 c4 6a 25 89 e2 fa 1a c7 9b 77 d5 38 b6 9a 6f d9 d8 4a bb 8b 76 77 ff f7 a7 85 84 4e a7 53 e2 77 c5 55 4c 96 1a 56 1c 0b 2d af 8b 4b ae c8 5d e9 d5 f8 b3 46 da b6 cd f9 75 35 dd a0 80 d4 1d 3a 14 3e f1 be 3b 92 3a a5 0f cc 7e 51 b9 34 bb 73 0a d7 52 c5 de c7 6d 7e 48 d2 ab f9 e7 9d 94 e0 d0 77 63 15 5d 47 d0 18 f9 c3 f1 d9 92 bf f6 ac c9 1f a8 9d e4 49 a8 49 d6 c6 c5 fe 63 7c f8 53 c7 8a 36 a7 9a f0 a0 3d 3b c7 18 93 e3 15 ff 98 18 ef 8e 24 d6 3d d5 d5 d9 1a eb ea 48 68 d7 d6 0b da 5d 68 fe 58 38 5e bf 63 25 7e 65 13 ef 81 5e 28 a2 e8 3a 19 cd 3e 4e d4 fc 63 7b Data Ascii: hSJDA/j5m.b`+$#cA!*{j%w8oJvwNSwULV-K]Fu5:>;:~Q4sRm~Hwc]GIIc\|S6=;$=Hh]hX8^c%~e^(:>Nc{
2024-09-27 03:01:07 UTC	16320	IN	Data Raw: 46 3b df 62 e3 3e d0 90 cb 7e 7a d4 18 27 75 34 7c e6 4e f7 07 32 99 00 00 00 7b bc bf 86 4a 51 df 4d 94 99 27 8d de 0d 25 27 59 4c 14 14 e6 98 99 bd a5 e1 ad 71 08 9c b5 51 ed 62 3e 57 98 11 a9 e6 8f ec 97 2b f4 c6 96 94 dd 39 18 19 dd 40 a4 39 7b 38 02 e1 ea 25 ae d7 c8 40 01 ba c5 85 1e 3a c4 ec 4a 25 d7 44 87 25 4b 17 74 bc 7f d9 e0 92 46 f2 99 ce 78 ff 29 5c 80 49 db 3a cc 3a 5b 9e 94 6c 5b b2 63 59 a6 f9 2b 99 77 c4 1f f5 70 86 32 63 ca d3 4b 56 2e 02 54 87 0d a4 59 ef 35 e4 ae ea bc 2c 3a be ee db b5 90 2e 9b 58 7b ac ae b0 8f ad 14 55 57 f1 41 86 1b b7 25 67 39 9f ca ae 5f 86 5c fa b0 3a 0a 32 51 74 fe 03 40 49 f8 f1 ab ff 8b 4e f0 97 3a 5d 00 59 29 a0 72 4b 2b f9 e3 8c f2 57 4d b9 b8 31 60 6f a7 bb 74 76 a1 30 67 db 37 13 01 de 08 ac 30 15 ba c7 Data Ascii: F;b>~z'u4\|N2{JQM'%'YLqQb>W+9@9{8%@:J%D%KtFx)\I::[l[cY+wp2cKV.TY5,:.X{UWA%g9_\:2Qt@IN:]Y)rK+WM1`otv0g70
2024-09-27 03:01:07 UTC	6741	IN	Data Raw: ba 4c 63 df 3f 0a de 7e d8 5a 9a 6e bc 98 e9 51 16 7d 3c f0 5a 2d f0 7e 39 4f 9f fb a8 e6 7b c4 41 d3 57 1a 0f 55 29 46 b9 d0 97 cb 8f e4 47 c5 6d af 44 69 81 6e c4 04 75 9f a9 8d 61 3c 7c 5e f8 59 b5 27 06 9d 6f a8 6e 17 a4 5d a4 ef fd d5 00 7d c5 54 e2 cf ba 86 dc 88 62 5d 3d 61 2e c8 71 39 e3 6e 9c b1 a2 22 06 b7 d8 76 e8 93 2b c2 8c c5 96 95 31 41 bb 51 60 02 8d 6d 06 08 e0 d6 13 bc 4e 53 fb 9b 17 bf 75 6b 5a fd db a4 48 e4 8d 2d 6d 5b ff 4e 62 02 e0 78 ff fa 28 81 9c e4 f7 b7 f8 e3 b8 16 f6 7d 5f 17 f6 a1 47 3d 6e 5f 2c 9e 60 0a 6d 29 56 59 96 1c e3 77 e6 f8 3e 0a b8 67 c6 11 03 85 13 c7 a5 cc 26 1e 6a 12 d7 7c 5d a4 e3 4a ea 1b e4 47 b5 95 b6 9b ab 1e df 77 32 64 ac 96 0a ee 4b 0a e0 ae b5 27 c6 f2 9d c7 8e 71 d5 ed f3 ec d2 23 7b 9f cd f1 c8 9c f4 Data Ascii: Lc?~ZnQ}<Z-~9O{AWU)FGmDinua<\|^Y'on]}Tb]=a.q9n"v+1AQ`mNSukZH-m[Nbx(}_G=n_,`m)VYw>g&j\|]JGw2dK'q#{

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.5	49742	185.15.59.240	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:07 UTC	570	OUT	GET /wikipedia/commons/thumb/a/a2/Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg/773px-Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:07 UTC	1131	IN	HTTP/1.1 200 OK content-type: image/png content-disposition: inline;filename=UTF-8''Logo_of_Ministry_of_Communication_and_Information_Technology_of_the_Republic_of_Indonesia.svg.png etag: 81dfe426089387192e5ed8db1e1ac310 last-modified: Sun, 07 Jul 2024 01:10:37 GMT content-length: 51669 date: Thu, 26 Sep 2024 08:18:11 GMT server: envoy age: 67376 x-cache: cp3079 hit, cp3079 hit/3 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3079" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.33 x-content-type-options: nosniff access-control-allow-origin: access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2024-09-27 03:01:07 UTC	13764	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 05 00 00 03 01 08 06 00 00 00 be f4 18 6f 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 07 74 49 4d 45 07 e8 07 07 01 0a 23 40 7e 24 29 00 00 80 00 49 44 41 54 78 da ec dd 77 7c 55 f5 fd c7 f1 d7 e7 dc 84 8d 08 0a 09 43 05 b7 22 61 24 80 03 b5 38 3a dc da 82 db 3a 20 a8 ad 55 6b 87 6d b5 a5 cb f9 b3 ee 41 c0 51 77 b1 75 af 2a 8a ad 8a 20 09 10 10 07 38 50 19 61 29 c8 4e 72 cf e7 f7 47 52 15 65 64 dc 79 ee fb f9 78 f0 68 85 e4 dc 73 de df 73 cf 3d ef 7b 16 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 Data Ascii: PNGIHDRogAMAa cHRMz&u0`:pQ<bKGDtIME#@~$)IDATxw\|UC"a$8:: UkmAQwu* 8Pa)NrGRedyxhss={
2024-09-27 03:01:07 UTC	16320	IN	Data Raw: 8d e1 b7 87 79 c1 ef b8 cd 56 2b 8e ad eb 32 cb 0b 62 ce 61 ee 1c 0e 1c 0e ba df b9 64 bd 0f 80 c7 82 90 c7 17 f6 e3 0d cc a2 7b b7 ce ba cf da 57 80 5e 1e da de 8c b3 77 34 fc 2a 05 11 52 b1 af e1 6f 28 87 a4 4a fa 05 c6 41 69 7c ac 63 23 14 b5 a4 d0 1b 6e 36 82 31 f6 b6 a2 d8 b2 c2 19 de 9b 80 a3 dc 39 ba fe 02 e1 40 a9 48 44 cd c7 79 20 06 77 2d e8 67 73 22 5a 0c 76 31 fc 55 0f ec 14 ee b0 57 34 e4 2a 05 11 32 ed 20 23 fc 8f 72 48 e6 ca 6c d7 87 14 ff 3c 69 2f 70 8e ef 64 31 9f 4b 43 1e cd 2e d2 7c ab dd ec b7 74 e5 56 46 9b 9e df b3 09 05 95 de 16 38 04 e7 28 33 8e 42 47 03 24 37 55 38 dc 17 ab e1 81 85 25 11 7b 58 61 a9 f7 c1 28 64 8c bd a8 61 56 29 88 90 a9 87 19 5a a9 93 c9 09 f7 81 41 b3 93 35 fd a0 34 7e a3 63 3f 53 d2 92 02 cf 7b dc ce e5 ce 1c Data Ascii: yV+2bad{W^w4Ro(JAi\|c#n619@HDy w-gs"Zv1UW42 #rHl<i/pd1KC.\|tVF8(3BG$7U8%{Xa(daV)ZA54~c?S{
2024-09-27 03:01:07 UTC	16320	IN	Data Raw: 42 16 3e 54 2f 80 01 88 88 a8 14 88 6c ca 80 97 9c e0 10 60 69 32 df 3f 06 63 a0 e2 ac 44 4c 2c 1c 13 fb 83 99 5f 19 c1 c1 d8 c7 f0 87 19 ed 79 0d 2d 06 8b 3e e3 c7 c0 3f 22 b0 ec 3d cc 79 a9 f3 6c df 35 73 66 69 df 2f a0 e4 91 90 92 33 9d e2 42 c7 7e 02 fe 83 26 3f bd db 3d 70 68 f0 33 43 e2 d0 66 e3 96 c0 fa 14 2d f8 4e 0d 28 4f 35 c0 e7 d9 b6 92 39 be 8f b6 f9 22 a2 52 20 b2 f9 62 50 ee f8 81 c0 c7 c9 2d 06 3e 0e a6 9e 91 a0 62 f0 5b c3 af 8d e0 60 7c 3f 58 18 36 fc ce 4d 43 ad b6 ea 3d 4e c5 b9 27 02 cb de 33 56 cb eb 85 d3 7d 60 e6 cd 9a 85 50 3c 19 06 5e 0f 25 4d ba c8 b6 6b 25 23 81 41 0d 7e c3 84 df 28 01 46 bb 14 2d 6c 9b 06 fe dc d2 2c 5c c7 76 46 44 44 a5 40 64 4b 06 be e7 b0 1f 30 33 b9 c5 c0 ee 82 a9 a7 27 a4 18 94 c5 7e 65 f8 f5 51 1b 09 c7 Data Ascii: B>T/l`i2?cDL,_y->?"=yl5sfi/3B~&?=ph3Cf-N(O59"R bP->b[`\|?X6MC=N'3V}`P<^%Mk%#A~(F-l,\vFDD@dK03'~eQ
2024-09-27 03:01:07 UTC	5265	IN	Data Raw: 54 17 a2 b2 60 61 88 1d 03 3c 9a 45 60 f0 7d 68 f8 9e f2 b2 94 79 ac 55 af 03 2c a1 bc eb ac 79 dd 1d 0e 8c 19 b4 dd 53 09 39 a4 a0 20 c7 37 f6 10 4e 00 e2 3e b5 dd ce e0 4f 30 b7 a6 e8 aa 2b fc be 18 c9 06 c1 2c 55 58 9d cb e1 c0 21 d6 a0 f3 30 8b a7 8c 6d 94 e3 6d da ff 7d d5 3b 5d 93 27 3d 6e 27 fa cc 57 81 51 f5 b3 ce 06 a3 46 78 75 5b f5 a0 61 7f 80 c4 8b 5d 58 08 22 76 21 d2 02 66 e5 23 d9 ec b4 1c 06 cc 8a 7d d5 e2 57 42 c3 37 95 97 25 5b 06 5e 02 22 d7 37 8e ef a1 bc eb ac a5 7b 01 03 62 24 5c 08 cb 9e 54 50 20 31 2b f7 a6 c3 80 97 63 6e 60 b7 80 d5 45 d8 47 b4 e5 5e 62 8d 99 f0 fd 54 26 3a 23 b5 0b 10 67 15 e8 95 60 7f cb 6d a5 d0 d1 1a 05 61 17 05 05 c3 9b 1c ae 88 51 e6 c6 c1 cc af 77 fc b9 86 bd 81 b6 6e a8 e9 90 f0 d2 2e 2e 04 51 07 1b 2b 28 Data Ascii: T`a<E`}hyU,yS9 7N>O0+,UX!0mm};]'=n'WQFxu[a]X"v!f#}WB7%[^"7{b$\TP 1+cn`EG^bT&:#g`maQwn..Q+(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.5	49744	185.15.59.240	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:07 UTC	421	OUT	GET /wikipedia/commons/thumb/7/72/Logo_dana_blue.svg/2560px-Logo_dana_blue.svg.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:07 UTC	1056	IN	HTTP/1.1 200 OK content-type: image/png content-disposition: inline;filename=UTF-8''Logo_dana_blue.svg.png last-modified: Fri, 17 Jun 2022 03:44:43 GMT content-length: 57856 date: Thu, 26 Sep 2024 08:18:11 GMT server: envoy etag: ce2796eedfd05a7381fe2f03c410c796 age: 67376 x-cache: cp3079 hit, cp3079 hit/3 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3079" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.33 x-content-type-options: nosniff access-control-allow-origin: access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2024-09-27 03:01:07 UTC	13839	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 0a 00 00 00 02 da 08 06 00 00 00 fd 1e 0a f6 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 80 00 49 44 41 54 78 da ec dd 77 98 5c 75 bd f8 f1 f7 f7 cc 96 24 5b 92 cd 96 14 3a 52 43 07 a5 37 91 5e 45 29 22 4d 44 a5 69 20 d9 dd 04 bd 2a ab f7 0a 24 bb 9b 60 14 35 a0 5e ec 82 5d b8 28 0a ea 15 b0 03 56 44 51 90 62 ca ce 6c 12 48 42 c8 66 67 be bf 3f c2 fd a9 08 64 93 cc cc 4e 79 bf 9e 27 0f e5 d9 6c 79 9f 33 7b ce 99 f9 cc f7 04 24 49 f9 73 fd b2 f1 d4 84 09 84 a1 09 84 64 02 d9 30 81 c0 04 c8 4d 20 84 09 44 c6 01 Data Ascii: PNGIHDRgAMAa cHRMz&u0`:pQ<bKGDIDATxw\u$[:RC7^E)"MDi *$`5^](VDQblHBfg?dNy'ly3{$Isd0M D
2024-09-27 03:01:07 UTC	16320	IN	Data Raw: 20 55 a0 fe a5 7b 11 93 bb 81 36 63 48 c5 16 de 4d 57 db f5 76 90 4a d0 0d 4b 27 31 9c fa 3e c4 3d 8c 21 15 f3 d0 18 bf c7 ca d5 a7 39 04 28 95 a0 f5 b7 fd bd 91 c0 65 c6 90 8a 6a 35 c4 13 e9 ea f8 71 45 1c ea 47 ed 2b f7 0d fc 14 c2 81 ee 4f 92 a4 d1 d4 54 17 38 60 4a 0d af db aa 96 a3 b7 a9 65 9f 8e 9a 8a 5b dd 2f 5f 1e 7b 26 cb dd 4f ac e3 9e 27 87 f9 fe 13 43 ac 58 eb 0a 81 2a e7 0b 6a de 41 77 fb cd 86 50 49 72 00 50 aa 46 f7 b1 ae f6 54 de 3d 61 b9 29 a4 0a e1 f0 9f 54 02 c2 6c ba da e6 da 41 2a 21 7d 8b da a0 f6 47 c0 6e c6 90 46 e3 d0 e8 10 a0 54 72 1c fe 93 46 db b3 c4 70 2c dd 6d 3f 2f fb c3 fc a8 7c d5 f5 4f 80 fd da fd 48 92 54 6c ad 63 c3 fa 15 fe b6 a8 e1 b5 5b d7 b2 7b 5b 0d ce fb 6d bc e1 1c fc 74 d1 3a be f5 d7 75 7c e3 2f 43 3c fe 4c d6 Data Ascii: U{6cHMWvJK'1>=!9(ej5qEG+OT8`Je[/_{&O'CXjAwPIrPFT=a)TlA!}GnFTrFp,m?/\|OHTlc[{[mt:u\|/C<L
2024-09-27 03:01:07 UTC	16320	IN	Data Raw: 31 00 4c 80 73 d6 df 90 e4 bd 82 68 ed 1b f2 d2 2b d6 89 81 65 6b 62 13 a7 5d 55 ba 2f 7b 4f 74 ed 1c 2b a4 63 c3 b0 1d 0d cf 2c 53 d5 00 d8 7f 76 77 ca 80 15 a4 e1 b4 8d 13 f6 fa 41 1e 3d 96 a2 c5 da b1 f5 eb b1 51 cf b3 52 0f 9b 67 ad 5d 7e 3d 9d 00 68 52 04 00 80 c1 b0 79 03 30 29 4a 7d 8d 10 5a 5b 9b c5 e3 be 56 0c 2c 5b 47 4d d5 4a 93 4b bf 74 9d 39 0c 5f d7 09 80 2d 39 01 90 e5 16 a9 6b 65 d0 77 76 ae 4f c6 f3 36 2e 6e 7f 6c 15 02 3d b2 76 6c e7 40 1e 35 77 95 18 b0 76 1c 87 d2 22 3d 34 00 3a 62 1e 00 00 06 a3 33 a3 b6 06 98 14 6b 66 de 90 c4 a6 4d 5b 4d 5c 03 4c 3f 45 d5 46 19 b4 50 e2 4b 75 56 ce fe 0d 5f 4c 72 50 10 7d 9b 4b ad 45 0c 2c 63 92 77 02 60 bf ba dd 03 42 60 05 eb 59 6b c9 36 4e b8 d2 bb 91 5e 39 ec aa 9d cb 72 7a 71 e2 26 2b e3 ec 8d Data Ascii: 1Lsh+ekb]U/{Ot+c,SvwA=QRg]~=hRy0)J}Z[V,[GMJKt9_-9kewvO6.nl=vl@5wv"=4:b3kfM[M\L?EFPKuV_LrP}KE,cw`B`Yk6N^9rzq&+
2024-09-27 03:01:07 UTC	11377	IN	Data Raw: 49 9e 72 e2 6c be ed 61 6b f2 d4 93 67 f2 ad a7 ac c9 c3 8e b2 76 7c 30 07 bb 35 9f dd d9 cd 27 6f 5d cc bf ef e8 e6 df 77 2c e6 d3 3b ba d9 bb e0 7b 0a 00 46 e2 65 22 00 60 95 7a 6f 16 3b 3f 98 e7 9e 70 97 28 80 56 34 4f 32 2a a5 36 5a 93 80 d5 3b 47 79 3f 32 e2 27 10 75 2d 00 5f d2 34 0e 67 1e 9c d9 91 fd 9d 4b e7 cf 53 ab 06 40 c6 5a b7 26 1f bd 65 31 1f bd 65 f1 cb 7f ec d4 a3 3b 79 ea c9 6b f2 e4 8d 33 79 f2 c6 99 7c c3 c6 d9 9c 78 c4 f4 4c 5a 77 1c a8 b9 fc 8e 6e 2e bb a3 9b cb ef 68 72 f9 1d dd 7c e1 f6 c5 5c 76 7b d7 c9 7e 00 ac 16 77 a5 76 5f 2b 06 00 56 a1 7f cc 9e 3d 3f 9e 6d 8f 3e 20 0a a0 3d 27 a5 30 aa 47 af 36 a9 1e 3f 18 32 6d b6 fd 6a 34 12 31 d2 91 ab 05 b5 af da 42 6a f4 b4 fc f1 9c c0 b8 e9 1e 56 93 45 39 0c c8 e8 1a 00 d7 dc f1 ba 1c Data Ascii: Irlakgv\|05'o]w,;{Fe"`zo;?p(V4O2*6Z;Gy?2'u-_4gKS@Z&e1e;yk3y\|xLZwn.hr\|\v{~wv_+V=?m> ='0G6?2mj41BjVE9

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.5	49749	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:07 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 03:01:07 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=49517 Date: Fri, 27 Sep 2024 03:01:07 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-27 03:01:07 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.5	49760	188.114.97.3	443	1772	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 03:01:14 UTC	659	OUT	GET /index.html HTTP/1.1 Host: daana-paylaterld.xsits.xyz Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 03:01:14 UTC	660	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 03:01:14 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Last-Modified: Thu, 01 Aug 2024 01:21:06 GMT Accept-Ranges: bytes CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TX9UuhSD%2FhZx1GlJyaDy4cJMzBQJGO4xED%2FU9YxQBaqGHhyX0J9MkbtsdBKlyJV5j5t%2BHtubKwyczz2cNLVi8WQREaxRFfuQ8olkqW1KUbKmuVsANlAwgh6dVqlXZxxNIJw1F0%2FDCvejy1gmbQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Speculation-Rules: "/cdn-cgi/speculation" Server: cloudflare CF-RAY: 8c983f7b2ab642a9-EWR
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 33 34 30 34 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 64 61 74 61 2d 68 69 64 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 31 38 65 Data Ascii: 3404<!DOCTYPE html><html lang="en"><head><meta data-n-head="ssr" charset="utf-8"><meta data-n-head="ssr" name="viewport" content="width=device-width, initial-scale=1"><meta data-n-head="ssr" data-hid="theme-color" name="theme-color" content="#118e
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 22 44 41 4e 41 20 61 64 61 6c 61 68 20 62 65 6e 74 75 6b 20 62 61 72 75 20 75 61 6e 67 20 74 75 6e 61 69 20 79 61 6e 67 20 6c 65 62 69 68 20 62 61 69 6b 2e 20 54 72 61 6e 73 61 6b 73 69 20 61 70 61 70 75 6e 2c 20 62 65 72 61 70 61 70 75 6e 20 64 61 6e 20 64 69 6d 61 6e 61 70 75 6e 20 6a 61 64 69 20 6d 75 64 61 68 20 62 65 72 73 61 6d 61 20 44 41 4e 41 2e 20 41 6d 62 69 6c 20 62 61 67 69 61 6e 20 64 61 6c 61 6d 20 74 72 61 6e 73 66 6f 72 6d 61 73 69 20 6b 65 75 61 6e 67 61 6e 20 64 69 67 69 74 61 6c 20 64 69 20 49 6e 64 6f 6e 65 73 69 61 20 73 65 6b 61 72 61 6e 67 21 22 3e 0a 3c 6d 65 74 61 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 64 61 74 61 2d 68 69 64 3d 22 6f 67 3a 74 69 74 6c 65 22 20 6e 61 6d 65 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 Data Ascii: "DANA adalah bentuk baru uang tunai yang lebih baik. Transaksi apapun, berapapun dan dimanapun jadi mudah bersama DANA. Ambil bagian dalam transformasi keuangan digital di Indonesia sekarang!"><meta data-n-head="ssr" data-hid="og:title" name="og:title" c
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 22 64 6e 73 2d 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 70 70 2e 6c 69 6e 6b 22 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 70 69 32 2e 62 72 61 6e 63 68 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 72 65 6c 3d 22 64 6e 73 2d 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 70 69 32 2e 62 72 61 6e 63 68 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6e 2d 68 65 61 64 3d 22 73 73 72 22 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 79 6f 75 74 75 62 65 2e 63 6f 6d 22 3e 0a Data Ascii: "dns-prefetch" href="https://app.link"><link data-n-head="ssr" rel="preconnect" href="https://api2.branch.io"><link data-n-head="ssr" rel="dns-prefetch" href="https://api2.branch.io"><link data-n-head="ssr" rel="preconnect" href="https://youtube.com">
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 77 67 68 74 40 35 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0a 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4f 70 65 6e 20 53 61 6e 73 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 68 32 20 7b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4f 70 65 6e 20 53 61 6e 73 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 35 70 78 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 38 36 65 Data Ascii: googleapis.com/css2?family=Open+Sans:wght@500&display=swap'); body { font-family: 'Open Sans', sans-serif; } h2 { font-family: 'Open Sans', sans-serif; font-size: 15px; font-weight: bold; color: #0086e
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 3b 0a 20 20 20 20 20 20 20 20 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20 31 70 78 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 62 74 6e 2d 70 75 6e 79 61 20 7b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 70 78 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 70 78 3b 0a Data Ascii: font-weight: bold; color: #000; letter-spacing: 1px; text-align: center; line-height: 1; border-radius: 5px; } .btn-punya { display: block; margin: 0px auto 0 auto; padding: 0px;
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 78 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 33 36 70 78 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 72 67 62 28 30 2c 20 31 33 34 2c 20 32 32 34 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 20 69 6e 69 74 69 61 6c 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 72 67 62 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 72 67 62 28 32 33 37 2c 20 32 33 37 2c 20 32 33 37 29 20 32 70 78 20 32 70 78 20 32 70 78 20 30 70 78 3b 0a Data Ascii: x; width: 536px; max-width: 100%; border: 2px solid rgb(0, 134, 224); border-image: initial; background-color: rgb(255, 255, 255); border-radius: 8px; box-shadow: rgb(237, 237, 237) 2px 2px 2px 0px;
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 73 6c 69 64 65 72 20 2e 73 6c 69 63 6b 2d 73 6c 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 31 35 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 73 6c 69 64 65 72 20 2e 73 6c 69 63 6b 2d 73 6c 69 64 65 20 69 6d 67 20 7b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 31 35 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2f 2a 20 6d 61 6b 65 20 62 75 74 74 6f 6e 20 6c 61 72 67 65 72 20 61 6e 64 20 63 68 61 6e 67 65 20 74 68 Data Ascii: : auto; border-radius: ; } .slider .slick-slide { border-radius: 15px; } .slider .slick-slide img { width: 100%; margin-top: 0px; border-radius: 15px; } /* make button larger and change th
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 20 20 20 20 72 69 67 68 74 3a 20 30 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 73 6c 69 63 6b 2d 70 72 65 76 3a 62 65 66 6f 72 65 2c 0a 20 20 20 20 2e 73 6c 69 63 6b 2d 6e 65 78 74 3a 62 65 66 6f 72 65 20 7b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 30 70 78 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 35 29 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2f 2a 20 6d 6f 76 65 20 64 6f 74 74 65 64 20 6e 61 76 20 70 6f 73 69 74 69 6f 6e 20 2a 2f 0a 20 20 20 20 2e 73 6c 69 63 6b 2d 64 6f 74 73 20 7b 0a 20 20 20 20 20 20 20 20 62 6f 74 74 6f 6d 3a 20 30 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2f 2a 20 65 6e 6c 61 72 67 65 20 64 6f 74 73 20 61 6e Data Ascii: right: 0px; } .slick-prev:before, .slick-next:before { font-size: 0px; text-shadow: 0 0 0px rgba(0, 0, 0, 0.5); } /* move dotted nav position / .slick-dots { bottom: 0px; } / enlarge dots an
2024-09-27 03:01:14 UTC	1369	IN	Data Raw: 36 30 35 32 34 2d 45 49 53 32 34 36 2d 65 4d 41 53 5f 45 58 49 53 54 49 4e 47 5f 55 53 45 52 5f 42 5f 4d 41 59 2d 57 65 62 5f 50 72 6f 6d 6f 2d 54 68 75 6d 62 6e 61 69 6c 73 2e 70 6e 67 22 20 61 6c 74 3d 22 49 6d 61 67 65 20 33 22 3e 20 3c 2f 61 3e 20 3c 62 72 3e 20 3c 2f 64 69 76 3e 0a 3c 64 69 76 3e 20 3c 61 20 68 72 65 66 3d 22 69 6e 64 65 78 2e 68 74 6d 6c 23 22 3e 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 2e 6d 2e 64 61 6e 61 2e 69 64 2f 64 61 6e 61 77 65 62 2f 70 72 6f 6d 6f 2f 31 37 31 34 39 37 39 30 38 32 2d 30 33 31 30 32 33 2d 45 49 53 30 34 39 2d 50 47 4e 5f 44 69 73 63 5f 35 30 5f 2d 57 65 62 5f 42 61 6e 6e 65 72 2d 54 68 75 6d 62 6e 61 69 6c 73 2e 70 6e 67 22 20 61 6c 74 3d 22 49 6d 61 67 65 20 34 22 3e 20 3c 2f 61 3e 20 3c Data Ascii: 60524-EIS246-eMAS_EXISTING_USER_B_MAY-Web_Promo-Thumbnails.png" alt="Image 3"> </a> <br> </div><div> <a href="index.html#"> <img src="https://a.m.dana.id/danaweb/promo/1714979082-031023-EIS049-PGN_Disc_50_-Web_Banner-Thumbnails.png" alt="Image 4"> </a> <
2024-09-27 03:01:14 UTC	1003	IN	Data Raw: 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0a 3c 68 36 3e 44 61 6e 61 20 54 65 72 64 61 66 74 61 72 20 64 61 6e 20 64 69 61 77 61 73 69 20 6f 6c 65 68 3a 3c 2f 68 36 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 73 73 2d 64 6e 7a 61 6d 6e 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 75 70 6c 6f 61 64 2e 77 69 6b 69 6d 65 64 69 61 2e 6f 72 67 2f 77 69 6b 69 70 65 64 69 61 2f 63 6f 6d 6d 6f 6e 73 2f 33 2f 33 39 2f 42 49 5f 4c 6f 67 6f 2e 70 6e 67 22 20 77 69 64 74 68 3d 22 37 30 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 75 70 6c 6f 61 64 2e 77 69 6b 69 6d 65 64 69 61 2e 6f 72 67 2f 77 69 6b 69 70 65 64 69 61 2f 63 6f 6d 6d 6f 6e 73 2f 74 68 75 6d 62 2f 61 2f 61 32 2f 4c 6f 67 6f 5f 6f Data Ascii: ><div class="row"><h6>Dana Terdaftar dan diawasi oleh:</h6><center><div class="css-dnzamn"><img src="https://upload.wikimedia.org/wikipedia/commons/3/39/BI_Logo.png" width="70"><img src="https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Logo_o

Statistics

CPU Usage

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

Memory Usage

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 3660, Parent PID: 6100

Function Logs

General

Target ID:	0
Start time:	23:00:52
Start date:	26/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

File Activities

File Opened

Show Windows behavior

Registry Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Process Activities

Process Created

Process Terminated

Show Windows behavior

Thread Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Memory Activities

Memory Usage Statistics

Show Windows behavior

Timing Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Windows UI Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Process Token Activities

Token Adjusted

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 1772, Parent PID: 3660

Function Logs

General

Target ID:	2
Start time:	23:00:56
Start date:	26/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=1980,i,2925171781084121020,4736060299062158034,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

File Activities

File Opened

Show Windows behavior

Thread Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Memory Activities

Memory Usage Statistics

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4180, Parent PID: 6100

Function Logs

General

Target ID:	3
Start time:	23:00:59
Start date:	26/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://daana-paylaterld.xsits.xyz/"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

File Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Process Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://daana-paylaterld.xsits.xyz/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 75

Chrome Cache Entry: 76

Chrome Cache Entry: 77

Chrome Cache Entry: 78

Chrome Cache Entry: 79

Chrome Cache Entry: 80

Chrome Cache Entry: 81

Chrome Cache Entry: 82

Chrome Cache Entry: 83

Chrome Cache Entry: 84

Chrome Cache Entry: 85

Chrome Cache Entry: 86

Chrome Cache Entry: 87

Chrome Cache Entry: 88

Chrome Cache Entry: 89

Chrome Cache Entry: 90

Chrome Cache Entry: 91

Chrome Cache Entry: 92

Windows Analysis Report
http://daana-paylaterld.xsits.xyz/